I can't speak for every state, but here in Virginia, there is a line on our annual income tax forms for things bought out-of-state with no sales tax paid -- with a longer form that applies to anyone who buys things from sales-tax-free online retailers. It is called "use tax", and it is meant to make sure that Virginia gets its bit of the pie even in these cases.
This is one of the things that bugs me when people complain that companies like Amazon don't charge sales tax -- states can address the issue, and some (maybe most or all?) states have done that, but scofflaws don't bother paying. To compound the hypocrisy, a lot of the same people who don't pay use tax, or who assume others don't, go on to complain about how tax rates need to be higher because some people aren't paying their fair share.
Last time I used Subversion (1.4.something), renamed and moved files are killer to *review history for*. On one project, I had foo.c for a few hundred revisions, renamed it to bar.c, and many revisions later created a new foo.c. When I asked Subversion to show the content of foo.c as of revision 50 (the original file), Subversion claimed foo.c did not exist. As far as I could tell, it was trying to find the contents of the new foo.c as of revision 50. Hate.
That attack breaks down -- badly -- when random salts are used. You have to compute the hash for each salt+plaintext combination that you want to attack. If a random 32-bit salt is used, you need about 77,000 passwords before you would expect to find two that use the same salt (see http://en.wikipedia.org/wiki/Birthday_attack for the statistics).
The key factor is how many users are affected, not whether the ban is total. In our case, I think it was a few hundred users (not all of whom would have complained). I am pretty sure there are at least that many (at least occasional) Wikipedia editors who use Verizon. If Verizon has a half-way responsible and responsive support structure, they will notice the pattern of complaints and decide what to do.
I would guess the lack of response from Verizon has a similar root cause to when that IRC network dealt with AOL: There are a lot of users, and a lot of abuse reports, and some fraction of the abuse reports are spurious (incorrect, insufficient or misleading). Once a person on the Verizon end understands the problem, and that Wikipedia has done what they reasonably could, I suspect this somebody at Verizon will raise the priority of handling the abuse reports.
You might be surprised how responsive they are if their users start to complain. As one of the staff on an IRC network (one of the five largest IRC networks at the time, although that still isn't saying much), we got AOL to pay attention to abusers by banning the whole network. It took less than 24 hours of AOL users telling AOL "Hey, GamesNet is saying they can't get AOL to respond to abuse reports" before AOL got in touch with the network and explained how to expedite abuse reports.
Yeah, if Wikipedia does something stupid and bans Verizon users without explaining why or what the users can do, Wikipedia won't get very far. Personally, I think Wikipedia has more clue than that. It didn't take all that much for that IRC network to get appropriate attention on the chronic abusers.
Voting for a third party is (unfortunately) a pretty ineffectual protest move. Due to the majority-vote ballot system generally used in the US, there is a chicken-and-egg problem for third parties: People tend to vote for someone they think might win, but the only way a candidate has a chance to win is by getting a significant number of votes. Plus, people remember Ross Perot (and to a lesser degree Ralph Nader) as a third-party electoral spoiler.
If you want to make a real difference, get out and organize like-minded people, protest, knock on doors or mail letters to make your point to the public, and do other visible things. Casting votes and writing letters to the editor (or blog posts) are not going to convince many people.
Agile principle #2 (from http://agilemanifesto.org/principles.html): "Welcome changing requirements, even late in development." Other methodologies typically draw a line in the sand to recognize the costs of changing requirements late in development. They don't often forbid crossing that line, but they encourage people to honestly evaluate the trade-offs involved in changing requirements.
We know a lot more about what Hitler and his regime did than about what happens in Gitmo, so the appeal to authority is a lot more justifiable for Gitmo than for WW2 concentration camps.
If illegal, immoral and/or uncool activity in Gitmo is sufficient grounds to shut it down, when do you want to shut down Washington DC and the UN on the same grounds?
Go directly to fail. Do not pass go. No operating system worth its salt encrypts or decrypts passwords. They use cryptographically strong one-way transformations instead. These are sometimes called hash or trap-door functions. Just about the last thing most OSes want when it comes to passwords is to be able to recover the password just from the bits stored on the disk. (Sometimes the hash function may be something that *used* to be cryptographically strong, but for which brute-force attacks are now feasible, but the general idea is the same.)
I agree with most of your post, but where did you find a 1920x1280 (3:2 aspect ratio) monitor? I suspect you are mixing up 1280x720 ("HD" television resolution) and 1920x1080 ("Full HD" television resolution).
There are many more 1920x1080 monitors than there are 1920x1200 monitors, but the latter are not terribly rare or expensive.
The autotools suite requires that software developers keep revising things that worked before, because autotools has some new paradigm for some aspect of its operation every year or so.
For example, one of my open source projects lets the user specify which extra modules should be compiled into the binary. (It doesn't use loadable modules because that was even more painful when we started out.) Over a span of about two years -- and I think three "minor" (1.x) releases of automake -- the approved way of conditionally linking object files changed twice. The changes were not documented, and nobody bothered to describe any way that would work across the several versions of automake that were in common use at the time. In contrast, doing the same thing with autoconf alone or with some non-autotools script is dead simple.
autoconf has also gotten progressively fussier. For example, simple m4 macro invocations like FOO(bar) used to work fine. Now they often generate a warning that the argument is not quoted properly. To pick one example of prior art, C solved that particular precedence problem about 35 years ago. There is no good reason for autoconf to make the software maintainer throw in all the []s that it wants.
Those are just a few examples from my experience; others will have more.
The extra stuff to take care of is why asynchronous I/O applications tend to have lower throughput than synchronous I/O if you have good OS threading.
There have only ever been two good reasons to use application-multiplexed I/O: Your OS sucks at threading (like Windows and Solaris the last time I looked at them), or you have more clients than memory. Languages like C and Java require applications to dedicate multiple kilobytes per thread for the thread's stack -- but usually default to megabytes per thread, so if you have thousands of concurrent clients, you will soak up memory in fairly large quantities.
Applications like IRC and Jabber can have tens of thousands of clients on a single server (until some jackoff decides to DoS it), so there is strong pressure to minimize per-client memory use.
It sounds like you ran into a problem where someone wrote cargo cult code: Someone told them doing _____ was a good idea, and maybe (within bounds) it works the way they expect, but they do not understand it and so they cannot explain it.
On the other hand, I had a code review once where someone challenged the choice of C++ and the use of classes, on the basis that the compiler sometimes goes off and does things like garbage collection behind the programmer's back. He only backed off and stopped ranting when I showed him that the generated assembly code looked exactly like I expected it to, but he basically refused to review any other C++ code.
Some professionals work on high-reliability software -- and what they (we) really need are not people who can write procedural code or who can write object-oriented code, but people who know their own limitations and who design before they code.
Yo dawg -- I heard you liked cable sports networks so I bundled a magazine with the web site so you can flip through the glossies and read the blags while you drive around and watch TV sports.
OTOTH, in any lawsuit involving those patents, the H.264 patent holders will have to prove that those claims are novel (no prior art) and that even if they were novel, that were not already obvious to someone skilled in the art. And since we're talking about Google, I'm pretty sure they won't have any trouble hiring competent legal counsel should such a lawsuit be brought.
The patent's issuance is prima facie evidence of novelty (and all the other elements that are required for a valid patent). A prospective defendant would have to refute that presumption. Hopefully the Supreme Court will make it easier to overturn software and business-method patents in the ruling for Bilski v Kappos...
First, to be pedantic, settlement costs are never forced. Settlement is a negotiated alternative to taking a lawsuit through courts. Sometimes the negotiation is very one-sided -- "our way or the highway" -- but the defendant always has the choice to reject a settlement offer.
But what insurance company in their right mind would do that? The people who would consider buying that kind of insurance are the ones who know (or strongly suspect) they are infringing an aggressive rights-holder's copyright. There is effectively no way to distinguish good faith on the part of the insured from a malicious free rider. Even ignoring bad-faith actors, there is a significant risk that many of the insured people will cost more than their premiums bring in. There's also a significant risk that some plaintiff's lawyer will find a way to subpoena the insurance company's customer list, which will significantly increase the insurer's exposure.
Microsoft's negligent, lazy approach to closing security holes bit Google hard. Google is now letting Microsoft feel some of the pain. I hope that responsible journalists won't judge full disclosure solely by vendor-dictated rules -- when a software vendor has a history of problems, the spotlight should be on them, not on the people who report them.
It depends on the architecture of the flash cells, but yes, I would expect that the chips would fail into some mode where erase and program operations have no effect. (Being a software guy rather than a Flash memory guy, I wouldn't want to guess whether over-erased cells would be at logic 1, logic 0 or a mix of the two.)
The OMAP3530 (which is in the IGEPv2) is a cool part in a lot of ways, but it would be boneheaded to put it in a data center. Because it doesn't have any high-speed interconnects -- gigabit Ethernet, PCI Express, RapidIO, or the like -- it isn't suited for most network-intensive applications. Marvell has a variety of systems-on-chips that do have ARM cores, running at higher speeds than the OMAP parts, and with high-speed interfaces on the chip. Other vendors probably have similar offerings; those are the ones that Microsoft would probably want to look at.
Re:Prosecuting corporations for crimes is asinine.
on
The Short Arm of the Law
·
· Score: 1, Flamebait
Your proposal fails to meet due process or Fourth Amendment concerns. As someone who owns 120 shares of BIGCO, why should I lose 20% of my money in the company because some branch chief bribed an Elbonian government official? (The Foreign Corrupt Practices Act bars American companies from doing that kind of thing.)
You are awfully poorly informed for a health policy person based in Europe.
The studies that blame bankruptcy on medical costs were basically cooked. They've been debunked left and right since they came out. This bill will drive more people to bankruptcy (or jail) because of the insurance mandates.
Our poor health outcomes are heavily skewed towards minorities (especially Blacks and Hispanics). Oddly, those are the same groups that get more government-funded health care now. This bill doesn't really do anything to reduce the maternal, infant or child health that you mention.
The cost of uncharged emergency room care is tiny compared to the cost of this bill.
Republican proposals for health care reform would largely eliminate the health care costs for employers, by removing the tax subsidy that makes it worthwhile to give employees health insurance rather than additional money for health care. This bill will do nothing to reduce those costs.
I would continue, but I'm getting bored. I can just hope that you're not inflicting similar scales of ignorance on your fellow Europeans.
Ironically, the reason Congress is able to game the CBO numbers so well is because the CBO has embraced transparency and openness. It described how it scores bills, and as a result, this bill was able to avoid counting the mandated insurance payments towards the federal budget, whereas Bill Clinton's efforts circa 1993-94 had those included in the federal budget. When everyone saw what those costs were, they lost all appetite for the reform. Now they can pretend those costs won't be incurred.
You're definitely right that the bills in both houses of Congress are horrible hand-outs to the insurance companies.
Re:"Entitlement Generation"
on
Health Care Reform
·
· Score: 2, Insightful
You clearly don't know what "entitlement" means, so don't waste your breath ranting about it.
If there are so many studies to that effect, why didn't you link to any of them? Will you remedy that shortcoming so that the rest of us have data rather than a single anecdote with an inflammatory contrary response?
Slashdot Mirror
I can't speak for every state, but here in Virginia, there is a line on our annual income tax forms for things bought out-of-state with no sales tax paid -- with a longer form that applies to anyone who buys things from sales-tax-free online retailers. It is called "use tax", and it is meant to make sure that Virginia gets its bit of the pie even in these cases.
This is one of the things that bugs me when people complain that companies like Amazon don't charge sales tax -- states can address the issue, and some (maybe most or all?) states have done that, but scofflaws don't bother paying. To compound the hypocrisy, a lot of the same people who don't pay use tax, or who assume others don't, go on to complain about how tax rates need to be higher because some people aren't paying their fair share.
Someone up-thread nailed it: The blog post is really a not-very-stealth advertisement for that commercial SCM tool.
Last time I used Subversion (1.4.something), renamed and moved files are killer to *review history for*. On one project, I had foo.c for a few hundred revisions, renamed it to bar.c, and many revisions later created a new foo.c. When I asked Subversion to show the content of foo.c as of revision 50 (the original file), Subversion claimed foo.c did not exist. As far as I could tell, it was trying to find the contents of the new foo.c as of revision 50. Hate.
That attack breaks down -- badly -- when random salts are used. You have to compute the hash for each salt+plaintext combination that you want to attack. If a random 32-bit salt is used, you need about 77,000 passwords before you would expect to find two that use the same salt (see http://en.wikipedia.org/wiki/Birthday_attack for the statistics).
The key factor is how many users are affected, not whether the ban is total. In our case, I think it was a few hundred users (not all of whom would have complained). I am pretty sure there are at least that many (at least occasional) Wikipedia editors who use Verizon. If Verizon has a half-way responsible and responsive support structure, they will notice the pattern of complaints and decide what to do.
I would guess the lack of response from Verizon has a similar root cause to when that IRC network dealt with AOL: There are a lot of users, and a lot of abuse reports, and some fraction of the abuse reports are spurious (incorrect, insufficient or misleading). Once a person on the Verizon end understands the problem, and that Wikipedia has done what they reasonably could, I suspect this somebody at Verizon will raise the priority of handling the abuse reports.
You might be surprised how responsive they are if their users start to complain. As one of the staff on an IRC network (one of the five largest IRC networks at the time, although that still isn't saying much), we got AOL to pay attention to abusers by banning the whole network. It took less than 24 hours of AOL users telling AOL "Hey, GamesNet is saying they can't get AOL to respond to abuse reports" before AOL got in touch with the network and explained how to expedite abuse reports.
Yeah, if Wikipedia does something stupid and bans Verizon users without explaining why or what the users can do, Wikipedia won't get very far. Personally, I think Wikipedia has more clue than that. It didn't take all that much for that IRC network to get appropriate attention on the chronic abusers.
Voting for a third party is (unfortunately) a pretty ineffectual protest move. Due to the majority-vote ballot system generally used in the US, there is a chicken-and-egg problem for third parties: People tend to vote for someone they think might win, but the only way a candidate has a chance to win is by getting a significant number of votes. Plus, people remember Ross Perot (and to a lesser degree Ralph Nader) as a third-party electoral spoiler.
If you want to make a real difference, get out and organize like-minded people, protest, knock on doors or mail letters to make your point to the public, and do other visible things. Casting votes and writing letters to the editor (or blog posts) are not going to convince many people.
Agile principle #2 (from http://agilemanifesto.org/principles.html): "Welcome changing requirements, even late in
development." Other methodologies typically draw a line in the sand to recognize the costs of changing requirements late in development. They don't often forbid crossing that line, but they encourage people to honestly evaluate the trade-offs involved in changing requirements.
We know a lot more about what Hitler and his regime did than about what happens in Gitmo, so the appeal to authority is a lot more justifiable for Gitmo than for WW2 concentration camps.
If illegal, immoral and/or uncool activity in Gitmo is sufficient grounds to shut it down, when do you want to shut down Washington DC and the UN on the same grounds?
Go directly to fail. Do not pass go. No operating system worth its salt encrypts or decrypts passwords. They use cryptographically strong one-way transformations instead. These are sometimes called hash or trap-door functions. Just about the last thing most OSes want when it comes to passwords is to be able to recover the password just from the bits stored on the disk. (Sometimes the hash function may be something that *used* to be cryptographically strong, but for which brute-force attacks are now feasible, but the general idea is the same.)
I agree with most of your post, but where did you find a 1920x1280 (3:2 aspect ratio) monitor? I suspect you are mixing up 1280x720 ("HD" television resolution) and 1920x1080 ("Full HD" television resolution).
There are many more 1920x1080 monitors than there are 1920x1200 monitors, but the latter are not terribly rare or expensive.
The autotools suite requires that software developers keep revising things that worked before, because autotools has some new paradigm for some aspect of its operation every year or so.
For example, one of my open source projects lets the user specify which extra modules should be compiled into the binary. (It doesn't use loadable modules because that was even more painful when we started out.) Over a span of about two years -- and I think three "minor" (1.x) releases of automake -- the approved way of conditionally linking object files changed twice. The changes were not documented, and nobody bothered to describe any way that would work across the several versions of automake that were in common use at the time. In contrast, doing the same thing with autoconf alone or with some non-autotools script is dead simple.
autoconf has also gotten progressively fussier. For example, simple m4 macro invocations like FOO(bar) used to work fine. Now they often generate a warning that the argument is not quoted properly. To pick one example of prior art, C solved that particular precedence problem about 35 years ago. There is no good reason for autoconf to make the software maintainer throw in all the []s that it wants.
Those are just a few examples from my experience; others will have more.
The extra stuff to take care of is why asynchronous I/O applications tend to have lower throughput than synchronous I/O if you have good OS threading.
There have only ever been two good reasons to use application-multiplexed I/O: Your OS sucks at threading (like Windows and Solaris the last time I looked at them), or you have more clients than memory. Languages like C and Java require applications to dedicate multiple kilobytes per thread for the thread's stack -- but usually default to megabytes per thread, so if you have thousands of concurrent clients, you will soak up memory in fairly large quantities.
Applications like IRC and Jabber can have tens of thousands of clients on a single server (until some jackoff decides to DoS it), so there is strong pressure to minimize per-client memory use.
It sounds like you ran into a problem where someone wrote cargo cult code: Someone told them doing _____ was a good idea, and maybe (within bounds) it works the way they expect, but they do not understand it and so they cannot explain it.
On the other hand, I had a code review once where someone challenged the choice of C++ and the use of classes, on the basis that the compiler sometimes goes off and does things like garbage collection behind the programmer's back. He only backed off and stopped ranting when I showed him that the generated assembly code looked exactly like I expected it to, but he basically refused to review any other C++ code.
Some professionals work on high-reliability software -- and what they (we) really need are not people who can write procedural code or who can write object-oriented code, but people who know their own limitations and who design before they code.
Yo dawg -- I heard you liked cable sports networks so I bundled a magazine with the web site so you can flip through the glossies and read the blags while you drive around and watch TV sports.
OTOTH, in any lawsuit involving those patents, the H.264 patent holders will have to prove that those claims are novel (no prior art) and that even if they were novel, that were not already obvious to someone skilled in the art. And since we're talking about Google, I'm pretty sure they won't have any trouble hiring competent legal counsel should such a lawsuit be brought.
The patent's issuance is prima facie evidence of novelty (and all the other elements that are required for a valid patent). A prospective defendant would have to refute that presumption. Hopefully the Supreme Court will make it easier to overturn software and business-method patents in the ruling for Bilski v Kappos...
The answer to your question is "never".
First, to be pedantic, settlement costs are never forced. Settlement is a negotiated alternative to taking a lawsuit through courts. Sometimes the negotiation is very one-sided -- "our way or the highway" -- but the defendant always has the choice to reject a settlement offer.
But what insurance company in their right mind would do that? The people who would consider buying that kind of insurance are the ones who know (or strongly suspect) they are infringing an aggressive rights-holder's copyright. There is effectively no way to distinguish good faith on the part of the insured from a malicious free rider. Even ignoring bad-faith actors, there is a significant risk that many of the insured people will cost more than their premiums bring in. There's also a significant risk that some plaintiff's lawyer will find a way to subpoena the insurance company's customer list, which will significantly increase the insurer's exposure.
Microsoft's negligent, lazy approach to closing security holes bit Google hard. Google is now letting Microsoft feel some of the pain. I hope that responsible journalists won't judge full disclosure solely by vendor-dictated rules -- when a software vendor has a history of problems, the spotlight should be on them, not on the people who report them.
It depends on the architecture of the flash cells, but yes, I would expect that the chips would fail into some mode where erase and program operations have no effect. (Being a software guy rather than a Flash memory guy, I wouldn't want to guess whether over-erased cells would be at logic 1, logic 0 or a mix of the two.)
The OMAP3530 (which is in the IGEPv2) is a cool part in a lot of ways, but it would be boneheaded to put it in a data center. Because it doesn't have any high-speed interconnects -- gigabit Ethernet, PCI Express, RapidIO, or the like -- it isn't suited for most network-intensive applications. Marvell has a variety of systems-on-chips that do have ARM cores, running at higher speeds than the OMAP parts, and with high-speed interfaces on the chip. Other vendors probably have similar offerings; those are the ones that Microsoft would probably want to look at.
Your proposal fails to meet due process or Fourth Amendment concerns. As someone who owns 120 shares of BIGCO, why should I lose 20% of my money in the company because some branch chief bribed an Elbonian government official? (The Foreign Corrupt Practices Act bars American companies from doing that kind of thing.)
You are awfully poorly informed for a health policy person based in Europe.
The studies that blame bankruptcy on medical costs were basically cooked. They've been debunked left and right since they came out. This bill will drive more people to bankruptcy (or jail) because of the insurance mandates.
Our poor health outcomes are heavily skewed towards minorities (especially Blacks and Hispanics). Oddly, those are the same groups that get more government-funded health care now. This bill doesn't really do anything to reduce the maternal, infant or child health that you mention.
The cost of uncharged emergency room care is tiny compared to the cost of this bill.
Republican proposals for health care reform would largely eliminate the health care costs for employers, by removing the tax subsidy that makes it worthwhile to give employees health insurance rather than additional money for health care. This bill will do nothing to reduce those costs.
I would continue, but I'm getting bored. I can just hope that you're not inflicting similar scales of ignorance on your fellow Europeans.
Ironically, the reason Congress is able to game the CBO numbers so well is because the CBO has embraced transparency and openness. It described how it scores bills, and as a result, this bill was able to avoid counting the mandated insurance payments towards the federal budget, whereas Bill Clinton's efforts circa 1993-94 had those included in the federal budget. When everyone saw what those costs were, they lost all appetite for the reform. Now they can pretend those costs won't be incurred.
You're definitely right that the bills in both houses of Congress are horrible hand-outs to the insurance companies.
You clearly don't know what "entitlement" means, so don't waste your breath ranting about it.
If there are so many studies to that effect, why didn't you link to any of them? Will you remedy that shortcoming so that the rest of us have data rather than a single anecdote with an inflammatory contrary response?