None of the people they talked to is a developer. None writes code. They're all program manangers, architects, and the like. Their job is to think big thoughts, manage people/process, etc, not actually find/fix bugs.
I think the real issue with this law is that it doesn't appropriately punish offenders - after all, the punishment should fit the crime.
I promote, as an appropriate punishment for spyware, the shoe-crapping. Specifically, persons found in violation are required temporarily to cede their shoes to the state, during which time the attorney general is required to take a crap inside of said shoes. Following this, the shoes are returned to the offender.
Linux tends to be rather Newtonian in nature. Once set in motion, it will tend to stay in motion until it is acted upon by an outside force, such as a hardware failure.
Yes, but at Microsoft we obey the Second Law of Thermodynamics!
If the leak was not caused by a network security breach, a physical security breach, a troubled-employee, or it's code sharing initiatives; how the hell was the code leaked?
It was Mainsoft. They were licensed to get the code several years back, before the whole shared source business, to port some MS stuff to Unix. Thus it wasn't shared source, wasn't a breach of Microsoft's security, and wasn't a troubled Microsoft employee. Somebody at Mainsoft fucked up.
I just don't get it. No security breach. Not related to the SSI, nor GSP. Then how did it leak???? Psychics?
It got leaked from Mainsoft, a company MS licensed the source to so they could port some piece over to unix. That was an unrelated licensing, neither SSI nor GSP. It was not a breach of Microsoft's security, it was a breach of Mainsoft's.
The parent post ignores the news, does no work to answer his own question, posts some uninformed crap, and gets modded up to +5 Funny.
It's rather unfortunate that people like yourself base your morals on what papa gub'ment tells you they should be.
True, but in context this is hard to justify. This is MS's IP, right? They should be allowed to protect that property as they like, right?
It deserves to be pointed out that the GPL and Free-ness of Linux depend on these same IP laws. I'd be interested to know how your moral stand that doesn't let MS protect its source how it wants somehow does allow Linux to protect its source how it wants.
When Americans speak of "outsourcing" in this context they mean "out" as in "out of the country".
This is a pretty stupid comment. Outsourcing and offshoring are different things. Outsourcing is when a company subcontracts the work to another country - the source of the work is outside the company. Offshoring is when a company has work done on its behalf by people outside its own country.
So you can have outsourcing that's not offshoring (when Microsoft hires a US-based temp agency to do work), and offshoring that's not outsourcing (when Prudential opens an office in India).
They shouldn't be legislating against the ways in which people conceal themselves; they should be legislating against the things that they DO while concealed! Being anonymous isn't a crime
So, this is exactly what they're doing. It's the terrible reporting on this site which is causing the problem. The law would be this: if you commit online fraud, and you've also falsified your WHOIS info, they add a couple years to the sentence. Which, surprisingly, seems fairly reasonable. If you do something illegal you should be punished, and if you try to cover up that crime you should be punished more harshly.
Wow politicians are so stupid
Perhaps. In this case however the problem is with Taco, not the politician. I'm reminded of the ad for the Daily Show:
"It's come to our attention that many of you are getting your news by watching this program. To you, we say this: DON'T! WE MAKE STUFF UP!!
What's interesting about it is that the encryption doesn't get updated when you change your password. Say you encrypt your files, then change your p/w: you'll still need your old p/w to access those files.
Kind of a pain, except that it's very good for a laptop user. Normally if you've got physical access to the machine, you can get anything on it. For example, with physical access you can boot from a disk and use various tools to change the password on the installed OS (this works for NT as well as Linux, et al - you've just gotta have the right tools). However, even changing the login password won't give you access to those encrypted files.
Basically you end up having to do a brute force attack, either on the key or the password. That's generally about as good as you're going to get once you've comprimised physical security.
Sheesh. People here would complain if you hung them with a new rope.
Ironically, it's "hanged." The past participle of the verb meaning "to kill by hanging" is "hanged." "Hung" refers to the hanging of something other than a person by the neck.
This is a site for nerds, right? Nerds are supposed to be good at math, right?
I mean seriously, this was modded +5 and he can't even multiply? The fact that he's doing fake multiplication in order to make a paranoid anti-SCO point shouldn't be rewarded anymore than the DDOS should be rewarded. Telling stories is one thing, but making up new math...
Why are actors paid $50,000,000 for doing a film instead of, say, $50,000 or $200,000? It's just acting. It's not like they're risking their life or health.
Well, $50M is a bit of an exaggeration -- you're not going to find many (any?) examples of that high a figure -- but some actors do get paid a lot of money, even millions of dollars, to do a film, yes. Why so much? Because that's what the market is. They're paid that much because the studios are willing to pay that much, and the studios are willing to pay that much because the filmgoing public is willing to pay what it pays. That's what our priorities are.
I think the point was that there's no underlying moral reason why actor's *deserve* to be paid so much. For example, doctors are paid well because their job is high-stress and requires a very high level of education, and thus they deserve to be paid a lot. If some external force (like, say, HMO's) came along and worked to lower doctor salaries, we as a society would have a moral reason to help the doctors continue to be paid well because it encourages the youth to want to be doctors (despite the long hours, stress, and student loans until retirement).
Actors, the grandparent post is arguing, have no such claim - they're paid well because of environmental factors, but if those environmental factors change and that pay drops, well, boo hoo. We shouldn't feel like the drop in actor salaries is going to undermine our society and campaign for their continue high pay in the same way we should for the doctors.
(On a side note, I'm not sure I entirely believe that. I have this theory that the average salary for an actor is pretty low, when you factor in all the bus boy "future actors" in Hollywood. Given the high risk of failure in an acting career, it may make sense that you have to make the reward absurdly high to offset that risk.)
Think about what the problems are. Then narrow that list to things which management can fix. Now write down the reasons why they should take those actions, in terms of how it benefits them ("doing this will improve productivity, which will improve profits"... they can take it from there to "which will improve the stock price, which will make you rich").
Basically, you just have to think about how to frame the message for them - too often we explain things from our own POV, and given the differences between management and engineering that leads to, well, disaster. If you briefly explain the problems in terms they'll understand (productivity and morale, for example), give them a reasonable and actionable list of solutions, and justify those solutions, you'll be golden.
If you think they're coming to dinner so you can complain about how much life sucks, start preparing your resume now.
Are you an idiot, or just totally lacking of perspective?
In fact, problems such as SQL slammer are more like the invasion of the Mongols, and the spam problem is global thermonuclear war.
The invasion of the Mongols evicted tens of thousands of people from their homes and ruled an enormous empire, a fragment of which became China. He's remembered almost a thousand years later as one of the most fearsome figures of history.
Global thermonuclear war would destroy civilization as we know it.
Think about it this way - in a thousand years, do you think anyone's going to give a shit about Blaster? Within 5 years it won't be remembered outside the computer community, and within 10 it will be an answer to a trivia question.
So, in closing, please shut the hell up. You're making us all look like ignorant children.
While aerobic exercise is good for aiding in fat loss, muscle-building exercise is better in the long run, as muscle increases metabolism and fat burning, even when you're not exercising.
Yes, although ideally you'd also like to exercise your heart, lungs, etc.
As with everything, you need a balance. If people would take the time they spend looking for a silver bullet and just follow the same basic advice that's worked forever, they'd be a lot better off. Mix your workouts, keep it interesting, and stop trying to hack your body.
The problem is that terrorists can test their CAPPs profile by simply going on a flight. If they are not searched on a limited number of test flights then they have a lower change of being searched in the future than if purely random, non CAPPs "assisted", searches are done.
First off, I agree the system is wrong, morally.
However, this argument seems a bit spurious. The assumption being made is that there's some group of terrorists who will be flagged as safe for travel; it's only that set who, upon testing their CAPP in the method described, will find it low enough for them to get on board.
Let me rephrase that: in order to prove the system is insecure, the argument assumes that the system will not work (that it will assign some terrorists a low CAPP). In practice that may be true, but the logic strikes me as a bit circular.
I think the better way of understanding this is to acknowledge that if the system is broken, this attack will allow terrorists to exploit that failure.
Your accusing Slashdot of having a double standard arises from a flawed metaphor in your conceptual framework for understanding the denizens of the site. You seem to be thinking of Slashdot as a monolith, much like the Borg, with thousands of drones offering up the same ideas.
I find it's much more enlightening to understand Slashdot as something of a random content generator, without the consistency constraints of a single mind.
Are we saying programmers in the US are more innovative than Indian, Russian or other off shore programmers?
Yes.
Not because of nationality, but because of culture. The US culture tends to be more structured towards innovation - all the ideas promoting the individual, the American dream, etc, create a culture in which people perceive that they will be rewarded for creativity (n.b. this does not mean that they *are*, just that the culture encourages this mentality). Compare that to a culture which is still largely caste-based, and your individual value is determined by which caste you were born into.
It doesn't have anything at all to do with race, and everything to do with culture. For an example, compare Silicon Valley to western Europe, or even with other areas within the US; SV promotes a cultural belief that the individual is rewarded for creativity, that failure can make you better (because you learned something, one presumes), and that you can change the world with your tech. All of those things make it more conducive to people taking risks and innovating, and it's why you see places like Apple and HP coming out of that area.
I think there's a tendency to avoid this analysis because it sounds like racism: "you can't be saying Americans are better than Indians!" I think you have to take off those PC blinders: while it's not an issue of race, it *is* an issue of culture, and the US culture has proven itself more conducive to creativity and innovation.
I'm still looking for a patch for the W32.Clueless.User worm. It seems no matter how restrictive the firewall, this little blighter can get in.
Yeah, this is one nice architectural feature of Linux. The designers have managed to find a way of blocking this particular error by means of sophisticated analysis and commitment to building a secure system.
The key was realizing that the error was originating between the keyboard and the chair. Once they made that breakthrough they knew the only solution was to build a firewall there, at the weak point where the worm attacked the system. Thanks to dedicated work by the UI and apps teams, they've managed to do enough hardening of the interface to make it impervious to the attacks of even the most insistent non-technical user.
However, a sitting president is most definitely responsible for the federal deficit that is racked up during their administration, as they have direct control over such policies.
I'm kind of surprised no one has called you on this one, for implying that running a large federal deficit during an economic contraction creates or promotes that contraction.
Ever since Keynes started working on economics, it's been fairly well agreed upon that running a deficit during a contraction is in fact the *right* thing to do. Think about it if you don't run a deficit: the economy contracts, which lowers tax revenue, and in order to avoid a deficit you decrease government spending. What effect do you think reducing gov't spending will have on an economic downturn? In the same way that decreased IT spending has contributed to the IT downturn, reduced gov't spending contributes to the overall economic downturn. Same thing for reducing the tax rates - it increases the deficit, but also helps the economy by increasing spending.
Keynes basically argued that a gov't should run a deficit during economic contractions to help pull the economy out of that downturn. This becomes responsible fiscal policy when you realize that eventually the downturn will end, tax revenue will go up, and you can cut gov't spending (since the economy's going strong, it doesn't need the help).
To a certain extent I agree with you - however, I think people need to be a bit more careful in how they argue it. This particular position is really pretty untenable:
When the vast majority of a society is violating a certain law, it is a sign that the law, not the society needs to change.
Why is this wrong? The standard response is going to be Nazi Germany. Or take modern-day Rwanda. Mid-90's Serbia. The fact that a bunch of people are doing something does *not* make it right. All it means is that there is a disconnect between the rules and the popular perception of what's appropriate. Arguing that the popular perception is always right... that's a dangerous position to start adopting.
I mention this not because I think that you are incorrect in attacking the RIAA's "eternal copyrights and death to those who oppose us" strategy, but because this argument weakens the position of people presenting more well-considered positions. In the same way that the community needs to be wary of supporting DDOS's on SCO (real or imagined), we need to be wary of adopting hardline rhetoric which will only alienate.
Focus on the easy points, the low-hanging fruit that the RIAA is giving out by the bushel, to point out all the problems that are wrong with the current model. Just don't try to abstract it into some untenable moral absolute. They're wrong - just point that out, don't adopt some crazy extremist position just to distance yourself from them.
For the company, doesn't diversity in standards actually help them protect their materials? It seems that having only one standard would just concentrate everyone's efforts on breaking it and therefore would get cracked faster.
Nonono, you don't understand. *Our* protection scheme is hacker-proof.:)
Slashdot Mirror
None of the people they talked to is a developer. None writes code. They're all program manangers, architects, and the like. Their job is to think big thoughts, manage people/process, etc, not actually find/fix bugs.
I promote, as an appropriate punishment for spyware, the shoe-crapping. Specifically, persons found in violation are required temporarily to cede their shoes to the state, during which time the attorney general is required to take a crap inside of said shoes. Following this, the shoes are returned to the offender.
Yes, but at Microsoft we obey the Second Law of Thermodynamics!
It was Mainsoft. They were licensed to get the code several years back, before the whole shared source business, to port some MS stuff to Unix. Thus it wasn't shared source, wasn't a breach of Microsoft's security, and wasn't a troubled Microsoft employee. Somebody at Mainsoft fucked up.
Where's my cookie?
It got leaked from Mainsoft, a company MS licensed the source to so they could port some piece over to unix. That was an unrelated licensing, neither SSI nor GSP. It was not a breach of Microsoft's security, it was a breach of Mainsoft's.
The parent post ignores the news, does no work to answer his own question, posts some uninformed crap, and gets modded up to +5 Funny.
At least it wasn't +5 Insightful.
True, but in context this is hard to justify. This is MS's IP, right? They should be allowed to protect that property as they like, right?
It deserves to be pointed out that the GPL and Free-ness of Linux depend on these same IP laws. I'd be interested to know how your moral stand that doesn't let MS protect its source how it wants somehow does allow Linux to protect its source how it wants.
This is a pretty stupid comment. Outsourcing and offshoring are different things. Outsourcing is when a company subcontracts the work to another country - the source of the work is outside the company. Offshoring is when a company has work done on its behalf by people outside its own country.
So you can have outsourcing that's not offshoring (when Microsoft hires a US-based temp agency to do work), and offshoring that's not outsourcing (when Prudential opens an office in India).
Please stop modding up ignorance as "Insightful."
So, this is exactly what they're doing. It's the terrible reporting on this site which is causing the problem. The law would be this: if you commit online fraud, and you've also falsified your WHOIS info, they add a couple years to the sentence. Which, surprisingly, seems fairly reasonable. If you do something illegal you should be punished, and if you try to cover up that crime you should be punished more harshly.
Perhaps. In this case however the problem is with Taco, not the politician. I'm reminded of the ad for the Daily Show:
"It's come to our attention that many of you are getting your news by watching this program. To you, we say this: DON'T! WE MAKE STUFF UP!!
Kind of a pain, except that it's very good for a laptop user. Normally if you've got physical access to the machine, you can get anything on it. For example, with physical access you can boot from a disk and use various tools to change the password on the installed OS (this works for NT as well as Linux, et al - you've just gotta have the right tools). However, even changing the login password won't give you access to those encrypted files.
Basically you end up having to do a brute force attack, either on the key or the password. That's generally about as good as you're going to get once you've comprimised physical security.
Ironically, it's "hanged." The past participle of the verb meaning "to kill by hanging" is "hanged." "Hung" refers to the hanging of something other than a person by the neck.
This is a site for nerds, right? Nerds are supposed to be good at math, right?
I mean seriously, this was modded +5 and he can't even multiply? The fact that he's doing fake multiplication in order to make a paranoid anti-SCO point shouldn't be rewarded anymore than the DDOS should be rewarded. Telling stories is one thing, but making up new math ...
DRTFA!
('D' for "Don't")
Actors, the grandparent post is arguing, have no such claim - they're paid well because of environmental factors, but if those environmental factors change and that pay drops, well, boo hoo. We shouldn't feel like the drop in actor salaries is going to undermine our society and campaign for their continue high pay in the same way we should for the doctors.
(On a side note, I'm not sure I entirely believe that. I have this theory that the average salary for an actor is pretty low, when you factor in all the bus boy "future actors" in Hollywood. Given the high risk of failure in an acting career, it may make sense that you have to make the reward absurdly high to offset that risk.)
Think about what the problems are. Then narrow that list to things which management can fix. Now write down the reasons why they should take those actions, in terms of how it benefits them ("doing this will improve productivity, which will improve profits" ... they can take it from there to "which will improve the stock price, which will make you rich").
Basically, you just have to think about how to frame the message for them - too often we explain things from our own POV, and given the differences between management and engineering that leads to, well, disaster. If you briefly explain the problems in terms they'll understand (productivity and morale, for example), give them a reasonable and actionable list of solutions, and justify those solutions, you'll be golden.
If you think they're coming to dinner so you can complain about how much life sucks, start preparing your resume now.
The invasion of the Mongols evicted tens of thousands of people from their homes and ruled an enormous empire, a fragment of which became China. He's remembered almost a thousand years later as one of the most fearsome figures of history.
Global thermonuclear war would destroy civilization as we know it.
Think about it this way - in a thousand years, do you think anyone's going to give a shit about Blaster? Within 5 years it won't be remembered outside the computer community, and within 10 it will be an answer to a trivia question.
So, in closing, please shut the hell up. You're making us all look like ignorant children.
Yes, although ideally you'd also like to exercise your heart, lungs, etc.
As with everything, you need a balance. If people would take the time they spend looking for a silver bullet and just follow the same basic advice that's worked forever, they'd be a lot better off. Mix your workouts, keep it interesting, and stop trying to hack your body.
And the doctor says: Stop eating the f'ing Mensa members, fat-ass!
First off, I agree the system is wrong, morally.
However, this argument seems a bit spurious. The assumption being made is that there's some group of terrorists who will be flagged as safe for travel; it's only that set who, upon testing their CAPP in the method described, will find it low enough for them to get on board.
Let me rephrase that: in order to prove the system is insecure, the argument assumes that the system will not work (that it will assign some terrorists a low CAPP). In practice that may be true, but the logic strikes me as a bit circular.
I think the better way of understanding this is to acknowledge that if the system is broken, this attack will allow terrorists to exploit that failure.
I find it's much more enlightening to understand Slashdot as something of a random content generator, without the consistency constraints of a single mind.
Nice to see that Carly's just outsourcing her "innovation" down the street, instead of having to go all the way to India for it ...
Yes.
Not because of nationality, but because of culture. The US culture tends to be more structured towards innovation - all the ideas promoting the individual, the American dream, etc, create a culture in which people perceive that they will be rewarded for creativity (n.b. this does not mean that they *are*, just that the culture encourages this mentality). Compare that to a culture which is still largely caste-based, and your individual value is determined by which caste you were born into.
It doesn't have anything at all to do with race, and everything to do with culture. For an example, compare Silicon Valley to western Europe, or even with other areas within the US; SV promotes a cultural belief that the individual is rewarded for creativity, that failure can make you better (because you learned something, one presumes), and that you can change the world with your tech. All of those things make it more conducive to people taking risks and innovating, and it's why you see places like Apple and HP coming out of that area.
I think there's a tendency to avoid this analysis because it sounds like racism: "you can't be saying Americans are better than Indians!" I think you have to take off those PC blinders: while it's not an issue of race, it *is* an issue of culture, and the US culture has proven itself more conducive to creativity and innovation.
Yeah, this is one nice architectural feature of Linux. The designers have managed to find a way of blocking this particular error by means of sophisticated analysis and commitment to building a secure system.
The key was realizing that the error was originating between the keyboard and the chair. Once they made that breakthrough they knew the only solution was to build a firewall there, at the weak point where the worm attacked the system. Thanks to dedicated work by the UI and apps teams, they've managed to do enough hardening of the interface to make it impervious to the attacks of even the most insistent non-technical user.
I'm kind of surprised no one has called you on this one, for implying that running a large federal deficit during an economic contraction creates or promotes that contraction.
Ever since Keynes started working on economics, it's been fairly well agreed upon that running a deficit during a contraction is in fact the *right* thing to do. Think about it if you don't run a deficit: the economy contracts, which lowers tax revenue, and in order to avoid a deficit you decrease government spending. What effect do you think reducing gov't spending will have on an economic downturn? In the same way that decreased IT spending has contributed to the IT downturn, reduced gov't spending contributes to the overall economic downturn. Same thing for reducing the tax rates - it increases the deficit, but also helps the economy by increasing spending.
Keynes basically argued that a gov't should run a deficit during economic contractions to help pull the economy out of that downturn. This becomes responsible fiscal policy when you realize that eventually the downturn will end, tax revenue will go up, and you can cut gov't spending (since the economy's going strong, it doesn't need the help).
Why is this wrong? The standard response is going to be Nazi Germany. Or take modern-day Rwanda. Mid-90's Serbia. The fact that a bunch of people are doing something does *not* make it right. All it means is that there is a disconnect between the rules and the popular perception of what's appropriate. Arguing that the popular perception is always right ... that's a dangerous position to start adopting.
I mention this not because I think that you are incorrect in attacking the RIAA's "eternal copyrights and death to those who oppose us" strategy, but because this argument weakens the position of people presenting more well-considered positions. In the same way that the community needs to be wary of supporting DDOS's on SCO (real or imagined), we need to be wary of adopting hardline rhetoric which will only alienate.
Focus on the easy points, the low-hanging fruit that the RIAA is giving out by the bushel, to point out all the problems that are wrong with the current model. Just don't try to abstract it into some untenable moral absolute. They're wrong - just point that out, don't adopt some crazy extremist position just to distance yourself from them.
Nonono, you don't understand. *Our* protection scheme is hacker-proof. :)