They do have every right, legally speaking. It's not a feature of Slashdot or internet culture, it's a feature of the American style of government. Ethically speaking, most security researchers disclose responsibly anyway - they give the company a month or so to fix the problem before telling the world. I, and probably most slashdotters, would agree that telling world+wife before the company producing the software has had a fair bash at the problem is a little off, if only because a lot of us know what it's like to be in the company's position.
In fact, it's essential to have a healthy population of security researchers finding flaws and (eventually) making them public, because it stops companies sitting on their arses for months or otherwise playing silly buggers
I guess this puts one more hole in the "security researchers should keep security holes to themselves" coffin. Obviously there's some fairly smart people out there in the black-hat community - if there's a flaw such as the recent issue with Cisco routers, they're gonna discover it eventually.
Any closed-source cryptography is not at all secure.
Correction: any cryptography that relies on being closed-source is not at all secure. A commercial implementation of RSA can be just as secure as an open-source version, modulo the risk of dumb programmer errors.
I wouldn't necessarily consider this to be media arrogance - I'd suspect that the CNet reporters probably just had the same idea of fair play that I do. I obviously can't fault them for that; you, of course, can, but do take care that you're not angry at them over arrogant attitudes they may in fact not hold.
The CNet crew were discussing privacy risks that were the direct product of the company run by the guy in question. MOG's 'report' on PJ was, by contrast, of absolutely no relevance to the discussion - the only applicable question is "is this individual working for IBM", the answer to which appears to be "no".
I consider it fair game when spammers get sent tonnes of unsolicited snailmail. I consider it fair game when officials in favour of the police being able to rifle through garbage without a warrant get their garbage rifled through. Equally, I consider it fair game when someone whose company is distributing large amounts of personal information (before anyone makes the obvious objection, I'm thinking of Google Cache) has personal information from that very source distributed. If they don't want that information spread, they'll have to do what the rest of us are stuck with doing and ask Google to remove the relevant pages from its index. In his case, of course, it's far easier than it would be for the average joe.
I don't see it as unacceptable for CNet to redistribute Google's CEO's personal information when it was handed to them on a silver plate by the company he runs. Especially not when they were trying to drive home the very issue that is currently ticking him off.
I read it as a finely tuned critique of GUI installers, personally. Of course, I'm nearly passed out from overdoing a martial arts session, so maybe it's just me.
Re:Sometimes, we're just worried about students
on
Textbooks With EULAs
·
· Score: 1
My uni completely sidesteps the entire issue of versions by producing their own problem sets and (presumably) writing their own lecture courses to their exacting specifications. I imagine this must be a hell of a lot more work, of course.
As a side note, this has been a really interesting discussion. Thanks everyone.
Part of the problem is that, in the US, a lot of professors make serious cash by writing a textbook, producing a "new, improved version" every year (actually the old version with the questions rearranged a bit) and standardising on it for their course. This approach even locks out old versions of the textbook, let alone competing "open" textbooks.
The UK seems not to have this problem. This is one of the (comparatively few) areas where the USA would benefit from taking our lead.
a) A hell of a lot of learning happens at a good university, the trick is finding the good ones.
b) Universities aren't all about profit. Given the crappy wages that academics generally get, a healthy dose of idealism is an absolute necessity for maintaining progress.
I have at least one professor who is, IIRC, extremely rich and only teaches because he wants to "give something back" to the academic community. Any attempt to kill that kind of spirit impoverishes us all.
Ubuntu is good, and they're putting some damn fine work out. Having said that, it did take me several hours to get sound working on a friend's system at one point. That doesn't really qualify as "non-techie-friendly".
This was about half a year ago so the particular problem I hit may have been fixed by now. I still wouldn't call Ubuntu completely polished yet tho.
I'd agree that having a calculator doesn't do anything for your maths skills, although it's quite possible to achieve the same degree of cluelessness about the underlying concepts without computer assistance - see the abacus story in the book Surely You're Joking Mr Feynman for an example.
However, I'd tend to disagree that having a spellchecker is necessarily a bad thing. Kids all start off not being able to spell to save their life; if they spellcheck their work then they will at least know what they've got wrong and will hopefully, over time, build up an instinct as to what is lexically and grammatically correct.
Unless they're using the Microsoft spelling/grammar checker, of course. I never got on with that thing.
I agree that it's essential for the open source community to keep the functionality coming. I suspect the grandparent would probably agree with you too when he's not feeling pissed off at companies apparently "demanding" things of the community without any obvious indication that they were giving anything back.
I'm guessing that some of the extra clock cycles go into translating each OpenGL call into DirectX calls, and some goes into redundant processing by the DirectX libraries for stuff that isn't actually needed by the wrapper that's calling it.
Everyone's selfish to some extent, up to and including those monks who sweep the ground in front of them to avoid treading on ants (do they have any idea how many bacteria are killed by their immune system every day?). It's just a matter of deciding where you draw the boundaries within which an entity counts as "one of us" and therefore worth protecting.
Few people would draw the line before the moment of conception, as that would mean you had to feel guilty about the millions of sperm that your body regularly disposes of as past their sell-by date. I personally (and I suspect the grandparent would agree with me on this) draw the line at a point between conception and birth, which I would tend to estimate at 4 months in or so. This does not mean we're beastly, it just means we don't consider embryos and foetuses to be "one of us". Care to give me an affirmative reason why we should?
I would equate this level action similar to what police do in inner city areas. You live there for years and there is a murder here and there, a few robberies a day and every once in a while some grandmotherly-type is raped and beaten. The police generally do nothing and it seems this is all just happening and nobody can do anything about it. Does this not sound like the level of copyright enforcement today?
Nice analogy. Not at all slanted...
Incidentally, I'm not sure your comment about China was right. I have a friend from there who has a decent number of professionally-produced-looking chinese music CDs. I could be wrong on this tho.
I suspect that the grandparent is saying it's easier to terminate a 2 month old foetus than it is to give away a full-grown baby. This is true both emotionally and in terms of impact on the rest of your life.
Calling a foetus a baby is somewhat emotionally charged.
I'd say that the author gets some brownie points for explicitly declaring his affiliation. Or at least loses fewer brownie points. Either way, it's a hell of an improvement on Steve Barkto et al.
Quite possibly, I have no clue. However, Armstrong was the one who got it working at certain frequencies where the normal approach didn't work. My understanding is that his approach was innovative and non-obvious and generally anything a patent should be. And he got creamed by big interests.
If you had said "... If not, how does MS justify this unethical behaviour?" I would like the question better.
The computer industry is too divided in its beliefs for the term "unethical" to be valid - there is no universal ethic. "Immoral" would be a better word to use, but morality is, by definition, in the eye of the beholder. I think I'll stick with "anticompetitive", especially since that is, broadly speaking, the main reason for considering it immoral.
Given that MS is now apparently messing about with Linux, does it have any plans to give something back to the community? For example a GPL-compliant license to use the standards, interfaces and formats required to fully interoperate with MS products. If not, how does MS justify this anticompetitive behaviour?
Slashdot Mirror
They do have every right, legally speaking. It's not a feature of Slashdot or internet culture, it's a feature of the American style of government. Ethically speaking, most security researchers disclose responsibly anyway - they give the company a month or so to fix the problem before telling the world. I, and probably most slashdotters, would agree that telling world+wife before the company producing the software has had a fair bash at the problem is a little off, if only because a lot of us know what it's like to be in the company's position.
In fact, it's essential to have a healthy population of security researchers finding flaws and (eventually) making them public, because it stops companies sitting on their arses for months or otherwise playing silly buggers
I guess this puts one more hole in the "security researchers should keep security holes to themselves" coffin. Obviously there's some fairly smart people out there in the black-hat community - if there's a flaw such as the recent issue with Cisco routers, they're gonna discover it eventually.
Any closed-source cryptography is not at all secure.
Correction: any cryptography that relies on being closed-source is not at all secure. A commercial implementation of RSA can be just as secure as an open-source version, modulo the risk of dumb programmer errors.
And it'd be terrible if Google did that to CNet's CEO - publishing information about what bank they use, their earnings and options, their probable home town and so on.
What a hatchet job that would be.
Business dealings; issues with my imperfectly-secured web apps; that incident recently in a pole-dancing club where... um, forget that last one OK?
I wouldn't necessarily consider this to be media arrogance - I'd suspect that the CNet reporters probably just had the same idea of fair play that I do. I obviously can't fault them for that; you, of course, can, but do take care that you're not angry at them over arrogant attitudes they may in fact not hold.
The CNet crew were discussing privacy risks that were the direct product of the company run by the guy in question. MOG's 'report' on PJ was, by contrast, of absolutely no relevance to the discussion - the only applicable question is "is this individual working for IBM", the answer to which appears to be "no".
I consider it fair game when spammers get sent tonnes of unsolicited snailmail. I consider it fair game when officials in favour of the police being able to rifle through garbage without a warrant get their garbage rifled through. Equally, I consider it fair game when someone whose company is distributing large amounts of personal information (before anyone makes the obvious objection, I'm thinking of Google Cache) has personal information from that very source distributed. If they don't want that information spread, they'll have to do what the rest of us are stuck with doing and ask Google to remove the relevant pages from its index. In his case, of course, it's far easier than it would be for the average joe.
I don't see it as unacceptable for CNet to redistribute Google's CEO's personal information when it was handed to them on a silver plate by the company he runs. Especially not when they were trying to drive home the very issue that is currently ticking him off.
I read it as a finely tuned critique of GUI installers, personally. Of course, I'm nearly passed out from overdoing a martial arts session, so maybe it's just me.
My uni completely sidesteps the entire issue of versions by producing their own problem sets and (presumably) writing their own lecture courses to their exacting specifications. I imagine this must be a hell of a lot more work, of course.
As a side note, this has been a really interesting discussion. Thanks everyone.
Part of the problem is that, in the US, a lot of professors make serious cash by writing a textbook, producing a "new, improved version" every year (actually the old version with the questions rearranged a bit) and standardising on it for their course. This approach even locks out old versions of the textbook, let alone competing "open" textbooks.
The UK seems not to have this problem. This is one of the (comparatively few) areas where the USA would benefit from taking our lead.
a) A hell of a lot of learning happens at a good university, the trick is finding the good ones.
b) Universities aren't all about profit. Given the crappy wages that academics generally get, a healthy dose of idealism is an absolute necessity for maintaining progress.
I have at least one professor who is, IIRC, extremely rich and only teaches because he wants to "give something back" to the academic community. Any attempt to kill that kind of spirit impoverishes us all.
I'm amused that the creator has listed the fact that it runs on perl as a bug :P
Ubuntu is good, and they're putting some damn fine work out. Having said that, it did take me several hours to get sound working on a friend's system at one point. That doesn't really qualify as "non-techie-friendly".
This was about half a year ago so the particular problem I hit may have been fixed by now. I still wouldn't call Ubuntu completely polished yet tho.
I'd agree that having a calculator doesn't do anything for your maths skills, although it's quite possible to achieve the same degree of cluelessness about the underlying concepts without computer assistance - see the abacus story in the book Surely You're Joking Mr Feynman for an example.
However, I'd tend to disagree that having a spellchecker is necessarily a bad thing. Kids all start off not being able to spell to save their life; if they spellcheck their work then they will at least know what they've got wrong and will hopefully, over time, build up an instinct as to what is lexically and grammatically correct.
Unless they're using the Microsoft spelling/grammar checker, of course. I never got on with that thing.
Agreed. It's equivalent to that Apple thing with the shift key, or the copy-protection that could be disabled by judicious use of black marker.
I agree that it's essential for the open source community to keep the functionality coming. I suspect the grandparent would probably agree with you too when he's not feeling pissed off at companies apparently "demanding" things of the community without any obvious indication that they were giving anything back.
is the only way to read it that makes any sense to me. They're *trying* to prevent it, why would they want to permit it?
In conclusion, never rely solely on Babelfish when trying to write something in a foreign language.
I'm guessing that some of the extra clock cycles go into translating each OpenGL call into DirectX calls, and some goes into redundant processing by the DirectX libraries for stuff that isn't actually needed by the wrapper that's calling it.
Beastly, selfish grandparent.
Everyone's selfish to some extent, up to and including those monks who sweep the ground in front of them to avoid treading on ants (do they have any idea how many bacteria are killed by their immune system every day?). It's just a matter of deciding where you draw the boundaries within which an entity counts as "one of us" and therefore worth protecting.
Few people would draw the line before the moment of conception, as that would mean you had to feel guilty about the millions of sperm that your body regularly disposes of as past their sell-by date. I personally (and I suspect the grandparent would agree with me on this) draw the line at a point between conception and birth, which I would tend to estimate at 4 months in or so. This does not mean we're beastly, it just means we don't consider embryos and foetuses to be "one of us". Care to give me an affirmative reason why we should?
I would equate this level action similar to what police do in inner city areas. You live there for years and there is a murder here and there, a few robberies a day and every once in a while some grandmotherly-type is raped and beaten. The police generally do nothing and it seems this is all just happening and nobody can do anything about it. Does this not sound like the level of copyright enforcement today?
Nice analogy. Not at all slanted...
Incidentally, I'm not sure your comment about China was right. I have a friend from there who has a decent number of professionally-produced-looking chinese music CDs. I could be wrong on this tho.
I suspect that the grandparent is saying it's easier to terminate a 2 month old foetus than it is to give away a full-grown baby. This is true both emotionally and in terms of impact on the rest of your life.
Calling a foetus a baby is somewhat emotionally charged.
I'd say that the author gets some brownie points for explicitly declaring his affiliation. Or at least loses fewer brownie points. Either way, it's a hell of an improvement on Steve Barkto et al.
Didn't Tesla's lab invent radio?
Quite possibly, I have no clue. However, Armstrong was the one who got it working at certain frequencies where the normal approach didn't work. My understanding is that his approach was innovative and non-obvious and generally anything a patent should be. And he got creamed by big interests.
If you had said "... If not, how does MS justify this unethical behaviour?" I would like the question better.
The computer industry is too divided in its beliefs for the term "unethical" to be valid - there is no universal ethic. "Immoral" would be a better word to use, but morality is, by definition, in the eye of the beholder. I think I'll stick with "anticompetitive", especially since that is, broadly speaking, the main reason for considering it immoral.
Given that MS is now apparently messing about with Linux, does it have any plans to give something back to the community? For example a GPL-compliant license to use the standards, interfaces and formats required to fully interoperate with MS products. If not, how does MS justify this anticompetitive behaviour?