Oh, I use svn+ssh for my Subversion on Sourceforge, and refuse to use the standard password based HTTP or HTTPS access. SSL key management to make user-authorized HTTPS connections is also feasible. But such uses are not well documented: the svn+ssh examples, for example, do not include the use of the necessary flags tags to identify the name of the repository user, and they absolutely should unless you want all your SVN checkouts to be in the name of the same target SSH user. Yet the Subversion documentation makes no mentionof the gaping security hole: it should be in big letters, "OUR SHELL CLIENTS ALL WRITE YOUR PASSWORDS IN CLEAR TEXT: DO NOT USE PASSWORD BASED ACCESS IF YOU CARE ABOUT SECURITY".
I've not tried it with password protected SSL keys, which may be another usable approach. Kerberized sessison keys for svnserver might also work, but would require a serious protocol rewrite. The fundamental problem displays that security was a stapled on afterthought. Patching Subversion to fix that is a massive, massive job, even though it's only a client password storage issue. And this same problem exists in protocol after protocol: Jabber, for example, stores its
We'll see. OSI is not the Free Software Foundation: they're willing to go along with licenses and policies that allow considerably less user freedom, and provide far more vendor control, than the GPL.
I hadn't noticed such concentration of phpBB as a target,but there are numerous popular web packages that make no attempt to properly manage security. Even Bugzilla, with its setup tools and database passwords in plain site inside the directories with the Bugzilla software itself and accessible on a casually installed Apache server, treats security as a tacked-on afterghought. Subversion is no better, with its quiet practice of storing your passwords for HTTP, HTTPS, or svnserve access in plain-text in the user's home directory.
This kind os behavior is far, far too common in the open source world, so I'm unsurprised that phpBB got caught this way.
Try again. Much was published: however, the material in Cave 4 was held by the Dominican Order in Jerusalem. What doesn't show up in the Wikipedia article is that Dominicans are particularly noted for their subservience to the Vatican, and for scriptual conservatism, unlike the Franciscans or especially the Jesuits.
There are distinctions: the Dead Sea scrolls eventually were published, though it seems to be severely redacted, and the decades of secrecy cast some doubts about what may have been edited out. And the concern seems different: the concern is about heresy, or schisms. Kind of like the Scientologists get so upset if former members try to modify and use their source materials: apparently they call it "squirreling".
The point stands. Having secret inner documents is nothing new.
Oh. Ouch. My mind just conjured a logo of Ballmer himself, leveraging himself out of the ice and dragging his builk across the ice with his front flippers in pursuit of penguins.
That's not what I'm referring to and you know it. Their translation and publication was held up for decades. They were discovered in 1947, a group of priests and scholars were reviewing them with great excitement, then in about 1953... silence. For decades, with only a few "safe" documents released.
There is also the absolute lack of any security model in dozens if not hundreds of ser-built add-on moudles. Some of them are robust and well-tested (Webmin comes to mind). Others are hacked up pieces of debris written by new users who just learned to spell PHP.
And decent poetry! If you'd like to really charm a date, the "Song of Solomon" is some pretty hot material, even if it is a bit risque for a first date.
Perhaps part of the problem is that I'm older than you, and remember when these documents were much harder to obtain. I'm delighted they're more openly available now. But this doesn't eliminate the history of having secret inner documents. The difference is that these documents are not secret internal doctrine.
For historical fun, take a look at the unofficial gospels involving Mary of Magdalene, and their historical repression along with other "heretical" documents. And history counts.
Oh? Try getting the documents of Galileo's trial, or a printing of them. And while the Dead Sea Scrolls are mostly published, they were secret for a long time. At the time of the invention of the printing press, printing of the Bible was very strictly controlled indeed, lest heresies spread. And just try getting access to the Gnostic documents, those not accepted as part of the Bible, especially alternative works for Matthew, Mark, Luke, and John.
So there's a long, long history of control over core documents, even of having secret internal documents. So it can't be the only criteria for defining a cult, or for irritation with Scientology. It's their mis-handling of criticism and especially of exposure of their inner beliefs that makes them dangerous and marks them as a cult.
Get the female assistant host from the US version of JunkYard Wars. She was a hot blonde, wore some great leather outfits, and she was clearly as smart as some of the contestants if not as well-educated. She was also vastly smarter than the primary host, and clearly so.
Robot ping-pong has its own risks. It's a well-defined task with well-defined objects and goals. Even so, I've heard a famous story of Marvin Minsky walking by such a system and having his balding head detected as a ping-pong ball, and only its confusion about the size of the ball and its distance from the optical system prevented him from being decapitated.
Well, perhaps not that many. But if you look at their history of harassment of Paulette Cooper, the author, for whom Mary Sue Hubbard and her personnel got convicted for planting fake bomb threats to discredit Paulette, you get the idea of how far they will go. It's a bad game to play, because it lets them pretend that you really are evil for harassing them and plotting against them.
This troubles me about "Anonymous". Threatening a vindictive bully with vindictive bullying can just encourage them.
There are also plenty of fascinating documents in the Vatican Library, including the Dead Sea Scrools, which are not available for public review. The "Kabbalah" also involves keeping interesting secrets from the uninitiated.
There's also Tivo-ization, and other DRM. DRM is absolutely critical to Vista and the nexter Microsoft OS releases, to lock in access to DVD and streaming and other content to only authorized computers running authorized software.
This is a major reason for the changes in the GPL for GPLv3, and it's a problem that the Apache, MIT, and BSD licenses have not addressed. We need to keep an eye on this.
And the mix of Kerberos, DNS, and LDAP that is Microsoft Active Directory. The minor changes to actually follow the specifications and support interoperability were quite ignored. (For example, the ability to gracefully create DNS zones that are not/8,/16, or/24.) What they did to SMTP in creating MS Exchange is just awful.
You haven't looked around lately at the backend servers for your ISP, routers, Tivo, movie render farms, supercomputing clusters, virtualization servers, or even a lot of cell phones?
Please pay attention to what is actually being deployed.
Nice selective reading. You're claiming as certainty the part earlier where it says:
> Parker and Stone assert that he quit due to the controversial episode "Trapped in the Closet"' and its treatment of Scientology, as Hayes is a member of the religion. Series co-creator and writer Matt Stone commented in a manner that suggested that Hayes practiced a double standard regarding the treatment of religion on South Park: "[We] never heard a peep out of Isaac in any way until we did Scientology. He wants a different standard for religions other than his own, and to me, that is where intolerance and bigotry begin." And Hayes public defense of the South Park humor was _before_ the Scientology episode.
Nowhere does it say "I was too busy having a sroke", as you described the situation, although the stroke does raise some interesting possibilities. Nowhere does it say his departure was over money. I don't know where you're getting this.
LDS was a cult duriing its early years. They've matured, and matured surprisingly well (despite the behavior of some of its more outlandish and outlying members).
Saying that the difference was only time is like saying the only difference between a seed and a tree is time. It has some philosophical validity, but in practice, you can't eat the wood from trees and you can't make boards out of seeds.
Are we reading the same article? The show's creators claim he left over the Scientology episode, and he claims otherwise after the fact. This looks like a pretty fundamental disagreement over the facts.
I like Isaac Hayes work, and am glad he wsa Chef and that he had fun doing it.
FTP should, for obvious password sniffing security reasons, only be a major player for anonymous downloads. It's antique, robust, and well supported. For upload, you're insane to use it. Numerous properly authenticated and encrypted techniques exist for that, and they can run in parallel to FTP to allow secure remote control of hte download site.
The first merely requires a heck of a lot of energy. The other requires massive control ov entropy in a very complex system: it's a rather different type of problem.
Oh, I use svn+ssh for my Subversion on Sourceforge, and refuse to use the standard password based HTTP or HTTPS access. SSL key management to make user-authorized HTTPS connections is also feasible. But such uses are not well documented: the svn+ssh examples, for example, do not include the use of the necessary flags tags to identify the name of the repository user, and they absolutely should unless you want all your SVN checkouts to be in the name of the same target SSH user. Yet the Subversion documentation makes no mentionof the gaping security hole: it should be in big letters, "OUR SHELL CLIENTS ALL WRITE YOUR PASSWORDS IN CLEAR TEXT: DO NOT USE PASSWORD BASED ACCESS IF YOU CARE ABOUT SECURITY".
I've not tried it with password protected SSL keys, which may be another usable approach. Kerberized sessison keys for svnserver might also work, but would require a serious protocol rewrite. The fundamental problem displays that security was a stapled on afterthought. Patching Subversion to fix that is a massive, massive job, even though it's only a client password storage issue. And this same problem exists in protocol after protocol: Jabber, for example, stores its
We'll see. OSI is not the Free Software Foundation: they're willing to go along with licenses and policies that allow considerably less user freedom, and provide far more vendor control, than the GPL.
I hadn't noticed such concentration of phpBB as a target,but there are numerous popular web packages that make no attempt to properly manage security. Even Bugzilla, with its setup tools and database passwords in plain site inside the directories with the Bugzilla software itself and accessible on a casually installed Apache server, treats security as a tacked-on afterghought. Subversion is no better, with its quiet practice of storing your passwords for HTTP, HTTPS, or svnserve access in plain-text in the user's home directory.
This kind os behavior is far, far too common in the open source world, so I'm unsurprised that phpBB got caught this way.
Try again. Much was published: however, the material in Cave 4 was held by the Dominican Order in Jerusalem. What doesn't show up in the Wikipedia article is that Dominicans are particularly noted for their subservience to the Vatican, and for scriptual conservatism, unlike the Franciscans or especially the Jesuits.
There are distinctions: the Dead Sea scrolls eventually were published, though it seems to be severely redacted, and the decades of secrecy cast some doubts about what may have been edited out. And the concern seems different: the concern is about heresy, or schisms. Kind of like the Scientologists get so upset if former members try to modify and use their source materials: apparently they call it "squirreling".
The point stands. Having secret inner documents is nothing new.
Oh. Ouch. My mind just conjured a logo of Ballmer himself, leveraging himself out of the ice and dragging his builk across the ice with his front flippers in pursuit of penguins.
That's not what I'm referring to and you know it. Their translation and publication was held up for decades. They were discovered in 1947, a group of priests and scholars were reviewing them with great excitement, then in about 1953... silence. For decades, with only a few "safe" documents released.
Walruses. Walruses argue very successfully with penguins.
There is also the absolute lack of any security model in dozens if not hundreds of ser-built add-on moudles. Some of them are robust and well-tested (Webmin comes to mind). Others are hacked up pieces of debris written by new users who just learned to spell PHP.
And decent poetry! If you'd like to really charm a date, the "Song of Solomon" is some pretty hot material, even if it is a bit risque for a first date.
Perhaps part of the problem is that I'm older than you, and remember when these documents were much harder to obtain. I'm delighted they're more openly available now. But this doesn't eliminate the history of having secret inner documents. The difference is that these documents are not secret internal doctrine.
For historical fun, take a look at the unofficial gospels involving Mary of Magdalene, and their historical repression along with other "heretical" documents. And history counts.
Oh? Try getting the documents of Galileo's trial, or a printing of them. And while the Dead Sea Scrolls are mostly published, they were secret for a long time. At the time of the invention of the printing press, printing of the Bible was very strictly controlled indeed, lest heresies spread. And just try getting access to the Gnostic documents, those not accepted as part of the Bible, especially alternative works for Matthew, Mark, Luke, and John.
So there's a long, long history of control over core documents, even of having secret internal documents. So it can't be the only criteria for defining a cult, or for irritation with Scientology. It's their mis-handling of criticism and especially of exposure of their inner beliefs that makes them dangerous and marks them as a cult.
Get the female assistant host from the US version of JunkYard Wars. She was a hot blonde, wore some great leather outfits, and she was clearly as smart as some of the contestants if not as well-educated. She was also vastly smarter than the primary host, and clearly so.
Robot ping-pong has its own risks. It's a well-defined task with well-defined objects and goals. Even so, I've heard a famous story of Marvin Minsky walking by such a system and having his balding head detected as a ping-pong ball, and only its confusion about the size of the ball and its distance from the optical system prevented him from being decapitated.
What are you calling the other group of "both groups"? Critics of Scientology? Or everyone else in the world?
Well, perhaps not that many. But if you look at their history of harassment of Paulette Cooper, the author, for whom Mary Sue Hubbard and her personnel got convicted for planting fake bomb threats to discredit Paulette, you get the idea of how far they will go. It's a bad game to play, because it lets them pretend that you really are evil for harassing them and plotting against them.
This troubles me about "Anonymous". Threatening a vindictive bully with vindictive bullying can just encourage them.
There are also plenty of fascinating documents in the Vatican Library, including the Dead Sea Scrools, which are not available for public review. The "Kabbalah" also involves keeping interesting secrets from the uninitiated.
There's also Tivo-ization, and other DRM. DRM is absolutely critical to Vista and the nexter Microsoft OS releases, to lock in access to DVD and streaming and other content to only authorized computers running authorized software.
This is a major reason for the changes in the GPL for GPLv3, and it's a problem that the Apache, MIT, and BSD licenses have not addressed. We need to keep an eye on this.
And the mix of Kerberos, DNS, and LDAP that is Microsoft Active Directory. The minor changes to actually follow the specifications and support interoperability were quite ignored. (For example, the ability to gracefully create DNS zones that are not /8, /16, or /24.) What they did to SMTP in creating MS Exchange is just awful.
You haven't looked around lately at the backend servers for your ISP, routers, Tivo, movie render farms, supercomputing clusters, virtualization servers, or even a lot of cell phones?
Please pay attention to what is actually being deployed.
Nice selective reading. You're claiming as certainty the part earlier where it says:
> Parker and Stone assert that he quit due to the controversial episode "Trapped in the Closet"' and its treatment of Scientology, as Hayes is a member of the religion. Series co-creator and writer Matt Stone commented in a manner that suggested that Hayes practiced a double standard regarding the treatment of religion on South Park: "[We] never heard a peep out of Isaac in any way until we did Scientology. He wants a different standard for religions other than his own, and to me, that is where intolerance and bigotry begin." And Hayes public defense of the South Park humor was _before_ the Scientology episode.
Nowhere does it say "I was too busy having a sroke", as you described the situation, although the stroke does raise some interesting possibilities. Nowhere does it say his departure was over money. I don't know where you're getting this.
LDS was a cult duriing its early years. They've matured, and matured surprisingly well (despite the behavior of some of its more outlandish and outlying members).
Saying that the difference was only time is like saying the only difference between a seed and a tree is time. It has some philosophical validity, but in practice, you can't eat the wood from trees and you can't make boards out of seeds.
Are we reading the same article? The show's creators claim he left over the Scientology episode, and he claims otherwise after the fact. This looks like a pretty fundamental disagreement over the facts.
I like Isaac Hayes work, and am glad he wsa Chef and that he had fun doing it.
FTP should, for obvious password sniffing security reasons, only be a major player for anonymous downloads. It's antique, robust, and well supported. For upload, you're insane to use it. Numerous properly authenticated and encrypted techniques exist for that, and they can run in parallel to FTP to allow secure remote control of hte download site.
The first merely requires a heck of a lot of energy. The other requires massive control ov entropy in a very complex system: it's a rather different type of problem.