I tend to go for the "we're spewing particles out of an accelerator just to see what happens and looking at the results in a roundabout way to extrapolate the existence of particles."
Extrapolate how? Looking at the results there appears to be an unaccounted-for mass concentration present in the reaction. If it's not a new type of particle then what? The evidence is there, now the task is to find an explanation for the phenomena.
The methods themselves are not questionable, but extrapolation such as this can easily lead to errors in conclusions drawn.
I think you are the one doing the erroneous extrapolation.
The author of the "story" is wining and bitching about how hard it is to make a functional copy of a Windows installation and how supposedly this is some kind of "license enforcement" issue when anyone with half-a-brain can read the KB article themselves that the reason it's not supported and will cause problems is that you're violating the internal security policy of your own network by having duplicate machine SID's on your network. To make it work you have to change the SID, but since MS obviously feel it's not reliable enough they're recommending it as a workaround (since, hey, if anyone could just change the SID no questions asked we'd get another Slashdot article about how Windows is fatally flawed). Had they simply put in a safety that stops the image from working completely, I'm sure the crap would have flown even further.
Not to mention that there are perfectly fine methods for doing large-scale Windows roll-outs for those who need them, which don't involve 3rd party software kluges like Ghost.
If 1.4 million deleted all their MP3s and we assume the average P2Pirate had 100 illegal MP3s with the well-known value of $2,500 per track, this means RIAA member companies just made a net profit of:
The US military is moving to solely IPv6 by the end of the decade. The rest of the US government will probably be not too far behind. IPv6 is happening right now, and will replace IPv4.
I think given the current information security knowhow and general paranoia in the US Administration, they'll move to carrier-pidgeons or something. Yes, I know there is a RFC for that.
It is critical for anti-spam blocklists to operate in real time. The lists are not "distributed" like software, movies or other media. The blocklist must be queried, and those queries must operate close to real-time.
The best ones allow you to make a zone transfer for yourself. This could be used with a P2P delivery method to distribute a DNSbl. Maybe it could have a push instead of a pull stream.
Also, operating in real-time is important to support removal from the list (and potential legal problems associated with being unable to remove someone promptly).
How can there be legal problems with something you have no control over (indirect usage of blocklist information)? Reminds me of spammers claiming that posting their spam in public and causing them to get blocked by other people is illegal.
An interesting thing i saw on today tonight a while ago whilst in the middle of the last Aussie drought (which we're still pretty much in) was a guy who was using this left over laundry water and sink water and other waters to water his grass and gardins!
And what about the laundry detergents that get soaked into the soil and water reserves? It might not have an effect if one guy does it but what if everyone did it? I've lived in a place that had a natural water reservoir nearby and it doesn't take a lot to contaminate - the whole town spent several days without drinkable water when someone decided to dump some slaughter waste in the wrong place.
Apart from the "University of Finland" and all the cutesy Lemmings jokes, does this strike anyone as horrificly unscientific? I mean, it's been observed for ages that the growth of the population of the prey causes a growth in population of the predator. Then your population growth for the lemmings looks something like:
dL/dt = bL/2 - hP
where L is the lemming population, b is the average number of lemmings born in a time interval, P is the number of predators and h is some constant. P on the other hand is related to L by some observed relation:
dP/dt ~ L
Given suitable values for b and h we can predict the behaviour of the lemming population without having to invent catastrophic events to explain the fluctuations of L without any empirical evidence to support them.
In a half hour slot, Fox gets in one episode of the Simpsons. The BBC gets in two episodes of the Simpsons in one half hour slot. The Simpsons is barely more than 15 minutes of content! The rest is all ads.
Well, that and the syndication cuts. You're not seeing the whole show.
Number two - Blogging is a catch phrase that will be looked back at as nothing more than a fad similar to madlibs.
Well, fad or not, it's here to stay.
Re:Who gives a shit about the ECMA?
on
C# 2.0 Spec Released
·
· Score: 5, Informative
Who the hell is the ECMA?
"Ecma International is an industry association founded in 1961, dedicated to the standardization of information and communication systems."
Here is a list of their standards. It includes specs related to C, Ada, IDL, ECMAScript (JavaScript), C# and WSDL. Interestingly enough, Sun and Oracle are absent from their membership list.
Why not an IETF standard?
Hint: the "I" stands for Internet. What does C# have to do with the Internet?
Brute force is killing thought. We do not learn from randomly testing cases.
I agree that random testing of cases doesn't solve anything. But there are problems that can be solved by reducing the problem to a set of special cases which can then be checked by a computer to verify our claim. The magic tour problem for 4k x 4k boards was proved this way.
Of course, mathematicians usually prefer a completely analytic solution, like was the case with the computerized proof of the 4-color theorem.
Every try to enter your alphanumeric login ID and password to a web site on a cell phone or Personal Digital Assistant? It is next to impossible!
Effective next monday, all Internet users will have their usernames and passwords converted to 32-digit numbers to comply with telephone-Internet convergence. Use them to login to our website at http://2529850985513857918375981751. Your username and password are:
Prior investment. If it works, its even cheaper to not upgrade and keep the old stuff.
Some companies overdo this and when the upgrade time finally comes (let's face it, eventually all software will become obsolete - if not before then at least when any hardware left running it becomes scrap metal), they incur higher costs than if they'd upgraded earlier because now they have to replan their entire architecture and most if not all of their old skills and processes are completely obsolete.
So I don't think it's a simple question of "don't upgrade until you have to".
Too bad they left out angles like "large multinationals ripping off independent OSS dev teams to boost profits" and "blatant copyright violations". At least the article makes it clear you shouldn't attempt to violate the GPL because the FSF will come after you. Maybe they'll follow this article with a similar blather about the BSA?
I guess we've entered a stage where it's bad to steal for profit but even worse to share something for free.
There will be no TIE fighters until we have friction in space.
True, but some of the more "realistic" space-combat games like I-War had a Newtonian flight model but included an autopilot function that would both restrict your speed in relation to your target as well as strive to maintain your speed relative to your heading, mainly so that you were always heading towards your velocity vector. Of course one could override the autopilot at strategic moments to gain an advantage.
It was actually quite a believable hypothesis on what actual space combat would be like provided we still needed humans to pilot the craft at that point. B5 also used this idea.
They've just outlawed a large chunk of programming knowledge. Well, non-US programmers now have a lot less competition!;)
Those who think this won't affect non-USasians, think again. Most transcontinental Internet connections pass through networks owned by US-based entities - thereby covered by US law.
Let's say you're contracted to perform a vulnerability scan from London against a subsidiary company in Tokyo. You decided to use the hacker tool known as nmap. Since the packets travel through the US, you are violating this proposed law. As I believe the UK has an extraditement treaty with the US over cybercrime, guess what happens if your competitor who lost the contract turns you in to the FBI for using hacker tools inside US networks?
Sure, it's a radical example of the potential effects of badly written law, but do you trust the current US government to know any better?
Correct me if i'm wrong but dont most Radio transmission technologies use some form of magnetic induction in order to achieve their goal.
The point is using magnetic fields and mutual inductance rather than electromagnetic radiation to transfer information wirelessly.
Last i heard passing electricity through a coil produces a magnetic field.
More precisely, passing an alternating current through any conductor will produce a magnetic field. This magnetic field in turn will create a current in another conductor some distance away (the article sites four feet as the maximum distance) which can be used to observer the original signal.
It's an old concept, but since magnetic fields created by normal AC powers are pretty weak it's not really that useful. Apparently they've managed a very-high frequency (the effect is proportional to the change in current) alternating current in a chip small enough to make this possible.
But what happens when you deploy Windows on the server? Yup, you're locked into Windows on the clients.
Why? What if the Windows software offers connection methods using standard protocols (HTTP, SMTP, IPSec, FTP, SSH)?
Take Access and a SQL Server backend... Doesn't talk with much else properly.
Why do you need Access? SQL Server is a great RMDB database by itself, it's cheaper than Orrible and has more features than mysql or postgresql. It also has a ton of 3rd-party stuff.
Try getting ODBC drivers to talk to that SQL Server reliably. That's lock-in at its finest.
I must mention that to all the C++ guys using native ODBC to access SQL Server. You must of thinking of their JDBC drivers, which I admit were patchy at least a few years ago.
Funny thing though, if you replace that SQL Server with Oracle or Postgresql or even MySQL on a Linux backend and web browser frontends, you suddenly have lots of wiggle room. You can use Macs, your PDA, your text terminal, your Linux boxes that cost next to nothing to deploy.
Your hypothesis is the same cannot be done on an MS platform. Fine, except we did exactly this at my last place of ork.
Hardly, the current crop of Linux distros are easy enough to install and maintain that my 70yr old father can do it. Your existing Windows admin, if he is at all competent, should be able to do the same. If not, hire a couple college kids for 1/4 the salary of that Windows admin to maintain your Linux for you.)
Yeah, that's what I'd want in my 1000+ workers factory. College kids installing and maintaining my mission-critical servers and clients. Not. Properly managing an enterprise software installation across multiple sites is so much more than running Red Hat installation routines and compiling kernels.
In case you've been asleep, the United States has outsourced small and midsized manufacturing to the Far East or Latin America.
Well, duh. What do you think the manufacturers use to control their subcontractors in foreign countries without distributed desktop manufacturing application? Abacuses? More than ever it's crucial that there is a robust solution that allows for multiple installations across the world. This involves things you didn't run into ten years ago with your dinosaur server running SAP - VPN's, Internet security, browser-based interfaces, mobile interfaces, l12n, i18n and so on.
There's a lot of market for such software. The one positive thing about this is, with browser-based interfaces and remote-access methods based on standard IPSec Linux clients can theoretically also be used, even if the server software runs on Solaris, OS/400 or W2K.
Flat rate packages provide a great value for the consumer and also simplify the consumer's finances. There is good reason that millions of consumers are moving to flat rate service providers.
Not all of them - I had a good chuckle some time ago when a local Internet provider/media company launched their offer of rated dialup without a fixed fee. Their reasoning was that people hate paying monthly fees and would rather pay-per-use, something, against which I as an ex-dialup and ISDN user can testify!
Which equatorial country is the U.S. going to invade?
Cuba...
Not only invade it, they'd also have to shift the continental plates around to move the island of Cuba some thousand miles south to the equator. No doubt would this have a devastating impact on the ability of Cuban refugees to reach Florida.
Isn't Slashdot wonderful! Not only can you get ill-informed opinions on physics but geography too!
There is climate change, and it is very, very likely to have been caused by human intervention.
Stringing the word very together a lot of times does not equal perfect scientific proof. Yes, there are higher reported amounts of greenhouse gasses. Yes, there are climate changes (always have been). Whether A=>B has not been proven without the shadow of doubt. The models in use are somewhat controversial: Google for "stefan-boltzmann" AND "global warming".
Steve Gibson's site has a section to test all the ports associated with your network connection. Go there, scroll down and click on 'All Service Ports' - it will tell you if your system is vulnerable.
No, it won't. It really won't. All it does is tell you that you are possibly running services (or appearing to run services) on certain port number configurations. If I run QotD on port TCP 135, am I vulnerable to something? What's worse, at least in the past it only tested a handful of ports when any service that is potentially vulnerable can be run on any possible port.
Behind a Linksys or SMC home router, you are invisible to the rest of the world. Not sure how much better it can get than that.
The whole GRC-stealth-nanoprobes stuff is like a bad Hollywood hacker movie. Gibson claims you are invisible if your packet filter issues DENY instead of REJECT, but forgets to mention that running any legitimate services on a server will negate any usefulness this might carry.
He also neglects the concept of tarpits, where your packet filter issues delayed connections on all possible ports. According to Gibson, such a tarpit would be "highly vulnerable"! Anyone looking to learn about packet filters should avoid grc.com.
I wonder if he's fixed the port scanner client to prevent it from being subverted to port scan arbitrary IP addresses by proxy yet?
Slashdot Mirror
I tend to go for the "we're spewing particles out of an accelerator just to see what happens and looking at the results in a roundabout way to extrapolate the existence of particles."
Extrapolate how? Looking at the results there appears to be an unaccounted-for mass concentration present in the reaction. If it's not a new type of particle then what? The evidence is there, now the task is to find an explanation for the phenomena.
The methods themselves are not questionable, but extrapolation such as this can easily lead to errors in conclusions drawn.
I think you are the one doing the erroneous extrapolation.
The author of the "story" is wining and bitching about how hard it is to make a functional copy of a Windows installation and how supposedly this is some kind of "license enforcement" issue when anyone with half-a-brain can read the KB article themselves that the reason it's not supported and will cause problems is that you're violating the internal security policy of your own network by having duplicate machine SID's on your network. To make it work you have to change the SID, but since MS obviously feel it's not reliable enough they're recommending it as a workaround (since, hey, if anyone could just change the SID no questions asked we'd get another Slashdot article about how Windows is fatally flawed). Had they simply put in a safety that stops the image from working completely, I'm sure the crap would have flown even further.
Not to mention that there are perfectly fine methods for doing large-scale Windows roll-outs for those who need them, which don't involve 3rd party software kluges like Ghost.
If 1.4 million deleted all their MP3s and we assume the average P2Pirate had 100 illegal MP3s with the well-known value of $2,500 per track, this means RIAA member companies just made a net profit of:
1.4 * 10^6 * 100 * 2500 = 350 billion USD
The US military is moving to solely IPv6 by the end of the decade. The rest of the US government will probably be not too far behind. IPv6 is happening right now, and will replace IPv4.
I think given the current information security knowhow and general paranoia in the US Administration, they'll move to carrier-pidgeons or something. Yes, I know there is a RFC for that.
It is critical for anti-spam blocklists to operate in real time. The lists are not "distributed" like software, movies or other media. The blocklist must be queried, and those queries must operate close to real-time.
The best ones allow you to make a zone transfer for yourself. This could be used with a P2P delivery method to distribute a DNSbl. Maybe it could have a push instead of a pull stream.
Also, operating in real-time is important to support removal from the list (and potential legal problems associated with being unable to remove someone promptly).
How can there be legal problems with something you have no control over (indirect usage of blocklist information)? Reminds me of spammers claiming that posting their spam in public and causing them to get blocked by other people is illegal.
An interesting thing i saw on today tonight a while ago whilst in the middle of the last Aussie drought (which we're still pretty much in) was a guy who was using this left over laundry water and sink water and other waters to water his grass and gardins!
And what about the laundry detergents that get soaked into the soil and water reserves? It might not have an effect if one guy does it but what if everyone did it? I've lived in a place that had a natural water reservoir nearby and it doesn't take a lot to contaminate - the whole town spent several days without drinkable water when someone decided to dump some slaughter waste in the wrong place.
Apart from the "University of Finland" and all the cutesy Lemmings jokes, does this strike anyone as horrificly unscientific? I mean, it's been observed for ages that the growth of the population of the prey causes a growth in population of the predator. Then your population growth for the lemmings looks something like:
dL/dt = bL/2 - hP
where L is the lemming population, b is the average number of lemmings born in a time interval, P is the number of predators and h is some constant. P on the other hand is related to L by some observed relation:
dP/dt ~ L
Given suitable values for b and h we can predict the behaviour of the lemming population without having to invent catastrophic events to explain the fluctuations of L without any empirical evidence to support them.
In a half hour slot, Fox gets in one episode of the Simpsons. The BBC gets in two episodes of the Simpsons in one half hour slot. The Simpsons is barely more than 15 minutes of content! The rest is all ads.
Well, that and the syndication cuts. You're not seeing the whole show.
Number two - Blogging is a catch phrase that will be looked back at as nothing more than a fad similar to madlibs.
Well, fad or not, it's here to stay.
Who the hell is the ECMA?
"Ecma International is an industry association founded in 1961, dedicated to the standardization of information and communication systems."
Here is a list of their standards. It includes specs related to C, Ada, IDL, ECMAScript (JavaScript), C# and WSDL. Interestingly enough, Sun and Oracle are absent from their membership list.
Why not an IETF standard?
Hint: the "I" stands for Internet. What does C# have to do with the Internet?
Brute force is killing thought. We do not learn from randomly testing cases.
I agree that random testing of cases doesn't solve anything. But there are problems that can be solved by reducing the problem to a set of special cases which can then be checked by a computer to verify our claim. The magic tour problem for 4k x 4k boards was proved this way.
Of course, mathematicians usually prefer a completely analytic solution, like was the case with the computerized proof of the 4-color theorem.
Every try to enter your alphanumeric login ID and password to a web site on a cell phone or Personal Digital Assistant? It is next to impossible!
Effective next monday, all Internet users will have their usernames and passwords converted to 32-digit numbers to comply with telephone-Internet convergence. Use them to login to our website at http://2529850985513857918375981751. Your username and password are:
Username: 72946835 56198569 01854984 91856914
Password: 57105710 19158294 19469819 14691749
This is done for your convenience. Have a nice day!
Prior investment. If it works, its even cheaper to not upgrade and keep the old stuff.
Some companies overdo this and when the upgrade time finally comes (let's face it, eventually all software will become obsolete - if not before then at least when any hardware left running it becomes scrap metal), they incur higher costs than if they'd upgraded earlier because now they have to replan their entire architecture and most if not all of their old skills and processes are completely obsolete.
So I don't think it's a simple question of "don't upgrade until you have to".
Too bad they left out angles like "large multinationals ripping off independent OSS dev teams to boost profits" and "blatant copyright violations". At least the article makes it clear you shouldn't attempt to violate the GPL because the FSF will come after you. Maybe they'll follow this article with a similar blather about the BSA?
I guess we've entered a stage where it's bad to steal for profit but even worse to share something for free.
There will be no TIE fighters until we have friction in space.
True, but some of the more "realistic" space-combat games like I-War had a Newtonian flight model but included an autopilot function that would both restrict your speed in relation to your target as well as strive to maintain your speed relative to your heading, mainly so that you were always heading towards your velocity vector. Of course one could override the autopilot at strategic moments to gain an advantage.
It was actually quite a believable hypothesis on what actual space combat would be like provided we still needed humans to pilot the craft at that point. B5 also used this idea.
They've just outlawed a large chunk of programming knowledge. Well, non-US programmers now have a lot less competition! ;)
Those who think this won't affect non-USasians, think again. Most transcontinental Internet connections pass through networks owned by US-based entities - thereby covered by US law.
Let's say you're contracted to perform a vulnerability scan from London against a subsidiary company in Tokyo. You decided to use the hacker tool known as nmap. Since the packets travel through the US, you are violating this proposed law. As I believe the UK has an extraditement treaty with the US over cybercrime, guess what happens if your competitor who lost the contract turns you in to the FBI for using hacker tools inside US networks?
Sure, it's a radical example of the potential effects of badly written law, but do you trust the current US government to know any better?
Gee, silly me, and I always thought Faraday developed "magnetic induction" and that it was in wide use.
I wonder what else was "developed" during the late 1950s? Gravity? Atoms? No doubt by the Americans who captured U-571 and won the Battle of Britain.
Correct me if i'm wrong but dont most Radio transmission technologies use some form of magnetic induction in order to achieve their goal.
The point is using magnetic fields and mutual inductance rather than electromagnetic radiation to transfer information wirelessly.
Last i heard passing electricity through a coil produces a magnetic field.
More precisely, passing an alternating current through any conductor will produce a magnetic field. This magnetic field in turn will create a current in another conductor some distance away (the article sites four feet as the maximum distance) which can be used to observer the original signal.
It's an old concept, but since magnetic fields created by normal AC powers are pretty weak it's not really that useful. Apparently they've managed a very-high frequency (the effect is proportional to the change in current) alternating current in a chip small enough to make this possible.
it's almost like buying fake dog shit when i've got a perfectly healthy dog producing the real thing every day before lunch...
Then why not use some of it for flinging at Microsoft.
But what happens when you deploy Windows on the server? Yup, you're locked into Windows on the clients.
Why? What if the Windows software offers connection methods using standard protocols (HTTP, SMTP, IPSec, FTP, SSH)?
Take Access and a SQL Server backend... Doesn't talk with much else properly.
Why do you need Access? SQL Server is a great RMDB database by itself, it's cheaper than Orrible and has more features than mysql or postgresql. It also has a ton of 3rd-party stuff.
Try getting ODBC drivers to talk to that SQL Server reliably. That's lock-in at its finest.
I must mention that to all the C++ guys using native ODBC to access SQL Server. You must of thinking of their JDBC drivers, which I admit were patchy at least a few years ago.
Funny thing though, if you replace that SQL Server with Oracle or Postgresql or even MySQL on a Linux backend and web browser frontends, you suddenly have lots of wiggle room. You can use Macs, your PDA, your text terminal, your Linux boxes that cost next to nothing to deploy.
Your hypothesis is the same cannot be done on an MS platform. Fine, except we did exactly this at my last place of ork.
Hardly, the current crop of Linux distros are easy enough to install and maintain that my 70yr old father can do it. Your existing Windows admin, if he is at all competent, should be able to do the same. If not, hire a couple college kids for 1/4 the salary of that Windows admin to maintain your Linux for you.)
Yeah, that's what I'd want in my 1000+ workers factory. College kids installing and maintaining my mission-critical servers and clients. Not. Properly managing an enterprise software installation across multiple sites is so much more than running Red Hat installation routines and compiling kernels.
What manufacturing?
In case you've been asleep, the United States has outsourced small and midsized manufacturing to the Far East or Latin America.
Well, duh. What do you think the manufacturers use to control their subcontractors in foreign countries without distributed desktop manufacturing application? Abacuses? More than ever it's crucial that there is a robust solution that allows for multiple installations across the world. This involves things you didn't run into ten years ago with your dinosaur server running SAP - VPN's, Internet security, browser-based interfaces, mobile interfaces, l12n, i18n and so on.
There's a lot of market for such software. The one positive thing about this is, with browser-based interfaces and remote-access methods based on standard IPSec Linux clients can theoretically also be used, even if the server software runs on Solaris, OS/400 or W2K.
Flat rate packages provide a great value for the consumer and also simplify the consumer's finances. There is good reason that millions of consumers are moving to flat rate service providers.
Not all of them - I had a good chuckle some time ago when a local Internet provider/media company launched their offer of rated dialup without a fixed fee. Their reasoning was that people hate paying monthly fees and would rather pay-per-use, something, against which I as an ex-dialup and ISDN user can testify!
Cuba...
Not only invade it, they'd also have to shift the continental plates around to move the island of Cuba some thousand miles south to the equator. No doubt would this have a devastating impact on the ability of Cuban refugees to reach Florida.
Isn't Slashdot wonderful! Not only can you get ill-informed opinions on physics but geography too!
There is climate change, and it is very, very likely to have been caused by human intervention.
Stringing the word very together a lot of times does not equal perfect scientific proof. Yes, there are higher reported amounts of greenhouse gasses. Yes, there are climate changes (always have been). Whether A=>B has not been proven without the shadow of doubt. The models in use are somewhat controversial: Google for "stefan-boltzmann" AND "global warming".
Steve Gibson's site has a section to test all the ports associated with your network connection. Go there, scroll down and click on 'All Service Ports' - it will tell you if your system is vulnerable.
No, it won't. It really won't. All it does is tell you that you are possibly running services (or appearing to run services) on certain port number configurations. If I run QotD on port TCP 135, am I vulnerable to something? What's worse, at least in the past it only tested a handful of ports when any service that is potentially vulnerable can be run on any possible port.
Behind a Linksys or SMC home router, you are invisible to the rest of the world. Not sure how much better it can get than that.
The whole GRC-stealth-nanoprobes stuff is like a bad Hollywood hacker movie. Gibson claims you are invisible if your packet filter issues DENY instead of REJECT, but forgets to mention that running any legitimate services on a server will negate any usefulness this might carry.
He also neglects the concept of tarpits, where your packet filter issues delayed connections on all possible ports. According to Gibson, such a tarpit would be "highly vulnerable"! Anyone looking to learn about packet filters should avoid grc.com.
I wonder if he's fixed the port scanner client to prevent it from being subverted to port scan arbitrary IP addresses by proxy yet?