...many artists don't get famous/recognized until *after* they die. They are often characterized as ametures or bad artists by the critics of the day.
I think we'll see the same with computer technologies when old technologies start to resurface and we can fully understand their capabilities. If I knew which ones, I wouldn't tell you, I'd go and buy the patent on them:-). But you're right, times do change. It used to be that all programmers were nerdy guys without girlfriends. Now it's common for a programmer to be cool and socially (and financially!) well off (although we still have our fair share of nerds, such as myself).
do you have a link to that painting, BTW?
Look for "Paranoia (Surrealist Figures), 1944" on this page. It's not his most complicated painting but it is interesting to look at. Lower on that page is his painting "My Wife, 1945", which gives you an idea of how his mind would dart from one thought to another, mixing everything in his imagination.
If you really want to see how well he could mesh imagery, check out his Metamorphosis of Narcissus. It's my favorite Dali painting.
those $5 Sears Painters may be "real" artists on the side
Hey, Sears paintings kick my paintings' ass any day:-)
Re:Software isn't as much like poetry as he sugges
on
The Poetry Of Programming
·
· Score: 5, Insightful
The mathematics behind many clever algorithms is simply astounding to me. The beauty of recursion is something as natural and poetic as music to me.
But that's to me.
Also, for me, most abstract art and whatever they call those paintings that are just a big red circle, is garbage. I think it's a waste of paint and is only meaningful to the creator. But millions of people believe this type of painting is artistic, even poetic.
Until you get to professional levels, anyone can tell a lousy poem or an ugly painting. In professional levels, it becomes more subjective. Many people are employed as painters although they aren't good at making good art. $5 paintings sold at Sears have to be painted by someone. Similarly, there are a whole lot of mediocre programmers out there, employed as programmers in a low level job. Most programmers or even logical thinkers who aren't programmers can identify bad programming, just as most people who are even casually interested in art can tell when an unskilled and untrained hand has done the painting.
But when a programmer sees a great algorithm for the first time, whether in a textbook or on a napkin, there's a certain beauty to it, a certain mathematical/locical poetry to it. The artistic pleasure comes from realizing what the artist was thinking when the made the art, whether it's an ingeniously simple technique for a peer to peer system, or a woman both in the distance and in the foreground at the same time in a Salvador Dali painting.
Here's a hint, world! No one uses DOS anymore! We don't need 8.3 filenames!
Actually, they're kind of convenient, and even with long filename capability it's nice to have shorter file names sometimes when you have to revert to a pure command prompt (no mouse) for whatever reason. Linux's * autocomplete filenames feature is very useful. c:\progra~1\borlan~1\projects or c:\progra*\borlan*\projects is much faster than typing out the whole thing.
I wish you could have a file with two names; one enforced short length for speed/convenience, the other a 255 char descriptive, either of which could be used to call the file. Maybe database-based file systems will solve this. (yeah you can do it with hard and soft links in linux, but it's not automatic)
By contrast, who keeps a Microsoft product for five years without upgrading it? Especially in a corporate environment?... Agreed, most companies don't go 5 years without upgrading but there are certainly some that do.
Actaully, I'd say that the majority of medium to large corporations don't upgrade their OS any more frequently than 5 years. In a large company, it can take several years to work out a stable config that will work with older machines and servers during the transition, budget for it, and (the kicker) distribute it to all their employees. Most large companies use every other version of windows (many will likely skip XP and wait for Longhorn or whatever comes next, since 2000 is 'good-enough') since they come out too quickly to keep upgrading. Sure, the developers might need custom Win XP (or linux or anything) workstations, but most users will not know the difference between NT, 2000, and XP. If there are any day-to-day problems they have in NT or 2000, they're already used to dealing with them and aren't desperate for a new version on their workstation.
And companies which depend on their mainframe servers for critical business processing will hardly ever change the system. Taking a chance at diabling their entire operation is just not worth a few more features or faster processing, for most business operations.
there is likely a correlation between "humans with guns" appearing and "exermination of wolves, mountain lions, bobcats, and other deer predators".
Don't forget the non predators, such as the american buffalo, which used to roam in herds before eurpoeans settled in north america, but are now mostly found in zoos, due to their mega-meat-a-liciousness and hungry frontier hunters. This was joked on by the Simpsons.
There's no indication that it's actually working for those people.
If it wasn't profitable for the companies that advertise using spam, then they wouldn't do it. They're not dumb (from a marketing sense) and they don't have huge fortunes to waste on ineffective advetising. They spam because it's profitable, no other reason.
So, in an office that's using Open Office exclusively, wouldn't someone coming in not familiar with Open Office not have the skills to perform the required job?
That's a nice idea, and it might work during this lousy job market, but it'd be damaging to both you and the potential employee if you didn't hire a great candidate whose only problem is that he'd never used OpenOffice. You'd have to be in a really comfortable position economically, or on a tall moral high horse, to refuse candidates on such simple and non-critical grounds.
It's not that hard to teach the new hire in one afternoon how to use OpenOffice. How many features do most people use? Font type, size, color, and bold/italic/underline, and maybe style. Anyone who has used any modern GUI word processor can figure out how to do those things.
So, you're saying that if an IT manager who was concerned about his bottom line had his choice of paying for Microsoft products *or* free (as in beer) software that would read and write files from Microsoft users, he wouldn't jump at the chance to reduce costs?
The argument is that although MS Office license costs more, the costs of training folks to use OpenOffice.org could cost more. Also, since so many people already know MS Office (at a basic level at least), they don't need to be trained at all. Many businesses have already paid a one time license for a recent version of MS Office, so staying with it costs them nothing, while switching to OOo costs them for training. (although if MS goes with this new pay-per-year / forced-upgrade license, those OOo training costs might not look so bad)
Microsoft's digital signature system is a type of DRM (although the user is still in control of his own system with this type). ActiveX controls can be very powerful, and can execute commands on your computer. You wouldn't want to download a malicious activeX control to a windows computer, it could do virus-like damage. Digital signatures allows files such as activeX controls to be 'signed' by a 'trusted' company that has been registered with MS (i think). So if you're dl'ing an activeX control that has been officially signed by Macromedia, you can assume it's safe as long as you trust Macromedia. On activeX controls signed by Microsoft, it means the activeX control has been developed by MS and has not been changed since development, and most importantly that you can trust it not to cause any damage to your pc.
But now there is an MS-signed activeX file (see article) which has proven to be a security hazard. Plus, MS can't kill it, as it does have a valid MS digital signature (and other reasons). Most people have IE set to automatically trust Microsoft-signed activeX controls. So malicious webmasters can distribute this old activeX control to a user who has no way of telling that although it is signed by MS, it has a severe security flaw. So MS's early effort at trusted computing has proven vulnerable.
Actually, I suppose it is more a case of trusted-computing than of Digital Rights Management, but the two are related concepts in the sense that they both aim to label software or hardware as safe in order to be used. This situation shows that although something is labeled as safe (digitally signed by MS), it is actually not safe. DRM is more restrictive and less under user-control; the only thing that users can do at the moment is exercise the control that they have and remove MS from the auto-trust list.
What if something like this happens in a future DRM situation (palladium?), where the user isn't able to decide what's trusted and what's not, and MS can't fix it?
What makes you think that your 'new government' (read: Democrats) will be any better?
(sorry this is going off topic, I won't reply again unless it's about the new MS security hole)
The main thing that would be better (although it may be too late in 2-6 years) is that democratic presidents have tended to appoint federal judges that are more in line with my political and social views than republican-appointed judges. Several supreme court justices are reaching the age of retirement. I'm frightened that president bush will try to appoint supreme court justices who would want to repeal roe vs. wade, and would give bogus "because i said so" judicial opinions when they do. A republican dominated congress would likely pass the republican president's nominations, and I'd be stuck with a highly conservative supreme court for 30 or more years, not matter how many non-republican presidents are elected over those three decades, since supreme court justices are given lifetime appointments.
Starting a war in order to gain control of middle eastern oil production, and to finish a family feud (or voting for those who would), does indicate a lack of morals. Making a joke on slashdot doesn't.
If, like me, you're not pleased with the current (and soon to be republican dominated) government, you might want to do this: Encourage the government to join up with MS for a two-year contract, and make it a very visible decision. Then, furtively encourage hackers to fsck with all the new security holes in the governmental systems, in ways that do not directly hurt anyone but cause public outrage by privacy breaches, scandal exposures, and whatever else. Then, when elections come around, everyone will vote the republicans out, we can all get the new government to switch away from MS, and all will be fine in the world of tech and politics.:-)
Q: Why would an attacker be able to silently re-introduce the old version of the control? Shouldn't there be a warning message?
A: A warning message is generated anytime there's an error associated with a digital signature (e.g., a bad signature or expired certificate) or the signer isn't trusted. But in this case, the digital signature on the old version of the control is still valid, and the signer is Microsoft - which is a trusted publisher in many cases. Because of this, most users would not see a warning message of any kind if the old control was re-introduced.
Ha! Microsoft is now providing very well written ammunition to the Anti-DRM movement; this makes me very happy.
George Lucas (of American Graffiti fame!) showing up to say 'there is no free lunch'.
Although, with an estimated wealth of $2.5 billion, it's easy to forget that a "movie lunch" costs regular people at least $10 each these days, before the popcorn.
Lucas went on to say that the proliferation of free and illegal downloading of content on the Internet could eventually lead studios to shy away from spending as much as they do on blockbuster movies since it won't be nearly as profitable for them to do so. This could also wind up having a major impact on the quality of movies since Lucas said that the success of summer popcorn movies enable studios to finance more artsy films.
Excuse me while I shed a few tears for the poor movie industry. Waterworld spent hundreds of millions and it was just an OK (not to mention unprofitable) movie. Actors and puppets are much more realistic and engaging and inexpensive than computer animation, and make for a better movie, but that doesn't stop Lucas from overspending on CG. And since when do artsy movies require any sort of high budget, compared to the summer blockbusters? Oh well, we only made $300 million on this blockbuster, instead of $305 million on the last one, so we can't afford to make the $5 million "Painting for Harold" sequel.
The point is that even full disclosure only requires 'proof of concept' malicious code. There is no benefit on going the last step and widely circulating examples of code that actually f***s your hard disk.
The page with the code example linked from the Wired article is completely benign; the worst it does is write a text file to your C: drive. Someone would have to know more about IE tricks in order to turn it into something malicious.
In IE, bring the potentially malicious page to the front, then press Ctrl-O to get the Open prompt. Enter this:
javascript:void(location.replace=null)
then click OK. Now anytime that a javascript on that page tries to do a location.replace command will now instead issue a null command (no command at all). (Assuming the script hasn't already been activated, under an onLoad event or something)
This works with annoying exit pop-up ads too: javascript:void(window.onunload=null);
You can do this with all sorts of javascript commands that get abused. Find some offensive pages, look at their source, and disable the commands you see used often. (onunload is probably the worst and most often used).
If I don't know what the malicious code is, how am I supposed to avoid it?
Informed security is way better than uninformed security.
Anyone who wants to use this exploit will find out how. The exploit-users already know how to use it and will tell their friends, so we may as well know also.
Slashdot Mirror
...many artists don't get famous/recognized until *after* they die. They are often characterized as ametures or bad artists by the critics of the day.
:-). But you're right, times do change. It used to be that all programmers were nerdy guys without girlfriends. Now it's common for a programmer to be cool and socially (and financially!) well off (although we still have our fair share of nerds, such as myself).
:-)
I think we'll see the same with computer technologies when old technologies start to resurface and we can fully understand their capabilities. If I knew which ones, I wouldn't tell you, I'd go and buy the patent on them
do you have a link to that painting, BTW?
Look for "Paranoia (Surrealist Figures), 1944" on this page. It's not his most complicated painting but it is interesting to look at. Lower on that page is his painting "My Wife, 1945", which gives you an idea of how his mind would dart from one thought to another, mixing everything in his imagination.
If you really want to see how well he could mesh imagery, check out his Metamorphosis of Narcissus. It's my favorite Dali painting.
those $5 Sears Painters may be "real" artists on the side
Hey, Sears paintings kick my paintings' ass any day
The mathematics behind many clever algorithms is simply astounding to me. The beauty of recursion is something as natural and poetic as music to me.
But that's to me.
Also, for me, most abstract art and whatever they call those paintings that are just a big red circle, is garbage. I think it's a waste of paint and is only meaningful to the creator. But millions of people believe this type of painting is artistic, even poetic.
Until you get to professional levels, anyone can tell a lousy poem or an ugly painting. In professional levels, it becomes more subjective. Many people are employed as painters although they aren't good at making good art. $5 paintings sold at Sears have to be painted by someone. Similarly, there are a whole lot of mediocre programmers out there, employed as programmers in a low level job. Most programmers or even logical thinkers who aren't programmers can identify bad programming, just as most people who are even casually interested in art can tell when an unskilled and untrained hand has done the painting.
But when a programmer sees a great algorithm for the first time, whether in a textbook or on a napkin, there's a certain beauty to it, a certain mathematical/locical poetry to it. The artistic pleasure comes from realizing what the artist was thinking when the made the art, whether it's an ingeniously simple technique for a peer to peer system, or a woman both in the distance and in the foreground at the same time in a Salvador Dali painting.
I scream, you scream, this fridge screams to cool ice cream.
More than $300 billion might be required to make such a move.
Oops, I think I used the figure for their annual sales instead of their total assets.
- hostile
- takeover
- of
- microsoft
That'd end a lot of lawsuits, wouldn't it?Here's a hint, world! No one uses DOS anymore! We don't need 8.3 filenames!
Actually, they're kind of convenient, and even with long filename capability it's nice to have shorter file names sometimes when you have to revert to a pure command prompt (no mouse) for whatever reason. Linux's * autocomplete filenames feature is very useful. c:\progra~1\borlan~1\projects or c:\progra*\borlan*\projects is much faster than typing out the whole thing.
I wish you could have a file with two names; one enforced short length for speed/convenience, the other a 255 char descriptive, either of which could be used to call the file. Maybe database-based file systems will solve this. (yeah you can do it with hard and soft links in linux, but it's not automatic)
By contrast, who keeps a Microsoft product for five years without upgrading it? Especially in a corporate environment? ... Agreed, most companies don't go 5 years without upgrading but there are certainly some that do.
Actaully, I'd say that the majority of medium to large corporations don't upgrade their OS any more frequently than 5 years. In a large company, it can take several years to work out a stable config that will work with older machines and servers during the transition, budget for it, and (the kicker) distribute it to all their employees. Most large companies use every other version of windows (many will likely skip XP and wait for Longhorn or whatever comes next, since 2000 is 'good-enough') since they come out too quickly to keep upgrading. Sure, the developers might need custom Win XP (or linux or anything) workstations, but most users will not know the difference between NT, 2000, and XP. If there are any day-to-day problems they have in NT or 2000, they're already used to dealing with them and aren't desperate for a new version on their workstation.
And companies which depend on their mainframe servers for critical business processing will hardly ever change the system. Taking a chance at diabling their entire operation is just not worth a few more features or faster processing, for most business operations.
there is likely a correlation between "humans with guns" appearing and "exermination of wolves, mountain lions, bobcats, and other deer predators".
Don't forget the non predators, such as the american buffalo, which used to roam in herds before eurpoeans settled in north america, but are now mostly found in zoos, due to their mega-meat-a-liciousness and hungry frontier hunters. This was joked on by the Simpsons.
My father used to always reply to their request for last name by saying CASH.
Did he give his first name as "Johnny"?
or "Tango And"?
Here's a summary of the statement in English (from Dutch)
:-)
Dutch, huh? Well, that explains why I couldn't get google to translate the page from German to English
There's no indication that it's actually working for those people.
If it wasn't profitable for the companies that advertise using spam, then they wouldn't do it. They're not dumb (from a marketing sense) and they don't have huge fortunes to waste on ineffective advetising. They spam because it's profitable, no other reason.
So, in an office that's using Open Office exclusively, wouldn't someone coming in not familiar with Open Office not have the skills to perform the required job?
That's a nice idea, and it might work during this lousy job market, but it'd be damaging to both you and the potential employee if you didn't hire a great candidate whose only problem is that he'd never used OpenOffice. You'd have to be in a really comfortable position economically, or on a tall moral high horse, to refuse candidates on such simple and non-critical grounds.
It's not that hard to teach the new hire in one afternoon how to use OpenOffice. How many features do most people use? Font type, size, color, and bold/italic/underline, and maybe style. Anyone who has used any modern GUI word processor can figure out how to do those things.
So, you're saying that if an IT manager who was concerned about his bottom line had his choice of paying for Microsoft products *or* free (as in beer) software that would read and write files from Microsoft users, he wouldn't jump at the chance to reduce costs?
The argument is that although MS Office license costs more, the costs of training folks to use OpenOffice.org could cost more. Also, since so many people already know MS Office (at a basic level at least), they don't need to be trained at all. Many businesses have already paid a one time license for a recent version of MS Office, so staying with it costs them nothing, while switching to OOo costs them for training. (although if MS goes with this new pay-per-year / forced-upgrade license, those OOo training costs might not look so bad)
huh? what's the connection?
Microsoft's digital signature system is a type of DRM (although the user is still in control of his own system with this type). ActiveX controls can be very powerful, and can execute commands on your computer. You wouldn't want to download a malicious activeX control to a windows computer, it could do virus-like damage. Digital signatures allows files such as activeX controls to be 'signed' by a 'trusted' company that has been registered with MS (i think). So if you're dl'ing an activeX control that has been officially signed by Macromedia, you can assume it's safe as long as you trust Macromedia. On activeX controls signed by Microsoft, it means the activeX control has been developed by MS and has not been changed since development, and most importantly that you can trust it not to cause any damage to your pc.
But now there is an MS-signed activeX file (see article) which has proven to be a security hazard. Plus, MS can't kill it, as it does have a valid MS digital signature (and other reasons). Most people have IE set to automatically trust Microsoft-signed activeX controls. So malicious webmasters can distribute this old activeX control to a user who has no way of telling that although it is signed by MS, it has a severe security flaw. So MS's early effort at trusted computing has proven vulnerable.
Actually, I suppose it is more a case of trusted-computing than of Digital Rights Management, but the two are related concepts in the sense that they both aim to label software or hardware as safe in order to be used. This situation shows that although something is labeled as safe (digitally signed by MS), it is actually not safe. DRM is more restrictive and less under user-control; the only thing that users can do at the moment is exercise the control that they have and remove MS from the auto-trust list.
What if something like this happens in a future DRM situation (palladium?), where the user isn't able to decide what's trusted and what's not, and MS can't fix it?
What makes you think that your 'new government' (read: Democrats) will be any better?
(sorry this is going off topic, I won't reply again unless it's about the new MS security hole)
The main thing that would be better (although it may be too late in 2-6 years) is that democratic presidents have tended to appoint federal judges that are more in line with my political and social views than republican-appointed judges. Several supreme court justices are reaching the age of retirement. I'm frightened that president bush will try to appoint supreme court justices who would want to repeal roe vs. wade, and would give bogus "because i said so" judicial opinions when they do. A republican dominated congress would likely pass the republican president's nominations, and I'd be stuck with a highly conservative supreme court for 30 or more years, not matter how many non-republican presidents are elected over those three decades, since supreme court justices are given lifetime appointments.
Too bad you don't have any morals
(going a little off-topic, sorry)
Starting a war in order to gain control of middle eastern oil production, and to finish a family feud (or voting for those who would), does indicate a lack of morals. Making a joke on slashdot doesn't.
Let's hope the US Government gets it. ..."Microsoft seeks government partnership"
:-)
If, like me, you're not pleased with the current (and soon to be republican dominated) government, you might want to do this: Encourage the government to join up with MS for a two-year contract, and make it a very visible decision. Then, furtively encourage hackers to fsck with all the new security holes in the governmental systems, in ways that do not directly hurt anyone but cause public outrage by privacy breaches, scandal exposures, and whatever else. Then, when elections come around, everyone will vote the republicans out, we can all get the new government to switch away from MS, and all will be fine in the world of tech and politics.
From the MS Technet article:
Q: Why would an attacker be able to silently re-introduce the old version of the control? Shouldn't there be a warning message?
A: A warning message is generated anytime there's an error associated with a digital signature (e.g., a bad signature or expired certificate) or the signer isn't trusted. But in this case, the digital signature on the old version of the control is still valid, and the signer is Microsoft - which is a trusted publisher in many cases. Because of this, most users would not see a warning message of any kind if the old control was re-introduced.
Ha! Microsoft is now providing very well written ammunition to the Anti-DRM movement; this makes me very happy.
puppets make for better movies? wow, Dark Crystal must have been the greatest movie ever made
Actually, it's pretty high up on the list. (My list, anyway. I don't care about other people's lists)
George Lucas (of American Graffiti fame!) showing up to say 'there is no free lunch'.
Although, with an estimated wealth of $2.5 billion, it's easy to forget that a "movie lunch" costs regular people at least $10 each these days, before the popcorn.
Lucas went on to say that the proliferation of free and illegal downloading of content on the Internet could eventually lead studios to shy away from spending as much as they do on blockbuster movies since it won't be nearly as profitable for them to do so. This could also wind up having a major impact on the quality of movies since Lucas said that the success of summer popcorn movies enable studios to finance more artsy films.
Excuse me while I shed a few tears for the poor movie industry. Waterworld spent hundreds of millions and it was just an OK (not to mention unprofitable) movie. Actors and puppets are much more realistic and engaging and inexpensive than computer animation, and make for a better movie, but that doesn't stop Lucas from overspending on CG. And since when do artsy movies require any sort of high budget, compared to the summer blockbusters? Oh well, we only made $300 million on this blockbuster, instead of $305 million on the last one, so we can't afford to make the $5 million "Painting for Harold" sequel.
If this interests you, try reading Michael Flynn's Firestar saga of novels (i think there's 4 ni all)
The point is that even full disclosure only requires 'proof of concept' malicious code. There is no benefit on going the last step and widely circulating examples of code that actually f***s your hard disk.
The page with the code example linked from the Wired article is completely benign; the worst it does is write a text file to your C: drive. Someone would have to know more about IE tricks in order to turn it into something malicious.
After reading the proof-of-concept script at http://online.securityfocus.com/archive/1/298748, I now know at least to avoid blind links.
Also, I've come up with this possible solution:
In IE, bring the potentially malicious page to the front, then press Ctrl-O to get the Open prompt. Enter this:
javascript:void(location.replace=null)
then click OK. Now anytime that a javascript on that page tries to do a location.replace command will now instead issue a null command (no command at all). (Assuming the script hasn't already been activated, under an onLoad event or something)
This works with annoying exit pop-up ads too:
javascript:void(window.onunload=null);
You can do this with all sorts of javascript commands that get abused. Find some offensive pages, look at their source, and disable the commands you see used often. (onunload is probably the worst and most often used).
Major inspiration from this cnet builder page.
If I don't know what the malicious code is, how am I supposed to avoid it?
Informed security is way better than uninformed security.
Anyone who wants to use this exploit will find out how. The exploit-users already know how to use it and will tell their friends, so we may as well know also.
I've read that nVidia has stopped GeForce4 Ti4600 production and is only selling the GeForce4 Ti4200 GPU.
Where'd you read that?