See Peter Gutmann's analysis of open source VPNs back in 2003. To be sure, the situation was not as dire as he described it to be in all these cases -- in some cases such issues were arguably not readily exploitable or were documented as recognized tradeoffs -- but it nonetheless raises a point that even having a substantial group of folks looking at the source doesn't necessarily help as much as it generally does if recognizing the bugs requires special knowledge which most developers don't have.
I've known the background for as long as I can recall -- but never considered it a positive metaphor.
One who drinks the kool-aid is acting in a manner desired by those who would manipulate them, contrary to the good sense they might have were they not in a situation where they're prone to such manipulation. One who works at a start-up and puts in insane hours with no additional compensation has drank the kool-aid. One who works at a massive corporation with a particular variety of groupthink and who accepts that groupthink drinks the kool-aid. (I recall one individual opening a speech with an assertion that "I work at Microsoft, but I don't drink the kool-aid"; it was, in this case, regarding the latter usage).
The assertion made in the article, by its use of drinking the kool-aid with regard to accepting standards as a Good Thing, claims that Microsoft has come around to the point of accepting standards even when doing so is not necessarily in their best interests, or that standards-compliance has become part of the local groupthink. Frankly, I'd be happy if this were so -- but in the present case, there's no reason to believe it's anything other than exaggeration on the part of the author.
I wasted 30 minutes of my life on the new Bard's Tale. It thought it was *far* more funny than it actually was, and the cutscenes took far too much time to go through (and didn't have an obivous way to skip forward while acquiring the content through textual subtitles). I have very little time to spend on gaming, so I *really* don't appreciate it when those games I do play waste my time. (Well, waste my time without providing the expected level of entertainment in return).
That said -- if I'm looking for good writing in a game, I tend to play modern IF. (Varicella, Blue Chairs, Spider and Web, etc)
Blinking all the time? Sure, I agree that that's a little much. Blinking to indicate intent to turn or brake? That, on the other hand, you already get from other vehicles -- doing the same thing for a cyclist shouldn't be offensive.
Hmm -- one could easily work in some mechanism to detect when the cyclist is making the hand gestures associated with a turn or stop and augment those with said blinking, if one doesn't want to wirelessly connect to controls by the handlebars. For that matter, if this clothing were programmable via a standard wireless interface (yaaay, Bluetooth!), that would leave a lot of room for folks to make periphreals (like cyclist safety gear) which the clothing could be paired to. I could also see teens wanting to pair their clothes to their iPods (to flash to the beat of the music they're listening to) -- or to a system which uses ambient noise for the same purpose. Or a little wireless control that lets them set the color to associate with their moods. Or a Bluetooth-enabled mood ring. Or...
Well, anyhow, there's potential.
Now, if the PTO just wises up and allows these off-the-cuff suggestions to be used to demonstrate obviousness...
Why do you think you've found a fellow paranoid? Failing to report someone who dropped out for reasons not related to the success of the study (which is what the poster suggested) is legitimate, moral and honest -- and thus hardly the stuff paranoia is made of.
In short, what you've just bought is a non-paranoid explanation. (Good for you!)
Why not believe that they had 49 participants? Sure, people like round numbers -- but when you're deciding how many folks you can include in your study on account of your budget constraints, or looking at how many of the folks who signed up to participate qualify, reality sometimes rears its head and results in numbers which aren't so perfect.
Who do you think believes you'd tell your boss you'll refuse to install something he orders you to?
Ya know, some of us are actually respected enough by management that they tend to follow our recommendations -- even when those recommendations involve telling them (tactfully) that something they're asking us to do is a Bad Idea.
Consumer Reports has a wonderful history of being bought and paid for by companies
I sure would like to see someone back that up with references -- CR has some fairly strong internal policies to try to avoid cases where they might be tempted towards bias.
Or by hearing that Jews use the blood of muslim children to make pastries. Idiotic nonsense that seems laughable to most of us, but is quite effective at motivating a certain type of individual.
Your worldview just couldn't cope with "evil" people being well-educated and informed, and simply having made decisions severely contrary to your own -- could it?
To be sure, every movement has its idiots -- but then, major movements have their thinkers too, and their everyday people who've been caught up with causes beyond rhetoric. There are legitimate reasons to like Hezbollah (which is much more than just a militia, providing social services on an extremely wide scale); reasons to hate Israel (the founding of which was supported by terrorist actions -- see the King David Hotel bombing for one example); reasons to despise the US which aren't the simple-minded "they hate our freedom" rhetoric the neocons spew. To take an entirely different example -- Fidel Caestro, who has been demonized in the US media, is by all accounts a downright brilliant thinker according to those who've spoken with him directly, including those who disagree strongly with his policies. As for terrorism being unacceptable under any circumstances, few countries were founded without actions which would today be called terrorism! The US, in this, is certainly no exception. Now, understand: I support Israel's right to exist, and as an American I love my country (though I hate the corruption which has been visited on the one-proud principals on which it was founded). My point is not that you are wrong to be against terrorists, but that thinking them stupid is a dangerous mistake.
So, here's a hint: There are well-educated, intelligent people who disagree with you -- disagree strongly enough to put their lives on the line to support those beliefs. Just because they are intelligent people and just because they have justifications to back their beliefs (in some moral code which can be held in the mind of a reasonable man, while not necessarily matching your own) doesn't mean you or I can or should agree with their causes or tolerate their attacks -- but perceiving them as idiots, like any other means of underestimating one's foe, is a path to folly.
Thank you for that -- you express your position well, and I largely appreciate what you're saying. I do think, however, that there's at least one point where I haven't made my position quite clear enough.
I agree that historical documents themselves are value-neutral, even when their creation (ie. the decision to document a given event, or the decision to take actions to persist said documentation over centuries) is divinely inspired, if such documents do not include value judgements. Such value judgements do exist in the Bible, however -- both implicit in the actions taken by God in response to the actions of men, and explicit in judgements in the form of "[foo] was a just man".
So -- I agree that reading in implicit approval to acts of men documented in the Bible is faulty. I disagree, however, that the historical documents included in the Bible do not purport to provide moral guidance.
It's an excellent idea, but in general, the money sucks.
I've worked for a company making Free Software (in particular, a Linux-based development toolkit for embedded systems with a wide variety of applications ported and tested). Their pay scales were similar to others in the industry. (I'd hazard that pay scales at Red Hat or SuSE are likewise similar to those for conventional software development).
Right now, I'm working for a startup whose primary product is proprietary software, but with an infrastructure completely built around Free Software. More to the point, my role at said startup is largely centered around modifying that Free Software to meet our needs (and pushing our patches back upstream). If one expands the Free Software ecosystem to include this kind of role, it becomes quite large indeed.
According to a substantial subset of the Bible's followers, the entire collection was divinely inspired. Consequently, their entire contents should by that standard be taken for truth. Certainly, historical documents in and of themselves are value-neutral -- but when they pass judgment on that which they report, and their entire contents (including value judgments on the events reported) are read as unassailably true, that neutrality is lost.
A historical document with divinely inspired contents which makes value judgments on that which it reports, then, is not only a historical document but also a guide to behavior inasmuch as it reports by example behaviors of which God did or did not support or approve.
If you don't accept that the whole of the Bible is divinely inspired (and presumably also that divine inspiration was involved in selecting only divinely inspired texts be included), then this argument obviously doesn't hold water for you -- and that's fine; it's not meant for you in that case. If you do accept that, on the other hand... well, I'd like to see a further rebuttal.
Individual humans who act contrary to the whole of society -- even if they do so in ways less direct than violent crime -- should not be forgiven their sins just because the actions they take are abstract and indirect in how they harm others' wellbeing.
Let me ask you: Which is more important -- the life of one person, or ten people, or one hundred, or three thousand; or the ability of ten million to take some small, unimportant action without fear? I don't think that the answer is clearcut.
If you're expanding out of an encrypted archive into an encrypted partition (think TrueCrypt or Norton's equivalent tools), no, it's never going to touch disk in raw form. Decrypting from memory makes more sense, though, in terms of not requiring an additional 3rd-party tool to be involved.
A vm that sees you load BluePillDetect.exe just goes in and twiddles a few bits here and there in the app before it actually puts it in the execute queue, or subtly mucks with its registers while it's executing. Now the program blissfully reports just what the VM wants it to report... "no VM detected.".
Yes, but writing code from the VM to reach inside OS-specific structures (or even read their contents) is difficult and fragile -- you need to find structures with known memory locations and find a way to follow their pointers to find other things that don't, and the memory locations are prone to changing without any kind of warning when the user applies a service pack or something. The non-fragile way to do it is to have some code running inside the virtualized OS using vendor-supported interfaces -- but as soon as you do that, you're detectable by OS-specific measures.
You could get around that by detecting this code at the driver level -- as it's being read or written from disk or received on the network -- but that's still possible to work around: Download it in an encrypted archive (with a key that's different for each download) into an encrypted partition, dearchive and run it there and the disk drivers will never see the byte pattern matching BluePillDetect.exe.
All that said -- I can see how one could twiddle the bits (modifying BPD's code, not the system characteristics) within the VMM to make the system itself undetectable to BluePillDetect on a standalone machine (one would need to look for BluePillDetect only if a pattern appropriate to it is seen -- say, a specific trapped instruction being called very frequently -- though if BPD could be written to need only a small number of common trapped instruction calls, and it's passed through the disk and network drivers only in encrypted form, it's hard to see how its activity could be easily detected from a VMM without serious overhead), but not how to stay undetectable with another networked machine assisting. If BluePillDetect provides a challenge which a system running under a VMM can perform quickly and a system not running under a VMM can't and another system on the network is involved in the test (validating the answers and the times at which they were received), the system under the VMM is sunk -- at least if the challenge is dynamically modifiable enough that it can't patch BluePillDetect with code to provide the remote machine with a precanned answer. Sure, the local system may still not know it's been hacked -- but the remote system will, and that's enough.
To the extent that Blue Pill was claimed to be 100% undetectable, I do believe it's debunked. Might the war continue? Sure -- but it's the same war it's always been.
That's what used to be the case. The explicit definition of receipt of other copyrighted works as value received was a modification made to permit criminal copyright law to apply against online piracy groups. (This was before P2P file sharing hit it big, but it wouldn't take much to convince a judge that applicability to that as well is within both letter and intent of the law).
The reason filesharing is mostly a civil matter isn't that criminal laws don't apply, but because public prosecutors have better things to do with their time.
The folks who oppose many forms of popular media do so on account of the morals and behaviors those forms of media allegedly teach and reinforce.
The Bible is quite explicitly used by a substantial portion of the population as a guide to one's morals and behaviors -- a population segment with a substantial overlap with the group discussed above.
As a historical document, the Bible doesn't make much sense in comparison with popular media. As a guide to moral behavior, on the other hand, it is allegedly the gold standard. Why should it not be evaluated as such?
If tolerance is letting behavior consistant with active and intentional harm to others go with nothing more than a reprimand, that's a Bad Thing. A reprimand, after all, is just a conveyance of the kind of abstract concept you're arguing that children aren't capable of handling.
If "zero tolerance" is use of disproportionate punishment against even a first offense, that's a bad thing as well -- but an argument against zero tolerance shouldn't also be an argument against real and substantive punishment (though without long-term consequences) even on a first offense, should the severity of the offense merit such.
So -- being expelled has long-term consequences. That's excessive for a first offense -- but entirely appropriate for a 3rd one. For a first offense of the severity being discussed, a week of study hall after school might be appropriate in addition to whatever punishment the childrens' parents may choose to levy.
Copyright is life plus 70.* Copyright infringement is also a crime in many developed countries, which can be prosecuted independently of the knowledge of any copyright owner.
So what?
Do you honestly expect that a prosecutor's office (all of which are constantly overworked) is going to spend time and resources to prosecute a crime in which the victim is a company which no longer exists? Prosecutors' offices typically have more -- and more pressing -- business to keep them busy, and if they wanted to make an example of someone by actually prosecuting a case of criminal copyright infringement, that example probably wouldn't be a lone individual collecting abandonware.
someone took the effort to port to linux and then you don't reward 'em?
Since they've been out of business for over four years now, I'm pretty sure it's moot. Not saying that software piracy is moral or such, but that it's somewhat less repugnant under the circumstances in question.
Slashdot Mirror
Yes, I did -- once back when it was initially released, and again this morning.
Again, is there a point you're trying to make?
Is there a point you're trying to make via that quote?
Using OSS is not a guarantee of strong crypto.
See Peter Gutmann's analysis of open source VPNs back in 2003. To be sure, the situation was not as dire as he described it to be in all these cases -- in some cases such issues were arguably not readily exploitable or were documented as recognized tradeoffs -- but it nonetheless raises a point that even having a substantial group of folks looking at the source doesn't necessarily help as much as it generally does if recognizing the bugs requires special knowledge which most developers don't have.
Finding a million examples of folks misusing any common phrase is not difficult. It doesn't make them right, either.
l l aid.html
9 48
The top results from a quick Google search back up the description of drinking the kool-aid as an act of self-destructive or blind faith:
http://www.wordspy.com/words/drinktheKool-Aid.asp
http://www.fastcompany.com/magazine/92/debunk.htm
http://www.wordorigins.org/Words/LetterD/drinkkoo
Also, see the "Hacker Slang" section of the page at http://www.answers.com/topic/kool-aid
The only dissenting explanation is far more pithy, and evidences less research:
http://www.clichesite.com/content.asp?which=tip+1
I've known the background for as long as I can recall -- but never considered it a positive metaphor.
One who drinks the kool-aid is acting in a manner desired by those who would manipulate them, contrary to the good sense they might have were they not in a situation where they're prone to such manipulation. One who works at a start-up and puts in insane hours with no additional compensation has drank the kool-aid. One who works at a massive corporation with a particular variety of groupthink and who accepts that groupthink drinks the kool-aid. (I recall one individual opening a speech with an assertion that "I work at Microsoft, but I don't drink the kool-aid"; it was, in this case, regarding the latter usage).
The assertion made in the article, by its use of drinking the kool-aid with regard to accepting standards as a Good Thing, claims that Microsoft has come around to the point of accepting standards even when doing so is not necessarily in their best interests, or that standards-compliance has become part of the local groupthink. Frankly, I'd be happy if this were so -- but in the present case, there's no reason to believe it's anything other than exaggeration on the part of the author.
I wasted 30 minutes of my life on the new Bard's Tale. It thought it was *far* more funny than it actually was, and the cutscenes took far too much time to go through (and didn't have an obivous way to skip forward while acquiring the content through textual subtitles). I have very little time to spend on gaming, so I *really* don't appreciate it when those games I do play waste my time. (Well, waste my time without providing the expected level of entertainment in return).
That said -- if I'm looking for good writing in a game, I tend to play modern IF. (Varicella, Blue Chairs, Spider and Web, etc)
Blinking all the time? Sure, I agree that that's a little much. Blinking to indicate intent to turn or brake? That, on the other hand, you already get from other vehicles -- doing the same thing for a cyclist shouldn't be offensive.
Hmm -- one could easily work in some mechanism to detect when the cyclist is making the hand gestures associated with a turn or stop and augment those with said blinking, if one doesn't want to wirelessly connect to controls by the handlebars. For that matter, if this clothing were programmable via a standard wireless interface (yaaay, Bluetooth!), that would leave a lot of room for folks to make periphreals (like cyclist safety gear) which the clothing could be paired to. I could also see teens wanting to pair their clothes to their iPods (to flash to the beat of the music they're listening to) -- or to a system which uses ambient noise for the same purpose. Or a little wireless control that lets them set the color to associate with their moods. Or a Bluetooth-enabled mood ring. Or...
Well, anyhow, there's potential.
Now, if the PTO just wises up and allows these off-the-cuff suggestions to be used to demonstrate obviousness...
Upload it as it's generated, so you aren't waiting until just before you run your batch to do the transfer all at once.
Why do you think you've found a fellow paranoid? Failing to report someone who dropped out for reasons not related to the success of the study (which is what the poster suggested) is legitimate, moral and honest -- and thus hardly the stuff paranoia is made of.
In short, what you've just bought is a non-paranoid explanation. (Good for you!)
Nice rant, but I've never claimed that terrorists are stupid.
You've claimed they're the type of individual who believes "idiotic nonsense". I'd say that's tantamount.
Why not believe that they had 49 participants? Sure, people like round numbers -- but when you're deciding how many folks you can include in your study on account of your budget constraints, or looking at how many of the folks who signed up to participate qualify, reality sometimes rears its head and results in numbers which aren't so perfect.
Anyhow -- this is very good news.
Consumer Reports has a wonderful history of being bought and paid for by companies
I sure would like to see someone back that up with references -- CR has some fairly strong internal policies to try to avoid cases where they might be tempted towards bias.
To be sure, every movement has its idiots -- but then, major movements have their thinkers too, and their everyday people who've been caught up with causes beyond rhetoric. There are legitimate reasons to like Hezbollah (which is much more than just a militia, providing social services on an extremely wide scale); reasons to hate Israel (the founding of which was supported by terrorist actions -- see the King David Hotel bombing for one example); reasons to despise the US which aren't the simple-minded "they hate our freedom" rhetoric the neocons spew. To take an entirely different example -- Fidel Caestro, who has been demonized in the US media, is by all accounts a downright brilliant thinker according to those who've spoken with him directly, including those who disagree strongly with his policies. As for terrorism being unacceptable under any circumstances, few countries were founded without actions which would today be called terrorism! The US, in this, is certainly no exception. Now, understand: I support Israel's right to exist, and as an American I love my country (though I hate the corruption which has been visited on the one-proud principals on which it was founded). My point is not that you are wrong to be against terrorists, but that thinking them stupid is a dangerous mistake.
So, here's a hint: There are well-educated, intelligent people who disagree with you -- disagree strongly enough to put their lives on the line to support those beliefs. Just because they are intelligent people and just because they have justifications to back their beliefs (in some moral code which can be held in the mind of a reasonable man, while not necessarily matching your own) doesn't mean you or I can or should agree with their causes or tolerate their attacks -- but perceiving them as idiots, like any other means of underestimating one's foe, is a path to folly.
Thank you for that -- you express your position well, and I largely appreciate what you're saying. I do think, however, that there's at least one point where I haven't made my position quite clear enough.
I agree that historical documents themselves are value-neutral, even when their creation (ie. the decision to document a given event, or the decision to take actions to persist said documentation over centuries) is divinely inspired, if such documents do not include value judgements. Such value judgements do exist in the Bible, however -- both implicit in the actions taken by God in response to the actions of men, and explicit in judgements in the form of "[foo] was a just man".
So -- I agree that reading in implicit approval to acts of men documented in the Bible is faulty. I disagree, however, that the historical documents included in the Bible do not purport to provide moral guidance.
It's an excellent idea, but in general, the money sucks.
I've worked for a company making Free Software (in particular, a Linux-based development toolkit for embedded systems with a wide variety of applications ported and tested). Their pay scales were similar to others in the industry. (I'd hazard that pay scales at Red Hat or SuSE are likewise similar to those for conventional software development).
Right now, I'm working for a startup whose primary product is proprietary software, but with an infrastructure completely built around Free Software. More to the point, my role at said startup is largely centered around modifying that Free Software to meet our needs (and pushing our patches back upstream). If one expands the Free Software ecosystem to include this kind of role, it becomes quite large indeed.
According to a substantial subset of the Bible's followers, the entire collection was divinely inspired. Consequently, their entire contents should by that standard be taken for truth. Certainly, historical documents in and of themselves are value-neutral -- but when they pass judgment on that which they report, and their entire contents (including value judgments on the events reported) are read as unassailably true, that neutrality is lost.
A historical document with divinely inspired contents which makes value judgments on that which it reports, then, is not only a historical document but also a guide to behavior inasmuch as it reports by example behaviors of which God did or did not support or approve.
If you don't accept that the whole of the Bible is divinely inspired (and presumably also that divine inspiration was involved in selecting only divinely inspired texts be included), then this argument obviously doesn't hold water for you -- and that's fine; it's not meant for you in that case. If you do accept that, on the other hand... well, I'd like to see a further rebuttal.
Individual humans who act contrary to the whole of society -- even if they do so in ways less direct than violent crime -- should not be forgiven their sins just because the actions they take are abstract and indirect in how they harm others' wellbeing.
Let me ask you: Which is more important -- the life of one person, or ten people, or one hundred, or three thousand; or the ability of ten million to take some small, unimportant action without fear? I don't think that the answer is clearcut.
If you're expanding out of an encrypted archive into an encrypted partition (think TrueCrypt or Norton's equivalent tools), no, it's never going to touch disk in raw form. Decrypting from memory makes more sense, though, in terms of not requiring an additional 3rd-party tool to be involved.
You could get around that by detecting this code at the driver level -- as it's being read or written from disk or received on the network -- but that's still possible to work around: Download it in an encrypted archive (with a key that's different for each download) into an encrypted partition, dearchive and run it there and the disk drivers will never see the byte pattern matching BluePillDetect.exe.
All that said -- I can see how one could twiddle the bits (modifying BPD's code, not the system characteristics) within the VMM to make the system itself undetectable to BluePillDetect on a standalone machine (one would need to look for BluePillDetect only if a pattern appropriate to it is seen -- say, a specific trapped instruction being called very frequently -- though if BPD could be written to need only a small number of common trapped instruction calls, and it's passed through the disk and network drivers only in encrypted form, it's hard to see how its activity could be easily detected from a VMM without serious overhead), but not how to stay undetectable with another networked machine assisting. If BluePillDetect provides a challenge which a system running under a VMM can perform quickly and a system not running under a VMM can't and another system on the network is involved in the test (validating the answers and the times at which they were received), the system under the VMM is sunk -- at least if the challenge is dynamically modifiable enough that it can't patch BluePillDetect with code to provide the remote machine with a precanned answer. Sure, the local system may still not know it's been hacked -- but the remote system will, and that's enough.
To the extent that Blue Pill was claimed to be 100% undetectable, I do believe it's debunked. Might the war continue? Sure -- but it's the same war it's always been.
That's what used to be the case. The explicit definition of receipt of other copyrighted works as value received was a modification made to permit criminal copyright law to apply against online piracy groups. (This was before P2P file sharing hit it big, but it wouldn't take much to convince a judge that applicability to that as well is within both letter and intent of the law).
The reason filesharing is mostly a civil matter isn't that criminal laws don't apply, but because public prosecutors have better things to do with their time.
It's not so absurd.
The folks who oppose many forms of popular media do so on account of the morals and behaviors those forms of media allegedly teach and reinforce.
The Bible is quite explicitly used by a substantial portion of the population as a guide to one's morals and behaviors -- a population segment with a substantial overlap with the group discussed above.
As a historical document, the Bible doesn't make much sense in comparison with popular media. As a guide to moral behavior, on the other hand, it is allegedly the gold standard. Why should it not be evaluated as such?
What is "tolerance", then?
If tolerance is letting behavior consistant with active and intentional harm to others go with nothing more than a reprimand, that's a Bad Thing. A reprimand, after all, is just a conveyance of the kind of abstract concept you're arguing that children aren't capable of handling.
If "zero tolerance" is use of disproportionate punishment against even a first offense, that's a bad thing as well -- but an argument against zero tolerance shouldn't also be an argument against real and substantive punishment (though without long-term consequences) even on a first offense, should the severity of the offense merit such.
So -- being expelled has long-term consequences. That's excessive for a first offense -- but entirely appropriate for a 3rd one. For a first offense of the severity being discussed, a week of study hall after school might be appropriate in addition to whatever punishment the childrens' parents may choose to levy.
Do you honestly expect that a prosecutor's office (all of which are constantly overworked) is going to spend time and resources to prosecute a crime in which the victim is a company which no longer exists? Prosecutors' offices typically have more -- and more pressing -- business to keep them busy, and if they wanted to make an example of someone by actually prosecuting a case of criminal copyright infringement, that example probably wouldn't be a lone individual collecting abandonware.