I know this is the UK, but why isn't this a regulation like the FAA height and drone limitations near airports? We don't need to take away the devices, we need to deal appropriately with where they can, and in this case, cannot be used.
If I recall correctly, the levels do serve a purpose (or at least were supposed to serve a purpose). The reason for the levels is so that funding can be tied to a specific level. For example, there may be funding to support a certain number of person hours at yellow and more hours to support more guards, etc. when you reach orange. The point is, without some kind of level that takes a subjective "bad stuff is more likely to happen/has happened" and changes it to "we are now at orange/red", it is nearly impossible to get approval for additional resources rolled out throughout government entities quickly enough to be of any benefit. If you take away the level's you end up with a scenario where they say, "we have a high probability of an attack in this area"; the leaders in the field say, "so does that mean we can bring in more resources?"; and the question doesn't through all the channels to get an answer until the threat has passed or the attack has occurred.
I have two slashdot readers and one of them did not read the article before they posted a reply on a Tuesday. What is the probability that the other didn't read the article as well?
With the current availability of fairly inexpensive bandwidth, why are you running servers at your location? There simply isn't much justification for any business not in the fortune 500 to go the route of "build your own" Catacenter. If it must be up, look at the option of renting rack space from a Telecom provider that takes care of generator power for you. Most of these will do a rack for a couple hundred a month that includes the generator backup. You may need to get a small UPS that handles the "blip" until the generator kicks in (they usually tell you that you need a few seconds of UPS), but it sounds like you already have units to put at the bottom of the rack that will handle that. You then have servers that will survive as long as the provider has fuel. Anything else is going to cost you far more. Most likely you can find one that will provide decent bandwidth from your location to theirs and provide you with an Internet connection at the Colo that is less expensive because it doesn't have the local loop to your facility. This probably would offset much of the cost for bandwidth that you will need from your office to your servers at the Colo.
Am I the only one who thinks the headline on this reads like common media spin? So basically Microsoft has a bug that happened to be used against Google and the headline reads like Google was doing some hacking. This only leaves me wondering how much did the Microsoft PR people paid to get that worded that way.
You have to be a PHP programmer to understand PHP code well enough to say that it's bad. So is your statement a lie or are you a bad programmer?
And I would submit that anyone who turns out bad PHP is not a good programmer in other languages either. The fact is that other languages may make it harder to turn out bad code, but if you program correctly, you shouldn't need the language ot make it hard. However, if you rely on the language to keep you out of trouble, you are going to eventually find a way around the language's protections.
I think this is a great question. I would submit that many people who avoid facebook and other applications still have enough of this information in text or pictures that is posted by their friends. Regardless of whether you've ever joined facebook, it's likely that you are tagged in a bunch of photos or listed in a comment or two. The linkages of those tags could be used to do similar research. The point is that you can't stick your head in the sand. Social Networks exists.
This article has a crucial flaw. It merges the concepts of innovation and polish.
Much of the FOSS software is lacking in polish. The interface may not be pretty or there is a single feature that is a bit hard to set or whatever; however, that has nothing to do with innovation. Innovation is the moving forward into new features and capabilities. In that realm, FOSS is frequently the leader. Why? Because in many cases the proprietary systems look at what the majority of users will want and ignore the minority groups. When you do this, you end up with the worst of all worlds from a feature standpoint. It is a challenge to support the beginning user and the advanced user at the same time. It's a challenge to allow the business user to utilize the same product as the technical users or even home users. The place were FOSS most shines is in the fact that the products are open so that a developer can step in and say, "This product would be better for group X if we added this functionality so I'll add it." In some cases that developer is in group X.
I am an owner of an Ipod Touch. I absolutely love the thing. I can do about 80% of what I want on it. Why only 80%? Not because the capabilities I want are complicated or costly to employ. Because the manufacturer feels that my use of the device is a minority use so they never developed the features. For example: I heavily use my Ipod Touch as what it is (an Ipod... read the term pod as in podcasting). I listen to multiple podcasts daily. I can now download podcasts directly over wifi; however, the feature is crippled by the fact that the Ipod Touch will not keep a list of your podcasts. The only way to keep a list of the podcasts you listen too on the device is to keep around an episode of the podcast. That combined with the fact that the device allows no feature for "download all new episodes of my podcasts" (which it couldn't do without the list or you would have to keep around old episodes for it to know what podcasts you listen too) make the device a pain to work with. As an alternative, it would be great to sync over wifi with my computer, but that's not possible either. So, a device that is meant to listen to podcasts on the go and has wifi support and the ability to download over the air makes it painful to do so without a frequently cabling. This is the exact place where a FOSS approach would shine. A developer would be able to add one or more of these features without having to get the original developers to "come around".
So, I can see that FOSS sometimes fails on the polish side and may not always produce the best interface, but the idea that it lacks in innovation simply put does not make any sense.
It's bad enough when I screw up a config and it takes down my mail, but what about when it happens to the entire globe at once?
I was reading this comment and it occurred to me that the latter is actually preferred. With the first option, your systems are messed up, but everyone else wants you to continue to conduct business. With the latter situation, your systems are down and so are the people who would normally be trying to reach you.
I believe your right. It appears that the first was, in fact, a shorten version of the longer post. Both conveyed the same concept and nearly all details could be implied from the original statement.
Furthermore, I believe it should be pointed out that the first post was only a single sentence in length; however, the second post was a full three paragraphs of text.
I just wrote this to point out that your statement was indeed correct and appeared too short so I figured I should expand on it. Perhaps the second poster will understand a three paragraph explanation of your statement.
How about your SMTP server accepting my spam? Is that also fair game? Again this one is a case where I make the first connection. In the case of WiFi, the access point that was sending beacons made the first attempt. One could argue that if you were sending the beacons and didn't intend to allow me to connect, you violated the FCC rules that your radio signals are not allowed to interfere with others devices.
What about exploits giving me access to your system? Again, this is a "break in" not a connection to a service that solicited the access.
Buying a wireless access point is similar to going into a store where there is a box with flyers in it that says, "Free - Take One". You go the manager and say, "I need a box like that to put my pens in. Will you sell me the box?" You buy the box and take it to your business to put your own stuff in it, but you don't remove the "Free - Take One" message from the box. Or in the case of setting a new SSID and not enabling WEP or disabling beacons, you repaint each letter in a different color. Later you have a customer come by and take your pens. Who was wrong here?
No, but if you sshd sent an email to me saying I opened up this port for you to connect go ahead, then yes you granted permissions.
I can't even begin to comprehend why some have such a problem understanding the beacon thing. When you have a open wifi network with SSID broadcast, your device is sending out a signal that asks people to connect. It's not the same as an open door. It's an open door and a person standing next to it with a bullhorn saying, anyone can come in.
No actually there is a difference here. Your door does not send out a beacon saying, "Hey I'm here, I'm unlocked, and I'm asking for people to come inside."
The majority of users don't hate advertising, they hate the advertising they have been given. Google is a unique company on the net; their success is largely due to the fact that there is not a concentrated effort to remove their advertisements at all costs. Why? There is a perception by the users that Google's advertisements are not intrusive and annoying. So what's special about Google's advertising methodology:
They don't use images - Advertisements that uses images, and in particular large flashing animate images, on a web page speaks the following to me:
The organization believes I am too stupid to read their single line entry telling me about their product.
The organization doesn't value my time because they are using their advertisement not simply to compliment my experience, but they are trying at all costs to waste my time in finding the information that they pushed off the page with their advertisement.
I do not want to do business with this organization ever. In fact, I might want to take note of their name and consider using a competitor who hasn't shown this disregard for their customer's time.
Most, if not all, of the advertisements are in some way related to what I am viewing.
I am out there searching for a news article on a recent event and having the main advertisement tell me about a new medicine for something.
The advertisements are only slightly different from the search results (shaded background) and may actually be a valid choice for what I'm trying to find.
The front page doesn't have advertisements. If you are a search company, your front page should be a search page. It shouldn't have a ton of news and advertisements on it. If I want news, I will click on a news link or go to news.whatever.com. I don't need a page like www.yahoo.com that during network slowness is going to take time to load.
Assuming this organization gets off the ground, I wonder if there would be any grounds for a lawsuit against them for "damages sustained" while a vendor is arguing over the price for a fix. For example, if the vendor wished to create a fix for me but couldn't because this organization was giving them grief, could I or my customers sue because of losses sustained due to the vulnerability. What if the breached caused directly traceable bodily injury (someone breaking into a system used by law enforcement, health care, firefighters, etc.)? If this kind of suit is possible, I would think that a patent on the "fix" for something would be a risky business.
Agreed. If the DSL service doesn't make money without the Phone service, then business model that is messed up is with the carrier.
If a DSL, Cable Modem, or FIOS service does not pay for itself purely based on the data service, then the provider is not charging enough for the data portion. If you take the cost of a DSL line and say it is X then there should be a cost Y and Z which amount to the data and the voice portion. If you want to expand it one step further you could add in the cost of the copper as a W. At any case X' (the marked up version of X) should work as the price for the customer for the whole thing and likewise, the marked up version Y' + W' should work for the customer price of the data only portion. If you don't have a way to determine those costs then something is wrong with your business model.
I understand that there are "market pricing" situations that make things a bit more complicated than that, but in the world of the physical transport to the house, there is usually only two delivery services so there's not a fierce competition in that area.
The methods described in this article don't seem to be very useful. I have seen one method that works fairly well. Come up with a sentence you know you can remember. It can be something out of the blue like: "I prefer accessing Gmail in Firefox for the skins extension." Then make your password "IpaGiF4zse". The first letter of each word, the number 4 or 2 for for or to, too, etc. Even other ones can be used like 8 for ate and 3 for a word starting with e. The z makes sense for a replacement of t in the because if you use the pronunciation of the that sounds like thee, z and thee are fairly similar. Those types of schemes make sense.
But the better answer is:
Get a program like passwordSafe. It's GPL and it works great it even can generate the random passwords for you with whatever rules the given site or system allows. Just copy the database file to a backup every so often and all is well.
More specifically, it's the step in the automatic update process where it identifies what should be downloaded. Once the list is compiled, it seems to do fine with downloading and installing. This means that if you machine is set on any of the options except no updates, it may possibly lock up for anywhere from 10-30 minutes. This just started happening for a number of machines that I use. I've seen it on at more than 5 XP Pro machines and at least one XP Home machine. The first machine it happened on, I thought was a virus. I hard rebooted the machine multiple times (and 30 seconds after login svchost.exe would kick off again) before I found out someone else was having an issue and it resolved itself after about 15 minutes. During the problem, you can't even get the task manager to come up because the system gives everything to svchost.exe for the check. If you have the task manager up before it kicks off, you can actually see that it does in fact take the whole system for that process.
Interestingly enough, I never saw this behavior until this last round of patches.
Not exactly. Actually, in the USA it is for neither of those reasons.
To promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries;
The key portion here is the reason for which Congress is allowed to secure the rights to authors and inventors. The purpose is to promote the progress of science and the useful arts. I think the problem that many who post on here have with patent and copyright laws in general is that often they are imposed not to promote the progress but to stifle it. As a result, it would stand to reason that Congress doesn't really have the right to provide a patent for that purpose and therefore the granting of the patent would be unconstitutional. While this is not the way our legal system sees it, it is the way the language was written by our founding fathers.
I believe that would violate #3: Implemented by multiple vendors. If that provision is as it states, then no one company could release a plugin for everyone else's product and thereby make their standard be supported by "multiple vendors".
Agreed. This is the real value of the a degree. I occasionally use information from my major; however, I have found that I use a lot more of Tech writing and Micro Economics. I took intermediate Micro Economics to avoid having to take another art class for my general education courses and that has been a great help. I have coworkers who did it without the degree; however, when it comes time to write a proposal for new business or make a business case for something, those of us with degrees are the ones who are asked to help. The simple fact is that the ones without a degree are less likely to know how to write a professional document.
Agreed. Watermarks are much better than the DRM approach. My issue is not with the use of a watermark which allows you to determine the source of the file in the event of a questionable situation. My concern is with the automatic analysis of content. This approach is basically a guilty until proven innocent. This is like saying, you may have stolen things from me and people use their house to store things that are stolen so I'm going to send someone around to look into your house to see if anything of mine is there. Unless you have good reason to believe something is there and go get the government to request a warrant, your not to be on my property snooping around outside of the limits of what I say is acceptable. If I say you can analyze all the music on my site, your okay. But, if I say you can listen to it, but you can run a robot against it, you just did the equivalent of standing outside my house and looking in the windows without my permission.
Slashdot Mirror
I know this is the UK, but why isn't this a regulation like the FAA height and drone limitations near airports? We don't need to take away the devices, we need to deal appropriately with where they can, and in this case, cannot be used.
If I recall correctly, the levels do serve a purpose (or at least were supposed to serve a purpose). The reason for the levels is so that funding can be tied to a specific level. For example, there may be funding to support a certain number of person hours at yellow and more hours to support more guards, etc. when you reach orange. The point is, without some kind of level that takes a subjective "bad stuff is more likely to happen/has happened" and changes it to "we are now at orange/red", it is nearly impossible to get approval for additional resources rolled out throughout government entities quickly enough to be of any benefit. If you take away the level's you end up with a scenario where they say, "we have a high probability of an attack in this area"; the leaders in the field say, "so does that mean we can bring in more resources?"; and the question doesn't through all the channels to get an answer until the threat has passed or the attack has occurred.
I have two slashdot readers and one of them did not read the article before they posted a reply on a Tuesday. What is the probability that the other didn't read the article as well?
100%
With the current availability of fairly inexpensive bandwidth, why are you running servers at your location? There simply isn't much justification for any business not in the fortune 500 to go the route of "build your own" Catacenter. If it must be up, look at the option of renting rack space from a Telecom provider that takes care of generator power for you. Most of these will do a rack for a couple hundred a month that includes the generator backup. You may need to get a small UPS that handles the "blip" until the generator kicks in (they usually tell you that you need a few seconds of UPS), but it sounds like you already have units to put at the bottom of the rack that will handle that. You then have servers that will survive as long as the provider has fuel. Anything else is going to cost you far more. Most likely you can find one that will provide decent bandwidth from your location to theirs and provide you with an Internet connection at the Colo that is less expensive because it doesn't have the local loop to your facility. This probably would offset much of the cost for bandwidth that you will need from your office to your servers at the Colo.
Am I the only one who thinks the headline on this reads like common media spin? So basically Microsoft has a bug that happened to be used against Google and the headline reads like Google was doing some hacking. This only leaves me wondering how much did the Microsoft PR people paid to get that worded that way.
You have to be a PHP programmer to understand PHP code well enough to say that it's bad. So is your statement a lie or are you a bad programmer?
And I would submit that anyone who turns out bad PHP is not a good programmer in other languages either. The fact is that other languages may make it harder to turn out bad code, but if you program correctly, you shouldn't need the language ot make it hard. However, if you rely on the language to keep you out of trouble, you are going to eventually find a way around the language's protections.
I think this is a great question. I would submit that many people who avoid facebook and other applications still have enough of this information in text or pictures that is posted by their friends. Regardless of whether you've ever joined facebook, it's likely that you are tagged in a bunch of photos or listed in a comment or two. The linkages of those tags could be used to do similar research. The point is that you can't stick your head in the sand. Social Networks exists.
Why not use something like:
This is a less important part of the contract
---- Start of Conspicuous Text --- .. ..
This product is provided "as is"..
--- End of Conspicuous Text ---
Another less important part of the contract.
This article has a crucial flaw. It merges the concepts of innovation and polish.
Much of the FOSS software is lacking in polish. The interface may not be pretty or there is a single feature that is a bit hard to set or whatever; however, that has nothing to do with innovation. Innovation is the moving forward into new features and capabilities. In that realm, FOSS is frequently the leader. Why? Because in many cases the proprietary systems look at what the majority of users will want and ignore the minority groups. When you do this, you end up with the worst of all worlds from a feature standpoint. It is a challenge to support the beginning user and the advanced user at the same time. It's a challenge to allow the business user to utilize the same product as the technical users or even home users. The place were FOSS most shines is in the fact that the products are open so that a developer can step in and say, "This product would be better for group X if we added this functionality so I'll add it." In some cases that developer is in group X.
I am an owner of an Ipod Touch. I absolutely love the thing. I can do about 80% of what I want on it. Why only 80%? Not because the capabilities I want are complicated or costly to employ. Because the manufacturer feels that my use of the device is a minority use so they never developed the features. For example: I heavily use my Ipod Touch as what it is (an Ipod ... read the term pod as in podcasting). I listen to multiple podcasts daily. I can now download podcasts directly over wifi; however, the feature is crippled by the fact that the Ipod Touch will not keep a list of your podcasts. The only way to keep a list of the podcasts you listen too on the device is to keep around an episode of the podcast. That combined with the fact that the device allows no feature for "download all new episodes of my podcasts" (which it couldn't do without the list or you would have to keep around old episodes for it to know what podcasts you listen too) make the device a pain to work with. As an alternative, it would be great to sync over wifi with my computer, but that's not possible either. So, a device that is meant to listen to podcasts on the go and has wifi support and the ability to download over the air makes it painful to do so without a frequently cabling. This is the exact place where a FOSS approach would shine. A developer would be able to add one or more of these features without having to get the original developers to "come around".
So, I can see that FOSS sometimes fails on the polish side and may not always produce the best interface, but the idea that it lacks in innovation simply put does not make any sense.
It's bad enough when I screw up a config and it takes down my mail, but what about when it happens to the entire globe at once?
I was reading this comment and it occurred to me that the latter is actually preferred. With the first option, your systems are messed up, but everyone else wants you to continue to conduct business. With the latter situation, your systems are down and so are the people who would normally be trying to reach you.
A program you have just launched is trying to turn on your lights. Cancel or Allow.
I believe your right. It appears that the first was, in fact, a shorten version of the longer post. Both conveyed the same concept and nearly all details could be implied from the original statement.
Furthermore, I believe it should be pointed out that the first post was only a single sentence in length; however, the second post was a full three paragraphs of text.
I just wrote this to point out that your statement was indeed correct and appeared too short so I figured I should expand on it. Perhaps the second poster will understand a three paragraph explanation of your statement.
Buying a wireless access point is similar to going into a store where there is a box with flyers in it that says, "Free - Take One". You go the manager and say, "I need a box like that to put my pens in. Will you sell me the box?" You buy the box and take it to your business to put your own stuff in it, but you don't remove the "Free - Take One" message from the box. Or in the case of setting a new SSID and not enabling WEP or disabling beacons, you repaint each letter in a different color. Later you have a customer come by and take your pens. Who was wrong here?
No, but if you sshd sent an email to me saying I opened up this port for you to connect go ahead, then yes you granted permissions.
I can't even begin to comprehend why some have such a problem understanding the beacon thing. When you have a open wifi network with SSID broadcast, your device is sending out a signal that asks people to connect. It's not the same as an open door. It's an open door and a person standing next to it with a bullhorn saying, anyone can come in.
No actually there is a difference here. Your door does not send out a beacon saying, "Hey I'm here, I'm unlocked, and I'm asking for people to come inside."
Assuming this organization gets off the ground, I wonder if there would be any grounds for a lawsuit against them for "damages sustained" while a vendor is arguing over the price for a fix. For example, if the vendor wished to create a fix for me but couldn't because this organization was giving them grief, could I or my customers sue because of losses sustained due to the vulnerability. What if the breached caused directly traceable bodily injury (someone breaking into a system used by law enforcement, health care, firefighters, etc.)? If this kind of suit is possible, I would think that a patent on the "fix" for something would be a risky business.
Agreed. If the DSL service doesn't make money without the Phone service, then business model that is messed up is with the carrier.
If a DSL, Cable Modem, or FIOS service does not pay for itself purely based on the data service, then the provider is not charging enough for the data portion. If you take the cost of a DSL line and say it is X then there should be a cost Y and Z which amount to the data and the voice portion. If you want to expand it one step further you could add in the cost of the copper as a W. At any case X' (the marked up version of X) should work as the price for the customer for the whole thing and likewise, the marked up version Y' + W' should work for the customer price of the data only portion. If you don't have a way to determine those costs then something is wrong with your business model.
I understand that there are "market pricing" situations that make things a bit more complicated than that, but in the world of the physical transport to the house, there is usually only two delivery services so there's not a fierce competition in that area.
Of course you could use 12345 for all your passwords. Wait, no don't do that; that's already used for my luggage.
The methods described in this article don't seem to be very useful. I have seen one method that works fairly well. Come up with a sentence you know you can remember. It can be something out of the blue like: "I prefer accessing Gmail in Firefox for the skins extension." Then make your password "IpaGiF4zse". The first letter of each word, the number 4 or 2 for for or to, too, etc. Even other ones can be used like 8 for ate and 3 for a word starting with e. The z makes sense for a replacement of t in the because if you use the pronunciation of the that sounds like thee, z and thee are fairly similar. Those types of schemes make sense.
But the better answer is:
Get a program like passwordSafe. It's GPL and it works great it even can generate the random passwords for you with whatever rules the given site or system allows. Just copy the database file to a backup every so often and all is well.
In this case it is the automatic updates.
More specifically, it's the step in the automatic update process where it identifies what should be downloaded. Once the list is compiled, it seems to do fine with downloading and installing. This means that if you machine is set on any of the options except no updates, it may possibly lock up for anywhere from 10-30 minutes. This just started happening for a number of machines that I use. I've seen it on at more than 5 XP Pro machines and at least one XP Home machine. The first machine it happened on, I thought was a virus. I hard rebooted the machine multiple times (and 30 seconds after login svchost.exe would kick off again) before I found out someone else was having an issue and it resolved itself after about 15 minutes. During the problem, you can't even get the task manager to come up because the system gives everything to svchost.exe for the check. If you have the task manager up before it kicks off, you can actually see that it does in fact take the whole system for that process.
Interestingly enough, I never saw this behavior until this last round of patches.
The key portion here is the reason for which Congress is allowed to secure the rights to authors and inventors. The purpose is to promote the progress of science and the useful arts. I think the problem that many who post on here have with patent and copyright laws in general is that often they are imposed not to promote the progress but to stifle it. As a result, it would stand to reason that Congress doesn't really have the right to provide a patent for that purpose and therefore the granting of the patent would be unconstitutional. While this is not the way our legal system sees it, it is the way the language was written by our founding fathers.
I believe that would violate #3: Implemented by multiple vendors. If that provision is as it states, then no one company could release a plugin for everyone else's product and thereby make their standard be supported by "multiple vendors".
Agreed. This is the real value of the a degree. I occasionally use information from my major; however, I have found that I use a lot more of Tech writing and Micro Economics. I took intermediate Micro Economics to avoid having to take another art class for my general education courses and that has been a great help. I have coworkers who did it without the degree; however, when it comes time to write a proposal for new business or make a business case for something, those of us with degrees are the ones who are asked to help. The simple fact is that the ones without a degree are less likely to know how to write a professional document.
Agreed. Watermarks are much better than the DRM approach. My issue is not with the use of a watermark which allows you to determine the source of the file in the event of a questionable situation. My concern is with the automatic analysis of content. This approach is basically a guilty until proven innocent. This is like saying, you may have stolen things from me and people use their house to store things that are stolen so I'm going to send someone around to look into your house to see if anything of mine is there. Unless you have good reason to believe something is there and go get the government to request a warrant, your not to be on my property snooping around outside of the limits of what I say is acceptable. If I say you can analyze all the music on my site, your okay. But, if I say you can listen to it, but you can run a robot against it, you just did the equivalent of standing outside my house and looking in the windows without my permission.