The 2.0 line offers new internals and a new module API that's supposedly a lot cleaner and better organized. The biggest internal change of which I'm aware is that Apache now does proper threading, instead of fork()ing--that's why the big improvement on Windows, which is natively threaded, while a smaller improvement on unices.
Boise mopped the floor in the courtroom. By any observer's account, it was a virtuoso performance of what can be accomplished in front of a judge. The judge's lunacy came afterwards (and during, but that was after hours with reporters in his chambers).
When I was journalling, I often confronted the question of whether or not I wanted someone I knew to read what I'd written. Rather than censor myself, I usually decided that, if I was willing to say it to the Internet, I should be willing to say it to that person's face. It toughened me up a bit to speak truth to power, or at least friends and family.
Lack of belief in UFOs, as popularly understood != the belief that we're alone in the universe.
It makes more sense for./ers to believe the UFOs aren't real. We're geeks, we're engineers, we're people for whom whether and how a thing actually works makes a difference. The gross implausibility of all things UFO strains the credulity of a./er more than the average joe on the street, I'll bet.
Not really. That's like saying you can simply swat bullets away. There's too much energy in lasers for common mirrors to reflect--they simply melt. As I understand it, modern mirrors for targetting lasers are wicked things like nitrogen-cooled mercury, controlled by pizoelectrics.
I think that the weakest link is one of the employees in the I.S. department (myself included) being bribed to sneak the tapes out. What I was disagreeing with was your characterization of my transporting the tapes as being the weak link. While I can see a competitor laying out for a bribe, I can't see one organizing a carjacking, which would be much more expensive, more risky, and less useful, since we'd know the tapes were gone. What I was disagreeing with was the attack vector you proposed.
My point about the tapes being less than valuable to our competitors is part of my assessment of our security risks. If we were developing weapons systems for the military, it would be plausible for one of our competitors to kidnap me en route. As a manufacturer of commodity housewares, though, I think that the tapes have a limited value that serves to discount certain scenarios. Bribery to make a secret copy of the tapes is plausible. Killing me (or risking it) to get the tapes isn't.
I'm the one who makes the switch every week, unless I'm unavailabe, in which case it's the sysadmin.
You're sort of right, but not really due to the particular circumstances. The bank is a ten minute drive through a semi-rural/industrial setting, down major roads with lots of cops who don't have much to do. A carjacking is unlikely in the extreme.
Also, there's just the fact that, since we're a manufacturer of commodity housewares, where industrial espionage itself isn't terribly useful, the risk of an attempt is pretty low. If the tapes I was carrying were for Dow Chemical, it would seem more likely.
I make a weekly trip to put our tape backups into a safety deposit box at a nearby bank. For $35/year, we get bank-level security and convenient off-site storage.
For the two years I've been doing this, I've had a small, running battle with the president of the branch, who wants to enforce a rule that all use of safety deposit boxes must be done in the booths provided for privacy; presumably, he wants to avoid any appearance of, or liability for, the bank employee knowing what's in my safety deposit box. However, switching the tapes in the box can be done in 5 seconds right there, whereas taking a booth makes it a 2 minute affair. The tellers all know me, so they let me do it right there, except for the couple weeks after a stern policy memo has been issued.
The reason I don't sacrifice another 1 minute, 55 seconds, is because I don't care that the tellers know--they'd figure something out with my weekly trips anyway. But the real crux is that, putting the tape backups into a safety deposit box makes it one of the strongest links in the security chain. The server room door is always locked, the servers logged off, etc. The weakest link now is that a competitor would offer one of my employees $20,000 to sneak the tape backups out one night. In comparison, the cost of breaking into a safety deposit box, removing the tapes, and returning them after copying, all undetectably, would be in the hundreds of thousands of dollars, if it could be done at all. They can't bribe a teller because the bank has only one of two keys for my box--when I've forgotten my key, I'm SOL.
This is what Schneier means by system security. Insisting on me using a booth is like upgrading your encryption when users are writing their passwords on stickies attached to their monitors.
The FSF doesn't rely on federal marshals and no-knock warrants. It also doesn't offer a tips line for disgruntled employees to screw their employer with an accusation. Instead of showing up and blustering about huge "fines", the FSF (according to the article) works to resolve the differences amicably.
It's not that they're not bothering to keep up, it's that they're so busy failing to conquer other markets (console gaming, financial software, mobile computing/cell phones...) that they're not "wasting" resources on battles they've won.
It does seem, though, that the mothership is dangerously undefended...
Implicit in the "quick, simple, casual" test is that you are doing it constantly with a wide selection of people. Spolsky actually calls it "hallway testing", meaning you grab whoever is out in the hallway and ask them to do a quick test. That's better random sampling than you'd think.
You're missing another point, though, with your claim that "a user's mistake may be the lack of training": namely, that all users start out as newbies, and most users never progress beyond that level. If you spot newbie problems, they're real problems because the majority of your users will never be as trained as you think is reasonable.
I'm constantly harping at my developers to dumb things down far past the point they think is necessary, and luckily for us, we develop in-house applications for a manufacturer, so feedback is immediate. We always, always overestimate our user's ability and the ease and common sense of our UI and workflow. We're always fighting the classic programmer's lack of naive perception that our users have.
Do you mean "advanced server features like the payroll system that correctly calculates their pay and benefits"? Or "advanced server features like the data warehouse that results in a nice, neat sales report the manager looks at"? Or "advanced server features like data replication and redundant applications that ensure continuity of operations"? 'Cause, goodness knows, managers and secretaries and janitors never benefit from any of those things.
Copyright law isn't criminal law, it's civil law. The proper forum for resolution of the dispute isn't the justice system, it's the civil courts, and the mechanism is a lawsuit.
The fact that it's a civil suit says nothing about the disputability of SCO's claims; it's a structural feature of the law in the U.S.
The grand-parent post asserted that she was lying about the extent of her injuries because I misused the word "charring" to specify the effects of third degree burns. She did have third-degree burns, she did get skin grafts, she did spend two weeks in the hospital.
You're very confident for someone who wasn't in surgery, doing the skin grafts. It's not like she spent two weeks cooped up in her apartment, after which she came out and said "I needed skin grafts to repair the damage". She spent two weeks in a hospital, having the burns repaired by many different medical professionals, some of whom testified at the trial. Her original claim against McDonald's was only for reimbursement of those medical expenses.
Take a second before you pull the trigger next time, okay?
The woman who spilled the coffee on her lap didn't get minor blistering, she got third degree burns: charring of the skin on her thighs and crotch. She required skin grafts to repair the damage.
Slashdot Mirror
The 2.0 line offers new internals and a new module API that's supposedly a lot cleaner and better organized. The biggest internal change of which I'm aware is that Apache now does proper threading, instead of fork()ing--that's why the big improvement on Windows, which is natively threaded, while a smaller improvement on unices.
Boise mopped the floor in the courtroom. By any observer's account, it was a virtuoso performance of what can be accomplished in front of a judge. The judge's lunacy came afterwards (and during, but that was after hours with reporters in his chambers).
Ask Microsoft how David Boies is in a courtroom.
When I was journalling, I often confronted the question of whether or not I wanted someone I knew to read what I'd written. Rather than censor myself, I usually decided that, if I was willing to say it to the Internet, I should be willing to say it to that person's face. It toughened me up a bit to speak truth to power, or at least friends and family.
Lack of belief in UFOs, as popularly understood != the belief that we're alone in the universe.
./ers to believe the UFOs aren't real. We're geeks, we're engineers, we're people for whom whether and how a thing actually works makes a difference. The gross implausibility of all things UFO strains the credulity of a ./er more than the average joe on the street, I'll bet.
It makes more sense for
Not really. That's like saying you can simply swat bullets away. There's too much energy in lasers for common mirrors to reflect--they simply melt. As I understand it, modern mirrors for targetting lasers are wicked things like nitrogen-cooled mercury, controlled by pizoelectrics.
I think that the weakest link is one of the employees in the I.S. department (myself included) being bribed to sneak the tapes out. What I was disagreeing with was your characterization of my transporting the tapes as being the weak link. While I can see a competitor laying out for a bribe, I can't see one organizing a carjacking, which would be much more expensive, more risky, and less useful, since we'd know the tapes were gone. What I was disagreeing with was the attack vector you proposed.
My point about the tapes being less than valuable to our competitors is part of my assessment of our security risks. If we were developing weapons systems for the military, it would be plausible for one of our competitors to kidnap me en route. As a manufacturer of commodity housewares, though, I think that the tapes have a limited value that serves to discount certain scenarios. Bribery to make a secret copy of the tapes is plausible. Killing me (or risking it) to get the tapes isn't.
I'm the one who makes the switch every week, unless I'm unavailabe, in which case it's the sysadmin.
You're sort of right, but not really due to the particular circumstances. The bank is a ten minute drive through a semi-rural/industrial setting, down major roads with lots of cops who don't have much to do. A carjacking is unlikely in the extreme.
Also, there's just the fact that, since we're a manufacturer of commodity housewares, where industrial espionage itself isn't terribly useful, the risk of an attempt is pretty low. If the tapes I was carrying were for Dow Chemical, it would seem more likely.
I'm not aware of any encrypting backup packages.
I make a weekly trip to put our tape backups into a safety deposit box at a nearby bank. For $35/year, we get bank-level security and convenient off-site storage.
For the two years I've been doing this, I've had a small, running battle with the president of the branch, who wants to enforce a rule that all use of safety deposit boxes must be done in the booths provided for privacy; presumably, he wants to avoid any appearance of, or liability for, the bank employee knowing what's in my safety deposit box. However, switching the tapes in the box can be done in 5 seconds right there, whereas taking a booth makes it a 2 minute affair. The tellers all know me, so they let me do it right there, except for the couple weeks after a stern policy memo has been issued.
The reason I don't sacrifice another 1 minute, 55 seconds, is because I don't care that the tellers know--they'd figure something out with my weekly trips anyway. But the real crux is that, putting the tape backups into a safety deposit box makes it one of the strongest links in the security chain. The server room door is always locked, the servers logged off, etc. The weakest link now is that a competitor would offer one of my employees $20,000 to sneak the tape backups out one night. In comparison, the cost of breaking into a safety deposit box, removing the tapes, and returning them after copying, all undetectably, would be in the hundreds of thousands of dollars, if it could be done at all. They can't bribe a teller because the bank has only one of two keys for my box--when I've forgotten my key, I'm SOL.
This is what Schneier means by system security. Insisting on me using a booth is like upgrading your encryption when users are writing their passwords on stickies attached to their monitors.
*whoosh*
It's an AST. It's satire. Relax.
The FSF doesn't rely on federal marshals and no-knock warrants. It also doesn't offer a tips line for disgruntled employees to screw their employer with an accusation. Instead of showing up and blustering about huge "fines", the FSF (according to the article) works to resolve the differences amicably.
Also, they don't eat children.
I can't easily blow myself, either, but it's worth the effort.
Filthy big-endian... I thought we'd wiped out your kind years ago...
It's not that they're not bothering to keep up, it's that they're so busy failing to conquer other markets (console gaming, financial software, mobile computing/cell phones...) that they're not "wasting" resources on battles they've won.
It does seem, though, that the mothership is dangerously undefended...
Every time someone here said "I've seen XP, and it didn't work," the XP defenders say "what you saw wasn't XP".
Does that mean that a necessary requirement for XP to be XP is for it be successful? In other words, the failures disqualify a process from being XP?
Isn't that a rather self-fulfilling condition?
But "Rush" is first-name worthy?
Implicit in the "quick, simple, casual" test is that you are doing it constantly with a wide selection of people. Spolsky actually calls it "hallway testing", meaning you grab whoever is out in the hallway and ask them to do a quick test. That's better random sampling than you'd think.
You're missing another point, though, with your claim that "a user's mistake may be the lack of training": namely, that all users start out as newbies, and most users never progress beyond that level. If you spot newbie problems, they're real problems because the majority of your users will never be as trained as you think is reasonable.
I'm constantly harping at my developers to dumb things down far past the point they think is necessary, and luckily for us, we develop in-house applications for a manufacturer, so feedback is immediate. We always, always overestimate our user's ability and the ease and common sense of our UI and workflow. We're always fighting the classic programmer's lack of naive perception that our users have.
Allow me to translate the parent: "Java sucks hairy donkey balls. Convince me otherwise."
Do you mean "advanced server features like the payroll system that correctly calculates their pay and benefits"? Or "advanced server features like the data warehouse that results in a nice, neat sales report the manager looks at"? Or "advanced server features like data replication and redundant applications that ensure continuity of operations"? 'Cause, goodness knows, managers and secretaries and janitors never benefit from any of those things.
Copyright law isn't criminal law, it's civil law. The proper forum for resolution of the dispute isn't the justice system, it's the civil courts, and the mechanism is a lawsuit.
The fact that it's a civil suit says nothing about the disputability of SCO's claims; it's a structural feature of the law in the U.S.
Or improve the stability of the signal, and the sensitivity of your detection gear.
The grand-parent post asserted that she was lying about the extent of her injuries because I misused the word "charring" to specify the effects of third degree burns. She did have third-degree burns, she did get skin grafts, she did spend two weeks in the hospital.
You're very confident for someone who wasn't in surgery, doing the skin grafts. It's not like she spent two weeks cooped up in her apartment, after which she came out and said "I needed skin grafts to repair the damage". She spent two weeks in a hospital, having the burns repaired by many different medical professionals, some of whom testified at the trial. Her original claim against McDonald's was only for reimbursement of those medical expenses.
Take a second before you pull the trigger next time, okay?
The woman who spilled the coffee on her lap didn't get minor blistering, she got third degree burns: charring of the skin on her thighs and crotch. She required skin grafts to repair the damage.
How do you recover damages from a bankrupt company?