Snakes watch TV? In their living rooms? With really small really low TV trays? And amazingly tiny TV remotes?
/boggle
OK, I could see why they'd avoid the whole "sit-down dinner" thing; I'm not an insensitive clod and can sympathize that whole "can't sit, no legs" awkwardness. But c'mon, parked in front of the TV? That's almost as sad as newts choking down bites of fast food in their mother's basements during "AFK" moments in their favorite MMORPG.
Muscles have to go under tension to become denser.
Tension is overrated. The best beef I've ever had was pretty relaxed. Fed beer, sake, and high-quality grain; massaged regularly... Dang, I might sign up for such treatment even if I knew I'd be slaughtered and butchered after a few years.
Don't forget, too, that the toolchain you're using to do your diagnostics can be the source of the hack.
...You can't trust code that you did
not totally create yourself. (Especially code from companies
that employ people like me.) No amount of
source-level verification or scrutiny will protect you
from using untrusted code. In demonstrating the possibility
of this kind of attack, I picked on the C compiler.
I could have picked on any program-handling program
such as an assembler, a loader, or even hardware microcode.
As the level of program gets lower, these bugs
will be harder and harder to detect. A well-installed
microcode bug will be almost impossible to detect.
I've got a current release of Fedora running in a VM that I installed a few weeks ago.
To borrow a phrase, "Well, there's your problem!"
Semi-seriously. In my experience, Fedora is fidgety. Red Hat products are fairly fidgety in general, but I set up CentOS on the household server and treat it like a server: it needs routine care and feeding. It needs cursory log inspection. It needs basic maintenance. I don't multi-boot it. I don't reboot it at all. It ticks over, warm and happy, serving files and email and whatnot.
For desktops, Kubuntu 8.04LTS. No touchiness, no grouchiness, minimal hand-holding.
rtm's dad, who was a crypto hacker himself, so they all weren't entirely unbiased about the incident.
I've often wondered about that myself, both before I became a father (and therefore put myself into rtm's place) and after (when I put myself into Morris Sr.'s place).
The scenario pretty much involved Sr. saying "My kid did what?!
MICR toner for laser printers: as little as $60. Your first forged check will pay this off. And the laser printer you used, if you had to buy one. And all the paper.
If I read TFA correctly, what Microsoft does with this "Device Stage" thingie is not much at issue. What the hardware manufacturers do is critical.
Microsoft is essentially handing control of the Device Stage screen to the hardware manufacturers, allowing them to embed links to their online services and client software.
On the one hand, it's a perfect opportunity to make life easier for consumers, by opening their eyes to features and services that apply to their particular model. On the other, it could be used as little more than a cheap form of advertising, with manufacturers attempting to lock consumers into their own proprietary software and services.
I'm curious. Do you mind explaining your basis of distinction between those two terms, because they're not necessarily mutually exclusive.
IMHO, "Sociopathic asshole" goes to motive, while "script kiddie" goes to means.
But again, I'd be curious to hear your point of view.
Re:1000 mph speed, 100 gallons per mile efficiency
on
1000-mph Car Planned
·
· Score: 1
Look, if you're going to be pedantic, try the saving grace of being correct.
A land vehicule designed for the transportation of people
"transportation of people"... plural... which, unless you know of any kind of land vehicle with two primary driver positions, incontrovertibly means at least one passenger.
I read the blog entry, and this little piece of spin doctoring amazed and amused me:
The bug is a stack-based buffer overflow inside a loop; finding buffer overruns in loops, especially complex loops, is difficult to detect with a high degree of probability without producing many false positives.
Gosh...
(stack size)/(stack frame size) = number of iterations before stack overrun.
They claim they fuzz test, but it seems pretty obvious not nearly hard enough. And they need explicit out-of-bounds exception tests. Every stack-based process thread based on externally-provided input has to be, to destruction.
The blog calls this a "onesie - twosie" bug, but I suspect it's actually the harbinger of an entire class of as-yet unexplored path string processing bugs.
Well, about the time that organized Christianity was the same "age" as Islam is now, they were murdering people for blasphemy and going to holy war, ostensibly for the sake of their religion.*
As shallow as it sounds, even to my ears, I'm inclined to say "It's a phase they'll grow out of."
*Not like those tendencies are completely eradicated in Christendom today...
Well, some PvP fights you just can't win... differences in gear, disparity in skill, that kind of thing. I mean, to be blatantly obvious, I am awful at PvP in WoW, because I don't play enough to not panic and lose my combat skills in a PvP situation. Also because I don't play enough to have good gear in a PvP situation.
So, logically, if you can't win in-game, win IRL. Think outside the box.
Pretty seriously wrong.
(Although I'll admit to wishing some pretty terrible RL fates on the d-bag players camping me for hours straight.)
That's interesting. Funny, but at its heart, interesting.
TFA's author seems to think folks will stop doing things for the love of it, only for money.
What about sex? Last I looked, doing that for money was... frowned upon, at the least.
So, what's the economic case for sex? What market good does it do?
Really, I know a lot of OSS geeks who get the same personal value from open source contribution as they would from sex (if they could get that): self-validation, positive relations (some of the time) with willing partners, a nice glow from post-commit satisfaction...
And, let's face it, in both cases, screw up once and you're supporting your love child for the rest of your life.
What I called bullshit on was the claim that by seizing the gang's trademark they would somehow be able to prevent the gang members from wearing jackets with the logo on it. Trademark law doesn't work like that.
Lolwut? Trademark law explicitly permits seizure of counterfeit goods. In this context, counterfeit goods are those displaying a trademark in violation of the rights of the trademark holder. After the RICO action, the tradmark holder is the U. S. Government, so only they can display the MONGOLS' former logo. Anyone else displaying it is counterfeiting.
Or, at least, I'd suspect that's the legal theory. IANAL, but just reading through the back history of trademark laws (for instance, the Lanham Act).
BTW, even if you think that "counterfeiting" is an inappropriate term, any trademark dilution or infringement can be subject to seizure and destruction of infringing article. So yeah, the Mongols may be losing their jackets. (Not right away; if I'm reading the law right, it takes a substantial judicial process to ask for seizure and have it executed.)
Truly a great American.
Snakes watch TV? In their living rooms? With really small really low TV trays? And amazingly tiny TV remotes?
/boggle
OK, I could see why they'd avoid the whole "sit-down dinner" thing; I'm not an insensitive clod and can sympathize that whole "can't sit, no legs" awkwardness. But c'mon, parked in front of the TV? That's almost as sad as newts choking down bites of fast food in their mother's basements during "AFK" moments in their favorite MMORPG.
Muscles have to go under tension to become denser.
Tension is overrated. The best beef I've ever had was pretty relaxed. Fed beer, sake, and high-quality grain; massaged regularly... Dang, I might sign up for such treatment even if I knew I'd be slaughtered and butchered after a few years.
Don't forget, too, that the toolchain you're using to do your diagnostics can be the source of the hack.
-- Ken Thompson, Reflections on Trusting Trust
I've got a current release of Fedora running in a VM that I installed a few weeks ago.
To borrow a phrase, "Well, there's your problem!"
Semi-seriously. In my experience, Fedora is fidgety. Red Hat products are fairly fidgety in general, but I set up CentOS on the household server and treat it like a server: it needs routine care and feeding. It needs cursory log inspection. It needs basic maintenance. I don't multi-boot it. I don't reboot it at all. It ticks over, warm and happy, serving files and email and whatnot.
For desktops, Kubuntu 8.04LTS. No touchiness, no grouchiness, minimal hand-holding.
YMMV, but that's my experience.
-----
*Thanks, Adam and Jamie.
rtm's dad, who was a crypto hacker himself, so they all weren't entirely unbiased about the incident.
I've often wondered about that myself, both before I became a father (and therefore put myself into rtm's place) and after (when I put myself into Morris Sr.'s place).
The scenario pretty much involved Sr. saying "My kid did what?!
it's not safe to send mail unless you pay us some more to make it safe.
What's the word for that? Hmm... Hmm... Oh, yeah, "protection"
The damn bar on check forgery is too low.
You're using an entire server, complete with associated on-line magnetic storage, as a glorified floppy disk?
Wow.
Back that stuff up to tape or permanent optical media and decommision that junk.
I suppose someone proposed that, and got shot down as being too effort-intensive (compared to just letting the server sit).
Seems kinda sad to me.
It hits so many different nerves, case-by-case.
I wonder how the Great Firewall of America will be characterized?
If I read TFA correctly, what Microsoft does with this "Device Stage" thingie is not much at issue. What the hardware manufacturers do is critical.
I'm betting the latter. Do I have any takers?
Yup, as planned for ITER.
Thanks, Andrei
I'm curious. Do you mind explaining your basis of distinction between those two terms, because they're not necessarily mutually exclusive.
IMHO, "Sociopathic asshole" goes to motive, while "script kiddie" goes to means.
But again, I'd be curious to hear your point of view.
Look, if you're going to be pedantic, try the saving grace of being correct.
"transportation of people"... plural... which, unless you know of any kind of land vehicle with two primary driver positions, incontrovertibly means at least one passenger.
...press "Submit" prematurely, leaving the entire /crowd in the agony of suspense?
Well played, well played.
"Car"
"You keep using that word. I do not think it means what you think it means."
Not a car (no passenger capacity)
Not a car (no drive shaft--in-hub electric motor)
Not a car (doesn't corner for crap)
I read the blog entry, and this little piece of spin doctoring amazed and amused me:
Gosh...
They claim they fuzz test, but it seems pretty obvious not nearly hard enough. And they need explicit out-of-bounds exception tests. Every stack-based process thread based on externally-provided input has to be, to destruction.
The blog calls this a "onesie - twosie" bug, but I suspect it's actually the harbinger of an entire class of as-yet unexplored path string processing bugs.
Well, about the time that organized Christianity was the same "age" as Islam is now, they were murdering people for blasphemy and going to holy war, ostensibly for the sake of their religion.*
As shallow as it sounds, even to my ears, I'm inclined to say "It's a phase they'll grow out of."
*Not like those tendencies are completely eradicated in Christendom today...
Well, some PvP fights you just can't win... differences in gear, disparity in skill, that kind of thing. I mean, to be blatantly obvious, I am awful at PvP in WoW, because I don't play enough to not panic and lose my combat skills in a PvP situation. Also because I don't play enough to have good gear in a PvP situation.
So, logically, if you can't win in-game, win IRL. Think outside the box.
Pretty seriously wrong.
(Although I'll admit to wishing some pretty terrible RL fates on the d-bag players camping me for hours straight.)
If I'm conscious at 2PM on Saturday, it's because I've been up all night and all morning.
And I've been too busy to go to the bank, so that doesn't help. #8^(
It worked for the United Earth Directorate.
That's interesting. Funny, but at its heart, interesting.
TFA's author seems to think folks will stop doing things for the love of it, only for money.
What about sex? Last I looked, doing that for money was... frowned upon, at the least.
So, what's the economic case for sex? What market good does it do?
Really, I know a lot of OSS geeks who get the same personal value from open source contribution as they would from sex (if they could get that): self-validation, positive relations (some of the time) with willing partners, a nice glow from post-commit satisfaction...
And, let's face it, in both cases, screw up once and you're supporting your love child for the rest of your life.
What I called bullshit on was the claim that by seizing the gang's trademark they would somehow be able to prevent the gang members from wearing jackets with the logo on it. Trademark law doesn't work like that.
Lolwut? Trademark law explicitly permits seizure of counterfeit goods. In this context, counterfeit goods are those displaying a trademark in violation of the rights of the trademark holder. After the RICO action, the tradmark holder is the U. S. Government, so only they can display the MONGOLS' former logo. Anyone else displaying it is counterfeiting.
Or, at least, I'd suspect that's the legal theory. IANAL, but just reading through the back history of trademark laws (for instance, the Lanham Act).
BTW, even if you think that "counterfeiting" is an inappropriate term, any trademark dilution or infringement can be subject to seizure and destruction of infringing article. So yeah, the Mongols may be losing their jackets. (Not right away; if I'm reading the law right, it takes a substantial judicial process to ask for seizure and have it executed.)
<flamebait fuel=napalm>
The loser doesn't get to name the territory or write the history.
</flamebait>
Interesting. It views correctly in the normal comment view, but in edit/reply/preview view, it mis-renders.
Hey, CmdrTaco, fix the damn slashcode already!