Nadella hints that LinkedIn will help play into its Office software in the future. One feature will be LinkedIn's newsfeed "that serves up articles based on the project you are working on and Office suggesting an expert to connect with via LinkedIn to help with a task you're trying to complete."
I'll be honest, that's one feature I've never ever wanted in Office. He's insane.
And you don't think there are plenty of more vulns that haven't been found yet?
SQL Injections should never happen if the developers have any kind of security knowledge. If you think 'hardening' a system with SQL Injection vulnerabilities is 'not difficult' you're dumb as a brick when it comes to security: you're the same kind of person who would install TrendMicro antivirus and think you've made the system safer.
Following a script that makes you feel secure is not hard, but don't deceive yourself into thinking it's actually secure.
Yes, and that is really frustrating to me, personally. I always do my best estimate, and then add some time for padding. When I finish right on my estimate, my boss is happy, but I secretly know that I've gone over my true estimate!
A DOS. Hmmmm, might have to close your browser.
More likely it would be used as part of some kind of social engineering, "Click this to Clean Your Computer" or something.
You can be sure that FBI profilers are sitting there saying, "Oh, looks like we have a new type of profile for terrorists" and trying to come up with all kinds of ways to recognize it.
Whether it will be any more effective than any other method, I have no idea. Even if it is more effective, it's not like they can put him in jail before he does a crime.
Mateen's ex-wife told the Washington Post that he was abusive and mentally unstable. "He was not a stable person," she said, speaking to the paper on the condition of anonymity.
Great job preserving that anonymity, WP, well done.
Looks like the story of a guy who was disenfranchised from the world, had trouble holding a job, worked as a private security guard then lost his license; maybe a bit unstable mentally, surrounded by propaganda from a certain group of terrorists, believing he had nothing to lose, and being seduced into believing he was doing something better for the world.
I don't know how to help these guys, he abused his wife so he wasn't a particularly great guy.
Well, actually your comment shows some of the best understanding I've read of the topic on Slashdot. So good job.
The total amount that was actually used from Oracle's API code was very tiny, less than 0.2%,
The size is mostly irrelevant though. In one case (Harper & Row v. Nation Enterprises) someone copied 400 words out of a 200,000 word book (the supreme court ruled against them). As one judge said, "you can't escape guilt by showing how much you didn't copy." You have to look at the importance of the copying, and whether they used more than necessary for the purpose.
Google's use was also transformative. They selected out a useful subset of the Java API, rewrote all of the actual implementation and documentation (97% of the code), then wrote a whole lot more more new APIs
That's not really what is meant by transformative. Here Google's approach was to say, "Before we did this, Java couldn't be used on mobile. We created a new work that allowed people to use Java on mobile." Oracle's counter-argument was to show phones that did have J2SE on mobile (SavaJe, Blackberry).
The nature of the copyrighted work was highly functional, a factor strongly in favor of fair use
Oracle's counter to this was to quote Google's own expert witness, Joshua Bloch, who said, "Writing a program is very much a creative process," and more (see hereand here). The appellate court also pointed out that just because cod is functional, that doesn't prevent it from being creative (otherwise basically no code could be copyrighted, since it's all functional).
It most certainly was for interoperability, otherwise there was no reason to use it at all.
It didn't pass the Sun Java test suite (if it had, there wouldn't have been a problem). Google didn't push this argument as much as I expected them to in court, I'm not sure why.
As for market impact, Oracle had OpenJDK available for free as well, licensed under GPLv2+CE.
The court is supposed to look at potential income lost here. If your argument were correct, it would mean the GPL is meaningless because anyone could claim the market value was zero. You can't just take code and not follow the license.
Google is indeed for profit, however giving away the code (including source code) at no cost isn't particularly indicative of commercial use and exploitation.
That's Google's argument. Oracle counter-argued that Google made plenty of money from Android, and showed quotes from internal emails saying that if Google hadn't used Java, they wouldn't have been able to bring Android to market in time, for example, "It is widely believed by that if an open platform is not introduced in the next few years then Microsoft will own the programmable handset platform" and "we have two options: 1) Abandon our work and adopt MSFT C# language, or 2) Do Java anyway and defend our decision, perhaps making enemies along the way."
In this case, the CAFC made the whole process of clean room implementation impossible anyway.
I don't know why you think this. clean room is a technique to ensure that no more was copied than necessary, which would weigh favorably on fair use factor three (or at least prevent it from weighing negatively, since the amount copied is at best a neutral factor).
Fred Brooks famously pointed out that, "If you have a small team of competent developers, any development methodology can work." 'Competent' here means largely soft skills: things like being able to plan, and reach your plan on time (or recognize when the plan will be behind schedule as soon as possible). Agile is fine, but not-agile is ok too.
Actually I've been reading through a lot of Agile consultant training lately (had to go to the training myself, too), and I see a clear divide. Some of them are focused on process.....they say, "here follow these steps and everything will turn out well." Those are garbage. The other one is focused on improving the skills of the developers, basically teaching them soft skills (here's one example). Those work better.
Wordpress may be been a security nightmare a new years ago, but has steadily gotten better with security, and, at this point has the smoothest updating process, security-minded developers,
Security is not something you can bolt on after the fact, you have to build it in to the very base of your system. When you're getting SQL injections, it's not because your code is popular, it's because the programmers suck. Fast updates are not a replacement for security.
It's kind of pointless to write an article about an ancient Greek text that was found if you don't report what the text actually said.
Bonus points if you present a translation of the text, which neither article linked to actually does. (Most likely because the researchers aren't sure what the text actually says).
Over and over again, throughout centuries, throughout all of written history, we've found that the police (and people in general) can't be trusted with this kind of power.
Over those millennia we've tried many different systems, and developed a way to let police catch bad guys while giving them restraints from hurting good people. Our system isn't perfect, but it's a careful balance built over a lot of experience. And now these guys want to upend that balance.
They are more in the problem set than in the solution set.
So it got to be this reporting-fuckfest done mainly to plump up the work logs to make it appear we were doing something. And we were doing something: we were filling out shitloads of "what I did" reports, which took away from the time we needed to actually accomplish our goals. Fucking insane.
Seriously, what kind of head injuries do the people at Microsoft have??
It's called "product management." It results in diminished quality everywhere it is used, because it relieves the developers from the responsibility of thinking about the quality of what they are building.
So just on my team, these are the people who came to every single planning meeting about this feature:
1 program manager
1 developer
1 developer lead
2 testers
1 test lead
1 UI designer
1 user experience expert
--
8 people total
These planning meetings happened every week, for the entire year I worked on Windows.
The advantages of this system are: better top-down control, and you can hire less competent developers (who have not the skillset of thinking about what they are building).
Yeah, the endorsement thing is a little ridiculous, however, I thought that you had to first put those skills on your profile.
No, you don't. I've been endorsed for skills I do not possess, nor do I desire to possess.
Nadella hints that LinkedIn will help play into its Office software in the future. One feature will be LinkedIn's newsfeed "that serves up articles based on the project you are working on and Office suggesting an expert to connect with via LinkedIn to help with a task you're trying to complete."
I'll be honest, that's one feature I've never ever wanted in Office. He's insane.
they have to be cut loose in 72 hours in order to protect their right to be mentally ill and unmedicated
In fairness to the court, doctors were unable to demonstrate that they can distinguish between mentally well and mentally ill people. See for example
And you don't think there are plenty of more vulns that haven't been found yet?
SQL Injections should never happen if the developers have any kind of security knowledge. If you think 'hardening' a system with SQL Injection vulnerabilities is 'not difficult' you're dumb as a brick when it comes to security: you're the same kind of person who would install TrendMicro antivirus and think you've made the system safer.
Following a script that makes you feel secure is not hard, but don't deceive yourself into thinking it's actually secure.
Yeah, but there would be drunken shootings all over the place if guns were allowed. It would be more than in that one night club.
Yes, and that is really frustrating to me, personally. I always do my best estimate, and then add some time for padding. When I finish right on my estimate, my boss is happy, but I secretly know that I've gone over my true estimate!
A DOS. Hmmmm, might have to close your browser.
More likely it would be used as part of some kind of social engineering, "Click this to Clean Your Computer" or something.
we need an invasive search for mental health issues
That will discourage people who need help from getting it.
You can be sure that FBI profilers are sitting there saying, "Oh, looks like we have a new type of profile for terrorists" and trying to come up with all kinds of ways to recognize it.
Whether it will be any more effective than any other method, I have no idea. Even if it is more effective, it's not like they can put him in jail before he does a crime.
state laws in the US typically prohibit possession of guns wherever alcohol is served
That's probably a good thing.
Mateen's ex-wife told the Washington Post that he was abusive and mentally unstable. "He was not a stable person," she said, speaking to the paper on the condition of anonymity.
Great job preserving that anonymity, WP, well done.
Looks like the story of a guy who was disenfranchised from the world, had trouble holding a job, worked as a private security guard then lost his license; maybe a bit unstable mentally, surrounded by propaganda from a certain group of terrorists, believing he had nothing to lose, and being seduced into believing he was doing something better for the world.
I don't know how to help these guys, he abused his wife so he wasn't a particularly great guy.
-evidence based policy
That doesn't always work fwiw
The total amount that was actually used from Oracle's API code was very tiny, less than 0.2%,
The size is mostly irrelevant though. In one case (Harper & Row v. Nation Enterprises) someone copied 400 words out of a 200,000 word book (the supreme court ruled against them). As one judge said, "you can't escape guilt by showing how much you didn't copy." You have to look at the importance of the copying, and whether they used more than necessary for the purpose.
Google's use was also transformative. They selected out a useful subset of the Java API, rewrote all of the actual implementation and documentation (97% of the code), then wrote a whole lot more more new APIs
That's not really what is meant by transformative. Here Google's approach was to say, "Before we did this, Java couldn't be used on mobile. We created a new work that allowed people to use Java on mobile." Oracle's counter-argument was to show phones that did have J2SE on mobile (SavaJe, Blackberry).
The nature of the copyrighted work was highly functional, a factor strongly in favor of fair use
Oracle's counter to this was to quote Google's own expert witness, Joshua Bloch, who said, "Writing a program is very much a creative process," and more (see here and here). The appellate court also pointed out that just because cod is functional, that doesn't prevent it from being creative (otherwise basically no code could be copyrighted, since it's all functional).
It most certainly was for interoperability, otherwise there was no reason to use it at all.
It didn't pass the Sun Java test suite (if it had, there wouldn't have been a problem). Google didn't push this argument as much as I expected them to in court, I'm not sure why.
As for market impact, Oracle had OpenJDK available for free as well, licensed under GPLv2+CE.
The court is supposed to look at potential income lost here. If your argument were correct, it would mean the GPL is meaningless because anyone could claim the market value was zero. You can't just take code and not follow the license.
Google is indeed for profit, however giving away the code (including source code) at no cost isn't particularly indicative of commercial use and exploitation.
That's Google's argument. Oracle counter-argued that Google made plenty of money from Android, and showed quotes from internal emails saying that if Google hadn't used Java, they wouldn't have been able to bring Android to market in time, for example, "It is widely believed by that if an open platform is not introduced in the next few years then Microsoft will own the programmable handset platform" and "we have two options: 1) Abandon our work and adopt MSFT C# language, or 2) Do Java anyway and defend our decision, perhaps making enemies along the way."
In this case, the CAFC made the whole process of clean room implementation impossible anyway.
I don't know why you think this. clean room is a technique to ensure that no more was copied than necessary, which would weigh favorably on fair use factor three (or at least prevent it from weighing negatively, since the amount copied is at best a neutral factor).
Fred Brooks famously pointed out that, "If you have a small team of competent developers, any development methodology can work." 'Competent' here means largely soft skills: things like being able to plan, and reach your plan on time (or recognize when the plan will be behind schedule as soon as possible). Agile is fine, but not-agile is ok too.
Actually I've been reading through a lot of Agile consultant training lately (had to go to the training myself, too), and I see a clear divide. Some of them are focused on process.....they say, "here follow these steps and everything will turn out well." Those are garbage. The other one is focused on improving the skills of the developers, basically teaching them soft skills (here's one example). Those work better.
(The sole developer who submitted a 256-page design doc — most design docs are promises on napkins — got their video game done on time.)
That's an example of BDUF.....Joel would be so happy.
Wordpress may be been a security nightmare a new years ago, but has steadily gotten better with security, and, at this point has the smoothest updating process, security-minded developers,
Unless you consider seven new vulnerabilities in the last 20 days to be secure, you are horribly, horribly wrong. There was a remote SQL injection found in November.
Security is not something you can bolt on after the fact, you have to build it in to the very base of your system. When you're getting SQL injections, it's not because your code is popular, it's because the programmers suck. Fast updates are not a replacement for security.
Oh dang it, I knew I should have rtfm
Followed by "pendejos todavia no arregalaron utf-8??" (those friendly fellows still didn't fix utf-8??)
It's actually kind of amazing Microsoft held together at all, considering how bad their management style is.
It's kind of pointless to write an article about an ancient Greek text that was found if you don't report what the text actually said.
Bonus points if you present a translation of the text, which neither article linked to actually does. (Most likely because the researchers aren't sure what the text actually says).
Over and over again, throughout centuries, throughout all of written history, we've found that the police (and people in general) can't be trusted with this kind of power.
Over those millennia we've tried many different systems, and developed a way to let police catch bad guys while giving them restraints from hurting good people. Our system isn't perfect, but it's a careful balance built over a lot of experience. And now these guys want to upend that balance.
They are more in the problem set than in the solution set.
We thought Obama was that candidate.
But somehow that doesn't stop you from believing that Sanders is "the one?" Hint: "the one" doesn't exist.
So it got to be this reporting-fuckfest done mainly to plump up the work logs to make it appear we were doing something. And we were doing something: we were filling out shitloads of "what I did" reports, which took away from the time we needed to actually accomplish our goals. Fucking insane.
Did anyone read them?
Seriously, what kind of head injuries do the people at Microsoft have??
It's called "product management." It results in diminished quality everywhere it is used, because it relieves the developers from the responsibility of thinking about the quality of what they are building.
Here's an example of the special Microsoft version of this disease:
So just on my team, these are the people who came to every single planning meeting about this feature:
1 program manager
1 developer
1 developer lead
2 testers
1 test lead
1 UI designer
1 user experience expert
--
8 people total
These planning meetings happened every week, for the entire year I worked on Windows.
The advantages of this system are: better top-down control, and you can hire less competent developers (who have not the skillset of thinking about what they are building).