The idea that respect for your elders should be given priority even when doing so results in the death of hundreds of people (some of whom may actually be older than you) is utterly ridiculous. It basically amounts to mass murder.
Any cultural expectations which cause unnecessary death and suffering are fundamentally flawed and should be eliminated. People should be smart enough to question things, not just blindly follow what they've been taught ESPECIALLY when doing so is likely to be detrimental or cause death.
This is not racism so much as anti-stupidity.
And if you believe that aspects of culture should be preserved and protected even when they are clearly detrimental, consider that many cultures are or have been extremely racist and have often taught that members of other races or religions are inferior and should be converted, enslaved or wiped out. If you believe that cultural flaws like this should be changed, then surely you must accept that things like blindly respecting your elders without questioning them are also wrong.
Just because a thief boots your install, doesn't mean they will attach it to a network... You'd need to ensure the laptop had functional 3g connectivity built in (ie with a valid sim etc)...
This also brings up another problem, in order for the tracking software to run your drive needs to be unencrypted, so you have a tradeoff - do you care about the hardware or the data? If just the hardware then you might as well just insure it and get a replacement, and if the data you probably dont want it left unencrypted (and really should keep backups).
Only in this case, convenience wins out... Needing a staff member to physical intervene in order to boot the server is far too much of an inconvenience, so it will be configured either to obtain the key from the HSM automatically on boot (and thus the attackers could do the same), or it will be a network based system as you mention in which case when you steal the server you need to steal the key server too.
Even if you do have someone physically enter the key, you have the added inconvenience of managing who has the keys... You don't want too many people as the chance of losing/leaking goes up, but too few and the chances of the guys with the key being unavailable when needed goes up. You end up with things like the keys on stickers attached to the front of the machine, which again provides no benefit if the server is physically stolen.
Other countries would be monitoring communications in just the same way if they had the opportunity to do so...
By making use of and becoming dependent on US products and US services you walked right into it, and the US government doesn't even pretend to offer any rights to foreigners located outside its borders. The constitution is for US citizens.
If you don't like being spied on by the US government, don't use products from companies under their jurisdiction.
LibreOffice refers to this as "web layout", and its right there in the view menu.
As for why it doesn't work like LaTeX, i guess thats because its aiming at a totally different market... Most people simply don't understand the idea of formatting being separated from content, they just want to lay the page out as they see it - as if they were doing it by hand. Also modern word processors have moved more towards traditional DTP applications, where there is a focus on layout rather than on typesetting a large body of text.
Infact there are many people who use libreoffice to open and convert corrupted (or very old) files which are making msoffice crash, libreoffice is far more tolerant of unexpected data in the input files as unexpected data is a given when attempting to reverse engineer undocumented formats.
And to give one personal example, msoffice 97 onwards had a bug in the macro function whereby the line counting function ignored lines with bullet points, so we had an extremely kludgy macro which counted the lines and then iterated through looking for bullet points and increased the line count accordingly... MS decided to fix this particular bug in a "security update" for office 2003, but then reintroduce the bug in 2007... Obviously this kludgy macro catastrophically broke the day that patch got rolled out. I could understand if it broke going from 2003 to 2007, but not for what is supposed for be a security update to change something like that.
Also even moving files between the exact same patch release of msoffice on different machines can cause problems with formatting, as it reformats depending on available fonts and printer settings.
Gnumeric is great, tends to focus on accuracy too whereas msexcel truncates numbers over a certain size (among other weirdness) and libreoffice seems to copy it...
However...
If they weren't designed to do things then they wouldn't be able to do them, would they?
I could use a 40 ton truck to deliver a single letter, i could drive myself to work in that same truck, and if all i had was a 40 ton truck and i only wanted to do the journey once or twice i might even do so, despite how awkward it would be driving such a large vehicle not to mention the fuel usage.
On the other hand, the more often i did these things the more inefficient it would be to use a 40 ton truck for such things, and i might be better off buying a regular car or even a bike.
An unsuitable tool might do as a temporary substitute, but long term you really want to use an appropriate tool for the job.
And despite all this, and the fact they target far fewer platforms, MS still puts out an extremely buggy application, with poor forwards/backwards compatibility, virtually no intentional interoperability with anything else, and major inconsistencies between the 2 platforms that they do support.
The only difference with MS bugs is that users have come to expect them and know the workarounds. Ask anyone who uses ms applications heavily and they will have all kinds of kludgy hacks memorised to get around functionality which doesn't work correctly.
They require that you "encrypt" the data, but they also typically require that you send the data unencrypted (albeit tunnelled over ssl) to actually process a payment, so while the data may be encrypted on disk the server typically also has the ability to decrypt it on demand in order to make use of it... So it's just a case of a hacker working out how, and then triggering the same process to extract the data.
On the other hand, a self signed certificate which you have explicitly accepted is in many cases *BETTER* than a ca verified cert. In the former case you have explicitly chosen to trust a single party, whereas in the latter you are reliant on a large number of organisations.
So instead of burning cpu cycles, you are burning crypto processor cycles plus you have the cost of buying the hardware in the first place and possibly the bus overhead of sending data to/from the device.
If the server gets compromised while its running, the data is accessible because the server needs access to the data in order to function.
If the server gets physically stolen its likely the crypto hardware will be stolen with it. If you store the key somewhere it can be automatically obtained and used then the key can be stolen too, if you enter the key manually on bootup (ie how you would on a laptop) then you require physical intervention if the server reboots for any reason.
Encryption has its uses, but its not a magic bullet, and poor/inappropriate use of encryption is damaging - not only does it waste resources unnecessarily, but it also brings a false sense of security and encourages lazy thinking... People will simply implement the bare minimum required to comply with the law, which will probably mean encrypting the data while leaving the key on the same box.
You will also end up with a "one size fits all" attitude, which is clearly ridiculous... You need to consider *what* data your storing, *why* your storing it and *what* needs to access it.
You can segregate the data so that some is only accessible by those systems that need it. You can tokenize the data, eg for repeat billing of a credit card you can store a token agreed only between you and your payment processor. You can store rarely referenced data with public/private keys, leaving only the public key online and keeping the private offline for use when necessary.
No, pushing a one size fits all "encrypt your data" mandate is stupid and will only make things worse, each individual case needs to be designed by someone who understands the needs and is technically competent.
With 95 you were given the choice of using the new explorer interface or the old task man interface that 3.11 used... Many users chose to stick with the old ui.
Which is just an extension of the old kludges they've been implementing since XP... Displaying the login screen quickly isn't terribly useful if its continuing to boot in the background such that your login and initial use of the machine is significantly slower.
The real boot time, is the time it takes to be ready for you to use it properly.
So what's to stop them opening up those bits that they do own, and then allowing the community to fill in the blanks? Considering people are willing to try writing a complete driver from scratch, replacing a few missing bits in an otherwise complete driver isn't much of a stretch.
It is the point, his current connection may be all that's available in the area where he lives and thus netflix does not offer a usable service where he is while thepiratebay does offer a usable service.
You rely on a third party to host your site, you play by their rules... If you don't like that, host the site yourself... Especially if you're making money from the site by filling it with ads.
Although unix was originally developed with a security model, individual code often wasn't... People who wrote code weren't thinking that buffer overflows or format string bugs could be exploitable, and many things were designed based on being connected to a largely trusted network of academics where there would be very little to gain anyway. People developed clear text protocols like telnet, operating systems included remotely accessible unpassworded guest accounts by default, and then you have relatively naive protocols like smtp which has resulted in many of the spam problems we see today and could have been avoided with better protocol design.
People learned and improved, and then microsoft came along very late to the party with a lot of code that was designed for an environment where there was simply no security model whatsoever.
The point is not that open source is perfect, the point is that it is better than the alternative and perfection is almost never attainable so we make do with the best available.
The biggest advantage btw, is that open source code is seen by disparate groups of individuals with entirely different agendas. Whereas closed source code is typically only seen by 1 or two groups of people:
1, Those who have a direct contractual agreement with the organisation creating the code and thus have have to toe the company line. 2, Those who have acquired the source through illegal means, who are by very definition criminals and thus are likely to use the code to carry out further criminal activities, or not disclose any information for fear of being caught.
Only two agendas, and neither of them are beneficial to the agenda of the average end user of the code.
Well if you're talking on a countrywide scale, only one group in each country needs to verify that the code is suitable for use by that country and build binaries from it. The cost of hiring a few developers to go through the code is nothing in the budget of most countries.
The problem with compromise is that when dealing with powerful adversaries you give a little, and they want just a little bit more... This continues, and eventually you've given them everything. You have to stand your ground or you end up with nothing. Just look at the gradual creep of copyright, or the gradual increase of surveillance... It all starts off small and reasonable sounding, but once you give one small concession in the name of compromise they always start pushing for more.
If you dont trust the machine your currently using, then what's the point moving your server? If you log in to your server from an untrusted machine then irrespective of how secure and trustworthy your server is, who's to say a backdoor on the workstation couldn't be used to steal your authentication data and gain access to the server (or even just hijack a live in progress session).
And many companies and large government departments outsource their IT to third parties anyway, even if the physical hardware is kept in house they are typically managed by someone else.
Slashdot Mirror
His opinion is based on logic and common sense...
The idea that respect for your elders should be given priority even when doing so results in the death of hundreds of people (some of whom may actually be older than you) is utterly ridiculous. It basically amounts to mass murder.
Any cultural expectations which cause unnecessary death and suffering are fundamentally flawed and should be eliminated. People should be smart enough to question things, not just blindly follow what they've been taught ESPECIALLY when doing so is likely to be detrimental or cause death.
This is not racism so much as anti-stupidity.
And if you believe that aspects of culture should be preserved and protected even when they are clearly detrimental, consider that many cultures are or have been extremely racist and have often taught that members of other races or religions are inferior and should be converted, enslaved or wiped out. If you believe that cultural flaws like this should be changed, then surely you must accept that things like blindly respecting your elders without questioning them are also wrong.
Just because a thief boots your install, doesn't mean they will attach it to a network... You'd need to ensure the laptop had functional 3g connectivity built in (ie with a valid sim etc)...
This also brings up another problem, in order for the tracking software to run your drive needs to be unencrypted, so you have a tradeoff - do you care about the hardware or the data? If just the hardware then you might as well just insure it and get a replacement, and if the data you probably dont want it left unencrypted (and really should keep backups).
Only in this case, convenience wins out...
Needing a staff member to physical intervene in order to boot the server is far too much of an inconvenience, so it will be configured either to obtain the key from the HSM automatically on boot (and thus the attackers could do the same), or it will be a network based system as you mention in which case when you steal the server you need to steal the key server too.
Even if you do have someone physically enter the key, you have the added inconvenience of managing who has the keys... You don't want too many people as the chance of losing/leaking goes up, but too few and the chances of the guys with the key being unavailable when needed goes up. You end up with things like the keys on stickers attached to the front of the machine, which again provides no benefit if the server is physically stolen.
Other countries would be monitoring communications in just the same way if they had the opportunity to do so...
By making use of and becoming dependent on US products and US services you walked right into it, and the US government doesn't even pretend to offer any rights to foreigners located outside its borders. The constitution is for US citizens.
If you don't like being spied on by the US government, don't use products from companies under their jurisdiction.
LibreOffice refers to this as "web layout", and its right there in the view menu.
As for why it doesn't work like LaTeX, i guess thats because its aiming at a totally different market... Most people simply don't understand the idea of formatting being separated from content, they just want to lay the page out as they see it - as if they were doing it by hand. Also modern word processors have moved more towards traditional DTP applications, where there is a focus on layout rather than on typesetting a large body of text.
It's well documented, you can find examples all over google, eg:
http://hints.macworld.com/article.php?story=20111230095628470
Infact there are many people who use libreoffice to open and convert corrupted (or very old) files which are making msoffice crash, libreoffice is far more tolerant of unexpected data in the input files as unexpected data is a given when attempting to reverse engineer undocumented formats.
And to give one personal example, msoffice 97 onwards had a bug in the macro function whereby the line counting function ignored lines with bullet points, so we had an extremely kludgy macro which counted the lines and then iterated through looking for bullet points and increased the line count accordingly... MS decided to fix this particular bug in a "security update" for office 2003, but then reintroduce the bug in 2007... Obviously this kludgy macro catastrophically broke the day that patch got rolled out.
I could understand if it broke going from 2003 to 2007, but not for what is supposed for be a security update to change something like that.
Also even moving files between the exact same patch release of msoffice on different machines can cause problems with formatting, as it reformats depending on available fonts and printer settings.
Gnumeric is great, tends to focus on accuracy too whereas msexcel truncates numbers over a certain size (among other weirdness) and libreoffice seems to copy it...
However...
If they weren't designed to do things then they wouldn't be able to do them, would they?
I could use a 40 ton truck to deliver a single letter, i could drive myself to work in that same truck, and if all i had was a 40 ton truck and i only wanted to do the journey once or twice i might even do so, despite how awkward it would be driving such a large vehicle not to mention the fuel usage.
On the other hand, the more often i did these things the more inefficient it would be to use a 40 ton truck for such things, and i might be better off buying a regular car or even a bike.
An unsuitable tool might do as a temporary substitute, but long term you really want to use an appropriate tool for the job.
And despite all this, and the fact they target far fewer platforms, MS still puts out an extremely buggy application, with poor forwards/backwards compatibility, virtually no intentional interoperability with anything else, and major inconsistencies between the 2 platforms that they do support.
The only difference with MS bugs is that users have come to expect them and know the workarounds. Ask anyone who uses ms applications heavily and they will have all kinds of kludgy hacks memorised to get around functionality which doesn't work correctly.
VGA was always a lowend tech, intended for at the time lowend machines.
Highend workstations from Sun, SGI etc were capable of much more in those days, eg http://en.wikipedia.org/wiki/List_of_common_resolutions lists the sun-2 workstations as defaulting to 1152x900.
SGI IRIS 1000 was doing 1024x1024 in 1983 too according to http://www.sgistuff.net/hardware/systems/iris1000.html
They require that you "encrypt" the data, but they also typically require that you send the data unencrypted (albeit tunnelled over ssl) to actually process a payment, so while the data may be encrypted on disk the server typically also has the ability to decrypt it on demand in order to make use of it... So it's just a case of a hacker working out how, and then triggering the same process to extract the data.
On the other hand, a self signed certificate which you have explicitly accepted is in many cases *BETTER* than a ca verified cert. In the former case you have explicitly chosen to trust a single party, whereas in the latter you are reliant on a large number of organisations.
So instead of burning cpu cycles, you are burning crypto processor cycles plus you have the cost of buying the hardware in the first place and possibly the bus overhead of sending data to/from the device.
If the server gets compromised while its running, the data is accessible because the server needs access to the data in order to function.
If the server gets physically stolen its likely the crypto hardware will be stolen with it. If you store the key somewhere it can be automatically obtained and used then the key can be stolen too, if you enter the key manually on bootup (ie how you would on a laptop) then you require physical intervention if the server reboots for any reason.
Encryption has its uses, but its not a magic bullet, and poor/inappropriate use of encryption is damaging - not only does it waste resources unnecessarily, but it also brings a false sense of security and encourages lazy thinking... People will simply implement the bare minimum required to comply with the law, which will probably mean encrypting the data while leaving the key on the same box.
You will also end up with a "one size fits all" attitude, which is clearly ridiculous...
You need to consider *what* data your storing, *why* your storing it and *what* needs to access it.
You can segregate the data so that some is only accessible by those systems that need it.
You can tokenize the data, eg for repeat billing of a credit card you can store a token agreed only between you and your payment processor.
You can store rarely referenced data with public/private keys, leaving only the public key online and keeping the private offline for use when necessary.
No, pushing a one size fits all "encrypt your data" mandate is stupid and will only make things worse, each individual case needs to be designed by someone who understands the needs and is technically competent.
Some places only use javascript for validation, so you can bypass it trivially...
With 95 you were given the choice of using the new explorer interface or the old task man interface that 3.11 used... Many users chose to stick with the old ui.
Which is just an extension of the old kludges they've been implementing since XP...
Displaying the login screen quickly isn't terribly useful if its continuing to boot in the background such that your login and initial use of the machine is significantly slower.
The real boot time, is the time it takes to be ready for you to use it properly.
So what's to stop them opening up those bits that they do own, and then allowing the community to fill in the blanks?
Considering people are willing to try writing a complete driver from scratch, replacing a few missing bits in an otherwise complete driver isn't much of a stretch.
It is the point, his current connection may be all that's available in the area where he lives and thus netflix does not offer a usable service where he is while thepiratebay does offer a usable service.
But... windows is meant to be easy to use, only linux users have to jump through hoops to optimize the boot process and and....
You rely on a third party to host your site, you play by their rules...
If you don't like that, host the site yourself... Especially if you're making money from the site by filling it with ads.
Although unix was originally developed with a security model, individual code often wasn't... People who wrote code weren't thinking that buffer overflows or format string bugs could be exploitable, and many things were designed based on being connected to a largely trusted network of academics where there would be very little to gain anyway.
People developed clear text protocols like telnet, operating systems included remotely accessible unpassworded guest accounts by default, and then you have relatively naive protocols like smtp which has resulted in many of the spam problems we see today and could have been avoided with better protocol design.
People learned and improved, and then microsoft came along very late to the party with a lot of code that was designed for an environment where there was simply no security model whatsoever.
The point is not that open source is perfect, the point is that it is better than the alternative and perfection is almost never attainable so we make do with the best available.
The biggest advantage btw, is that open source code is seen by disparate groups of individuals with entirely different agendas. Whereas closed source code is typically only seen by 1 or two groups of people:
1, Those who have a direct contractual agreement with the organisation creating the code and thus have have to toe the company line.
2, Those who have acquired the source through illegal means, who are by very definition criminals and thus are likely to use the code to carry out further criminal activities, or not disclose any information for fear of being caught.
Only two agendas, and neither of them are beneficial to the agenda of the average end user of the code.
Well if you're talking on a countrywide scale, only one group in each country needs to verify that the code is suitable for use by that country and build binaries from it. The cost of hiring a few developers to go through the code is nothing in the budget of most countries.
The problem with compromise is that when dealing with powerful adversaries you give a little, and they want just a little bit more... This continues, and eventually you've given them everything. You have to stand your ground or you end up with nothing.
Just look at the gradual creep of copyright, or the gradual increase of surveillance... It all starts off small and reasonable sounding, but once you give one small concession in the name of compromise they always start pushing for more.
If you dont trust the machine your currently using, then what's the point moving your server? If you log in to your server from an untrusted machine then irrespective of how secure and trustworthy your server is, who's to say a backdoor on the workstation couldn't be used to steal your authentication data and gain access to the server (or even just hijack a live in progress session).
And many companies and large government departments outsource their IT to third parties anyway, even if the physical hardware is kept in house they are typically managed by someone else.