And you are paying for it in power costs, if not in hardware costs and the time to set it up. Please review the actual electricity used by your old system. It's surprisingly expeinsive to leave old computers turned on.
Thank you for the reference. it doesn't exactly address the issue of NDA violation, nor does it give enough details on what the other patents are. I'd like to dig further on that: I've been using that case as a reference to Microsoft's historical willingness to steal ideas from smaller companies and undercut or over-advertise the product into market dominance.
You also don't have the same drug crime problem saturating the prisons that we do, and the extent of the drug pyramid and drug-related gang problems. We've invaded whole countries to pursue drug lords to whom we previously provided CIA funds and intelligence. (Manuel Noriega, check out his history.) I suspect that profoundly reduces your need for such programs, for which I applaud you.
Also, the UN's international criminal tribunal believes that this "unlawful combatant" nonsense does not exist. (http://en.wikipedia.org/wiki/International_Criminal_Tribunal_for_the_Former_Yugoslavia)
I can't speak to whether relocation is generally supported: I assume that it is for such witnesses. But that's a one-time investment, not an ongoing investment in qualified personnel to protect and secure those witnesses. Check out the article at http://www.nytimes.com/2007/10/28/nyregion/28witness.html?_r=1 for some details about the kind of problems that occur in funding witness protection. And sadly, many potential such witnesses have a long criminal history. That makes them very dangerous to relocate, since they're likely to return to their old criminal ways.
Microsoft didn't invent that: it was invented by Goldtouch Technologies, from whom Microsoft simply ripped off the design which Goldtouch had shown them under a non-disclosure agreement to get Microsoft to license the mouse design. I actually used to have one of the old Goldtouch mice: the design was very similar. Check out http://news.zdnet.co.uk/hardware/0,1000000091,2070243,00.htm to see my point.
They did in 2001: they were critical to both technical leaders of complex systems as a more reliable tool than a cell phone, and were a supported feature of many cell phones of the time. Many of those messages were probably to the fancy cell phones popular to sales types of the time. Also, crashing systems and their entire networks going offline probably generated many thousands of text messages to particular managers for the single event "our network was just cut at one of our core connections".
No, I'm afraid that Witness Protection is usually _temporary_. And the witnesses are not protected from government tracking: too much paperwork is shared with too many branches to rely on protection from other government agencies. Witness Protection is too expensive and too cumbersome for a bureaucracy, whether federal or state, to properly support indefinitely.
I can easily believe that the people who run the federal program are competent, but they don't live forever. Administrations change, records are leaked, and it's an expensive program: I'd be amazed if there are more than a dozen people who've been in it for more than 10 years.
No. Gandhi, and Martin Luther, taught that civil disobedience is not an _active_ attack against an oppressor. It's a refusal to participate in the oppression. Both profoundly avoided attacking their oppressors. What Anonymous did was self-righteous attacks by someone not directly oppressed, and it insults those who do a much better job of protest to classify him with them.
Also note, the spreading of the texts wasn't originally by Anonymous. It was by people like Steve Fishman, and the "SCAMIZDAT" posters on alt.religion.scientology. Anonymous is far too young to have had anything to do with that.
You are mistaken on several counts. One is that they do imprison people, as described by numerous former members at http://www.scientology-lies.com/imprisonment.html. Some members are kept confined at "Flag Base" without correspondence, telephone contact, or any information from the outside world.
The other is that the "consent" of many victims of Scientology is not "informed consent". The auditing sessions, well-documented as hypnotic conditioning with a lie detector, are used to condition new members to acceptance of the group's beliefs and claims, and acceptance of the group's treatment, without informing the victim of the genuine costs or the actual potential benefits of the treatment, or the risks of loss of income, loss of family, and in some cases such as http://www.lisamcpherson.org/ loss of life.
Worse, this cult _preys_ on the mentally ill, at Alcoholics Anonymous meetings, at prisons, and other venues, by offering physical and mental health and fraudulently lying about psycho-active medication and treatments from professionals from behind its front, the "Citizen's Commission on Human Rights". They're nasty: removing their non-profit status would be a good step towards forcing them to open up their books, pay off various court judgments against them, and tracing where the money and the people went. In particular, it would make the "auditing folders" part of business records that could be easily subpoenaed.
Except for that fission research group hawking laser-compressed deuterium-tritium pellets here on Slashdot a few weeks ago, whose premise of using tritium as a critical component of their fuel are, once again, trumped by reality.
Blade servers are very nice for more than, say, 8 servers purchased at a time. The built-in remote integration of better blade servers, the trivial wiring, and physical management are sweet. But the blade server itself becomes a single point of failure, much as a network switch can be, so it takes thought to install and manage them properly. And they cost, at last glance, roughly $500/blade for the chassis. Is this worth an extra $500/server on your budget? Not if your servers are quite modest and the person who racks the equipment is both competent and cheap.
So does a cluster, of course. The back-end storage array required for virtual host migration, or the Veritas clustering tools you may use for service clustering, also form single points of failure. And Veritas has historically been extremely unstable under load: it's often misconfigured, it's often mishandled entirely, and it often mistakes having a "high reliability filesystem" for having a highly reliable failover system, when that filesystem itself may be corrupted by the actual software. This is a very serious problem for Oracle systems, by the way. Far too many installers mistake "clustering" software for having a master/slave, and mistake master/slave setups for having actual backups.
No acid, and especially no lead, would seem to be big factors. Many of the denser battery chemistries use quite dangerous substances for large-scale lhandling.
It would ideally force fake goods vendors to buy or steal the genuine RFID tags to forge, that's all. Given that the RFID tags themselves, like bar tags, must remain far less costly than the actual goods, this means very little to the economics of forging the tags unless the vendors can be bothered to very closely monitor sales of the genuine tags. Somehow, this seems unlikely for such bulk items which are also manufactured primarily overseas.
Again: why is finer grained safer? Because if it can't _block_ the use of su and sudo, and the suid, which are decades old and understood, why ever would I as a programmer writing a new application waste even a single cycle bothering with yet another layer of complexity that can be done _wrong_ as this case was? Once again, what use are the policies for the average programmer or sys-admin? It can only _grant_ fine grained access: it can't block the existing resources, and for almost all cases, the existing granularity is sufficient if you bother to use it.
No, I don't see it happening except for a few dilettantish applications which are likely to get it wrong and create unexpected and unannounced holes. The complexity, and additional layers themselves are their own vulnerability.
This is something you fix by using sudo. Now, sudo needs a good GUI: a better policy model for _sudo_ setups would be a good use of these developers' time.
Well, yes. You can make amazingly sophisticated and fine-grained resolution of control to system functions.
But why would you want to? It's a complex layer of functionality that seems extremely unlikely to be maintained in the field, serves little noticeable compared to the modest granularity of existing tools, and seems extremely likely to be simply ignored by most users. It requires, as we just saw, considerable attention to unexpected behavior for people who didn't ask for it, and by attempting to be a "fine-tuned cross-platform tool", is bound to interface, and fail to interface correctly, with the current, simple tools. Moreover, it creates an _entirely new set_ of security requirements to test for. SELinux was bad enough and broke enough working software, this closes few holes that people actually need to close and raises the serious issue of potential vulnerabilities in PackageKit being, themselves, crackable.
A basic analysis on this tool says "don't install it".
No, in most cases, people didn't ask for and do not use "PackageKit". Most users use "sudo" or otherwise log in with root privileges to do such software installations. It's worked for years, and inventing another "fine-grained cross-platform" is like inventing yet another replacement for/bin/sh. Your time is better spent learning the existing tool than creating another tool to repeat the same errors with and relearn the same harsh lessons (like this one about doing surprise security default changes).
No, sudo is not a "future release". It's what works now and has for years. There seems little reason to switch to this new "PackageKit" infrastructure when the existing tools work well for many thousands of users worldwide, especially if hte new architecture is going to pull this kind of ill-thought-out stunt.
So it looks like the best "one line fix" is simply "yum remove PackageKit". I see nothing in its related dependencies that I actually want installed: do you?
Global warming, however, is a similar issue. The Netherlands is in dire risk as the ocean levels rise: dikes can only be made so strong. And earthquakes and tsunamis do happen occasionally, so the risks are very real.
People live in such places for real reasons: they're poor, or the nearby ocean or rivers provide the good floodplain soil they grow on, or the fish, or the boat traffic of their trades. And living space remains expensive with growing human population using up the available space. The underlying solution to these problems isn't better dikes or lawsuits, it's population control.
It wasn't "everyone and their dog". You basically had to be logged into the console. I confirmed that it didn't work via a normal SSH session last night, the first time I had access to a Fedora 12 machine, was confused by it, and resolved to look into it later. The announcement helped explain what I saw.
It was still a stupid move, but it explains why more people wouldn't have noticed it in beta testing: we'd have often been logged in via SSH from our desktops. The stupidity was in introducing a distinction between console access and remote shell access: it's an unnecessary finessing of the console login that just created confusion and a tempest in a teapot that wasted people's time.
> The update will require local console users to enter the root password to install new software packages.
This is, of course, wrong. Such local installations are normally done with "sudo", which does not require root passwords.
This is the sort of linguistic sloppiness that lead to the shrieking by users. While such inconsistent behavior for the console versus logged in SSH users has no reasonable excuse and shouldn't have happened, the danger was much less than the early explanations lead reasonable people like me to believe, because many of the discussions left out the "this only works from the console" part. And given that the new Fedora release is taking a bit of time to download, we hadn't had the chance to try this ourselves.
And you are paying for it in power costs, if not in hardware costs and the time to set it up. Please review the actual electricity used by your old system. It's surprisingly expeinsive to leave old computers turned on.
Thank you for the reference. it doesn't exactly address the issue of NDA violation, nor does it give enough details on what the other patents are. I'd like to dig further on that: I've been using that case as a reference to Microsoft's historical willingness to steal ideas from smaller companies and undercut or over-advertise the product into market dominance.
You also don't have the same drug crime problem saturating the prisons that we do, and the extent of the drug pyramid and drug-related gang problems. We've invaded whole countries to pursue drug lords to whom we previously provided CIA funds and intelligence. (Manuel Noriega, check out his history.) I suspect that profoundly reduces your need for such programs, for which I applaud you.
That's true: groklaw wasn't around back then, and it would take some digging for material, the best of which is apparently under court seals.
Also, the UN's international criminal tribunal believes that this "unlawful combatant" nonsense does not exist. (http://en.wikipedia.org/wiki/International_Criminal_Tribunal_for_the_Former_Yugoslavia)
I can't speak to whether relocation is generally supported: I assume that it is for such witnesses. But that's a one-time investment, not an ongoing investment in qualified personnel to protect and secure those witnesses. Check out the article at http://www.nytimes.com/2007/10/28/nyregion/28witness.html?_r=1 for some details about the kind of problems that occur in funding witness protection. And sadly, many potential such witnesses have a long criminal history. That makes them very dangerous to relocate, since they're likely to return to their old criminal ways.
Microsoft didn't invent that: it was invented by Goldtouch Technologies, from whom Microsoft simply ripped off the design which Goldtouch had shown them under a non-disclosure agreement to get Microsoft to license the mouse design. I actually used to have one of the old Goldtouch mice: the design was very similar. Check out http://news.zdnet.co.uk/hardware/0,1000000091,2070243,00.htm to see my point.
They did in 2001: they were critical to both technical leaders of complex systems as a more reliable tool than a cell phone, and were a supported feature of many cell phones of the time. Many of those messages were probably to the fancy cell phones popular to sales types of the time. Also, crashing systems and their entire networks going offline probably generated many thousands of text messages to particular managers for the single event "our network was just cut at one of our core connections".
No, I'm afraid that Witness Protection is usually _temporary_. And the witnesses are not protected from government tracking: too much paperwork is shared with too many branches to rely on protection from other government agencies. Witness Protection is too expensive and too cumbersome for a bureaucracy, whether federal or state, to properly support indefinitely.
I can easily believe that the people who run the federal program are competent, but they don't live forever. Administrations change, records are leaked, and it's an expensive program: I'd be amazed if there are more than a dozen people who've been in it for more than 10 years.
It's almost impossible to resell, unfortunately. Who buys it on the street, or would trust you to cut it?
The ends justifies the means, eh?
No. Gandhi, and Martin Luther, taught that civil disobedience is not an _active_ attack against an oppressor. It's a refusal to participate in the oppression. Both profoundly avoided attacking their oppressors. What Anonymous did was self-righteous attacks by someone not directly oppressed, and it insults those who do a much better job of protest to classify him with them.
Also note, the spreading of the texts wasn't originally by Anonymous. It was by people like Steve Fishman, and the "SCAMIZDAT" posters on alt.religion.scientology. Anonymous is far too young to have had anything to do with that.
You are mistaken on several counts. One is that they do imprison people, as described by numerous former members at http://www.scientology-lies.com/imprisonment.html. Some members are kept confined at "Flag Base" without correspondence, telephone contact, or any information from the outside world.
The other is that the "consent" of many victims of Scientology is not "informed consent". The auditing sessions, well-documented as hypnotic conditioning with a lie detector, are used to condition new members to acceptance of the group's beliefs and claims, and acceptance of the group's treatment, without informing the victim of the genuine costs or the actual potential benefits of the treatment, or the risks of loss of income, loss of family, and in some cases such as http://www.lisamcpherson.org/ loss of life.
Worse, this cult _preys_ on the mentally ill, at Alcoholics Anonymous meetings, at prisons, and other venues, by offering physical and mental health and fraudulently lying about psycho-active medication and treatments from professionals from behind its front, the "Citizen's Commission on Human Rights". They're nasty: removing their non-profit status would be a good step towards forcing them to open up their books, pay off various court judgments against them, and tracing where the money and the people went. In particular, it would make the "auditing folders" part of business records that could be easily subpoenaed.
Except for that fission research group hawking laser-compressed deuterium-tritium pellets here on Slashdot a few weeks ago, whose premise of using tritium as a critical component of their fuel are, once again, trumped by reality.
Blade servers are very nice for more than, say, 8 servers purchased at a time. The built-in remote integration of better blade servers, the trivial wiring, and physical management are sweet. But the blade server itself becomes a single point of failure, much as a network switch can be, so it takes thought to install and manage them properly. And they cost, at last glance, roughly $500/blade for the chassis. Is this worth an extra $500/server on your budget? Not if your servers are quite modest and the person who racks the equipment is both competent and cheap.
So does a cluster, of course. The back-end storage array required for virtual host migration, or the Veritas clustering tools you may use for service clustering, also form single points of failure. And Veritas has historically been extremely unstable under load: it's often misconfigured, it's often mishandled entirely, and it often mistakes having a "high reliability filesystem" for having a highly reliable failover system, when that filesystem itself may be corrupted by the actual software. This is a very serious problem for Oracle systems, by the way. Far too many installers mistake "clustering" software for having a master/slave, and mistake master/slave setups for having actual backups.
No acid, and especially no lead, would seem to be big factors. Many of the denser battery chemistries use quite dangerous substances for large-scale lhandling.
It would ideally force fake goods vendors to buy or steal the genuine RFID tags to forge, that's all. Given that the RFID tags themselves, like bar tags, must remain far less costly than the actual goods, this means very little to the economics of forging the tags unless the vendors can be bothered to very closely monitor sales of the genuine tags. Somehow, this seems unlikely for such bulk items which are also manufactured primarily overseas.
Again: why is finer grained safer? Because if it can't _block_ the use of su and sudo, and the suid, which are decades old and understood, why ever would I as a programmer writing a new application waste even a single cycle bothering with yet another layer of complexity that can be done _wrong_ as this case was? Once again, what use are the policies for the average programmer or sys-admin? It can only _grant_ fine grained access: it can't block the existing resources, and for almost all cases, the existing granularity is sufficient if you bother to use it.
No, I don't see it happening except for a few dilettantish applications which are likely to get it wrong and create unexpected and unannounced holes. The complexity, and additional layers themselves are their own vulnerability.
This is something you fix by using sudo. Now, sudo needs a good GUI: a better policy model for _sudo_ setups would be a good use of these developers' time.
Well, yes. You can make amazingly sophisticated and fine-grained resolution of control to system functions.
But why would you want to? It's a complex layer of functionality that seems extremely unlikely to be maintained in the field, serves little noticeable compared to the modest granularity of existing tools, and seems extremely likely to be simply ignored by most users. It requires, as we just saw, considerable attention to unexpected behavior for people who didn't ask for it, and by attempting to be a "fine-tuned cross-platform tool", is bound to interface, and fail to interface correctly, with the current, simple tools. Moreover, it creates an _entirely new set_ of security requirements to test for. SELinux was bad enough and broke enough working software, this closes few holes that people actually need to close and raises the serious issue of potential vulnerabilities in PackageKit being, themselves, crackable.
A basic analysis on this tool says "don't install it".
No, in most cases, people didn't ask for and do not use "PackageKit". Most users use "sudo" or otherwise log in with root privileges to do such software installations. It's worked for years, and inventing another "fine-grained cross-platform" is like inventing yet another replacement for /bin/sh. Your time is better spent learning the existing tool than creating another tool to repeat the same errors with and relearn the same harsh lessons (like this one about doing surprise security default changes).
No, sudo is not a "future release". It's what works now and has for years. There seems little reason to switch to this new "PackageKit" infrastructure when the existing tools work well for many thousands of users worldwide, especially if hte new architecture is going to pull this kind of ill-thought-out stunt.
So it looks like the best "one line fix" is simply "yum remove PackageKit". I see nothing in its related dependencies that I actually want installed: do you?
Global warming, however, is a similar issue. The Netherlands is in dire risk as the ocean levels rise: dikes can only be made so strong. And earthquakes and tsunamis do happen occasionally, so the risks are very real.
People live in such places for real reasons: they're poor, or the nearby ocean or rivers provide the good floodplain soil they grow on, or the fish, or the boat traffic of their trades. And living space remains expensive with growing human population using up the available space. The underlying solution to these problems isn't better dikes or lawsuits, it's population control.
It wasn't "everyone and their dog". You basically had to be logged into the console. I confirmed that it didn't work via a normal SSH session last night, the first time I had access to a Fedora 12 machine, was confused by it, and resolved to look into it later. The announcement helped explain what I saw.
It was still a stupid move, but it explains why more people wouldn't have noticed it in beta testing: we'd have often been logged in via SSH from our desktops. The stupidity was in introducing a distinction between console access and remote shell access: it's an unnecessary finessing of the console login that just created confusion and a tempest in a teapot that wasted people's time.
Notice that the announcement said:
> The update will require local console users to enter the root password to install new software
packages.
This is, of course, wrong. Such local installations are normally done with "sudo", which does not require root passwords.
This is the sort of linguistic sloppiness that lead to the shrieking by users. While such inconsistent behavior for the console versus logged in SSH users has no reasonable excuse and shouldn't have happened, the danger was much less than the early explanations lead reasonable people like me to believe, because many of the discussions left out the "this only works from the console" part. And given that the new Fedora release is taking a bit of time to download, we hadn't had the chance to try this ourselves.