You spend all this time and energy just to raise a few tomatoes that could have been bought at the store for cheap.
Not if you want anything with more flavor than the shipping packaging. Ever tried checking local prices for Golden Pear or Black Krum varietal tomatoes? Hereabouts they usually run about five bucks per pint and pound respectively. A seed pack of either runs about a buck. Planted where rainfall takes care of the watering, along with a couple packs of nasturtiums, and I end up with salad fixings for the summer. Sure, I loose a lot to the local wildlife, but what the heck. If the rabbits and deer eat too much, I suppose I can get a hunting permit. Mmmm... venison.
Now, the other flowers I plant are a waste, I admit... but it's the only way to get a proper infestation of hummingbirds to freak out my neighbor's friggin cat. Ever since it got chased by a swarm of about fifteen of them, it spends summer cowering inside. Maybe I'll add a bit of catnip to the mix next year for some real entertainment. =)
Some obvious items overlooked in the study.
on
Dealing with Phishing
·
· Score: 2, Insightful
FTA: Participants proved vulnerable across the board to phishing attacks. In our study, neither education, age, sex, previous experience, nor hours of computer use showed a statistically significant correlation with vulnerability to phishing.
No check for "familiarity with elementary principles of cryptography" giving a correlation. I suspect that anyone who recognize the significance of the names "Alice, Bob, and Eve" will probably be far less vulnerable than average.
I'll also note that while they claim: "There is no significant correlation between the score and the primary or secondary type of browser or operating systems used by participants", their breakdown of participants indicated no Linux users were studied. Of course, Linux users are a weirdo minority, but I would be curious.
It's used locally as idiom for any unexpected loss of an admin-type who was at least halfway competent. (Those less than halfway competent are "taken out and shot". Figuratively, I think.) Either "hit by a truck" or "run over by a truck" may be used, regardless of the actual means of the departure. Variants on the phrase may be used to clarify the nature and reason for departure.
Examples include my predecessor (fired after he flipped off his boss's boss's boss in front of witnesses, "hit by a karma truck"), the local Oracle-and-Solaris UberGuru (poached away by an employment recruiter at three times the salary, "hit by a Brinks truck"), one of the Extremely Senior network engineers (retired after a career in IT dating back to ENIAC; "hit by a truck headed to Florida"), our Macintosh Support Guru (err... killed by a literal tractor trailer while on his motorcycle; "hit by a real truck"), and most recently for another chap in networks (called up for Reserve Duty, "hit by an Army Truck," even though he's in the Marine Reserves).
The local pointy-haired auditor in charge of disaster recovery does NOT like the phrase showing up in our official contingency planning documentation, nor is he happy that various emergency documents are in envelopes prominently labeled "In case FRED is Hit By A Truck" (for various values of Fred). On the other hand, we've experimentally shown that non-IT staff who'll need to find them remember where they keep such files better than something labeled "Disaster Recovery Plan"... which fact we have also documented. The PHA has elected to ignore the minor mutiny.
There's a minor variant used for describing the (so far hypothetical) loss of multiple staff in a single subdepartment: "The Bus Blows Up". So far, that hasn't creeped into the official disaster documentation. And while I haven't seen it myself, I'm told the binder for our master "total loss" recovery scenario at the hot-site backup location is just labeled "EVERYBODY DIES".
CDR - Cheap, bigger than zip, no click of death, records audio CDs = kiss of death for the zip drive
Note that CDR (like DVD?R) comes in 80mm as well as 130mm size (plus the unofficial "business card" size). My analysis is that the reduced size of 80mm disks and incompatibility with slot-loader drives reduced demand, and that economies of scale then increased production costs so that 80mm disks routinely cost more than larger 130mm disks.
Also, since I routinely loan out laptops to students and faculty (I see about 500 students each year), and have been asked constantly since 2001 "does the laptop support...", I'd disagree that the CDR was the Zip-killer.
Syquest lost to Iomega via a lawsuit dating back to the Bernouili drive days, although it wasn't finally settled until the Zip era. The LS-120/240 superfloppies were killed by a combination of Zip's higher write speed, slightly earlier arrival, and the superior Iomega brand recognition (also dating back to the Bernouili drive days); I only ever had one (transfer) student ask if they were supported. Jaz penetration was limited by reliance on the less widely used SCSI, the slow speed of early USB, and (near the end) the slow speed of firewire market penetration. The Peerless drive was killed by a combination of extremely high price for drive and media, and the arrival of USB and FW external storage hard drives. I'm not really sure why the Iomega Clik disk bombed so badly, but it never showed up on my radar.
The floppy was all but killed (finally) by a combination of CDR (for one-off copies to hand to someone) and the USB flash drive (for current work carried with you, intended for frequent access and revision); it's now barely kept on life support for loading exotic SCSI drivers at Windows 2K server (re)installation time, by (to a lesser degree) BIOS motherboard updates, and by old fogies who can't figure out how to use CD burning software and/or too cheap to buy a Flash drive. USB Flash drives definitely were the Zip-killer. Despite every publicly available school owned machine having a CDRW-burner for a couple years and the local bookstore stocking 80mm CDRWs, the Zip 100 and 250's were quite common until 128 MB flash drives fell below $50; once that happened, it was all over but the legacy data migration.
The SanDisk combination SD/USB media (covered previously on/.) has made a noticable impact on flash media since it came out (IE: I saw two students using them, despite how recently they came out). IPods haven't taken a big chunk in the storage niche, mostly I think due to the need for having a funky connector wire, but obviously do well in the music market. With the increasing number of direct-to-DVD camcorders around, the affordability of DVD-burners, and the (almost) end of the DVD format war, I expect that 80mmDVD will also become more common in the next year or two. Network storage (GMail, iDisk, local NFS/HTTP/FTP-based homebrews, et cetera) is also popular locally, but is more of a long-term contender.
I don't see either of the new HD sucessors to DVD getting much higher market penetration than the LaserDisk in the US for at least the next five years, if they ever get anywhere at all.
Regarding the final price, sniping only works if there are non-rational bidders.
Actually, there are other conditions that give value to sniping.
Like far too many people who work in economics, most of the discussion here has neglected analysis of information costs. If you place a proxy bid Ebay style, that gives information to other market players about what you are willing to pay; same thing when they bid. Studying the historical shape of the price curves vs. time, and given the public bid shown after at least five existing proxy bids and at least three hours left, it's not hard to make an estimate of what the winning bid will be... even with snipers. (However, I see no reason to reveal my own calculations about the curve, cf. Seldon's Laws. Yeah, "information wants to be free" and "mother nature protects no secrets"... but if you want the info, do the math yourself.)
It also helps if you understand the meaning of a demand curve. At low prices, there are a lot of people that will be at least casually interested in the item, with low maximum amounts they are willing to pay, and who do not wish to waste their time on bidding. In the Ebay community, many such people will bid casually on items they don't seriously expect to get. (I've bid on a couple desktop computers that were under $100 on this basis, and came suprisingly close to winning one.) This helps insure that there is often enough information to make reasonable projections.
There's also the value of time, both time-importance of an item, and the value placed on the bidder's time. Of course, since (barring Christmastime) there usually isn't major day-to-day variation in the demand curve for an item, similar projections can be made for more common items by examining completed sales data. The proxy-bid history curve is most useful for highly unusual or seldom-sold items (how much can you expect to pay for a collection of antique glass eyes?), or when trying to figure out if sniping will cause enough increase at the end of auction to be worth altering your own bid time.
I swear, it ought to be possible to get at least a couple dozen good doctoral theses out of analyzing the pricing data Ebay generates, even without doing experimental selling.
I found a similar bug with one of the early PC-based email apps used where I went to college in the 90's, allowing anyone who looked at how the thing worked (IE: read the batch file used to launch the program) to determine the password associated for any username. BAD design.
Of course, given the nature of the problem and the state of local security at the time, reporting the problem was easy. Working in one of the less-used open labs on sucessive Sundays around 3AM (when it was almost always deserted), I sent three messages, each detailing the hole, stating the message was sent as a demonstration, and suggesting both short-term and long-term fixes for the problem. The first was to the Postmaster account, from the username of the person behind Postmaster. The second went to all the IT subdepartment heads, everyone in the IT "Security" sub-department, the head of the Computer Engineering department, and the school's head — again, from the Postmaster. For the third, I added the rest of the CE department faculty, all of the full-time IT employees I could identify from the school phonebook, all of the academic department heads, and the faculty senate representatives. The fourth message would have added the mail list for the part time student computer lab monitors and the all the CE grad students... however, that hole had been closed. =)
I heard from a lab monitor in my dorm that all of the lab monitors and CE students were questioned about any involvement, for the powers that be were Not Happy. Fortunately for me, I was majoring in Mechanical Engineering at the time, and they did not elect to sweep that broadly. The people who ran the IT department were at least smart enough to learn from the experience; barely a month later, a school wide announcement went out, announcing that any problems discovered with security for any of the computer systems or labs should be reported to Security@, but that students should PLEASE not deliberately go poking around trying to find holes.
Security has tightened up considerably in the years since.
I suspect Linus's role is rather like that of a Highly Effective Systems Administrator; he doesn't seem to do much, everything just works, and even if some idiot runs him over with a truck, it takes a long while for things to fall apart afterwards. OTOH, if when the time comes you don't replace the loss with someone nearly as good, the difference will eventually be noticed.
But the irony is...if the Virii/Worms didn't exist in the first place, then we wouldn't NEED to improve security against such attacks.
Well... yes, but no.
There seem two equally obvious and unlikely counterfactuals that would preclude the existance of Virii/Worms. First, that computer systems security would be improved to the point where they were no longer possible. Second, that humans would no longer be motivated to develop them.
We could get a lot closer to the first state than we are at now; requiring the use of provably correct code in everything, zero defect tolerance in hardware, perhaps other measures. It's unrealistic, and you'd still have to do provable correctness of interaction each time you added a new software component to the system. Yes, hacker attacks can be expensive... but the probable cost-benefit analysis makes proven correct systems economically impractical.
As for the second... well, pigs are more likely to fly out of my butt, and I'm not going to invest in pork futures on that basis.
TFA is trying to distinguish from the sort of mischief-makers that create the digital equivalent of the Common Cold (annoying, but seldom serious) from those who work to create the digital equivalent of Ebola. And yes, it might be worth having lower penalties for hackers who are not operating from economic motives, or for those operating from political motives who are more nuisance than harmful.
The largest part of the problem is that a lot of software is crap from a security standpoint (in part, because building good software is hard). Perhaps a set of Federal software whistleblower laws should be created for commercial products. My first pass at the idea: The law should guaranty buyers the right to reverse-engineer software to investigate it for security, regardless of any EULA (IE: you can look); create a federal clearinghouse for the reporting of any discovered security hole, with such reports being inadmissible as evidence for any civil or criminal case (IE: we won't threaten you with prosecution for reporting holes); have the federal clearinghouse report the nature of the holes found to software manufacturers; and require that for any product released within five years, manufacturers must (a) within 90 days of being formally notified, offer consumers without charge either a patch, an upgrade to a current unaffected version, or the option to return the product for refund of original purchase price, and (b) within 180 days of being notified, provide without charge a patch or a free upgrade to an unaffected version if such exists, or be required to issue a mandatory recall for the product and become legally responsible for consequential damages (IE: fix it or be f---ed, Billy).
On real world, some people want to live with his doors unlocked, mostly on rural areas.
Which may not be a bad thing... in rural areas. If the system is connected to the internet, it's like an apartment in a city with a total population larger than that of the top twenty worlds largest cities combined together with the entire population of India. Oh, and with rampant street gangs, a red light district that can be seen from orbit, and residents whose average manners make a Bronx taxi driver look like Emily Post.
Re:Ex-Military IT staff described in a nutshell.
on
The Living Dilbert?
·
· Score: 1
The quote has been variously attributed to Yogi Berra, Chuck Reid, Jan L. A. van de Snepscheut, and is sometimes called a corollary to Heenan's Research Premise. I picked it up from my dad, along with other bits of wisdom from his long engineering career.
As the TFA points out, the names that have dominated for the last ten years haven't changed; it's speculating on why no-one else has recently joined the pantheon.
The problem with the existing system is that it is geared around people learning as and when the teacher gets round to it, rather than pushing people as far and as fast as they are able.
Having dealt with acceleration, pushing them as fast as they can go is not always the best plan; it tends to make socialization difficult, and produce bad results later on. Pushing them as wide as they can roam produces more well-rounded results. Of course, that's hard to manage without extraordinarily flexible teachers in an adaptible environment... which far too many schools don't have. It's also a challenge to maintain a sense of order with such conditions, which is also important to child development.
That said... if a school system can't handle anything fancier, acceleration is better (both for the school and for the kid) than the devil recruiting idle hands.
So I quickly knocked out all 3 in like 15 minutes (was supposed to take the full 50 or so) and ended up bored out of my wits by 25 minutes. I started to talk to people and got written up.
Well, that would be part of the problem: distracting other students.
I ended up in a similar situation once during some stupid diagnostic math testing during middle school; they were testing all of the grade levels on the same day. We were given ninety minutes; I finished in twenty, spent three minutes checking my work, and three more minutes taking apart my pen and putting it back together. Then I wandered up the the teacher's desk to quietly (albeit stubbornly) point out the problem.
"I'm finished; now what?" "Check your work."
"I did — twice." (I was a rotten kid: I lied.) "I'm bored." (True.) "Can I please have the next grade's test to work on?"
This got me a full ten seconds stare out of a teacher who normally had an instant response to anything. She then went and got me the test (probably figuring it was an easier way to shut me up than debating me), and I went back to my desk happy. (I like math.) Nineteen minutes later, I was back in her hair, to her overt lack of amusement. It took a few minutes to get the next grade level. (I heard from one of the older kids on the bus she was quietly venting to the other teacher about the "fidgity twep".) When I got the test, it was challenging enough to keep me occupied for the remaining time.
My parents got a call asking for a conference with the teacher about my attitude before the end of the day. They got a lot of those over the years, although each of my sisters caused more. (The one over my oldest sister's outraged sermon to her fifth grade gym teacher over his failure to give due heed to Title Nine was the most memorable: mom and dad both laughed for a week about it, and embarass her with the story to this day.) My parents said that the next Tuesday would work for both of them. Of course, this was before the teacher had graded the test results. By the actual conference, the principal was added to the meeting, so they could figure out how to deal with my having tested out of three years worth of math: I had made only one mistake between all three tests. The teacher apparently made a weak attempt to bring up my attitude "problem", but my parents civilly pointed out that I had been polite, reasonable, and (in hindsight) utterly justified in my response. The teacher was smart enough to recognize a futile arguement when it hit her with a two-by-four, and dropped the issue.
Advice to parents: if you were bored and bright in school, plan ahead for the likelihood that your kids may be. Also plan for conferences over the issue.
A guardian/parent has accepted the obligation to raise and support their dependents.
Implicitly, anyway; I have damn near no sympathy for those who become sexually active without taking contraceptive precautions, and end up parents by mistake. I'd also add that although expectation of some level of social support for the process is reasonable, the ultimate responsibility for the result is the parents'. However, any social framework or institution that does not facilitate or precludes such rearing faces long-term evolutionary pressure against it. Can you say "revolution", children? (No, dumbasses, "say" does not mean "sing"....)
A Marine PFC has accepted the obligation to go risk their life wherever ordered, accepting the pay the DoD has deemed sufficient.
Essentially accurate (although I believe Congress actually determines pay grades, that detail is moot to this discussion). However, a shift in accounting rules resulting in a massive shift of what their effective usable income is inequitable, especially when the PFC is stuck in a two, four, or six year enlistment. Furthermore in a longer term perspective, by diminishing the value of effective monetary remuneration, especially without increasing perceived non-rational value on service (EG: "patriotism"), diminishing the price will diminish the supply of recruits... and possibly the quality as well. That is to say: if you don't pay, they won't show up.
I realize the military is working on this, but are those obligations really compatible at the same time?
Take a longer term perspective. My understanding is parents with a history of military service tend to produce kids more likely to enter military service. It's to the military's long-term benefit to insure conditions are supportive of raising kids, to the extent that it is possible to do so without compromising military operations.
In the private sector we (IMHO rightly) have little sympathy for anyone who just entered the job market and wants to have children before having developed any distinctive skills and advanced beyond the minimum wage.
I'll grant that anyone planning to have kids should consider the economic realities of their situation before jumping in and doing so. Having children is a luxury for a couple, one that may require forgoing others, like the latest-and-greatest electronic entertainments.
On the other hand, having children is a necessity for viable society (leaving aside a few moot cases). My depression-baby parents didn't marry and start having kids until they were both about thirty, but were regarded as strange in their day; despite both my parents being the oldest in their rather large families, I only have two cousins younger than me. Corporations are legally obligated not to have a sense of social responsibility; however, I fear that it is detrimental to society that child-rearing be so routinely postponed so long.
I suspect your politics align well with the Cheap Labor Conservatives, and that's not a good thing in my book. Of course, I'm a green-to-liberarian peak-oil kook with a nasty pragmatic streak... what would I know?
Re:Ex-Military IT staff described in a nutshell.
on
The Living Dilbert?
·
· Score: 2, Insightful
Most certifications (except perhaps Cisco) are meaningless
Not meaningless, but definitely overinflated. From my (limited) experience, the importance/usefulness of Microsoft certifications are overinflated by a factor of 5-10, most Linux certifications by a factor of 3-5, and Cisco certifications by a factor of 1 to 3. Generally, when there are tiered certification levels, the higher certification levels are less overinflated.
Certification indicates they understand the theory. In theory, there is no gap between theory and practice, but in practice there usually is.
do a test, create an account on their site, but don't put ANY personal information, bare minimum.. wait a week and check how many flirts you get from women..
As a control, you can also create the profile for "Ima Lyon-Bastard", or similar.
I can't remember which sites I tested it on, but I signed up for about a dozen free memberships using a disposable Dodgeit.com mail drop, and created a profile accurate about age and location — but used a poverty-line income, the psychological profile of a sociopath ("Hobbies: torturing puppies, kittens, and bunnies"), and repeated notes on the lines of "This is a bogus profile; no contacts will be acknowleged or responded to". One site killed the account inside 3 days, and one let it just sit there.... but I got a couple dozen "enthusiastic" flirting responses apiece within a week from all of the others.
I doubt section 230 immunity stretches to covering cases where an employee of the dating service is responsible for the shell script creating the responses....
The server checks the http:// refering link; off-site deep links to the print page go to the issue page. Solutions include: click on "text" once the page loads, paste the aforementioned URL into your browser from any other Escapist.com page, change the "issue" to "print" once the page loads manually, use a refer-spoof enabled browser, or read the article from one of the AnonymousCoward "reprints". If you feel guilty about the copyright violation, stop off and read the semi-pointless ad they stuck in the middle of the article... after their server finishes melting through the floor.
Can someone confirm this is the same Blizzard that hawks DRM crippleware?
The degree of DRM crippleware in their products vary. I'm pretty sure they've never used Starforce. Several require a CD; while the usual pirate NOCD patches exist, the NOCD versions can't be used to play via the Blizard.Net servers.
More complaints come about Blizzard's "Warden Client" anti-cheating package, since it's arguably a form of spyware, and the methods have some false positive potential. I thought I remembered it also had some limited copy-protection stuff, too (IE, complaining about Alcohol 120%), but I find no on-line confirmation.
There are certainly other makers that are have both more hostile and more friendly DRM attitudes; Blizzard seems about middle-of-the-road for the Games industry, as far as protection systems go.
Don't like DRM? Keep trying for that Amulet of Yendor.
So put this and this together, and we read the secret headline "Midaeval Piracy Laws", thereby tying HIPAA in with the MPAA and RIAA and the basic Slashdot anti-Copyright agenda! Yes, it's a *AA conspiracy!
Go on, mod me insightful. It's a slow news week so far.
The fact that these disasters don't "kill the earth" is widely understood.
Perhaps true; on the other hand, the P-T extinction event wiped out better than 90% of sea species, and 70% of land species. It didn't kill the planet, but it came closer than anything since the formation of Luna.
On the gripping hand, getting rid of the extremophile bacteria as well would pretty much requires re-liquification of the entire planetary crust for a multi-century timescale.
Ordinarily, I'd ask someone like you to share the really good drugs you have access to, but evidently you've already given away all of your anti-psychotics.
Slashdot Mirror
You spend all this time and energy just to raise a few tomatoes that could have been bought at the store for cheap.
Not if you want anything with more flavor than the shipping packaging. Ever tried checking local prices for Golden Pear or Black Krum varietal tomatoes? Hereabouts they usually run about five bucks per pint and pound respectively. A seed pack of either runs about a buck. Planted where rainfall takes care of the watering, along with a couple packs of nasturtiums, and I end up with salad fixings for the summer. Sure, I loose a lot to the local wildlife, but what the heck. If the rabbits and deer eat too much, I suppose I can get a hunting permit. Mmmm... venison.
Now, the other flowers I plant are a waste, I admit... but it's the only way to get a proper infestation of hummingbirds to freak out my neighbor's friggin cat. Ever since it got chased by a swarm of about fifteen of them, it spends summer cowering inside. Maybe I'll add a bit of catnip to the mix next year for some real entertainment. =)
FTA: Participants proved vulnerable across the board to phishing attacks. In our study, neither education, age, sex, previous experience, nor hours of computer use showed a statistically significant correlation with vulnerability to phishing.
No check for "familiarity with elementary principles of cryptography" giving a correlation. I suspect that anyone who recognize the significance of the names "Alice, Bob, and Eve" will probably be far less vulnerable than average.
I'll also note that while they claim: "There is no significant correlation between the score and the primary or secondary type of browser or operating systems used by participants", their breakdown of participants indicated no Linux users were studied. Of course, Linux users are a weirdo minority, but I would be curious.
I make one, one lame ass Ballmer joke, and not only do you not get it, but offer a reply which is far more informative and funny.
Well, actually, I did get the (very lame ass) joke; but on consideration, also thought our local idiom was worthy of explanation.
Sorry and I won't do it again (altough I reserve the right to make lame ass Beowulf cluster jokes).
Netcraft confirms: In Soviet Russia, our new Beowulf cluster of All Your Base overlords welcome you for one, you insensitive clod!
It's used locally as idiom for any unexpected loss of an admin-type who was at least halfway competent. (Those less than halfway competent are "taken out and shot". Figuratively, I think.) Either "hit by a truck" or "run over by a truck" may be used, regardless of the actual means of the departure. Variants on the phrase may be used to clarify the nature and reason for departure.
Examples include my predecessor (fired after he flipped off his boss's boss's boss in front of witnesses, "hit by a karma truck"), the local Oracle-and-Solaris UberGuru (poached away by an employment recruiter at three times the salary, "hit by a Brinks truck"), one of the Extremely Senior network engineers (retired after a career in IT dating back to ENIAC; "hit by a truck headed to Florida"), our Macintosh Support Guru (err... killed by a literal tractor trailer while on his motorcycle; "hit by a real truck"), and most recently for another chap in networks (called up for Reserve Duty, "hit by an Army Truck," even though he's in the Marine Reserves).
The local pointy-haired auditor in charge of disaster recovery does NOT like the phrase showing up in our official contingency planning documentation, nor is he happy that various emergency documents are in envelopes prominently labeled "In case FRED is Hit By A Truck" (for various values of Fred). On the other hand, we've experimentally shown that non-IT staff who'll need to find them remember where they keep such files better than something labeled "Disaster Recovery Plan"... which fact we have also documented. The PHA has elected to ignore the minor mutiny.
There's a minor variant used for describing the (so far hypothetical) loss of multiple staff in a single subdepartment: "The Bus Blows Up". So far, that hasn't creeped into the official disaster documentation. And while I haven't seen it myself, I'm told the binder for our master "total loss" recovery scenario at the hot-site backup location is just labeled "EVERYBODY DIES".
CDR - Cheap, bigger than zip, no click of death, records audio CDs = kiss of death for the zip drive
Note that CDR (like DVD?R) comes in 80mm as well as 130mm size (plus the unofficial "business card" size). My analysis is that the reduced size of 80mm disks and incompatibility with slot-loader drives reduced demand, and that economies of scale then increased production costs so that 80mm disks routinely cost more than larger 130mm disks.
Also, since I routinely loan out laptops to students and faculty (I see about 500 students each year), and have been asked constantly since 2001 "does the laptop support...", I'd disagree that the CDR was the Zip-killer.
Syquest lost to Iomega via a lawsuit dating back to the Bernouili drive days, although it wasn't finally settled until the Zip era. The LS-120/240 superfloppies were killed by a combination of Zip's higher write speed, slightly earlier arrival, and the superior Iomega brand recognition (also dating back to the Bernouili drive days); I only ever had one (transfer) student ask if they were supported. Jaz penetration was limited by reliance on the less widely used SCSI, the slow speed of early USB, and (near the end) the slow speed of firewire market penetration. The Peerless drive was killed by a combination of extremely high price for drive and media, and the arrival of USB and FW external storage hard drives. I'm not really sure why the Iomega Clik disk bombed so badly, but it never showed up on my radar.
The floppy was all but killed (finally) by a combination of CDR (for one-off copies to hand to someone) and the USB flash drive (for current work carried with you, intended for frequent access and revision); it's now barely kept on life support for loading exotic SCSI drivers at Windows 2K server (re)installation time, by (to a lesser degree) BIOS motherboard updates, and by old fogies who can't figure out how to use CD burning software and/or too cheap to buy a Flash drive. USB Flash drives definitely were the Zip-killer. Despite every publicly available school owned machine having a CDRW-burner for a couple years and the local bookstore stocking 80mm CDRWs, the Zip 100 and 250's were quite common until 128 MB flash drives fell below $50; once that happened, it was all over but the legacy data migration.
The SanDisk combination SD/USB media (covered previously on /.) has made a noticable impact on flash media since it came out (IE: I saw two students using them, despite how recently they came out). IPods haven't taken a big chunk in the storage niche, mostly I think due to the need for having a funky connector wire, but obviously do well in the music market. With the increasing number of direct-to-DVD camcorders around, the affordability of DVD-burners, and the (almost) end of the DVD format war, I expect that 80mmDVD will also become more common in the next year or two. Network storage (GMail, iDisk, local NFS/HTTP/FTP-based homebrews, et cetera) is also popular locally, but is more of a long-term contender.
I don't see either of the new HD sucessors to DVD getting much higher market penetration than the LaserDisk in the US for at least the next five years, if they ever get anywhere at all.Regarding the final price, sniping only works if there are non-rational bidders.
Actually, there are other conditions that give value to sniping.
Like far too many people who work in economics, most of the discussion here has neglected analysis of information costs. If you place a proxy bid Ebay style, that gives information to other market players about what you are willing to pay; same thing when they bid. Studying the historical shape of the price curves vs. time, and given the public bid shown after at least five existing proxy bids and at least three hours left, it's not hard to make an estimate of what the winning bid will be... even with snipers. (However, I see no reason to reveal my own calculations about the curve, cf. Seldon's Laws. Yeah, "information wants to be free" and "mother nature protects no secrets"... but if you want the info, do the math yourself.)
It also helps if you understand the meaning of a demand curve. At low prices, there are a lot of people that will be at least casually interested in the item, with low maximum amounts they are willing to pay, and who do not wish to waste their time on bidding. In the Ebay community, many such people will bid casually on items they don't seriously expect to get. (I've bid on a couple desktop computers that were under $100 on this basis, and came suprisingly close to winning one.) This helps insure that there is often enough information to make reasonable projections.
There's also the value of time, both time-importance of an item, and the value placed on the bidder's time. Of course, since (barring Christmastime) there usually isn't major day-to-day variation in the demand curve for an item, similar projections can be made for more common items by examining completed sales data. The proxy-bid history curve is most useful for highly unusual or seldom-sold items (how much can you expect to pay for a collection of antique glass eyes?), or when trying to figure out if sniping will cause enough increase at the end of auction to be worth altering your own bid time.
I swear, it ought to be possible to get at least a couple dozen good doctoral theses out of analyzing the pricing data Ebay generates, even without doing experimental selling.
I found a similar bug with one of the early PC-based email apps used where I went to college in the 90's, allowing anyone who looked at how the thing worked (IE: read the batch file used to launch the program) to determine the password associated for any username. BAD design.
Of course, given the nature of the problem and the state of local security at the time, reporting the problem was easy. Working in one of the less-used open labs on sucessive Sundays around 3AM (when it was almost always deserted), I sent three messages, each detailing the hole, stating the message was sent as a demonstration, and suggesting both short-term and long-term fixes for the problem. The first was to the Postmaster account, from the username of the person behind Postmaster. The second went to all the IT subdepartment heads, everyone in the IT "Security" sub-department, the head of the Computer Engineering department, and the school's head — again, from the Postmaster. For the third, I added the rest of the CE department faculty, all of the full-time IT employees I could identify from the school phonebook, all of the academic department heads, and the faculty senate representatives. The fourth message would have added the mail list for the part time student computer lab monitors and the all the CE grad students... however, that hole had been closed. =)
I heard from a lab monitor in my dorm that all of the lab monitors and CE students were questioned about any involvement, for the powers that be were Not Happy. Fortunately for me, I was majoring in Mechanical Engineering at the time, and they did not elect to sweep that broadly. The people who ran the IT department were at least smart enough to learn from the experience; barely a month later, a school wide announcement went out, announcing that any problems discovered with security for any of the computer systems or labs should be reported to Security@, but that students should PLEASE not deliberately go poking around trying to find holes.
Security has tightened up considerably in the years since.
I suspect Linus's role is rather like that of a Highly Effective Systems Administrator; he doesn't seem to do much, everything just works, and even if some idiot runs him over with a truck, it takes a long while for things to fall apart afterwards. OTOH, if when the time comes you don't replace the loss with someone nearly as good, the difference will eventually be noticed.
But the irony is...if the Virii/Worms didn't exist in the first place, then we wouldn't NEED to improve security against such attacks.
Well... yes, but no.
There seem two equally obvious and unlikely counterfactuals that would preclude the existance of Virii/Worms. First, that computer systems security would be improved to the point where they were no longer possible. Second, that humans would no longer be motivated to develop them.
We could get a lot closer to the first state than we are at now; requiring the use of provably correct code in everything, zero defect tolerance in hardware, perhaps other measures. It's unrealistic, and you'd still have to do provable correctness of interaction each time you added a new software component to the system. Yes, hacker attacks can be expensive... but the probable cost-benefit analysis makes proven correct systems economically impractical.
As for the second... well, pigs are more likely to fly out of my butt, and I'm not going to invest in pork futures on that basis.
TFA is trying to distinguish from the sort of mischief-makers that create the digital equivalent of the Common Cold (annoying, but seldom serious) from those who work to create the digital equivalent of Ebola. And yes, it might be worth having lower penalties for hackers who are not operating from economic motives, or for those operating from political motives who are more nuisance than harmful.
The largest part of the problem is that a lot of software is crap from a security standpoint (in part, because building good software is hard). Perhaps a set of Federal software whistleblower laws should be created for commercial products. My first pass at the idea: The law should guaranty buyers the right to reverse-engineer software to investigate it for security, regardless of any EULA (IE: you can look); create a federal clearinghouse for the reporting of any discovered security hole, with such reports being inadmissible as evidence for any civil or criminal case (IE: we won't threaten you with prosecution for reporting holes); have the federal clearinghouse report the nature of the holes found to software manufacturers; and require that for any product released within five years, manufacturers must (a) within 90 days of being formally notified, offer consumers without charge either a patch, an upgrade to a current unaffected version, or the option to return the product for refund of original purchase price, and (b) within 180 days of being notified, provide without charge a patch or a free upgrade to an unaffected version if such exists, or be required to issue a mandatory recall for the product and become legally responsible for consequential damages (IE: fix it or be f---ed, Billy).
On real world, some people want to live with his doors unlocked, mostly on rural areas.
Which may not be a bad thing... in rural areas. If the system is connected to the internet, it's like an apartment in a city with a total population larger than that of the top twenty worlds largest cities combined together with the entire population of India. Oh, and with rampant street gangs, a red light district that can be seen from orbit, and residents whose average manners make a Bronx taxi driver look like Emily Post.
As noted in TFA (page 4), the product is carried by Thinkgeek, which like Slashdot, is owned by OSTG.
The quote has been variously attributed to Yogi Berra, Chuck Reid, Jan L. A. van de Snepscheut, and is sometimes called a corollary to Heenan's Research Premise. I picked it up from my dad, along with other bits of wisdom from his long engineering career.
What about Sid Meier?
As the TFA points out, the names that have dominated for the last ten years haven't changed; it's speculating on why no-one else has recently joined the pantheon.
The problem with the existing system is that it is geared around people learning as and when the teacher gets round to it, rather than pushing people as far and as fast as they are able.
Having dealt with acceleration, pushing them as fast as they can go is not always the best plan; it tends to make socialization difficult, and produce bad results later on. Pushing them as wide as they can roam produces more well-rounded results. Of course, that's hard to manage without extraordinarily flexible teachers in an adaptible environment... which far too many schools don't have. It's also a challenge to maintain a sense of order with such conditions, which is also important to child development.
That said... if a school system can't handle anything fancier, acceleration is better (both for the school and for the kid) than the devil recruiting idle hands.
So I quickly knocked out all 3 in like 15 minutes (was supposed to take the full 50 or so) and ended up bored out of my wits by 25 minutes. I started to talk to people and got written up.
Well, that would be part of the problem: distracting other students.
I ended up in a similar situation once during some stupid diagnostic math testing during middle school; they were testing all of the grade levels on the same day. We were given ninety minutes; I finished in twenty, spent three minutes checking my work, and three more minutes taking apart my pen and putting it back together. Then I wandered up the the teacher's desk to quietly (albeit stubbornly) point out the problem.
"I'm finished; now what?" "Check your work."
"I did — twice." (I was a rotten kid: I lied.) "I'm bored." (True.) "Can I please have the next grade's test to work on?"
This got me a full ten seconds stare out of a teacher who normally had an instant response to anything. She then went and got me the test (probably figuring it was an easier way to shut me up than debating me), and I went back to my desk happy. (I like math.) Nineteen minutes later, I was back in her hair, to her overt lack of amusement. It took a few minutes to get the next grade level. (I heard from one of the older kids on the bus she was quietly venting to the other teacher about the "fidgity twep".) When I got the test, it was challenging enough to keep me occupied for the remaining time.
My parents got a call asking for a conference with the teacher about my attitude before the end of the day. They got a lot of those over the years, although each of my sisters caused more. (The one over my oldest sister's outraged sermon to her fifth grade gym teacher over his failure to give due heed to Title Nine was the most memorable: mom and dad both laughed for a week about it, and embarass her with the story to this day.) My parents said that the next Tuesday would work for both of them. Of course, this was before the teacher had graded the test results. By the actual conference, the principal was added to the meeting, so they could figure out how to deal with my having tested out of three years worth of math: I had made only one mistake between all three tests. The teacher apparently made a weak attempt to bring up my attitude "problem", but my parents civilly pointed out that I had been polite, reasonable, and (in hindsight) utterly justified in my response. The teacher was smart enough to recognize a futile arguement when it hit her with a two-by-four, and dropped the issue.
Advice to parents: if you were bored and bright in school, plan ahead for the likelihood that your kids may be. Also plan for conferences over the issue.
You can't buy curiosity.
Of course, FDA approval will take a bit longer.
A guardian/parent has accepted the obligation to raise and support their dependents.
Implicitly, anyway; I have damn near no sympathy for those who become sexually active without taking contraceptive precautions, and end up parents by mistake. I'd also add that although expectation of some level of social support for the process is reasonable, the ultimate responsibility for the result is the parents'. However, any social framework or institution that does not facilitate or precludes such rearing faces long-term evolutionary pressure against it. Can you say "revolution", children? (No, dumbasses, "say" does not mean "sing"....)
A Marine PFC has accepted the obligation to go risk their life wherever ordered, accepting the pay the DoD has deemed sufficient.
Essentially accurate (although I believe Congress actually determines pay grades, that detail is moot to this discussion). However, a shift in accounting rules resulting in a massive shift of what their effective usable income is inequitable, especially when the PFC is stuck in a two, four, or six year enlistment. Furthermore in a longer term perspective, by diminishing the value of effective monetary remuneration, especially without increasing perceived non-rational value on service (EG: "patriotism"), diminishing the price will diminish the supply of recruits... and possibly the quality as well. That is to say: if you don't pay, they won't show up.
I realize the military is working on this, but are those obligations really compatible at the same time?
Take a longer term perspective. My understanding is parents with a history of military service tend to produce kids more likely to enter military service. It's to the military's long-term benefit to insure conditions are supportive of raising kids, to the extent that it is possible to do so without compromising military operations.
In the private sector we (IMHO rightly) have little sympathy for anyone who just entered the job market and wants to have children before having developed any distinctive skills and advanced beyond the minimum wage.
I'll grant that anyone planning to have kids should consider the economic realities of their situation before jumping in and doing so. Having children is a luxury for a couple, one that may require forgoing others, like the latest-and-greatest electronic entertainments.
On the other hand, having children is a necessity for viable society (leaving aside a few moot cases). My depression-baby parents didn't marry and start having kids until they were both about thirty, but were regarded as strange in their day; despite both my parents being the oldest in their rather large families, I only have two cousins younger than me. Corporations are legally obligated not to have a sense of social responsibility; however, I fear that it is detrimental to society that child-rearing be so routinely postponed so long.
I suspect your politics align well with the Cheap Labor Conservatives, and that's not a good thing in my book. Of course, I'm a green-to-liberarian peak-oil kook with a nasty pragmatic streak... what would I know?
Most certifications (except perhaps Cisco) are meaningless
Not meaningless, but definitely overinflated. From my (limited) experience, the importance/usefulness of Microsoft certifications are overinflated by a factor of 5-10, most Linux certifications by a factor of 3-5, and Cisco certifications by a factor of 1 to 3. Generally, when there are tiered certification levels, the higher certification levels are less overinflated.
Certification indicates they understand the theory. In theory, there is no gap between theory and practice, but in practice there usually is.
do a test, create an account on their site, but don't put ANY personal information, bare minimum.. wait a week and check how many flirts you get from women..
As a control, you can also create the profile for "Ima Lyon-Bastard", or similar.
I can't remember which sites I tested it on, but I signed up for about a dozen free memberships using a disposable Dodgeit.com mail drop, and created a profile accurate about age and location — but used a poverty-line income, the psychological profile of a sociopath ("Hobbies: torturing puppies, kittens, and bunnies"), and repeated notes on the lines of "This is a bogus profile; no contacts will be acknowleged or responded to". One site killed the account inside 3 days, and one let it just sit there.... but I got a couple dozen "enthusiastic" flirting responses apiece within a week from all of the others.
I doubt section 230 immunity stretches to covering cases where an employee of the dating service is responsible for the shell script creating the responses....
The server checks the http:// refering link; off-site deep links to the print page go to the issue page. Solutions include: click on "text" once the page loads, paste the aforementioned URL into your browser from any other Escapist.com page, change the "issue" to "print" once the page loads manually, use a refer-spoof enabled browser, or read the article from one of the Anonymous Coward "reprints". If you feel guilty about the copyright violation, stop off and read the semi-pointless ad they stuck in the middle of the article... after their server finishes melting through the floor.
Can someone confirm this is the same Blizzard that hawks DRM crippleware?
The degree of DRM crippleware in their products vary. I'm pretty sure they've never used Starforce. Several require a CD; while the usual pirate NOCD patches exist, the NOCD versions can't be used to play via the Blizard.Net servers.
More complaints come about Blizzard's "Warden Client" anti-cheating package, since it's arguably a form of spyware, and the methods have some false positive potential. I thought I remembered it also had some limited copy-protection stuff, too (IE, complaining about Alcohol 120%), but I find no on-line confirmation.
There are certainly other makers that are have both more hostile and more friendly DRM attitudes; Blizzard seems about middle-of-the-road for the Games industry, as far as protection systems go.
Don't like DRM? Keep trying for that Amulet of Yendor.
You should at least spell the names right; evidently, it's de Raadt.
So put this and this together, and we read the secret headline "Midaeval Piracy Laws", thereby tying HIPAA in with the MPAA and RIAA and the basic Slashdot anti-Copyright agenda! Yes, it's a *AA conspiracy!
Go on, mod me insightful. It's a slow news week so far.
Perhaps true; on the other hand, the P-T extinction event wiped out better than 90% of sea species, and 70% of land species. It didn't kill the planet, but it came closer than anything since the formation of Luna.
On the gripping hand, getting rid of the extremophile bacteria as well would pretty much requires re-liquification of the entire planetary crust for a multi-century timescale.
Ordinarily, I'd ask someone like you to share the really good drugs you have access to, but evidently you've already given away all of your anti-psychotics.