I see dozens of computers a year running modern operating systems with up-to-date anti-virus software and firewalls installed that are full of viruses and other malware. User behaviour is the major problem here and his paranoia and your wisdom are probably what protect you the most, not the version of Windows you do or do not run.
Boycotts end up being public censorship. If you disagree, you haven't considered why most people join boycotts and it is precisely that -- to force a point of view.
If you take away someone's livelihood because of their beliefs and not because of their ability to do a job, you're acting very poorly and should reconsider your actions.
Its incredibly easy for pundits all over the Internet to sit down and talk about how someone should lose his job because he doesn't support whatever is popular this year, but punishing someone for disagreeing with your beliefs is wrong. We even have laws against it that this is just barely an edge case to... you certainly can't fire someone for being gay, or for not supporting gay rights, or for having specific religious beliefs.
He was already CEO. His personal religious beliefs led to his needing to step down.
You think that's okay? Just say so. You're pro-discrimination on religious beliefs, but not on gay rights. Like somehow those are different types of freedoms.
At some point, a large corporation's CEO is employed by the shareholders, and when they force someone out based on religious or personal beliefs not acted on in the company, they should be incredibly ashamed of claiming to stand up for equality in any shape or form.
He can say what he wants and be unemployed? There's a reason we don't allow job dismissals based on religious beliefs. That's effectively what this was -- he was forced to step down as a result of his belief system.
That's wrong, no matter how much you disagree with him.
And if his side represented the majority view of his country, shouldn't that be how it is? Forcing people to agree with you because you know you're right and they're wrong isn't democracy.
Agreed. I'm continually amazed at the small-mindedness of activists who would defeat freedom of thought, belief or speach to gain some other freedom.
Debates about gay rights, suffrage, equality, etc. should be public and they should be debates. They should not involve forcing others to stifle their views in order to keep their jobs.
From the opposite side, shouldn't an excellent programmer like Eich be rewarded professionally for his abilities and not his belief system? Since when were one's religious beliefs grounds for harassment in western countries?
There are lots of bounds checking libraries that can be used when building applications. The hard part is writing unit tests to find all these possibilities each time a patch is submitted.
Obvious fallacy... what coffin? Since when has open source been dying for security critical applications? Since when has it been higher on the 'oh no' list of security vulnerabilities in real distributions than Windows or anything else?
Get your facts checked; on Windows, nobody would've found how to fix this until Microsoft did it for you (if ever). On open platforms, you can go fix this problem immediately.
In the case of software patents and Copyright idiocy, the USA sure leads the charge.
cf. "Under the EPC, and in particular its Article 52,[1] "programs for computers" are not regarded as inventions for the purpose of granting European patents,[2] but this exclusion from patentability only applies to the extent to which a European patent application or European patent relates to a computer program as such.[3] As a result of this partial exclusion, and despite the fact that the EPO subjects patent applications in this field to a much stricter scrutiny [4] when compared to their American counterpart, that does not mean that all inventions including some software are de jure not patentable." from http://en.wikipedia.org/wiki/S...
And as stated, is no more invulnerable to remote attacks than password data (which has already been shown to be frequently all too easily accessible).
The OTP data must be accessible to the service you're connecting to which in turn is open to attacking from the outside. OTPs are not special when you use them with online services that aren't fully hardened.
In fact, I don't think it would be hard to argue that the traditional randomly-generated key system protected by public keys is in fact more secure because of its lack of replayability when properly implemented.
You don't hit ESC plus another character all the time, you just tap it and return to the home row. With Ctrl keys, you have to hold it and another character at the same time; that's completely different.
Personally speaking, hitting 'i', 'e', 'esc' isn't that hard. I'm much more likely in those cases to have run the text through spell check and fold with 'v' and '!'.
This kind of thing works from time to time when the original developers really aren't in sync with what's wanted or needed by the public. It worked with gcc -> egcs for instance, but most of the time its a waste of code and effort.
I love VIM because I can guide a user remotely through exactly what to type and know exactly what response they'll get without depending on them to click on the right button or highlight the correct piece of text.
Ever edited/etc/ppp/chat-secrets with an accountant over the phone blind?
As much as I love forwarded X11 apps, its rarely efficient over moderate to slow links. I can't justify using over 1Mbit of uplink traffic just to use my editor over the wire when even a VNC session is more efficient.
FYI, I've often run vncserver on a remote machine, forwarded 5900 over my SSH session and then viewed it locally to launch X11 apps. This has the advantage of not killing the apps if the link goes down. It saddens me a lot that X11 isn't as powerful or useful in these scenarios as VNC.
Importantly, this is also where we get into that root cert problem for companies that people complained about in a recent/. story because a lot of companies just use their own internal CA to authenticate the certs for both users and wireless devices which requires installing their root CAs on the machines and trusting them.
Slashdot Mirror
Leave him alone, he's probably still high from sitting in the dark on Earth day.
I see dozens of computers a year running modern operating systems with up-to-date anti-virus software and firewalls installed that are full of viruses and other malware. User behaviour is the major problem here and his paranoia and your wisdom are probably what protect you the most, not the version of Windows you do or do not run.
Boycotts end up being public censorship. If you disagree, you haven't considered why most people join boycotts and it is precisely that -- to force a point of view.
If you take away someone's livelihood because of their beliefs and not because of their ability to do a job, you're acting very poorly and should reconsider your actions.
Its incredibly easy for pundits all over the Internet to sit down and talk about how someone should lose his job because he doesn't support whatever is popular this year, but punishing someone for disagreeing with your beliefs is wrong. We even have laws against it that this is just barely an edge case to ... you certainly can't fire someone for being gay, or for not supporting gay rights, or for having specific religious beliefs.
He was already CEO. His personal religious beliefs led to his needing to step down.
You think that's okay? Just say so. You're pro-discrimination on religious beliefs, but not on gay rights. Like somehow those are different types of freedoms.
CEOs are not employers, they're leaders chosen and employed by shareholders and boards.
He got forced out no matter how you slice it.
At some point, a large corporation's CEO is employed by the shareholders, and when they force someone out based on religious or personal beliefs not acted on in the company, they should be incredibly ashamed of claiming to stand up for equality in any shape or form.
He can say what he wants and be unemployed? There's a reason we don't allow job dismissals based on religious beliefs. That's effectively what this was -- he was forced to step down as a result of his belief system.
That's wrong, no matter how much you disagree with him.
And if his side represented the majority view of his country, shouldn't that be how it is? Forcing people to agree with you because you know you're right and they're wrong isn't democracy.
Agreed. I'm continually amazed at the small-mindedness of activists who would defeat freedom of thought, belief or speach to gain some other freedom.
Debates about gay rights, suffrage, equality, etc. should be public and they should be debates. They should not involve forcing others to stifle their views in order to keep their jobs.
From the opposite side, shouldn't an excellent programmer like Eich be rewarded professionally for his abilities and not his belief system? Since when were one's religious beliefs grounds for harassment in western countries?
There are lots of bounds checking libraries that can be used when building applications. The hard part is writing unit tests to find all these possibilities each time a patch is submitted.
Feel free to rewrite OpenSSL in a more secure language and still make it as generic and cross-platform as it is now, with no loss in performance.
As I understand it, this is a bug in a function of OpenSSL that is used in TLS sessions which isn't used by OpenSSH. OpenSSH does not use TLS.
Your webserver and mail server would though.
sarcasm? you never have to reboot to restart services.
Obvious fallacy ... what coffin? Since when has open source been dying for security critical applications? Since when has it been higher on the 'oh no' list of security vulnerabilities in real distributions than Windows or anything else?
Get your facts checked; on Windows, nobody would've found how to fix this until Microsoft did it for you (if ever). On open platforms, you can go fix this problem immediately.
Back in the day you weren't cursed with GUIs made in Gtk+
Yes, there's a pun in there. ;-)
In the case of software patents and Copyright idiocy, the USA sure leads the charge.
cf. "Under the EPC, and in particular its Article 52,[1] "programs for computers" are not regarded as inventions for the purpose of granting European patents,[2] but this exclusion from patentability only applies to the extent to which a European patent application or European patent relates to a computer program as such.[3] As a result of this partial exclusion, and despite the fact that the EPO subjects patent applications in this field to a much stricter scrutiny [4] when compared to their American counterpart, that does not mean that all inventions including some software are de jure not patentable." from http://en.wikipedia.org/wiki/S...
I agree its incredibly odd. I might stick with examples from over 25 years ago to avoid actual current patents as much as possible.
And as stated, is no more invulnerable to remote attacks than password data (which has already been shown to be frequently all too easily accessible).
The OTP data must be accessible to the service you're connecting to which in turn is open to attacking from the outside. OTPs are not special when you use them with online services that aren't fully hardened.
In fact, I don't think it would be hard to argue that the traditional randomly-generated key system protected by public keys is in fact more secure because of its lack of replayability when properly implemented.
You don't hit ESC plus another character all the time, you just tap it and return to the home row.
With Ctrl keys, you have to hold it and another character at the same time; that's completely different.
Personally speaking, hitting 'i', 'e', 'esc' isn't that hard. I'm much more likely in those cases to have run the text through spell check and fold with 'v' and '!'.
That's called emacs. Go try it.
The rest of us like knowing that when we're in insert mode, nothing we type will be interpreted as anything but data -- unless we hit ESC.
This kind of thing works from time to time when the original developers really aren't in sync with what's wanted or needed by the public. It worked with gcc -> egcs for instance, but most of the time its a waste of code and effort.
I love VIM because I can guide a user remotely through exactly what to type and know exactly what response they'll get without depending on them to click on the right button or highlight the correct piece of text.
Ever edited /etc/ppp/chat-secrets with an accountant over the phone blind?
As much as I love forwarded X11 apps, its rarely efficient over moderate to slow links. I can't justify using over 1Mbit of uplink traffic just to use my editor over the wire when even a VNC session is more efficient.
FYI, I've often run vncserver on a remote machine, forwarded 5900 over my SSH session and then viewed it locally to launch X11 apps. This has the advantage of not killing the apps if the link goes down. It saddens me a lot that X11 isn't as powerful or useful in these scenarios as VNC.
Importantly, this is also where we get into that root cert problem for companies that people complained about in a recent /. story because a lot of companies just use their own internal CA to authenticate the certs for both users and wireless devices which requires installing their root CAs on the machines and trusting them.