The BIIIIIIIIIG advantage over Flash SWFs/AIR apps is that your entire app can be put into a single neat bundle.
Why is that such a big deal?
One reason is that it makes it harder for someone to steal your code. With HTML5 it is all open source as you end up doing your logic in JavaScript. With flash you get to keep your code locked away from prying eyes in actionscript that is precomplied into a BLOB. Open Source is all very well, but some people actually want to write closed source applications.
You usually have to sign up for a minimum term of 1-2 years, and in return for that they throw in a free or heavily discounted phone that you can upgrade for free at the end of that 1 or 2 years. This is a very different business model to the one you bought your home PC under, so expecting it to give you the same freedom is not very realistic.
The thing is, though, that you've signed a contract - you're going to be paying the carrier for two years no matter what you do with the phone, so why do the carriers care?
Because rooting your phone often enables things like tethering your phone to a PC or letting it run as a wifi access point. This lets you use far more bandwidth than you would if you were just using the phone. Since most of the carriers forbid you from tethering your phone in this manner in the contract they generally want the software installed on the phone to also enforce this.
In my case, this is one of the most useful features of having a smartphone.
Sorry, but we shouldn't have to fight teeth and nails to get proper access to devices we buy and own.
Being locked out of our own legally purchased devices is NOT normal.
Kind of like buying a computer and not being able to do what you want with it.
With your computer you actually paid the entire cost of its manufacture yourself at the checkout without any subsidy. With things like consoles and phones most people pay less than the actual cost of its manufacture, with someone else subsidising it in some way. In the case of a console the subsidy is dealt with internally by the manufacturer of the console. In the case of a phone the subsidy is paid by the carrier.
For phones you basically end up renting more than buying in most cases. You usually have to sign up for a minimum term of 1-2 years, and in return for that they throw in a free or heavily discounted phone that you can upgrade for free at the end of that 1 or 2 years. This is a very different business model to the one you bought your home PC under, so expecting it to give you the same freedom is not very realistic.
As I have said in a previous post above, most people want a subsidised cheaper device with a little less freedom rather than pay the full upfront cost of buying a phone outright.
This comes at the time when HTC are also stepping up their attempts at locking down their phones . The recently released LTE flagship — ThunderBolt is their most locked-down phone to date.
The submitter should know that the HTC Thunderbolt is just a customized variant of the HTC Desire HD provided for Verizon. Locking it up is almost certainly a Verizon-demanded attribute, and not an initiative from HTC. The Desire HD is unlocked in most of the world, and I doubt if a locked version can be obtained in countries with a more enlightened phone system.
In my part of the world (the UK) I can but any phone I like unlocked. I will be able to get updates for it as soon as the handset manufacturer releases them. I will however have to pay about $500 and this is the real issue. Most people do not want to be able to root their phone, what they want instead is a subsidy from the carrier to help them afford the upfront cost of the phone. The carrier provide this subsidy but with certain strings attached.
Since the carriers end up being the largest customers of the phone manufacturers it is the carriers who can demand different features from the handsets, and the phone manufacturers have to provide them. The end users get some say, but before most phones make it to the shops they have already been vetted by the carriers for the features they want. In my country most mobile phone shops on the high street are actually owned by the carriers anyway.
The only way this will ever change is if a large enough volume of us start skipping the carriers and buying direct from the manufacturers without that subsidy. Once we are doing this in sufficient volume then the likes of HTC and Motorola will start producing the phones we want rather than the phones the carriers want. Until then they will always concentrate on pleasing their best customers and that is the likes of AT&T and Verizon, not us.
This still might not help with Motorola though as they seem to have decided they want to lock their phones up regardless. But at least then they will see they do not sell many phones to end users so may find they actually start wanting to and change. While end users only buy a small percentage of phones directly they are not even subject to the slightest commercial pressure from us.
GeoHot should have waited to see if the suit against Sony prevailed. Breaking into their code in violation of his license is likely an illegal act that can get him in trouble even if he did it to get back a right he thinks he had.
Personally I think you are spot on with this, but the wheels of justice turn far too slowly for the likes of some.
Chances are that by the time this was finalised by the courts the PS3 will be consigned to the scrapheap of history and been superceeded by the PS4. For many people allowing Sony to prevent them doing something when they want to do it is not an option so breaking the law is the only one left. This is especially true of young gifted hackers like Mr Hotz, patience is usually something that comes more with age.
Not according to Slashdot users. Every single time copyright infringement or copying music/movies/etc. comes up on this site, the users here overwhelmingly argue that unless there is some physical thing taken, it's OK becuase it's not theft.
Bullshit. Nobody says that.(can you provide a link to posts that do?) People correctly say that copying files is not theft. That doesn't make it "OK", it just means that if a crime has been committed, it's something else, like copyright infringement. There is a reason there is a legal term "intellectual property": because it's different to physical property and has different laws and different offences against those laws.
If you hang around in these sorts of discussions you will certainly see plenty of people justifying the illegal copying of software or MP3s.
What's being done here is not really all that differrent from bittorrenting an MP3
It's completely different because it's being SOLD, and in the same market as the original software. The selling is the big crime. Arguing that this has some relation to filesharing is unjustified.
How different is it from the Pirate Bay though? They used to have adverts on the site and so they did get some revenues coming in. I very much doubt they were even covering their own costs but we do not actually know for sure.
What if I took someone else's paid app and posted it to the android market as an ad supported one without their permission? Would that be ok since I was not charging for it directly? This is becoming very akin to a lot of the torrent sites as many of them are ad supported.
This is all a bit shaky for me morally speaking and if you download stuff from a bittorrent site that you not actually run for moral reasons doesn't that make you a bit hypocritical?
What's more, the outcome of that case may well directly affect that of their case against GeoHot. Is it illegal to circumvent an illegal action, or is it self-defense?
I am not sure, but this is probably the key to this whole thing. There are however a few complications:
1) GeoHot was not only interested in the OtherOS feature. When he published the root keys for the PS3 he slightly overstepped what was needed to get the OtherOS feature back and was really going a bit too far in the direction of enabling software piracy. He later removed the keys but from what I remember there was no need to publish them at all, the other keys failOverflow released did everything apart from allow a PS3 to run a pirated PS3 game.
2) The DMCA is a terrible law. It would not surprise me if even though Sony may well lose the class action suit GeoHot will still have been guilty of breaching the DMCA
In theory I can charge you for sucking my cock. That doesn't make it a rational capitalist venture.
With few exceptions, programmers of OSS get paid fuck all, with only individuals and companies that support the OSS software (often written by others) being able to make a living.
RMS's ideology is a recipe for programmers to be worth less than refuse collectors. It's somewhat popular with those that want to use software for free. Much as bittorrent is somewhat popular with those who want movies for free. OSS is rather less popular with people people that actually create software.
That is far less diplomatic than my response to his post but far better:)
Bullshit. Nothing in the 'concept of free software' stipulates giving away stuff for free - it can be charged for.
Regardless of what the licence actually allows most open source software is given away free, with any money being made on services based on top. Now I personally do not like that model as it put my job (software development) as the loss leader that can be done away with most easily. The support services are all very well but it is very easy for a company to do away with that and just wait for the OSS community to develop any features they need adding.
I like OSS software as a concept but I am also forced to earn money for rent and such like. I would rather earn my living do something I enjoy (writing code) without having to constantly justify why my company needs to contribute something back to the open source projects whose software they use.
It is very easy for some people to see open source software as anti-capitalist, regardless of what the licence actually allows.
The FBI could have planted bugs in my apartment. They could bug my landline telephone. They could point a laser device at my window and pick up voice via the vibrations. They could be following me. They could have planted a tracking device on my car. Am I worried about this? No. Because there is no reason for the FBI to have any interest in me, and I'm not paranoid. It's certainly within the bounds of possibility, but then so is dying today by being struck by lightening. It's nothing to worry about and certainly not anything to inconvenience myself over by hiding in a cave.
RMS has mental issues.
Pretty much everything you say about yourself may be true, but I am not sure it would all apply to RMS.
The truth is that my government here in the UK has followed and eavesdropped on many people who were not exactly extremists so it would not surprise me too much if at one point the US government did keep tabs on Mr Stallman and hence give him reason to be a bit more paranoid than the rest of us.
He has spent years advocating a concept of free software that is not exactly perfectly in tune with the capitalist system as it involves giving stuff away that could be charged for. He has had personal meetings with some people like Hugo Chavez who are on a serious US state department shit list.
There is also the fact the people who are doing the monitoring are usually extreme paranoid individuals too, quite often with good reason. You only need to look at McCarthyism to realise that sometime they can either make mistakes or overstep the mark. There is also a certain amount of suspicion of anyone who does not want to be monitored and the assumption from those doing the monitoring that they have something to hide.
In light of this I find it quite easy to believe that he has spent at least some small period of time on some sort of state department watch list.
From a personal perspective though I have long since decided that none of this is really worth bothering about though as I have nothing to hide. If some big brother really want to track me then let them, it will just be a big waste of money though as my life is really not that interesting.
Apparently, the fuel rods are exposed and undercooled now. We should brace for a meltdown, which (fortunately) won't be as much of a disaster as Chernobyl. It will be obviously worse than Three Mile Island, though. Let's hope that the population has evacuated the region.
Normally I wouldn't reply to ignorant AC's but this takes the biscuit.
About the only good thing about Chernobyl was that it was inland so the meltdown did not reach the water table. In this case we have a Nuclear Reactor going critical right on the edge of an ocean. If this reactor melts down there is a very real risk it will contaminate the worlds oceans with radioactive waste. That will be a lot worse.
Also, I would be interested to know how much this thing could raise the temperature of the worlds oceans by, if at all. If anyone has any actual information please post a link (or a huge amount of maths justifying their theory)
Is it really this hard for/. editors to use the handy little search function this site provides and see if a story is a dupe? This story was even posted two days ago (albeit on a different website but it's pretty much the same thing).
People like yourself who are too lazy to read full articles love whining about dupes. The problem is that this is not a dupe. The article the other day was about Chrome 10 being released, this article is because someone actually bothered to benchmark it.
Whether someone benchmarking it is news worthy is a different question but you did not ask it, instead you just carped on about something being a dupe without reading it to see if it contained any new information. Quite often news outlets run a story that is very similar to one they ran previously if they have new information that was not available at the time they wrote the original.
>> Companies like Sony have no choice but to do whatever they can in order to make money for their shareholders..
It's not their fault for being evil. They were made that way. We should let them screw us. It's just how they do things.
Saying is not their fault is not the same thing as saying we should let the behaviour continue. They are entirely different. You can try and change someone's point of view without blaming them for hold that point of view in the first place.
I know why corporations screw us and I understand it. That does not mean I want them to carry on doing it I just think that blaming a single corporation is futile when the entire system is broken.
That "duty to the shareholders" you talk about? If unethical behavior actually resulted in losses, then duty to the shareholders would prevent it.
Exactly. But unfortunately it does not as most PS3 customers do not give a crap about loading Linux onto it, Sony shitting on homebrew devs or the drivel laws being passed like the DMCA.
I am actually against all of these things, I personally have never forgiven Sony for the rootkit fiasco. I do however think that most people do not give two shits about any of this. That is why Sony get away with doing what they do, and that is the biggest problem. There are people still out there buy PS3's by the millions and a great many of them actually support Sony clamping down on "hackers" as they think these are the same people who write cheats for online games. We here on Slashdot are a slightly better informed bunch but we are in the minority I'm afraid.
One of the things that all the people ranting against my original post seem to have missed is that I actually apportion some of the blame for shit like this straight onto the people who voted for politicians who then voted in favour of the DMCA (or the similar European Law some others have mentioned).
If everyone shared my beliefs the world would be a very different place and there are a great many CEO's who would be hanging from lampposts by their necks. On top of this the people who lynched them would be given a reward for services to the community:)
In my original post I did not say that I liked Sony doing any of this stuff. What I did try and suggest is that the entire capitalist system is fundamentally broken as it encourages this sort of behaviour from corporations.
The DMCA is nullified by the higher law known as the Constitution
Only nine people in this country know what the Constitution really means. People thought a second successive copyright term extension was unconstitutional, but the Supreme Court of the United States said otherwise.
And getting to talk to the 9 people is damn expensive as you have to go through a boat load of other judges and hire an army of lawyers first. And even then, I think there are many cases where they shit on the spirit of the constitution in order to push their agenda anyway (eg - I do not think the tax laws we now have are the same as the founding fathers intended)
Still that doesn't mean I should be arrested for modding MY console.
They do not and never have tried to have anyone arrested for this. The only time it becomes a crime is when you publish full details of how they stop people running pirated disks.
At that point you start falling foul of the DMCA. This is not something we should be berating Sony for, we should be berating the politicians that passed this DMCA muck and the people who voted for them. Get rid of the DMCA and many of these cases have no legal basis.
Companies like Sony have no choice but to do whatever they can in order to make money for their shareholders, that is their only duty in the capitalist system we live in. If they think they can make more money by being nice they will, but if they can make more money by being bastards as is usually the case then they have to do that instead.
Every single word is negative Just like he's being paid A Microsoft Ad to begin the article All other articles at bottom of page also negative towards Linux
In his defence he does try and put a sort of balanced point across as he sites some counter opinions next to each point a he raises. For instance:
When changes proposed by Ubuntu were slow to be accepted in GNOME -- some say out of hostility -- Shuttleworth began making interface changes to GNOME within Ubuntu.
In the case of the quote above though he does conveniently ignore the fact that Linus had a similar problem with the Gnome devs a few years ago.
The big problem though he he fails to recognise that most of what Ubuntu is trying to do is actually a damn good thing. The Linux kernel is a pretty good peice of software, and with modern PC's being as powerful as they are it has the making of a damn good foundation for a usable OS to complete with Windows. The problem though is that it lacks a central vision. Sometimes two projects that want to pull in different directions just need someone to step in and dictate how they should proceed. This is what Ubuntu brings to the table. In cases where the projects refuse to comply Canonical simply cut both projects loose and roll their own, and this is probably for the best. It might not be the best thing for the projects concerned, but it is the best thing for Ubuntu and if Canonical ultimately open source their own replacement projects it is damn fine thing the open source community as well.
The biggest problem with managing any project, open source or otherwise is managing the ego's of the people involved. This is particularly true of young developers who are freshly out of uni. They usually mellow a bit more with age (I know I have) but even then, nobody likes being told that the way you are going about something is wrong, even if the person telling you is absolutely right. Most of the time though, there are no absolutes and either side can be partially right. In this case compromise from both projects or developers is essential. You only need to browse a few open source mailing lists to see how hard this is for some, and when you couple this with how caustic and socially stunted many young genius developers are I am not surprised that the paid devs just opt to in house the work to people they can reprimand if they behaved in such a manner.
Hopefully, Ubuntu will succeed in its endeavours. Regardless, I do have a feeling that some of the projects they create will end up with a life of their own and be integrated into other distributions. There will always be detractors from it though some with good reasons built on sound arguments. After all, companies are like people in one way: No ones perfect, all they can do is try their best. We just need to remember that their best attempt might go in a different direction to our own.
If anyone does think they can do better than Canonical and Mark Shuttleworth then they are more than welcome to do so. Such is the joy of open source, you can take Ubuntu, and roll your own derivative distribution without Unity or whatever just like they did with Debian.
There are also many in the open source community though who like being in their own small elite cadre of users of another, more geeky OS. These people will always hate anyone who comes along and tries to make their niche OS a mainstream entity that any old fool can use.
I want, by the time this goes to trial, to have Sony facing some of the hardest hitting lawyers in the business.
I am sorry, but this really does sound like the poor kid is truly out of his depth. He really does have no idea how the real world works.
If he has a half decent case that stands a chance of winning, he could do worse than asking a few principled lawyers that I can think of for legal advice. The first one that comes to mind is Ray Beckerman, he could surely take this poor kid aside and try and explain to him from a pro-individual perspective if he stands any chance of winning against Sony in this one. I would love to think the poor kid does, but I doubt it thanks to the DMCA and god knows what other crap the US Govt has passed on behalf of the big corporations that openly bribe politicians through lobbyists.
The problem is that if he has a big puddle of cash to spend on lawyers, he will certainly find hard hitting lawyers to say his has a case and take it all the way to the supreme court, but they may be lieing just to get at his money. The only way to get really good, honest lawyers is to have a decent case and get one to take it on principle or to have a lawyer who is YOUR lawyer and represents you regularly so he want to do the right thing by you in order to keep you as a customer.
If you have a one off puddle of cash to spend on lawyers, you will get many takers who just want the puddle of case and do not care about how they get it. They may well tell you what you want to hear (ie - you stand a chance) in order to take whatever you can get in donations.
I have a 1Mb down pipe at my house. I have my P2P client throttled down to 25KB/s which I think is quite reasonable (1/5 of my theoretical maximum rate rate). There are often times that I can't even do basic web browsing because my ISP has throttled my bandwidth. I've done some minimal work to make sure I wasn't saturating my home router and such. It's the pipe. Pause my P2P client and about 5 minutes later I get back to my normal bandwidth amount.
Usually the problem is upload speed rather than download speed. I do not throttle my download speed at all but I throttle my P2P upload speed to be half of that available. This ensures that the packets that I am sending out requesting a web page always get through. The important thing to remember is that even though is that regardless of what you are doing, it requires bandwidth in both directions for the packets acknowledging the packet in the opposite direction got through.
Even though you have a 1Mb down pipe the upload speed you have is probably far smaller than that so you will usually saturate that first, especially with P2P. If they are throttling your web connections for all traffic then that is a different issue and I would switch ISP's. This discussion was about throttling torrent traffic, not all web traffic. If my ISP throttled my FPS packets and started interfering with my gaming I would ditch them like a shot.
BitTorrent claims that its service can, for example, display that most UK ISPs 'aggressively throttle BitTorrent traffic after 6 p.m. at night,' with speeds suddenly going 'off a cliff.' Suffice to say that such information could prove to be very useful for consumers and advocates of Net Neutrality."
And a jolly good thing this is too. I need my ping to be as fast as possible in order to play online first person shooters and at times when bandwidth is short I would rather they throttled stuff that would not be adversely affected by a bit of a delay and prioritised my traffic that needs to get to its destination more quickly for it to be of any use.
I also understand them prioritising web browsing over P2P as well as P2P traffic is generally far more constant over a 24 hour period. As an P2P user as well I do not mind waiting until the midnight hour for it to really let rip take advantage of the fact that other people are not using the net by then. BitTorrent will chew up as much bandwidth as you have available on 24/7 basis so ISP's have to do something or give everyone a 1:1 contention ratio. A 1:1 contention ratio would not be very efficient for the vast majority who do not use P2P at all as this bandwidth would be unused between 1am and 6am when most people are asleep.
The fact is that many people are to daft to set a realistic bandwidth limit on their P2P client so it will try and use all the available bandwidth on a 24/7 basis. If you want to do this then buy a leased line with no contention ratio. These accounts are available in most cities in the UK, they are just prohibitively expensive as most people do not need or want the extra cost involved. Instead, most internet users just want to use it for an hour or so when they finish work until they go to bed, go out later in the evening or settle down in front of the TV.
As it turns out, Anonymous isn't a bunch of 16 year old Swedish kids in their moms' basements running the LOIC. No, my friends, Anonymous knows what they are doing, and God spare your soul if you provoke them.
As with any large group, there will be a mix.
There will be plenty of the clueless 16 year old variety, and these were probably the ones that Aaron Whats-his-name is had "unmasked". We used to call this lot rentamob as they were great for bulking out numbers, being vocal and asking the questions other people wanted answering but did not want to ask themselves. The quiet ones sitting on IRC but hardly ever saying anything apart from asking people to go to a private channel when they say something interesting are probably the ones to look out for, but they probably know how to make sure their communication is both private and fairly anonymous.
PS - I know I could lookup Aaron's real surname, but he is not worth wasting my time on as my lunch break is precious.
They are giving you the original URL where the injection was used, not a link to the actual injection.
They probably replaced some of those parameters with the injection code.
page is probably how many results per page they want, and pageNav is what page they want, so probably page landed straight into a LIMIT in a sql query, without any kind of treatment. Most likely, just passing that crap through mysql_real_escape_string() would have been enough.
In the case of this both of those parameters should be restricted to being numeric only. This should be done as soon as the page reads the values from the querystring. On top of this they could use PDO or some other kind of prepared statements to provide a further level of security.
Lets not restart the argument with Jamie about prepared statements being the only way of doing things:)
Not on windows, and never used the site before. Rojadirecta.org keeps coming up with the pic of the creepy looking dude in the top left corner and the following text:
US authorities "steal" our domain rojadirecta.org and rojadirecta.com!
Fast translation to English: US authorities have blocked access to Rojadirecta.org and now also Rojadirecta.com but we continue and we will continue our service on territorial domain names such as Rojadirecta.es (.me,.in, be...).
We are now on: www.rojadirecta.me www.rojadirecta.es www.rojadirecta.in and in many other domains that are not controlled by US authorities.
Do not send e-mails to our dot com account, the new one ends on.in SPREAD our new address!
It sounds like your ISP is just caching the DNS record on its servers and not reissuing the a DNS lookup to the master DNS servers for this site. It probably means someone who shares your ISP did a DNS lookup of Rojadirecta.org before the DHS guys nicked the domain. This will persist for whatever time the DNS Time To Live was set for on the old DNS record. I can't look up what this was from here as the DNS change has already landed on my ISP.
This is why new DNS records are near instant but a DNS change to an existing site can take up to 24 hours to propagate around the world and various ISP's. If you want DNS to change more quickly you can set the TTL on your DNS to 1 second but then your DNS servers get hammered as you are preventing anyone from caching your DNS records for you, so your servers have to respond every time someone goes to your site.
The main difference is that any old fool can tell if a door is left open, but penetration testing requires specialist skill and is very expensive.
If you can find me a professional penetration testing company who charge the same hourly rate as we currently pay a janitor to go round at night and check the doors are all locked then I will give them a shitload of business and you can have a referral fee of £500. Janitors cost about £8 per hour here in London at most.
Also, if a door is left open at night the first person in the next day can easily tell, securing a website is not so easy.
So you analogy was utterly worthless from every perspective.
Emailing your users their passwords in plain text suggests that someone needs to learn some basic things about security, since he doesn't seem to me to be taking reasonable steps to comply with data protection laws.
Not sure about the US as I am a resident of the UK but our data protection laws do not prohibit sending a user their username and password in plaintext via email. I would be very surprised if any countries laws prohibit this as a great many sites send password reminders if you forget your details.
Sending an unrequested reminder on a weekly basis is however somewhat stupid but you did not mention that aspect in your post.
Slashdot Mirror
Why is that such a big deal?
One reason is that it makes it harder for someone to steal your code. With HTML5 it is all open source as you end up doing your logic in JavaScript. With flash you get to keep your code locked away from prying eyes in actionscript that is precomplied into a BLOB. Open Source is all very well, but some people actually want to write closed source applications.
You usually have to sign up for a minimum term of 1-2 years, and in return for that they throw in a free or heavily discounted phone that you can upgrade for free at the end of that 1 or 2 years. This is a very different business model to the one you bought your home PC under, so expecting it to give you the same freedom is not very realistic.
The thing is, though, that you've signed a contract - you're going to be paying the carrier for two years no matter what you do with the phone, so why do the carriers care?
Because rooting your phone often enables things like tethering your phone to a PC or letting it run as a wifi access point. This lets you use far more bandwidth than you would if you were just using the phone. Since most of the carriers forbid you from tethering your phone in this manner in the contract they generally want the software installed on the phone to also enforce this.
In my case, this is one of the most useful features of having a smartphone.
Sorry, but we shouldn't have to fight teeth and nails to get proper access to devices we buy and own.
Being locked out of our own legally purchased devices is NOT normal.
Kind of like buying a computer and not being able to do what you want with it.
With your computer you actually paid the entire cost of its manufacture yourself at the checkout without any subsidy. With things like consoles and phones most people pay less than the actual cost of its manufacture, with someone else subsidising it in some way. In the case of a console the subsidy is dealt with internally by the manufacturer of the console. In the case of a phone the subsidy is paid by the carrier.
For phones you basically end up renting more than buying in most cases. You usually have to sign up for a minimum term of 1-2 years, and in return for that they throw in a free or heavily discounted phone that you can upgrade for free at the end of that 1 or 2 years. This is a very different business model to the one you bought your home PC under, so expecting it to give you the same freedom is not very realistic.
As I have said in a previous post above, most people want a subsidised cheaper device with a little less freedom rather than pay the full upfront cost of buying a phone outright.
From TFS:
This comes at the time when HTC are also stepping up their attempts at locking down their phones . The recently released LTE flagship — ThunderBolt is their most locked-down phone to date.
The submitter should know that the HTC Thunderbolt is just a customized variant of the HTC Desire HD provided for Verizon. Locking it up is almost certainly a Verizon-demanded attribute, and not an initiative from HTC. The Desire HD is unlocked in most of the world, and I doubt if a locked version can be obtained in countries with a more enlightened phone system.
In my part of the world (the UK) I can but any phone I like unlocked. I will be able to get updates for it as soon as the handset manufacturer releases them. I will however have to pay about $500 and this is the real issue. Most people do not want to be able to root their phone, what they want instead is a subsidy from the carrier to help them afford the upfront cost of the phone. The carrier provide this subsidy but with certain strings attached.
Since the carriers end up being the largest customers of the phone manufacturers it is the carriers who can demand different features from the handsets, and the phone manufacturers have to provide them. The end users get some say, but before most phones make it to the shops they have already been vetted by the carriers for the features they want. In my country most mobile phone shops on the high street are actually owned by the carriers anyway.
The only way this will ever change is if a large enough volume of us start skipping the carriers and buying direct from the manufacturers without that subsidy. Once we are doing this in sufficient volume then the likes of HTC and Motorola will start producing the phones we want rather than the phones the carriers want. Until then they will always concentrate on pleasing their best customers and that is the likes of AT&T and Verizon, not us.
This still might not help with Motorola though as they seem to have decided they want to lock their phones up regardless. But at least then they will see they do not sell many phones to end users so may find they actually start wanting to and change. While end users only buy a small percentage of phones directly they are not even subject to the slightest commercial pressure from us.
3) two wrongs don't make a right.
GeoHot should have waited to see if the suit against Sony prevailed. Breaking into their code in violation of his license is likely an illegal act that can get him in trouble even if he did it to get back a right he thinks he had.
Personally I think you are spot on with this, but the wheels of justice turn far too slowly for the likes of some.
Chances are that by the time this was finalised by the courts the PS3 will be consigned to the scrapheap of history and been superceeded by the PS4. For many people allowing Sony to prevent them doing something when they want to do it is not an option so breaking the law is the only one left. This is especially true of young gifted hackers like Mr Hotz, patience is usually something that comes more with age.
Not according to Slashdot users. Every single time copyright infringement or copying music/movies/etc. comes up on this site, the users here overwhelmingly argue that unless there is some physical thing taken, it's OK becuase it's not theft.
Bullshit. Nobody says that.(can you provide a link to posts that do?) People correctly say that copying files is not theft. That doesn't make it "OK", it just means that if a crime has been committed, it's something else, like copyright infringement. There is a reason there is a legal term "intellectual property": because it's different to physical property and has different laws and different offences against those laws.
I have certainly seen it justified on slashdot plenty of times. Here is not very good link: http://slashdot.org/comments.pl?sid=1838938&threshold=0&commentsort=0&mode=thread&cid=34021806
If you hang around in these sorts of discussions you will certainly see plenty of people justifying the illegal copying of software or MP3s.
What's being done here is not really all that differrent from bittorrenting an MP3
It's completely different because it's being SOLD, and in the same market as the original software. The selling is the big crime.
Arguing that this has some relation to filesharing is unjustified.
How different is it from the Pirate Bay though? They used to have adverts on the site and so they did get some revenues coming in. I very much doubt they were even covering their own costs but we do not actually know for sure.
What if I took someone else's paid app and posted it to the android market as an ad supported one without their permission? Would that be ok since I was not charging for it directly? This is becoming very akin to a lot of the torrent sites as many of them are ad supported.
This is all a bit shaky for me morally speaking and if you download stuff from a bittorrent site that you not actually run for moral reasons doesn't that make you a bit hypocritical?
What's more, the outcome of that case may well directly affect that of their case against GeoHot. Is it illegal to circumvent an illegal action, or is it self-defense?
I am not sure, but this is probably the key to this whole thing. There are however a few complications:
1) GeoHot was not only interested in the OtherOS feature. When he published the root keys for the PS3 he slightly overstepped what was needed to get the OtherOS feature back and was really going a bit too far in the direction of enabling software piracy. He later removed the keys but from what I remember there was no need to publish them at all, the other keys failOverflow released did everything apart from allow a PS3 to run a pirated PS3 game.
2) The DMCA is a terrible law. It would not surprise me if even though Sony may well lose the class action suit GeoHot will still have been guilty of breaching the DMCA
In theory I can charge you for sucking my cock. That doesn't make it a rational capitalist venture.
With few exceptions, programmers of OSS get paid fuck all, with only individuals and companies that support the OSS software (often written by others) being able to make a living.
RMS's ideology is a recipe for programmers to be worth less than refuse collectors. It's somewhat popular with those that want to use software for free. Much as bittorrent is somewhat popular with those who want movies for free. OSS is rather less popular with people people that actually create software.
That is far less diplomatic than my response to his post but far better :)
Bullshit. Nothing in the 'concept of free software' stipulates giving away stuff for free - it can be charged for.
Regardless of what the licence actually allows most open source software is given away free, with any money being made on services based on top. Now I personally do not like that model as it put my job (software development) as the loss leader that can be done away with most easily. The support services are all very well but it is very easy for a company to do away with that and just wait for the OSS community to develop any features they need adding.
I like OSS software as a concept but I am also forced to earn money for rent and such like. I would rather earn my living do something I enjoy (writing code) without having to constantly justify why my company needs to contribute something back to the open source projects whose software they use.
It is very easy for some people to see open source software as anti-capitalist, regardless of what the licence actually allows.
The FBI could have planted bugs in my apartment. They could bug my landline telephone. They could point a laser device at my window and pick up voice via the vibrations. They could be following me. They could have planted a tracking device on my car.
Am I worried about this? No. Because there is no reason for the FBI to have any interest in me, and I'm not paranoid. It's certainly within the bounds of possibility, but then so is dying today by being struck by lightening. It's nothing to worry about and certainly not anything to inconvenience myself over by hiding in a cave.
RMS has mental issues.
Pretty much everything you say about yourself may be true, but I am not sure it would all apply to RMS.
The truth is that my government here in the UK has followed and eavesdropped on many people who were not exactly extremists so it would not surprise me too much if at one point the US government did keep tabs on Mr Stallman and hence give him reason to be a bit more paranoid than the rest of us.
He has spent years advocating a concept of free software that is not exactly perfectly in tune with the capitalist system as it involves giving stuff away that could be charged for. He has had personal meetings with some people like Hugo Chavez who are on a serious US state department shit list.
There is also the fact the people who are doing the monitoring are usually extreme paranoid individuals too, quite often with good reason. You only need to look at McCarthyism to realise that sometime they can either make mistakes or overstep the mark. There is also a certain amount of suspicion of anyone who does not want to be monitored and the assumption from those doing the monitoring that they have something to hide.
In light of this I find it quite easy to believe that he has spent at least some small period of time on some sort of state department watch list.
From a personal perspective though I have long since decided that none of this is really worth bothering about though as I have nothing to hide. If some big brother really want to track me then let them, it will just be a big waste of money though as my life is really not that interesting.
Apparently, the fuel rods are exposed and undercooled now. We should brace for a meltdown, which (fortunately) won't be as much of a disaster as Chernobyl. It will be obviously worse than Three Mile Island, though. Let's hope that the population has evacuated the region.
Normally I wouldn't reply to ignorant AC's but this takes the biscuit.
About the only good thing about Chernobyl was that it was inland so the meltdown did not reach the water table. In this case we have a Nuclear Reactor going critical right on the edge of an ocean. If this reactor melts down there is a very real risk it will contaminate the worlds oceans with radioactive waste. That will be a lot worse.
Also, I would be interested to know how much this thing could raise the temperature of the worlds oceans by, if at all. If anyone has any actual information please post a link (or a huge amount of maths justifying their theory)
"Google Releases Stable Version of Chrome 10"
Is it really this hard for /. editors to use the handy little search function this site provides and see if a story is a dupe? This story was even posted two days ago (albeit on a different website but it's pretty much the same thing).
People like yourself who are too lazy to read full articles love whining about dupes. The problem is that this is not a dupe. The article the other day was about Chrome 10 being released, this article is because someone actually bothered to benchmark it.
Whether someone benchmarking it is news worthy is a different question but you did not ask it, instead you just carped on about something being a dupe without reading it to see if it contained any new information. Quite often news outlets run a story that is very similar to one they ran previously if they have new information that was not available at the time they wrote the original.
>> Companies like Sony have no choice but to do whatever they can in order to make money for their shareholders..
It's not their fault for being evil. They were made that way. We should let them screw us. It's just how they do things.
Saying is not their fault is not the same thing as saying we should let the behaviour continue. They are entirely different. You can try and change someone's point of view without blaming them for hold that point of view in the first place.
I know why corporations screw us and I understand it. That does not mean I want them to carry on doing it I just think that blaming a single corporation is futile when the entire system is broken.
That "duty to the shareholders" you talk about? If unethical behavior actually resulted in losses, then duty to the shareholders would prevent it.
Exactly. But unfortunately it does not as most PS3 customers do not give a crap about loading Linux onto it, Sony shitting on homebrew devs or the drivel laws being passed like the DMCA.
I am actually against all of these things, I personally have never forgiven Sony for the rootkit fiasco. I do however think that most people do not give two shits about any of this. That is why Sony get away with doing what they do, and that is the biggest problem. There are people still out there buy PS3's by the millions and a great many of them actually support Sony clamping down on "hackers" as they think these are the same people who write cheats for online games. We here on Slashdot are a slightly better informed bunch but we are in the minority I'm afraid.
One of the things that all the people ranting against my original post seem to have missed is that I actually apportion some of the blame for shit like this straight onto the people who voted for politicians who then voted in favour of the DMCA (or the similar European Law some others have mentioned).
If everyone shared my beliefs the world would be a very different place and there are a great many CEO's who would be hanging from lampposts by their necks. On top of this the people who lynched them would be given a reward for services to the community :)
In my original post I did not say that I liked Sony doing any of this stuff. What I did try and suggest is that the entire capitalist system is fundamentally broken as it encourages this sort of behaviour from corporations.
The DMCA is nullified by the higher law known as the Constitution
Only nine people in this country know what the Constitution really means. People thought a second successive copyright term extension was unconstitutional, but the Supreme Court of the United States said otherwise.
And getting to talk to the 9 people is damn expensive as you have to go through a boat load of other judges and hire an army of lawyers first. And even then, I think there are many cases where they shit on the spirit of the constitution in order to push their agenda anyway (eg - I do not think the tax laws we now have are the same as the founding fathers intended)
Still that doesn't mean I should be arrested for modding MY console.
They do not and never have tried to have anyone arrested for this. The only time it becomes a crime is when you publish full details of how they stop people running pirated disks.
At that point you start falling foul of the DMCA. This is not something we should be berating Sony for, we should be berating the politicians that passed this DMCA muck and the people who voted for them. Get rid of the DMCA and many of these cases have no legal basis.
Companies like Sony have no choice but to do whatever they can in order to make money for their shareholders, that is their only duty in the capitalist system we live in. If they think they can make more money by being nice they will, but if they can make more money by being bastards as is usually the case then they have to do that instead.
Every single word is negative
Just like he's being paid
A Microsoft Ad to begin the article
All other articles at bottom of page also negative towards Linux
I say this guy's a troll in the first degree
ciao
burdicda
Well you can be damn sure he isn't writing that drivel for nothing. Here is a wikipedia page on him though: http://en.wikipedia.org/wiki/Bruce_Byfield
In his defence he does try and put a sort of balanced point across as he sites some counter opinions next to each point a he raises. For instance:
When changes proposed by Ubuntu were slow to be accepted in GNOME -- some say out of hostility -- Shuttleworth began making interface changes to GNOME within Ubuntu.
In the case of the quote above though he does conveniently ignore the fact that Linus had a similar problem with the Gnome devs a few years ago.
The big problem though he he fails to recognise that most of what Ubuntu is trying to do is actually a damn good thing. The Linux kernel is a pretty good peice of software, and with modern PC's being as powerful as they are it has the making of a damn good foundation for a usable OS to complete with Windows. The problem though is that it lacks a central vision. Sometimes two projects that want to pull in different directions just need someone to step in and dictate how they should proceed. This is what Ubuntu brings to the table. In cases where the projects refuse to comply Canonical simply cut both projects loose and roll their own, and this is probably for the best. It might not be the best thing for the projects concerned, but it is the best thing for Ubuntu and if Canonical ultimately open source their own replacement projects it is damn fine thing the open source community as well.
The biggest problem with managing any project, open source or otherwise is managing the ego's of the people involved. This is particularly true of young developers who are freshly out of uni. They usually mellow a bit more with age (I know I have) but even then, nobody likes being told that the way you are going about something is wrong, even if the person telling you is absolutely right. Most of the time though, there are no absolutes and either side can be partially right. In this case compromise from both projects or developers is essential. You only need to browse a few open source mailing lists to see how hard this is for some, and when you couple this with how caustic and socially stunted many young genius developers are I am not surprised that the paid devs just opt to in house the work to people they can reprimand if they behaved in such a manner.
Hopefully, Ubuntu will succeed in its endeavours. Regardless, I do have a feeling that some of the projects they create will end up with a life of their own and be integrated into other distributions. There will always be detractors from it though some with good reasons built on sound arguments. After all, companies are like people in one way: No ones perfect, all they can do is try their best. We just need to remember that their best attempt might go in a different direction to our own.
If anyone does think they can do better than Canonical and Mark Shuttleworth then they are more than welcome to do so. Such is the joy of open source, you can take Ubuntu, and roll your own derivative distribution without Unity or whatever just like they did with Debian.
There are also many in the open source community though who like being in their own small elite cadre of users of another, more geeky OS. These people will always hate anyone who comes along and tries to make their niche OS a mainstream entity that any old fool can use.
I want, by the time this goes to trial, to have Sony facing some of the hardest hitting lawyers in the business.
I am sorry, but this really does sound like the poor kid is truly out of his depth. He really does have no idea how the real world works.
If he has a half decent case that stands a chance of winning, he could do worse than asking a few principled lawyers that I can think of for legal advice. The first one that comes to mind is Ray Beckerman, he could surely take this poor kid aside and try and explain to him from a pro-individual perspective if he stands any chance of winning against Sony in this one. I would love to think the poor kid does, but I doubt it thanks to the DMCA and god knows what other crap the US Govt has passed on behalf of the big corporations that openly bribe politicians through lobbyists.
The problem is that if he has a big puddle of cash to spend on lawyers, he will certainly find hard hitting lawyers to say his has a case and take it all the way to the supreme court, but they may be lieing just to get at his money. The only way to get really good, honest lawyers is to have a decent case and get one to take it on principle or to have a lawyer who is YOUR lawyer and represents you regularly so he want to do the right thing by you in order to keep you as a customer.
If you have a one off puddle of cash to spend on lawyers, you will get many takers who just want the puddle of case and do not care about how they get it. They may well tell you what you want to hear (ie - you stand a chance) in order to take whatever you can get in donations.
I have a 1Mb down pipe at my house. I have my P2P client throttled down to 25KB/s which I think is quite reasonable (1/5 of my theoretical maximum rate rate). There are often times that I can't even do basic web browsing because my ISP has throttled my bandwidth. I've done some minimal work to make sure I wasn't saturating my home router and such. It's the pipe. Pause my P2P client and about 5 minutes later I get back to my normal bandwidth amount.
Usually the problem is upload speed rather than download speed. I do not throttle my download speed at all but I throttle my P2P upload speed to be half of that available. This ensures that the packets that I am sending out requesting a web page always get through. The important thing to remember is that even though is that regardless of what you are doing, it requires bandwidth in both directions for the packets acknowledging the packet in the opposite direction got through.
Even though you have a 1Mb down pipe the upload speed you have is probably far smaller than that so you will usually saturate that first, especially with P2P. If they are throttling your web connections for all traffic then that is a different issue and I would switch ISP's. This discussion was about throttling torrent traffic, not all web traffic. If my ISP throttled my FPS packets and started interfering with my gaming I would ditch them like a shot.
BitTorrent claims that its service can, for example, display that most UK ISPs 'aggressively throttle BitTorrent traffic after 6 p.m. at night,' with speeds suddenly going 'off a cliff.' Suffice to say that such information could prove to be very useful for consumers and advocates of Net Neutrality."
And a jolly good thing this is too. I need my ping to be as fast as possible in order to play online first person shooters and at times when bandwidth is short I would rather they throttled stuff that would not be adversely affected by a bit of a delay and prioritised my traffic that needs to get to its destination more quickly for it to be of any use.
I also understand them prioritising web browsing over P2P as well as P2P traffic is generally far more constant over a 24 hour period. As an P2P user as well I do not mind waiting until the midnight hour for it to really let rip take advantage of the fact that other people are not using the net by then. BitTorrent will chew up as much bandwidth as you have available on 24/7 basis so ISP's have to do something or give everyone a 1:1 contention ratio. A 1:1 contention ratio would not be very efficient for the vast majority who do not use P2P at all as this bandwidth would be unused between 1am and 6am when most people are asleep.
The fact is that many people are to daft to set a realistic bandwidth limit on their P2P client so it will try and use all the available bandwidth on a 24/7 basis. If you want to do this then buy a leased line with no contention ratio. These accounts are available in most cities in the UK, they are just prohibitively expensive as most people do not need or want the extra cost involved. Instead, most internet users just want to use it for an hour or so when they finish work until they go to bed, go out later in the evening or settle down in front of the TV.
As it turns out, Anonymous isn't a bunch of 16 year old Swedish kids in their moms' basements running the LOIC. No, my friends, Anonymous knows what they are doing, and God spare your soul if you provoke them.
As with any large group, there will be a mix.
There will be plenty of the clueless 16 year old variety, and these were probably the ones that Aaron Whats-his-name is had "unmasked". We used to call this lot rentamob as they were great for bulking out numbers, being vocal and asking the questions other people wanted answering but did not want to ask themselves. The quiet ones sitting on IRC but hardly ever saying anything apart from asking people to go to a private channel when they say something interesting are probably the ones to look out for, but they probably know how to make sure their communication is both private and fairly anonymous.
PS - I know I could lookup Aaron's real surname, but he is not worth wasting my time on as my lunch break is precious.
They are giving you the original URL where the injection was used, not a link to the actual injection.
They probably replaced some of those parameters with the injection code.
page is probably how many results per page they want, and pageNav is what page they want, so probably page landed straight into a LIMIT in a sql query, without any kind of treatment. Most likely, just passing that crap through mysql_real_escape_string() would have been enough.
In the case of this both of those parameters should be restricted to being numeric only. This should be done as soon as the page reads the values from the querystring. On top of this they could use PDO or some other kind of prepared statements to provide a further level of security.
Lets not restart the argument with Jamie about prepared statements being the only way of doing things :)
Not on windows, and never used the site before. Rojadirecta.org keeps coming up with the pic of the creepy looking dude in the top left corner and the following text:
US authorities "steal" our domain rojadirecta.org and rojadirecta.com!
Fast translation to English: US authorities have blocked access to Rojadirecta.org and now also Rojadirecta.com but we continue and we will continue our service on territorial domain names such as Rojadirecta.es (.me, .in, be...).
We are now on: www.rojadirecta.me www.rojadirecta.es www.rojadirecta.in and in many other domains that are not controlled by US authorities.
Do not send e-mails to our dot com account, the new one ends on .in
SPREAD our new address!
It sounds like your ISP is just caching the DNS record on its servers and not reissuing the a DNS lookup to the master DNS servers for this site. It probably means someone who shares your ISP did a DNS lookup of Rojadirecta.org before the DHS guys nicked the domain. This will persist for whatever time the DNS Time To Live was set for on the old DNS record. I can't look up what this was from here as the DNS change has already landed on my ISP.
This is why new DNS records are near instant but a DNS change to an existing site can take up to 24 hours to propagate around the world and various ISP's. If you want DNS to change more quickly you can set the TTL on your DNS to 1 second but then your DNS servers get hammered as you are preventing anyone from caching your DNS records for you, so your servers have to respond every time someone goes to your site.
http://www.ntchosting.com/dns/ttl.html
The main difference is that any old fool can tell if a door is left open, but penetration testing requires specialist skill and is very expensive.
If you can find me a professional penetration testing company who charge the same hourly rate as we currently pay a janitor to go round at night and check the doors are all locked then I will give them a shitload of business and you can have a referral fee of £500. Janitors cost about £8 per hour here in London at most.
Also, if a door is left open at night the first person in the next day can easily tell, securing a website is not so easy.
So you analogy was utterly worthless from every perspective.
Emailing your users their passwords in plain text suggests that someone needs to learn some basic things about security, since he doesn't seem to me to be taking reasonable steps to comply with data protection laws.
Not sure about the US as I am a resident of the UK but our data protection laws do not prohibit sending a user their username and password in plaintext via email. I would be very surprised if any countries laws prohibit this as a great many sites send password reminders if you forget your details.
Sending an unrequested reminder on a weekly basis is however somewhat stupid but you did not mention that aspect in your post.