In the race-timing industry, I can't get a passive RFID chip for less than $6. I can't get an active RFID chip for less than $20. That's my cost, on volume, as a timer.
A lot of companies blow smoke about producing disposable (cheap) chips, but I don't know of any timer who uses those chips for large volume events (more than 1,000 participants).
I imagine that tracking inventory on a conveyor belt is a lot like timing runners at a finish line.
I don't usually bother emailing senators, but denying that video games are art (and even that they are not media), and implying that they should not be protected by free speech infuriates me...
Here's the note I sent to the senator. Feel free to use it as inspiration, but don't copy it verbatim.
---snip---
To: demuzio@senatedem.state.il.us
Subject: proposed restrictions on the sale of videogames
Senator:
I am disappointed and insulted to learn of your uninformed opinion
concerning the video game industry and its products. Specifically, the news
article at:
"Video games are not art or media,"... "They are simulations, not all that
different from the simulations used by the U.S. military in preparation for
war."
As a professional programmer, I am deeply offended by your opinion that
video games are not art.
Computer programs on the scale of video games require a great amount of
creative ability - literally millions of lines of computer code are required
for every game produced. Making hundreds of esoteric processor operations
into millions of commands which provide an interactive user experience is
definitely an art form. Furthermore, the graphics created for these games
are clearly art.
Please refrain from such flippant dismissal of my work and that of my
colleagues. I am sure I do not need to remind you of the U.S. Department of
Labor, Bureau of Labor Statistics report which states that 44 out of every
1,000 private sector workers in Illinois are employed by high-tech firms
(http://www.childrenspartnership.org/youngamerican s/statefacts_il.html#2).
Since you were quoted by a very popular news aggregation site
(http://politics.slashdot.org/article.pl?sid=05/05/20/1458236&tid=219), many
of your constituents are sure to share my sentiments.
---snip---
My job is with a company that times races (i.e. runners) using RFID technology. We use ChampionChip products, but there are a couple of similar, up-and-coming solutions (AMB, DAG).
The whole system is really impressive and versatile. We time marathons with tens of thousands of participants (Boston, Twin Cities, Grandma's, Columbus, Indianapolis Mini) and the systems catch 99.99% of the runners. The chips are waterproof (for triathlons) and quite rugged.
Using RFID technology is TONS better than the old methods (tags and/or popsicle sticks, and lots of watching). If any of you has ever had to line up in chutes after a hard race, you'd know what kind of chaos can ensue when someone falls or gets out of line. Anyway, RFID means that runners only have to cross the finish line... then they can pass out as they please.
Sure. You can quit anytime you want. Except, when you're working an eighty hour week, how do you line up another job? And you can't collect unemployment if you quit.
That is a very good point. Another issue to consider is that EA certainly has non-compete clauses in their employment contracts. So, even if a disgruntled employee found the time to procure a new job, they would have to ignore all of those jobs which match their work duties / experience at EA.
There are already so many responses. I hope someone will notice my question.
What if a commercial entity uses GPLed code in their closed-source product, but they haven't modified the open code? What does the GPL prescribe? Does the company need to distribute the unmodified source, simply provide a notice that they've used the source, or something else?
While I'm posting, I'd like to comment on this line in the translated interview:
But we think that the community should respect the companies who use Linux and not hunt them because I don't think that's beneficial for anyone.
That's ridiculous! I'm sick of these companies pretending that they're doing the open source community a favor by using our code. We are doing them a HUGE favor, and we don't ask for much in return. I couldn't care less if no one used my code. I release it with the hope that it saves a fellow programmer some headaches - if it does, I'd love to hear "thanks" and see the favor returned via improvements to my code.
Why is this front page slashdot? If it had been any other company than Microsoft it never would have been news.
True. The reason why this is on the front page of slashdot is, as an AC trolled:
Any other company like Microsoft no, the catch being of course that there arent any other companies like Microsft.
Of course, said troll quickly gets to the trolling, but the first part is dead-on. Microsoft is big, they're more relevant to slashdot users than any other company.
Then again, the submitter worded his submission so that the mystery patch sounded scary, but if you RTFA, it's not. Perhaps timothy fell for it.
I took a photo class in college, and I bought a Nikon FM-10 for it. In my experience, it was an excellent choice. It's completely manual and inexpensive.
If I remember correctly, mine cost around $200 (maybe $250) new. That was four years ago. I see that there are quite a few FM-10s listed on eBay, for around $200.
Originally, I *think* I bought mine at filmshop.com, but their site is a redirect now, and the page that loads doesn't look familiar at all... but it's been four years.
not that it's uncommon, but... this stock photo was used at least twice, by admittedly prominent companies. moreover, these appear to be the work of the same designer: http://www.rachelhinman.net/.
For email: I treat my INBOX like a to-do list. When the task is done or otherwise irrelevant, I delete the message. At work, Mail.app handles my spam; I use Pine at home, and have to hit the 'd' key myself. Both programs save sent mail automatically; though, I rarely refer to it.
For files: I use my home directory on unix-like systems, and my desktop on OS X and Windows. These are intended to be work areas, and I use them as such. When files become irrelevant, I delete them.
Complicated sorting systems are unnecessary for most of us. Ask yourself, "how often do I look at these archives? do archived files and email pose a security / privacy threat?". The answers are probably "almost never" and "yes".
Some files (and email) need to be saved for business' sake (i.e. source code, documentation, requirements, proposals, support requests, whatever...). That sort of storage should be the responsibility of your project management tools, not individual users.
Seems to me that a lot of the sites that are shutting down for the day are ones that are frequented by people who are already aware of the issue. Also, they aren't sites that most people would visit on a daily basis.
True. However, we use these "geek sites" in our day-to-day, professional and academic careers. If project X is delayed because I can't access some website that provides open source component Y, I get an opportunity to tell my boss or professor why. Information will spread. Someone influential will hear about the protest, and we will have done some good for the world.
It would be nice to see some more general, more widespread sites shut down for the day.
I agree. Maybe, by the above phenomenon, a higher-up at one such organization will realize how much he/she depends upon open software, and they'll join the protest.
I have a reel mower as well. It's the American Lawn Mower Co. Model No. 1815-18. I bought it at Lowe's for around $80 (I don't remember the exact price; I bought the mower a year ago).
The only downside is that you can't let your lawn get out of control.
That's definitely true. Mowing gets to be strenuous if my grass is > 7 inches tall. Still, it's possible to get the job done. If I mow once every week or week-and-a-half, everything's cool. (my neighbors with gas mowers clip their lawns more frequently, in general; in other words, I have a reel mower, and I can still be lazy).
As for the reel mower helping to slim that fat ass of yours, it can't hurt. Long stretches of tall-ish grass make my arms a little sore, but it's not an aerobic workout unless you're jogging behind the mower. I'd imagine that, if you're not a stud like me, it'd be more difficult, though.
Here are some other benefits:
no gas, no exhaust
your grass isn't pured, causing to to stick to your house and shoes
if you listen to music while you mow, you can actually hear what's playing
people over 40 will respect you
a reel mower is easier to store than other mowers
you'll have to try really hard to hurt yourself
it's less expensive to purchase and maintain than other mowers
all of your buffers will be checked for overflow, and your pointers will be initialized to NULL
Gaze sheepishly upon the glory of the Proper Spelling Nazi! The word you sought to include in your signature is "marshmallows". "marshmellows" are the foodstuff of misguided heretics.
The feature you are talking about exists in Windows 2000 and Windows XP. It is called hybernating and works marvelously. I don't know what the state of affairs is in Linuxland but last time I checked there was no such feature.
I haven't tried this, but it seems reasonable that one could use xmodmap and showkey to map any keyboard button to `apm -s` (suspend to ram) or `apm -S` (suspend to disk). (Provided that your BIOS is new enough to handle that sort of thing.)
I think those features have been available on any average Linux distribution for a while (at least a year or two... I haven't been keeping track).
For a text retrieval / linear algebra project (latent semantic indexing, et cetera), I used Matlab for quick testing and experimentation. Then, when it was time to write some stand-alone code to accompany my paper, I used the GNU Scientific Library (GSL). In addition to its own operations, it provides an interface to CBLAS (C Basic Linear Algebra Subprograms) which are pretty useful themselves. I considered LAPACK, but the documentation seemed less accessible. Both LAPACK and GSL are based on BLAS (Basic Linear Algebra Subprograms).
For a non-research project (nautilus shell simulation for the Ball State University math department), I used Maple and the Geometer's Sketchpad.
The hacker's exploit isn't located on the stack - it just used the stack overflow to gain write access to the code segment, so making the stack non-executable hasn't actually affected what the program will do with the new code
right ?
The hacker's code is on the stack. The whole point of a buffer overrun exploit is not, as you state, to write past the end of the stack. In fact, it's just to write past the end of the area of the stack allocated to some function.
For a long time, the whole buffer overflow idea seemed foreign, but after searching google and everything2, I realized that there's nothing magical happening,... the buffer overflow uses simple ideas I (you too probably) learned in early CS classes.
Here's my description of how the exploit works (as I understand it):
When you make a function call, space is allocated on the stack (memory available for programs to use) for: 1) the function's arguments, 2) the function's return address (where to go when the function is done), 3) the variables declared within the function. The idea is to use up the space for the variables within the function, and then use up enough extra space to overwrite the return address. Then, you can make the return address point wherever you want.
With that in mind, you fill the function's variable space with some code you'd like to execute. Then, you overwrite the return address to point to that code. Voila!
For example...
void myExploitableFunction() { <ECODE> // This is my buffer, it's just a char array. char buffer[16];
// Fill the buffer (and then some!) scanf("%s", buffer);
return;
}
Of course, this example is only a simple example... but anyway... The malicious user would just supply scanf with more than 16 characters, and the buffer would overflow... yada yada yada
Slashdot Mirror
In the race-timing industry, I can't get a passive RFID chip for less than $6. I can't get an active RFID chip for less than $20. That's my cost, on volume, as a timer.
A lot of companies blow smoke about producing disposable (cheap) chips, but I don't know of any timer who uses those chips for large volume events (more than 1,000 participants).
I imagine that tracking inventory on a conveyor belt is a lot like timing runners at a finish line.
I don't usually bother emailing senators, but denying that video games are art (and even that they are not media), and implying that they should not be protected by free speech infuriates me...
Here's the note I sent to the senator. Feel free to use it as inspiration, but don't copy it verbatim.
---snip---
To: demuzio@senatedem.state.il.us
Subject: proposed restrictions on the sale of videogames
Senator:
I am disappointed and insulted to learn of your uninformed opinion concerning the video game industry and its products. Specifically, the news article at:
http://news.yahoo.com/news?tmpl=story&u=/ap/200505 20/ap_on_hi_te/video_games
reports you as saying:
As a professional programmer, I am deeply offended by your opinion that video games are not art.
Computer programs on the scale of video games require a great amount of creative ability - literally millions of lines of computer code are required for every game produced. Making hundreds of esoteric processor operations into millions of commands which provide an interactive user experience is definitely an art form. Furthermore, the graphics created for these games are clearly art.
Please refrain from such flippant dismissal of my work and that of my colleagues. I am sure I do not need to remind you of the U.S. Department of Labor, Bureau of Labor Statistics report which states that 44 out of every 1,000 private sector workers in Illinois are employed by high-tech firms (http://www.childrenspartnership.org/youngamerican s/statefacts_il.html#2).
Since you were quoted by a very popular news aggregation site
(http://politics.slashdot.org/article.pl?sid=05/05 /20/1458236&tid=219), many
of your constituents are sure to share my sentiments.
---snip---
My job is with a company that times races (i.e. runners) using RFID technology. We use ChampionChip products, but there are a couple of similar, up-and-coming solutions (AMB, DAG).
The whole system is really impressive and versatile. We time marathons with tens of thousands of participants (Boston, Twin Cities, Grandma's, Columbus, Indianapolis Mini) and the systems catch 99.99% of the runners. The chips are waterproof (for triathlons) and quite rugged.
Using RFID technology is TONS better than the old methods (tags and/or popsicle sticks, and lots of watching). If any of you has ever had to line up in chutes after a hard race, you'd know what kind of chaos can ensue when someone falls or gets out of line. Anyway, RFID means that runners only have to cross the finish line... then they can pass out as they please.
That is a very good point. Another issue to consider is that EA certainly has non-compete clauses in their employment contracts. So, even if a disgruntled employee found the time to procure a new job, they would have to ignore all of those jobs which match their work duties / experience at EA.
In summary, this is a really dorky and embarrassing post. My only defense is that I grew up with dr. Who. I will not date myself
[insert joke about Dr. Who fans not getting dates]
There are already so many responses. I hope someone will notice my question.
What if a commercial entity uses GPLed code in their closed-source product, but they haven't modified the open code? What does the GPL prescribe? Does the company need to distribute the unmodified source, simply provide a notice that they've used the source, or something else?
While I'm posting, I'd like to comment on this line in the translated interview:
But we think that the community should respect the companies who use Linux and not hunt them because I don't think that's beneficial for anyone.
That's ridiculous! I'm sick of these companies pretending that they're doing the open source community a favor by using our code. We are doing them a HUGE favor, and we don't ask for much in return. I couldn't care less if no one used my code. I release it with the hope that it saves a fellow programmer some headaches - if it does, I'd love to hear "thanks" and see the favor returned via improvements to my code.
Those arent the LEDs you should looking at.
Wait just a second,... is this some sort of Jedi mind trick?
Why is this front page slashdot? If it had been any other company than Microsoft it never would have been news.
True. The reason why this is on the front page of slashdot is, as an AC trolled:
Any other company like Microsoft no, the catch being of course that there arent any other companies like Microsft.
Of course, said troll quickly gets to the trolling, but the first part is dead-on. Microsoft is big, they're more relevant to slashdot users than any other company.
Then again, the submitter worded his submission so that the mystery patch sounded scary, but if you RTFA, it's not. Perhaps timothy fell for it.
I took a photo class in college, and I bought a Nikon FM-10 for it. In my experience, it was an excellent choice. It's completely manual and inexpensive.
If I remember correctly, mine cost around $200 (maybe $250) new. That was four years ago. I see that there are quite a few FM-10s listed on eBay, for around $200.
Originally, I *think* I bought mine at filmshop.com, but their site is a redirect now, and the page that loads doesn't look familiar at all... but it's been four years.
Anyhoo, the Nikon FM-10 is a good camera.
not that it's uncommon, but... this stock photo was used at least twice, by admittedly prominent companies. moreover, these appear to be the work of the same designer: http://www.rachelhinman.net/ .
http://www.brio.comhttp://www.microsoft.com/tv/
Here's what I do:
For email: I treat my INBOX like a to-do list. When the task is done or otherwise irrelevant, I delete the message. At work, Mail.app handles my spam; I use Pine at home, and have to hit the 'd' key myself. Both programs save sent mail automatically; though, I rarely refer to it.
For files: I use my home directory on unix-like systems, and my desktop on OS X and Windows. These are intended to be work areas, and I use them as such. When files become irrelevant, I delete them.
Complicated sorting systems are unnecessary for most of us. Ask yourself, "how often do I look at these archives? do archived files and email pose a security / privacy threat?". The answers are probably "almost never" and "yes".
Some files (and email) need to be saved for business' sake (i.e. source code, documentation, requirements, proposals, support requests, whatever...). That sort of storage should be the responsibility of your project management tools, not individual users.
True. However, we use these "geek sites" in our day-to-day, professional and academic careers. If project X is delayed because I can't access some website that provides open source component Y, I get an opportunity to tell my boss or professor why. Information will spread. Someone influential will hear about the protest, and we will have done some good for the world.
I agree. Maybe, by the above phenomenon, a higher-up at one such organization will realize how much he/she depends upon open software, and they'll join the protest.
I agree completely.
Not only will we make a strong statement about software patents, but we might actually get some work done.
your grass isn't pured, causing to to stick to your house and shoes
woops. that's "pureed", with an acute over the first 'e'. apparently, ampersand eacute semi-colon is not allowed.
I have a reel mower as well. It's the American Lawn Mower Co. Model No. 1815-18. I bought it at Lowe's for around $80 (I don't remember the exact price; I bought the mower a year ago).
The only downside is that you can't let your lawn get out of control.
That's definitely true. Mowing gets to be strenuous if my grass is > 7 inches tall. Still, it's possible to get the job done. If I mow once every week or week-and-a-half, everything's cool. (my neighbors with gas mowers clip their lawns more frequently, in general; in other words, I have a reel mower, and I can still be lazy).
As for the reel mower helping to slim that fat ass of yours, it can't hurt. Long stretches of tall-ish grass make my arms a little sore, but it's not an aerobic workout unless you're jogging behind the mower. I'd imagine that, if you're not a stud like me, it'd be more difficult, though.
Here are some other benefits:
FUD = fear, uncertainty, and doubt
Gaze sheepishly upon the glory of the Proper Spelling Nazi! The word you sought to include in your signature is "marshmallows". "marshmellows" are the foodstuff of misguided heretics.
I haven't tried this, but it seems reasonable that one could use xmodmap and showkey to map any keyboard button to `apm -s` (suspend to ram) or `apm -S` (suspend to disk). (Provided that your BIOS is new enough to handle that sort of thing.)
I think those features have been available on any average Linux distribution for a while (at least a year or two... I haven't been keeping track).
I don't want ANYONE sharing MY hemorrhoid cream.
For a text retrieval / linear algebra project (latent semantic indexing, et cetera), I used Matlab for quick testing and experimentation. Then, when it was time to write some stand-alone code to accompany my paper, I used the GNU Scientific Library (GSL). In addition to its own operations, it provides an interface to CBLAS (C Basic Linear Algebra Subprograms) which are pretty useful themselves. I considered LAPACK, but the documentation seemed less accessible. Both LAPACK and GSL are based on BLAS (Basic Linear Algebra Subprograms).
For a non-research project (nautilus shell simulation for the Ball State University math department), I used Maple and the Geometer's Sketchpad.
josh
What do I hate about Microsoft? Their Office software is so bad.. er... um...
their Office software is actually quite good. I don't often see a slashdotter claiming the contrary.
with cheap backgrounds painted on the backgrounds.
Ah, a feint within a feint. How Dune-like!
The hacker's code is on the stack. The whole point of a buffer overrun exploit is not, as you state, to write past the end of the stack. In fact, it's just to write past the end of the area of the stack allocated to some function.
For a long time, the whole buffer overflow idea seemed foreign, but after searching google and everything2, I realized that there's nothing magical happening,... the buffer overflow uses simple ideas I (you too probably) learned in early CS classes.
Here's my description of how the exploit works (as I understand it):
When you make a function call, space is allocated on the stack (memory available for programs to use) for: 1) the function's arguments, 2) the function's return address (where to go when the function is done), 3) the variables declared within the function. The idea is to use up the space for the variables within the function, and then use up enough extra space to overwrite the return address. Then, you can make the return address point wherever you want.
With that in mind, you fill the function's variable space with some code you'd like to execute. Then, you overwrite the return address to point to that code. Voila!
For example...
}
Of course, this example is only a simple example... but anyway... The malicious user would just supply scanf with more than 16 characters, and the buffer would overflow... yada yada yada
That's what I was going to say. I suppose since it's already been covered, I'll simply lend an emphatic "Yeah! Freeman Dyson!"
you know,... 'cause it's not a bad thing. Barbie is totally hot.