If the extra up-front validation is the main thing, Verisign should be charging a high one-time-fee for undertaking those steps, then charging a low low monthly rate to rest on their laurels and do nothing further. Somehow I doubt that's the price structure they adopted here.
I couldn't agree more. Any journalist who can write an article at that length and depth without ever mentioning the BSD license, or the possibility that a nasty fork in the GPL license could drive more projects back to the BSD camp, wasn't aiming for comprehension or enlightenment in the first place. Nor does he mention that of the assets under the level-headed auspices of the FSF, the gnu toolchain is fundamental not just to GPL projects, but BSD projects as well.
Element 115 wordperminium has a relatively short career halflife. Hard to believe you'll have your magnum opus completed before your wordperminium goes cesium if you're spending your time hanging around here.
A few months back, google would sometimes spew up eight copies of the same terrible article in Wikipedia if the search phrase was sufficiently obscure (sackbutt, anyone?) on the first results page. Then Google wised up and began to filter all the Wikipedia knock-offs, but unwisely, I now often find high quality Wikipedia pages halfway down my search results after a bundle of terrible results. In my opinion, Google has now gone a little too far in suppressing Wikipedia page results. I would generally like to see the good quality material in Wikipedia returned among the top three results. Note that I distinguish quality from accuracy, since I'm able to tell the difference, unlike some credentialistic forkers who've been in the news lately. I tend to view Wikipedia as the world's best-stocked bait shop. You're not supposed to *eat* the bait you find there (although much of it is hale, nutritious, and squirming fresh), you're supposed to fish with it, and then eat the *fish* that you catch later from elsewhere.
There's a convention when camping in the forest that ones digs a little hole beforehand, and pushes some dirt over the hole afterward. Wouldn't the world be a better place if the average slashdot user would raise themselves to at least that minimum level of conduct before pressing submit?
Look what I found with my fold-up trenching shovel: it's the original OpenBSD security advisory with diff output dated to 26 June 2002. This bug can be exploited remotely if
ChallengeResponseAuthentication is enabled in sshd_config. This option is enabled by default on OpenBSD and other systems.
Now let's look at some of the points raised in consideration of why it happened and whether it might (or most definitely will) happen again. b. We could not alert the community that disabling
ChallengeResponseAuthentication solved the problem, since
this would highlight that the bug is in about 500 out of
27,000 lines of code.
One detail we glean here is that OpenSSH has become a rather large body of code. This is the heart of the troubled teenage years of the OpenSSH project, when the body of code is filling out as it enters its adult years faster than a principled audit can keep pace. 3. Short-Term Solution:
Disable ChallengeResponseAuthentication in sshd_config.
and
Disable PAMAuthenticationViaKbdInt in sshd_config.
Alternatively you can prevent privilege escalation
if you enable UsePrivilegeSeparation in sshd_config.
If UsePrivilegeSeparation had been enabled in OpenBSD at that time, they presently be advertising on their web page having no remote root exploits in the last ten years. Why would do all the work to create this feature, and then not employ it? Another clue emerges: h. Some vendors were initally upset by this policy of non-disclosure,
largely because the UsePrivilegeSeparation code was only about 90%
functional in OpenSSH 3.3:
People were upset with the suggestion to employ priv-sep because it wasn't entirely finished yet. What is clear however, is that in the time period leading up to the discovery of this exploit, the OpenBSD team was devoting considerable energy to mitigating the risk at the most fundamental level: reducing the 27,000 body of code running with root to a far smaller nucleus.
The basic idea behind privilege separation is that OpenSSH sshd(8) has something like 27000 lines of code. A lot of them run as root. However, when UsePrivilegeSeparation is enabled, the daemon splits into two parts. A part containing about 2500 lines of code remains as root, and the rest of the code is shoved into a chroot-jail without any privileges.
Once this work was completed, the scope for root exploits (as measured in LOC) was reduced by 90% for all time. Alternately, one can view the new landscape as permitting a factor of ten increase in the resources available to conduct security audits on the 2500 lines of code which retained privilege. Perhaps if the key talent hadn't been so busy implementing priv sep, they might have had the resources available to discover the root exploit before it tarnished their unblemished record. Note that this exploit was not present in the 2500 line kernel that retained privilege.
Furthermore, the actual code defect (in the prospective non-privileged code base) was not discovered by some zit-faced l33t or random black-hat. e. We believed very strongly that the issue was unknown in the
My first serious use of vi was under OpenBSD 2.6 and I forced myself to become relatively proficient because I recognized that vi was the universal reference point for console administration. For creative work (writing code, documentation) I slogged through the emacs learning curve and eventually found a pleasant comfort level, though never equalling my old proficiency with Brief under MSDOS. Sometimes I manage to get twenty powerful psgml-mode commands embedded into my fingers, but they are soon gone again when I'm no longer working with those document types. I'm one of those people that never recovered from the CTRL key being displaced by the lawyers and losers CAPSLOCK key. As far as I'm concerned, all the lawyers out there writing license agreements should stick the 40 column upper-case only Apple ][. That's about the speed that the legal profession cleans up their own messes anyway, but I digress.
In my view the problem with vi as a universal editor is that the rules for leaving insert mode are *not* universal. Under OpenBSD 2.6, almost any use of the arrow keys breaks you out of insert mode. Other versions of vi will leave you in insert mode within some nearby region of the inserted text region, but break you out if you move further away.
Modes are bad enough to begin with, though I'm willing to live with a mode or two where there is a sufficient pragmatic justification. What I'm not prepared to contend with on a daily basis are inconsistent rules regarding magic-mode switches as an unintended/unexpected consequence of common actions (e.g. cursoring around).
Nor am I prepared to memorize and apply inconsistent commands to disable or override inconsistent mode switches on a per system, per host, per revision, per version, per day-of-the-week basis. I'd rather wrangle with the hopelessly misplaced CTLR, ALT, and Mr Bill keys.
Perhaps vim has defeated the mystery mode switches associated with cursor actions. But my purpose in learning basic vi was to have a consistent editor available on any system I might need to use, not just a consistent editor when an ideal flavour of vi happens to be installed, so it's worthless to me.
Truly staggering failure to distinction starting a war from entering a war. I found an article claiming that according to the Versailles Treaty which the Germans were strongly encouraged to sign, "Germany and her allies alone were to be blamed for starting the war". Since Wilson was involved in drafting this treaty, I guess you could spread some of the blame onto America for starting WWII. But then who do we credit for starting the American civil war? The British? Whoever first began the slave trade?
The only war in that list that strikes me as having been started by one man in one country was the second, ongoing war in Iraq.
I know a couple of people here in Victoria who might post on slashdot from time to time who would claim in all seriousness that they were completely reasonable, when I strongly suspect--if I had been there in person--I wouldn't describe it that way. The vast majority of the Victoria police I've known personally or interacted with on the street are reasonable individuals, though the Victoria police is known to have a nucleus of difficult and disagreeable sorts, I've only encountered two fully paid-up boneheads in all my years here. Whle violent crime is low, property crime is high (residential B&E), with a larger than average population of small-time druggies and indigent than most other Canadian cities. I would have no qualms about approaching the Victoria police in any situation, the number of bad apples is not worth losing sleep over. However, when I lived in Montreal, I only felt that the good cops outnumbered the suspect cops on average, and I wasn't always confident about telling the two groups apart (my French was extremely marginal). Was this individual reasonable in how he dealt with the cops? I know a lot of people who think they are good drivers, but they aren't. Put them on a motorcycle, you'd be measuring their survival time with a stopwatch. I'm not inclined to accept this person's self-evaluation of "reasonable behaviour" without a lot more detail than provided.
After skimming the first twenty posts here, it occurred to me that we need to amend Godwin's law: that the probability tends to one that any online discussion not beginning with a mention of Bill Gates ends up invoking Hitler.
The comments I noted concerning Bill Gates were making no discernible progress toward climax.
Obviously, this is so fuzzy as to what precisely it requires as to be effectively meaningless beyond serving as a rough notice of intent that at some point a law could be enacted with real teeth.
If you set a future risk-weighted price on a barrel of oil in the $100 range, and then determined you effective electricity generation cost consuming this oil as fuel (and factored in plant, design and operating life-cycle, transmission costs, and regulatory costs) to produce a risk-weighted fully-burdened marginal electricity cost, and required corporations (or more likely, government agencies) to use this as their est. electricity cost (rather than present market rates) then you might be getting somewhere.
If the TCO spreadsheet used in the purchase discussions contains any other nominal value for the cost of electricity, and at some point the government found out, it could amount to a liability to the corporation involved.
Of course, the corporations will all contrive to chisel the effective value of this number downward to more closely represent their true energy costs. You wouldn't expect less. That's what makes capitalism so great. And then the corporations would complain in public that it was costing them real money to employ the talent required to slyly chisel this input value on their decision process down to the value they desire (their true cost). And the compliant media would cover all of this corporate grousing in the mainstream press. Because the media has this notion that you always find quotes to represent both sides of the dispute, occassionally some green would be quoted saying "maybe we should solve this problem by actually charging corporations the true marginal rate of electricity production".
At that point the corps. might decide it was cheaper in the long run to drag their feet quietly rather than risk an open debate about the shadowy and unnecessary subsidies they have traditionally enjoyed.
Of course, these quiet shifts in psychology--in the underlying balance point of the debate--never show up in a more pointed analysis, so it is always easy to prove for the debaters up front that this kind of effect does not exist. Which is why so much energy is invested by the stakeholders in doing so.
Unfortunately, we've never figured out how to tax vociferous denial twenty years after the fact when the dust settles, so it remains a risk free strategy for those who measure their self-worth in getting what they want.
This tripe gets upgraded as informative? If that post passes as "information" we hardly need to begin debating the Wikipedia.
the same kind of manipulation that ravages the search engines
Not displayed two nerve cells to rub together. Sesame Street goes to a lot of trouble to teach "same" and "different". They only fail in one respect: to point out that it is a lifelong learning project.
What search engine has a centralized, permanent revision history log with a "one click" undo-abuse button? What makes the Wikipedia situation the same as the search engine or spam or blog abuse problems? I can answer that question: approaching the situation with roughly the same level of intellectual accuity required to analyze the plot in Pirates of the Caribbean. They are good guys trying to get something done. There are bad guys who would like to game the system to their advantage. The bad guys have a revenue stream from their sales of creams and extensions. Good guys respond valiantly. Bad guys scale up faster than good guys, because they have more money to burn, and fewer scruples. Good guys hang heads and mope and tell teary stories about the sad end of the good old days.
Fast forward to reality. Bad guys orchestrate 10,000 spambots to hack the Wikipedia. Really pissed of Wikipedia PHP programmer writes script to auto-revert wholesale damage. Another small roadblock is soon erected to prevent "new user" accounts from making certain kinds of edits visible immediately. Bad guys crawl back into dark hole and return to their original campaign of identity fraud against the hopeless banking establishment that came up with the idea that making purchases over the phone by reciting a fixed string of credit-card digits was a good security mechanism.
Get a grip, people. Wikipedia is far harder to abuse than the payment system adopted by the world's richest and most powerful banking institutions. Yes, there will be some outages and growing pains. No, Wikipedia will not degenerate into a spam slum overnight, or anytime soon. Wikipedia is presently most vulnerable to DOS attacks not outright manipulation. Until Google volunteers to host the front-end squid-cache layer. The edit layer can be partially filtered to prioritize access from long-time editors in good standing. Collatoral damage to long-time Wikipedians trying to edit from behind the AOL proxy server. Great outpouring of grief. World comes to an end.
If the first fifty posts here constitutes our "best and brightest" the human race is doomed for certain. Majority of the posts mention "population". Haven't our attitudes toward population created the majority of our present mess in the first place? And what lever do we have to influence population (and global distribution of wealth), over such a short time window (four generations), that doesn't light more fires than it puts out? Certainly population must be *understood* to formulate any useful ideas, but that's about as far as wisdom dictates.
What I believe must happen is that we come up with many thousands of small ideas that do more to put out fires than start them. Even if you chase a non-convergent series across the x-axis, it isn't going to stay put long enough to matter.
The real thinking involves determining which kinds of interventions are convergent (on average, to a best guess, or with good prospects surrounding constuctive failure--the mine fields of good intentions abound) and which interventions are not (and not necessarily through any fault of their own, but with full acceptance of how "each of us is smarter than all of us" and all that poster-slogan implies).
If I were to reason by analogy to the manifest failures of the human condition that lead us to this point in time, I would guess that the easy redemption slips through our fingers as it always does. We'll end up in the situation where the solution or its mechanisms are fully understood, but the news of the solution is perpetually one step behind the shock front it could have mitigated.
I see this shaping up as a foot race between human resourcefulness and ingenuity and the resonating stress fronts: resources, politics, environment.
My view is that we should be focussing our attention on running the best foot race we can possibly run when it comes to crunch time. What are the mechanisms that aid or impinge on this vital capacity?
I'm still contemplating this problem. I have one certain item on my list thus far: the patent system. As the patent system stands, we have routed one of our most potent weapons--our technical ingenuity--across the Manitoba marsh lands (read about the Great Canadian Railway). All the smart people will have constructive ideas, and all of the constructive ideas will be hung up in the patent system, which is bad enough, and the truly reprehensible litigation environment that surrounds it. Did anyone see that remark yesterday that certain personal awards were upheld in the tabacco verdict, while one was overturned because the statute of limitations had expired as the legal system spun its wheels with great precedent and determination into the soft wet sand?
The usual human response is to fix an institution such as our patent and legal system only *after* its liabilities have culminated in catastrophe. The problem is that we can already the future setting up such that the prime catastrophe is the world around us, and the bloody-mindedness of our legal system is just the *secondary* catastrophe that we will soon have the pleasure of addressing after the berms are breached.
That's the kind of circumstance that stretches human resourcefulness to the breaking point at the exact moment in time the human race can least afford it.
In my view, it's a clear failure of the American constitution that the American legal system was not constitutionally mandated to achieve *proactive* self-reform.
And worst of all, the American legal system is being globalized following exactly the same model as the American power grid. Only Quebec had the good sense to DC couple their grid to that horrible mass of wires and dominoes (and do not fail to observe the contributions of the regulatory and legal environment in shaping the engineering decisions and sand-sucking ostrich behaviours).
Presently, through the global treaty process, American legal process is being aggressively exported using the club of economic integration with the world's most consumeristic popu
Apparently, you've never seen that scene in Apocalypse Now where the new guy in the helicopter asks "Why do all you guys sit on your helmets?" and the nail-spitting old-timer responds "So we don't get our balls shot off". Too much information? Or damn good advice?
Rather elegantly, in fact, by postulating the existance of a universe where "took off" is not a synonym for "created".
Unfortunately, the configuration of slashdot where all moles and trolls are whacked down as they so well deserve is unstable, and the shit soon pops off the corners again into a lower energy, higher zithead configuration.
He explained that the nerves could not go behind the eye, because that space is reserved for the choroid, which provides the rich blood supply needed for the very metabolically active retinal pigment epithelium (RPE).
So what about the sea species (squid IIRC) where the optic nerve is on the back side? I suppose in that case it couldn't go on the front, because in those species the front is reserved for the choroid.
Usually in software design, you find things "reserved" for the handling the case where you eventually discover how terribly badly you screwed up the first time around.
If you do that you are telling me that your time is more important than mine - I have to talk to a machine so you don't have to risk hearing from someone you don't want to talk to.
Is that a troll? Yes, I'm fairly certain it is. It doesn't send any such message. The phone company paid a lot of money back when the phone system was first established to drill into the public that ignoring a ringing phone under any circumstance (such as already having visitors) was unspeakably rude. This attitude seems to linger in the water supply. It was never the case before the phone was invented that you could expect to interrupt another person on ten seconds worth of effort (pressing speed-dial) at any point in time you felt like it, with not even any idea what situation the interrupted person was in. I think your presumptions about what it signifies about you when other people attempt to manage those interruptions is downright obnoxious.
Yep, because we all know that second hand smoke is more dangerous than first hand smoke.
Cigarettes are the only drug delivery system I can think of that delivers once, then keeps on delivering. Any smoker who promises to inhale (and retain) all the chemicals present in tabacco smoke has my permission to smoke wherever he or she wishes, as much as he or she wishes; it would become strictly a matter between the user and his/her health insurance company. My complaints don't begin until the smoker exhales.
How would you like it if I casually dropped half a pill of whatever prescription medication I was taking that day into your coffee when you weren't looking? Why should my drug delivery system spill into your world? Only tabacco users regard this as a reasonable proposition. I'd rather breath the gas that comes out of your ass, it has fewer negative health effects.
Spanish saying: One drink is just right; two is too many; three are too few.
Non-linear dose effects have been understood in human culture since the advent of overripe fruit. I can't drink without balancing my electrolytes: one small cup of strong coffee for every two pints of beer.
Check the Wikipedia article on clitics if you really care about prohibited uses of contractions. Spoiler warning: if you actually understand the material, you will no longer find it nearly so easy to lob snarky self-serving retorts at your intellectual superiors.
This thread is hardly worth the bother, but I'll stop to make one point before whisking off to greener pastures.
In a template-metaprogramming language such as modern-idiom C++, what the JIT has to work with is the same as an intermediate representation of the compilation process. Pull your head out of your Javole.
In other words, she's an intellectual prostitute. Wonderful. I know a few people like that. And I'm convinced the world would be better off if they would just slink back to the primordial ooze they came from.
Hey, does your magic slink-off powder also work on cockroaches and malaria-bearing mosquitoes? Empty-nesters, meet empty-nichers. What is the supreme emotional satisfaction you seem to derive from slapping the label prostitute on an entire class of survival strategy? I guess there was a karmic distortion in the cosmic primordial plasma, and like Gandalf, somehow we are tasked with dispatching the Balrog from the omininous, obscure depths of Middle Earth. Gandalf smacks staff on narrow stone arch: Slink off! You shall not pass! But seriously, what gave you so much evident pleasure in voicing those words? I'd like to gather together a group of fifty people and do a nice little MRI run to see what nerve cluster is activated when these sentiments are voiced. I would guess it's not that far from the witch-hunting locus: general discomfort with the entire spectrum of feminine wiles that burns incandescent on one or two unfortunates just far enough off toward the end of the spectrum to become vilified as the exemplar for the entire class. Yes, that's what it is: the sound of a diffuse, non-specific anger collapsing to a focal point with the matches in hand. Another karmic flaw in the cosmic soup, or a redeeming characteristic of human nature? I'm getting a little twitchy with this slick-off powder. My first impulse is to pour it on everything in sight. Hey look, a warning label: product contains nano-granulated magnesium, do not inhale, keep away from exposed flame. Perfect! What's a good slink-off without a match, white light, and smoke?
I know how you feel. Once your brain gets stuck in a cliche, it's darn hard to escape. If you know a lot more about cars, you buy a more expensive car because you care more about your car than your computer, which is why you know more about cars in the first place. The converse is equally true. I spend that much more on my computer systems to get the best because my livelihood depends upon my computer systems. Whereas if my car breaks down, I miss my dental appointment.
Imagine a world where we all tot our beans like an accountant, cross our T's like a lawyer, backup our data like an IT support guru, tend our bodies like a sports professional, balance our meals like a nutritionist, scour our kitchens like a health inspector, peruse the fine print on our prescriptions like a pharmacist, and retract our broken cliches like a literary luminence before pressing submit.
If the extra up-front validation is the main thing, Verisign should be charging a high one-time-fee for undertaking those steps, then charging a low low monthly rate to rest on their laurels and do nothing further. Somehow I doubt that's the price structure they adopted here.
I couldn't agree more. Any journalist who can write an article at that length and depth without ever mentioning the BSD license, or the possibility that a nasty fork in the GPL license could drive more projects back to the BSD camp, wasn't aiming for comprehension or enlightenment in the first place. Nor does he mention that of the assets under the level-headed auspices of the FSF, the gnu toolchain is fundamental not just to GPL projects, but BSD projects as well.
Element 115 wordperminium has a relatively short career halflife. Hard to believe you'll have your magnum opus completed before your wordperminium goes cesium if you're spending your time hanging around here.
A few months back, google would sometimes spew up eight copies of the same terrible article in Wikipedia if the search phrase was sufficiently obscure (sackbutt, anyone?) on the first results page. Then Google wised up and began to filter all the Wikipedia knock-offs, but unwisely, I now often find high quality Wikipedia pages halfway down my search results after a bundle of terrible results. In my opinion, Google has now gone a little too far in suppressing Wikipedia page results. I would generally like to see the good quality material in Wikipedia returned among the top three results. Note that I distinguish quality from accuracy, since I'm able to tell the difference, unlike some credentialistic forkers who've been in the news lately. I tend to view Wikipedia as the world's best-stocked bait shop. You're not supposed to *eat* the bait you find there (although much of it is hale, nutritious, and squirming fresh), you're supposed to fish with it, and then eat the *fish* that you catch later from elsewhere.
Look what I found with my fold-up trenching shovel: it's the original OpenBSD security advisory with diff output dated to 26 June 2002.
This bug can be exploited remotely if
ChallengeResponseAuthentication
is enabled in sshd_config. This option is enabled
by default on OpenBSD and other systems.
Now let's look at some of the points raised in consideration of why it happened and whether it might (or most definitely will) happen again.
b. We could not alert the community that disabling
ChallengeResponseAuthentication solved the problem, since
this would highlight that the bug is in about 500 out of
27,000 lines of code.
One detail we glean here is that OpenSSH has become a rather large body of code. This is the heart of the troubled teenage years of the OpenSSH project, when the body of code is filling out as it enters its adult years faster than a principled audit can keep pace.
3. Short-Term Solution:
Disable ChallengeResponseAuthentication in sshd_config.
and
Disable PAMAuthenticationViaKbdInt in sshd_config.
Alternatively you can prevent privilege escalation
if you enable UsePrivilegeSeparation in sshd_config.
If UsePrivilegeSeparation had been enabled in OpenBSD at that time, they presently be advertising on their web page having no remote root exploits in the last ten years. Why would do all the work to create this feature, and then not employ it? Another clue emerges:
h. Some vendors were initally upset by this policy of non-disclosure,
largely because the UsePrivilegeSeparation code was only about 90%
functional in OpenSSH 3.3:
People were upset with the suggestion to employ priv-sep because it wasn't entirely finished yet. What is clear however, is that in the time period leading up to the discovery of this exploit, the OpenBSD team was devoting considerable energy to mitigating the risk at the most fundamental level: reducing the 27,000 body of code running with root to a far smaller nucleus.
From an old SecuriTeam commentary (emphasis mine).
Once this work was completed, the scope for root exploits (as measured in LOC) was reduced by 90% for all time. Alternately, one can view the new landscape as permitting a factor of ten increase in the resources available to conduct security audits on the 2500 lines of code which retained privilege. Perhaps if the key talent hadn't been so busy implementing priv sep, they might have had the resources available to discover the root exploit before it tarnished their unblemished record. Note that this exploit was not present in the 2500 line kernel that retained privilege.
Furthermore, the actual code defect (in the prospective non-privileged code base) was not discovered by some zit-faced l33t or random black-hat.
e. We believed very strongly that the issue was unknown in the
My first serious use of vi was under OpenBSD 2.6 and I forced myself to become relatively proficient because I recognized that vi was the universal reference point for console administration. For creative work (writing code, documentation) I slogged through the emacs learning curve and eventually found a pleasant comfort level, though never equalling my old proficiency with Brief under MSDOS. Sometimes I manage to get twenty powerful psgml-mode commands embedded into my fingers, but they are soon gone again when I'm no longer working with those document types. I'm one of those people that never recovered from the CTRL key being displaced by the lawyers and losers CAPSLOCK key. As far as I'm concerned, all the lawyers out there writing license agreements should stick the 40 column upper-case only Apple ][. That's about the speed that the legal profession cleans up their own messes anyway, but I digress.
In my view the problem with vi as a universal editor is that the rules for leaving insert mode are *not* universal. Under OpenBSD 2.6, almost any use of the arrow keys breaks you out of insert mode. Other versions of vi will leave you in insert mode within some nearby region of the inserted text region, but break you out if you move further away.
Modes are bad enough to begin with, though I'm willing to live with a mode or two where there is a sufficient pragmatic justification. What I'm not prepared to contend with on a daily basis are inconsistent rules regarding magic-mode switches as an unintended/unexpected consequence of common actions (e.g. cursoring around).
Nor am I prepared to memorize and apply inconsistent commands to disable or override inconsistent mode switches on a per system, per host, per revision, per version, per day-of-the-week basis. I'd rather wrangle with the hopelessly misplaced CTLR, ALT, and Mr Bill keys.
Perhaps vim has defeated the mystery mode switches associated with cursor actions. But my purpose in learning basic vi was to have a consistent editor available on any system I might need to use, not just a consistent editor when an ideal flavour of vi happens to be installed, so it's worthless to me.
The problem is the incentive structure. No-one ever got as rich at Microsoft finding bugs as hatching them, from Alchin on down.
That being said, if people really want change, they'll vote Libertarian.
Unbelievable. Apparently, all that heavy makeup in A Beautiful Mind sunk the Titanic.
Truly staggering failure to distinction starting a war from entering a war. I found an article claiming that according to the Versailles Treaty which the Germans were strongly encouraged to sign, "Germany and her allies alone were to be blamed for starting the war". Since Wilson was involved in drafting this treaty, I guess you could spread some of the blame onto America for starting WWII. But then who do we credit for starting the American civil war? The British? Whoever first began the slave trade?
The only war in that list that strikes me as having been started by one man in one country was the second, ongoing war in Iraq.
I know a couple of people here in Victoria who might post on slashdot from time to time who would claim in all seriousness that they were completely reasonable, when I strongly suspect--if I had been there in person--I wouldn't describe it that way. The vast majority of the Victoria police I've known personally or interacted with on the street are reasonable individuals, though the Victoria police is known to have a nucleus of difficult and disagreeable sorts, I've only encountered two fully paid-up boneheads in all my years here. Whle violent crime is low, property crime is high (residential B&E), with a larger than average population of small-time druggies and indigent than most other Canadian cities. I would have no qualms about approaching the Victoria police in any situation, the number of bad apples is not worth losing sleep over. However, when I lived in Montreal, I only felt that the good cops outnumbered the suspect cops on average, and I wasn't always confident about telling the two groups apart (my French was extremely marginal). Was this individual reasonable in how he dealt with the cops? I know a lot of people who think they are good drivers, but they aren't. Put them on a motorcycle, you'd be measuring their survival time with a stopwatch. I'm not inclined to accept this person's self-evaluation of "reasonable behaviour" without a lot more detail than provided.
After skimming the first twenty posts here, it occurred to me that we need to amend Godwin's law: that the probability tends to one that any online discussion not beginning with a mention of Bill Gates ends up invoking Hitler.
The comments I noted concerning Bill Gates were making no discernible progress toward climax.
Obviously, this is so fuzzy as to what precisely it requires as to be effectively meaningless beyond serving as a rough notice of intent that at some point a law could be enacted with real teeth.
If you set a future risk-weighted price on a barrel of oil in the $100 range, and then determined you effective electricity generation cost consuming this oil as fuel (and factored in plant, design and operating life-cycle, transmission costs, and regulatory costs) to produce a risk-weighted fully-burdened marginal electricity cost, and required corporations (or more likely, government agencies) to use this as their est. electricity cost (rather than present market rates) then you might be getting somewhere.
If the TCO spreadsheet used in the purchase discussions contains any other nominal value for the cost of electricity, and at some point the government found out, it could amount to a liability to the corporation involved.
Of course, the corporations will all contrive to chisel the effective value of this number downward to more closely represent their true energy costs. You wouldn't expect less. That's what makes capitalism so great. And then the corporations would complain in public that it was costing them real money to employ the talent required to slyly chisel this input value on their decision process down to the value they desire (their true cost). And the compliant media would cover all of this corporate grousing in the mainstream press. Because the media has this notion that you always find quotes to represent both sides of the dispute, occassionally some green would be quoted saying "maybe we should solve this problem by actually charging corporations the true marginal rate of electricity production".
At that point the corps. might decide it was cheaper in the long run to drag their feet quietly rather than risk an open debate about the shadowy and unnecessary subsidies they have traditionally enjoyed.
Of course, these quiet shifts in psychology--in the underlying balance point of the debate--never show up in a more pointed analysis, so it is always easy to prove for the debaters up front that this kind of effect does not exist. Which is why so much energy is invested by the stakeholders in doing so.
Unfortunately, we've never figured out how to tax vociferous denial twenty years after the fact when the dust settles, so it remains a risk free strategy for those who measure their self-worth in getting what they want.
And a car wouldn't get very far if all it's wheels spun clockwise.
It's called NASCAR, and you're right: the race tends to tend exactly where it began.
This tripe gets upgraded as informative? If that post passes as "information" we hardly need to begin debating the Wikipedia.
the same kind of manipulation that ravages the search engines
Not displayed two nerve cells to rub together. Sesame Street goes to a lot of trouble to teach "same" and "different". They only fail in one respect: to point out that it is a lifelong learning project.
What search engine has a centralized, permanent revision history log with a "one click" undo-abuse button? What makes the Wikipedia situation the same as the search engine or spam or blog abuse problems? I can answer that question: approaching the situation with roughly the same level of intellectual accuity required to analyze the plot in Pirates of the Caribbean. They are good guys trying to get something done. There are bad guys who would like to game the system to their advantage. The bad guys have a revenue stream from their sales of creams and extensions. Good guys respond valiantly. Bad guys scale up faster than good guys, because they have more money to burn, and fewer scruples. Good guys hang heads and mope and tell teary stories about the sad end of the good old days.
Fast forward to reality. Bad guys orchestrate 10,000 spambots to hack the Wikipedia. Really pissed of Wikipedia PHP programmer writes script to auto-revert wholesale damage. Another small roadblock is soon erected to prevent "new user" accounts from making certain kinds of edits visible immediately. Bad guys crawl back into dark hole and return to their original campaign of identity fraud against the hopeless banking establishment that came up with the idea that making purchases over the phone by reciting a fixed string of credit-card digits was a good security mechanism.
Get a grip, people. Wikipedia is far harder to abuse than the payment system adopted by the world's richest and most powerful banking institutions. Yes, there will be some outages and growing pains. No, Wikipedia will not degenerate into a spam slum overnight, or anytime soon. Wikipedia is presently most vulnerable to DOS attacks not outright manipulation. Until Google volunteers to host the front-end squid-cache layer. The edit layer can be partially filtered to prioritize access from long-time editors in good standing. Collatoral damage to long-time Wikipedians trying to edit from behind the AOL proxy server. Great outpouring of grief. World comes to an end.
If the first fifty posts here constitutes our "best and brightest" the human race is doomed for certain. Majority of the posts mention "population". Haven't our attitudes toward population created the majority of our present mess in the first place? And what lever do we have to influence population (and global distribution of wealth), over such a short time window (four generations), that doesn't light more fires than it puts out? Certainly population must be *understood* to formulate any useful ideas, but that's about as far as wisdom dictates.
What I believe must happen is that we come up with many thousands of small ideas that do more to put out fires than start them. Even if you chase a non-convergent series across the x-axis, it isn't going to stay put long enough to matter.
The real thinking involves determining which kinds of interventions are convergent (on average, to a best guess, or with good prospects surrounding constuctive failure--the mine fields of good intentions abound) and which interventions are not (and not necessarily through any fault of their own, but with full acceptance of how "each of us is smarter than all of us" and all that poster-slogan implies).
If I were to reason by analogy to the manifest failures of the human condition that lead us to this point in time, I would guess that the easy redemption slips through our fingers as it always does. We'll end up in the situation where the solution or its mechanisms are fully understood, but the news of the solution is perpetually one step behind the shock front it could have mitigated.
I see this shaping up as a foot race between human resourcefulness and ingenuity and the resonating stress fronts: resources, politics, environment.
My view is that we should be focussing our attention on running the best foot race we can possibly run when it comes to crunch time. What are the mechanisms that aid or impinge on this vital capacity?
I'm still contemplating this problem. I have one certain item on my list thus far: the patent system. As the patent system stands, we have routed one of our most potent weapons--our technical ingenuity--across the Manitoba marsh lands (read about the Great Canadian Railway). All the smart people will have constructive ideas, and all of the constructive ideas will be hung up in the patent system, which is bad enough, and the truly reprehensible litigation environment that surrounds it. Did anyone see that remark yesterday that certain personal awards were upheld in the tabacco verdict, while one was overturned because the statute of limitations had expired as the legal system spun its wheels with great precedent and determination into the soft wet sand?
The usual human response is to fix an institution such as our patent and legal system only *after* its liabilities have culminated in catastrophe. The problem is that we can already the future setting up such that the prime catastrophe is the world around us, and the bloody-mindedness of our legal system is just the *secondary* catastrophe that we will soon have the pleasure of addressing after the berms are breached.
That's the kind of circumstance that stretches human resourcefulness to the breaking point at the exact moment in time the human race can least afford it.
In my view, it's a clear failure of the American constitution that the American legal system was not constitutionally mandated to achieve *proactive* self-reform.
And worst of all, the American legal system is being globalized following exactly the same model as the American power grid. Only Quebec had the good sense to DC couple their grid to that horrible mass of wires and dominoes (and do not fail to observe the contributions of the regulatory and legal environment in shaping the engineering decisions and sand-sucking ostrich behaviours).
Presently, through the global treaty process, American legal process is being aggressively exported using the club of economic integration with the world's most consumeristic popu
Score: -1, Too Informative
Apparently, you've never seen that scene in Apocalypse Now where the new guy in the helicopter asks "Why do all you guys sit on your helmets?" and the nail-spitting old-timer responds "So we don't get our balls shot off". Too much information? Or damn good advice?
Rather elegantly, in fact, by postulating the existance of a universe where "took off" is not a synonym for "created".
Unfortunately, the configuration of slashdot where all moles and trolls are whacked down as they so well deserve is unstable, and the shit soon pops off the corners again into a lower energy, higher zithead configuration.
He explained that the nerves could not go behind the eye, because that space is reserved for the choroid, which provides the rich blood supply needed for the very metabolically active retinal pigment epithelium (RPE).
So what about the sea species (squid IIRC) where the optic nerve is on the back side? I suppose in that case it couldn't go on the front, because in those species the front is reserved for the choroid.
Usually in software design, you find things "reserved" for the handling the case where you eventually discover how terribly badly you screwed up the first time around.
If you do that you are telling me that your time is more important than mine - I have to talk to a machine so you don't have to risk hearing from someone you don't want to talk to.
Is that a troll? Yes, I'm fairly certain it is. It doesn't send any such message. The phone company paid a lot of money back when the phone system was first established to drill into the public that ignoring a ringing phone under any circumstance (such as already having visitors) was unspeakably rude. This attitude seems to linger in the water supply. It was never the case before the phone was invented that you could expect to interrupt another person on ten seconds worth of effort (pressing speed-dial) at any point in time you felt like it, with not even any idea what situation the interrupted person was in. I think your presumptions about what it signifies about you when other people attempt to manage those interruptions is downright obnoxious.
Yep, because we all know that second hand smoke is more dangerous than first hand smoke.
Cigarettes are the only drug delivery system I can think of that delivers once, then keeps on delivering. Any smoker who promises to inhale (and retain) all the chemicals present in tabacco smoke has my permission to smoke wherever he or she wishes, as much as he or she wishes; it would become strictly a matter between the user and his/her health insurance company. My complaints don't begin until the smoker exhales.
How would you like it if I casually dropped half a pill of whatever prescription medication I was taking that day into your coffee when you weren't looking? Why should my drug delivery system spill into your world? Only tabacco users regard this as a reasonable proposition. I'd rather breath the gas that comes out of your ass, it has fewer negative health effects.
Spanish saying: One drink is just right; two is too many; three are too few.
Non-linear dose effects have been understood in human culture since the advent of overripe fruit. I can't drink without balancing my electrolytes: one small cup of strong coffee for every two pints of beer.
Check the Wikipedia article on clitics if you really care about prohibited uses of contractions. Spoiler warning: if you actually understand the material, you will no longer find it nearly so easy to lob snarky self-serving retorts at your intellectual superiors.
This thread is hardly worth the bother, but I'll stop to make one point before whisking off to greener pastures.
In a template-metaprogramming language such as modern-idiom C++, what the JIT has to work with is the same as an intermediate representation of the compilation process. Pull your head out of your Javole.
Byte-code != source code - comments;
Hey, does your magic slink-off powder also work on cockroaches and malaria-bearing mosquitoes? Empty-nesters, meet empty-nichers. What is the supreme emotional satisfaction you seem to derive from slapping the label prostitute on an entire class of survival strategy? I guess there was a karmic distortion in the cosmic primordial plasma, and like Gandalf, somehow we are tasked with dispatching the Balrog from the omininous, obscure depths of Middle Earth. Gandalf smacks staff on narrow stone arch: Slink off! You shall not pass! But seriously, what gave you so much evident pleasure in voicing those words? I'd like to gather together a group of fifty people and do a nice little MRI run to see what nerve cluster is activated when these sentiments are voiced. I would guess it's not that far from the witch-hunting locus: general discomfort with the entire spectrum of feminine wiles that burns incandescent on one or two unfortunates just far enough off toward the end of the spectrum to become vilified as the exemplar for the entire class. Yes, that's what it is: the sound of a diffuse, non-specific anger collapsing to a focal point with the matches in hand. Another karmic flaw in the cosmic soup, or a redeeming characteristic of human nature? I'm getting a little twitchy with this slick-off powder. My first impulse is to pour it on everything in sight. Hey look, a warning label: product contains nano-granulated magnesium, do not inhale, keep away from exposed flame. Perfect! What's a good slink-off without a match, white light, and smoke?
I know how you feel. Once your brain gets stuck in a cliche, it's darn hard to escape. If you know a lot more about cars, you buy a more expensive car because you care more about your car than your computer, which is why you know more about cars in the first place. The converse is equally true. I spend that much more on my computer systems to get the best because my livelihood depends upon my computer systems. Whereas if my car breaks down, I miss my dental appointment.
Imagine a world where we all tot our beans like an accountant, cross our T's like a lawyer, backup our data like an IT support guru, tend our bodies like a sports professional, balance our meals like a nutritionist, scour our kitchens like a health inspector, peruse the fine print on our prescriptions like a pharmacist, and retract our broken cliches like a literary luminence before pressing submit.