Plenty of it around. It certainly makes oodles of thick, ground-hugging fog, especially on a humid or drizzling day. Careful not to "burn" yourself with it, though.
Will someone explain what the "threat" is?
on
Wartrapping?
·
· Score: 2, Insightful
I think many corporate IT people are instinctively scared of anything "free". This looks like a lame effort to sell a new "service" to these suckers.
The number one concern cited in this article is viruses and malicious code, yet all the corporations want to run Windows, which seems vulnerable down to its root core.
Now, if my company went cold turkey on Windows and MS office it probably couldn't continue do business. That's right, our business would dry up, real fast. We could use Macs, of course (at huge transition expense, but doable), but we'd still need MS office. I'm an avid home user of OpenOffice (on Linux) - I love the program and have found it entirely serviceable as a general office tool, and it's a tool that could certainly be used by office workers. However, if a pool of secretaries and clerks had to deal with MS office attachments coming in all day, and had to convert all their outgoing work product to MS office-compatible files, that would be a real problem, operationally. For service companies and others doing a lot of business with the outside world (probably most of the corporate world), weaning off of MS office is not a real option at the present time.
So, MS has all these companies by the shorthairs. Microsoft doesn't really HAVE to give a damn, actually, about the security vulnerabilities, because they do not make IT vulnerable in any material sense. The customers have no real choice. Microsoft just has to make it easier to deploy their own products and incorporate more "features", and all the macro, scripting, component and plugin capability built into their products plays into that objective just fine.
Not that it's so terrible to be a MS customer. Their latest enterprise agreements were quite reasonable. You just have to keep paying, and most management accepts that. And you get pretty decent service from them, really. The customer takes all of this (security flaws included), with a big smile on its face! The result is a nice annuity from virtually every business organization in the world. Better than being a tax collector.
Security won't go anywhere, IMO, until either the government or the corporate users en masse get up and demand something better.
One thing I never understood is why Microsoft isn't vulnerable to class action lawsuits, like the pharmaceutical companies get hit with all the time. That would straighten them out real fast. The answer may be that the people who would do this suing would be corporate america, and it's against their ethic to bring these kinds of suits (they're stuck defending them most of the time).
Maybe if times get tougher, or business more competitive, companies will have to think about how much these problems are really costing them, and whether it makes economic sense to start doing something effective about it. I don't think we're there yet.
The Patent & Trademark Office seems to have spent most of its time over the past decade trying to reform itself. With "customer" satisfaction surveys running in the 50 - 60% range, they know they have a problem.
For example, about a year back, they came out with software for electronic submission. Codes things in XML. Nice concept, but the software was virtually unusable. God knows how much money they spent on that. Their flawed electronic search system is another example of ineffective, grossly expensive automation projects.
Another very basic issue is that they seem to lose half the papers people send to them, and then commit significant resources to reviewing and ruling on the proof that the submitter actually sent the papers. This is routine. The most important part of any submission to their office, regretably, is the proof of mailing.
Then there's the touchy issue of quality. Some of the people who work there are highly competent and dedicated. But a lot of them are really inexperienced. Adding 2000 more will just make this worse.
The commissioners (who have been rotating with considerable frequency of late) always say they want to run the office "like a business." Well guess what? It ain't a "business" and it never will be.
They keep talking about their mission to serve "customers," i.e. the people who file patent applications. This is infuriating. They seem totally to forget that the key part of their mission to to represent the PUBLIC. At one point, a past commissioner actually wanted to privatize the office (and make himself the CEO). They should start thinking about what serving the public actually means, and just lose the part about trying to be a "business." At this point, that would be the most useful "reform," in my opinion.
. . . for installing a closed source executable. It can do anything it wants to your computer, and you have no say in the matter, nor do you have any way of knowing in advance what it's going to do to you.
Commercial folks like these, especially those having hard times, are going to do anything they THINK they can get away with to make a few bucks. So take their "free" downloads at your own risk.
Do you think a major PC manufacturer would bundle as its WP "solution" a word processor that does not do tables or other basic formatting operations? I don't theenk so.
You do NOT have tables in any released version. I just checked the site. Nada.
I see you have tables in some kind of testing version, in your own personal directory on your personal home page. I also saw an undated file there predicting this would be usable in about 6 months. Don't get me wrong - I applaud your efforts. When you get it running and some kind of tested, let us know. So far, Abiword has not been useful, even for grade school homework. It would sure be nice to have a free, robust program that was not insanely bloated like OpenOffice.
But OpenOffice does work and in fact it works real well. It just takes all day to load and hogs memory on any modest machine.
Right. Further, if they were leading people to believe that what they were doing was royalty-free, and those people relied on it, there is also a doctrine of "estoppel" that would prevent them from changing the rules as to those people, at least to the extent they reasonably relied.
So Delphi lacks multiple inheritance, templates, multi-platform universality and few other things, but take a look at the tight code it generates (and run a few benchmarks) and you'll see it is a very impressive language.
It is just happens to be easier to code in than C, that's all.
If you are doing throwaway or one-of-a-kind applications on the PC, Delphi is definitely a nice way to knock them off.
It's the first language I learned, punching cards one-by-one and handing in the deck to be compiled a la "batch" style, with 24-hour turnarounds between compiles. The language is a lot older than 25 years - I believe it's been around for more like 50 years.
No, I don't see why, with a decent compiler, Fortran should be particularly more efficient than, for example, C, except perhaps for transcendental functions and the like which have been espicially optimized in Fortran compilers.
I could see why the OO overhead of C++ could be a downside compared to Fortran, at least for purely numeric processing tasks.
You think you've seen bugs? Try unravelling all the GOTOs and CALLs in the typical patched-up FORTRAN program.
Moreover, I have no desire to go back to those stupid "FORMAT" statements! YECCHH!!! Believe me, you can be a lot more productive in other languages.
Yes, this one may indeed be "obvious" (and therefore invalid). It would have be well known to anyone who knew anything in this field in 1998 (when this patent was filed) that some URLs contain at least nominal indicators of geographic origin (like, doh). And it would have been obvious, I would say, to take advantage of this in order to qualify people on the Web (to an approximation) based on their location.
On the other hand, how much clout does this patent have, anyway? On a (very) quick reading, the claims of the patent all seem to be limited to making a go/no go determination based on parsing the "custom" (domain) name or retrieving registrar data on it and making some sort of classification or probablistic determination based on the retrieved information. This seems like a pretty weak test to me - it would seem to me that one could do a little better, perhaps, by analyzing the network address itself, which this patent doesn't seem to cover (i.e., analyzing the network address based on IANA assignments and database info as opposed to retrieving and working with the "custom name").
Does anyone know what the state of the art is these days in determining the true geographic location for someone accessing information over the Web? It seems to me that companies like Oracle (which provides downloads of software having export control issues) must have figured out a more reliable means than what is in this patent in order to verify a recipient's geographic location.
It seems to me also that the probabilistic techniques disclosed here would be more suitable for analysis (e.g., marketing analysis) than for deciding who to allow to download content. But the patent seems only to cover the go/no go stuff. Maybe it would have been TOO brazen to have attempted to get a patent merely on reading one's logs!
At least one company has started a development program to produce a TCPA-enhanced version of GNU/linux. How could they make money out of this? Well, making a TCPA version of the product will involve tidying up the code and removing a number of features. The sponsor will then submit the pruned code to an evaluation lab, together with a mass of documentation for the work that's been done, including a whole lot of analyses showing why various known attacks on the code don't work.
The trick is this. Although the modified program will be covered by the GPL, and will be free to everyone, it will not make full use of the TCPA features unless you have it signed, and have a certificate that enables you to use the TCPA Public Key Infrastructure (PKI). That is what will cost you money (if not at first, then eventually).
So being Paladium-compliant has problems - who is going to pay for a certification every time you recompile your kernel?
Maybe a complete alternative is necessary that does not unnecessarily tie up the OS and the application software with "approvals" and "certifications". It seems to me that a chip can control access to the hardware in accordance with applicable DRM requirements, and that the OS and applications are really irrelevant if the chip is doing its job. It seems to me that there could readily be a hardware solution that was agnostic as regards the OS.
OTOH, good luck finding a hardware manufacturer that will spend the significant bucks required here in order to support some relatively small base of users. It's be way too orphaned ever to get off the ground.
I think the battle here, unfortunately, has to be waged on the political level.
This potentialy pulls the rug from everything -- yanks GNU/GPL to a screeching halt.
Somebody has got to start talking about BIG BROTHER - Hate to sound paranoic, but I think that's what this is ultimately about.
As I said here, government-mandated DRM could well be implemented through hardware. Clearly, such a scheme, where every manufactured computer MUST have the chip, could be set up so as to be pretty deadly to free software.
Now, a private standard, as opposed to a government imposed one, has to catch on through market forces (OK, perhaps augmented by monopoly power). Still, this would leave room for a competing standard that was more open, and gave the consumer more choices. Perhaps a chip whose logic and firmware were open, so that it could be provably shown (to the user) that all it is doing is DRM. And at the same time, provably shown (to the content owner) that the DRM had not been compromised.
I know even THINKING about IMPLEMENTING DRM is anathema to most Slashdotters (WTF *ARE* digital RIGHTS, anyway?), but maybe the time has come.
Maybe they got it right now, but in 8.0 and 8.1 the update utility would always die with some RPM dependency issue. It looked pretty good for a couple of months, but then you wanted to install the latest and greatest application upgrades, and slowly but surely, everything started to break.
When mine was installed, the Tech said he *would* come back to install a filter so I wouldn't get free cable TV. He never came back. So I get about a dozen channels - just the broadcast ones, though, not even basic cable.
This is actually pretty good. They will as a practical matter be bound in many cases, because there is a legal rule called "estoppel" which will prevent them from changing their mind on someone after they have acted in reliance on this policy. The permission given here should actually be pretty difficult to shake off.
So "good guys" who operate under open source/free lienses should be reasonably well protected here, and at the same time the patents CAN be asserted against those producing proprietary software. Not bad at all, I would say.
In fact, it could be a net plus for free software.
Are you helpless?
Just try linuxiso.org (slow!) or just Google for linux iso.
Better yet, try the Debian "netinst" CD (a 30 meg iso that installs most of the remaining parts of itself over the 'net) and avoid all the unnecessary downloading. Poke around Debian.org and you'll find a link to it.
For most purposes, Woody has been pretty stable for months. All this new date means is that "Woody" becomes the officially released "Stable" Debian distribution.
Debian is a little behind because they insist that all software be packaged and configured in a consistent way. It makes for a more stable and upgradeable system.
Debian has high quality standards, which contributes to these kinds of delays.
Trading off a few weeks of bleeding edge currency for stability seems well worth it to me.
Slashdot Mirror
Plenty of it around. It certainly makes oodles of thick, ground-hugging fog, especially on a humid or drizzling day. Careful not to "burn" yourself with it, though.
I think many corporate IT people are instinctively scared of anything "free". This looks like a lame effort to sell a new "service" to these suckers.
'cause telling the public about your inbvention is a good way to prevent anyone, including you, from ever getting a patent on it!
Basically, it's like shootin yourself in the foot.
Seeking free legal advice on a public board is a really dumb idea, for about 19 different reasons.
The number one concern cited in this article is viruses and malicious code, yet all the corporations want to run Windows, which seems vulnerable down to its root core.
Now, if my company went cold turkey on Windows and MS office it probably couldn't continue do business. That's right, our business would dry up, real fast. We could use Macs, of course (at huge transition expense, but doable), but we'd still need MS office. I'm an avid home user of OpenOffice (on Linux) - I love the program and have found it entirely serviceable as a general office tool, and it's a tool that could certainly be used by office workers. However, if a pool of secretaries and clerks had to deal with MS office attachments coming in all day, and had to convert all their outgoing work product to MS office-compatible files, that would be a real problem, operationally. For service companies and others doing a lot of business with the outside world (probably most of the corporate world), weaning off of MS office is not a real option at the present time.
So, MS has all these companies by the shorthairs. Microsoft doesn't really HAVE to give a damn, actually, about the security vulnerabilities, because they do not make IT vulnerable in any material sense. The customers have no real choice. Microsoft just has to make it easier to deploy their own products and incorporate more "features", and all the macro, scripting, component and plugin capability built into their products plays into that objective just fine.
Not that it's so terrible to be a MS customer. Their latest enterprise agreements were quite reasonable. You just have to keep paying, and most management accepts that. And you get pretty decent service from them, really. The customer takes all of this (security flaws included), with a big smile on its face! The result is a nice annuity from virtually every business organization in the world. Better than being a tax collector.
Security won't go anywhere, IMO, until either the government or the corporate users en masse get up and demand something better.
One thing I never understood is why Microsoft isn't vulnerable to class action lawsuits, like the pharmaceutical companies get hit with all the time. That would straighten them out real fast. The answer may be that the people who would do this suing would be corporate america, and it's against their ethic to bring these kinds of suits (they're stuck defending them most of the time).
Maybe if times get tougher, or business more competitive, companies will have to think about how much these problems are really costing them, and whether it makes economic sense to start doing something effective about it. I don't think we're there yet.
The Patent & Trademark Office seems to have spent most of its time over the past decade trying to reform itself. With "customer" satisfaction surveys running in the 50 - 60% range, they know they have a problem.
For example, about a year back, they came out with software for electronic submission. Codes things in XML. Nice concept, but the software was virtually unusable. God knows how much money they spent on that. Their flawed electronic search system is another example of ineffective, grossly expensive automation projects.
Another very basic issue is that they seem to lose half the papers people send to them, and then commit significant resources to reviewing and ruling on the proof that the submitter actually sent the papers. This is routine. The most important part of any submission to their office, regretably, is the proof of mailing.
Then there's the touchy issue of quality. Some of the people who work there are highly competent and dedicated. But a lot of them are really inexperienced. Adding 2000 more will just make this worse.
The commissioners (who have been rotating with considerable frequency of late) always say they want to run the office "like a business." Well guess what? It ain't a "business" and it never will be.
They keep talking about their mission to serve "customers," i.e. the people who file patent applications. This is infuriating. They seem totally to forget that the key part of their mission to to represent the PUBLIC. At one point, a past commissioner actually wanted to privatize the office (and make himself the CEO). They should start thinking about what serving the public actually means, and just lose the part about trying to be a "business." At this point, that would be the most useful "reform," in my opinion.
. . . for installing a closed source executable. It can do anything it wants to your computer, and you have no say in the matter, nor do you have any way of knowing in advance what it's going to do to you.
Commercial folks like these, especially those having hard times, are going to do anything they THINK they can get away with to make a few bucks. So take their "free" downloads at your own risk.
Better to run Linux and use gnut.
How about a really superb graphics program?
Do you think a major PC manufacturer would bundle as its WP "solution" a word processor that does not do tables or other basic formatting operations? I don't theenk so.
You do NOT have tables in any released version. I just checked the site. Nada.
I see you have tables in some kind of testing version, in your own personal directory on your personal home page. I also saw an undated file there predicting this would be usable in about 6 months. Don't get me wrong - I applaud your efforts. When you get it running and some kind of tested, let us know. So far, Abiword has not been useful, even for grade school homework. It would sure be nice to have a free, robust program that was not insanely bloated like OpenOffice.
But OpenOffice does work and in fact it works real well. It just takes all day to load and hogs memory on any modest machine.
Right. Further, if they were leading people to believe that what they were doing was royalty-free, and those people relied on it, there is also a doctrine of "estoppel" that would prevent them from changing the rules as to those people, at least to the extent they reasonably relied.
Spam makes me CRAZY. What about ROBOT DIALERS - Do you say that's constitutionally protected "FREE SPEECH" also? Sheesh!
Guess he IS a troll. . .
This is pathetic.
Go to the beach, folks, 'cause there ain't gonna be any real news till after Labor Day.
So Delphi lacks multiple inheritance, templates, multi-platform universality and few other things, but take a look at the tight code it generates (and run a few benchmarks) and you'll see it is a very impressive language.
It is just happens to be easier to code in than C, that's all.
If you are doing throwaway or one-of-a-kind applications on the PC, Delphi is definitely a nice way to knock them off.
It's the first language I learned, punching cards one-by-one and handing in the deck to be compiled a la "batch" style, with 24-hour turnarounds between compiles. The language is a lot older than 25 years - I believe it's been around for more like 50 years.
No, I don't see why, with a decent compiler, Fortran should be particularly more efficient than, for example, C, except perhaps for transcendental functions and the like which have been espicially optimized in Fortran compilers.
I could see why the OO overhead of C++ could be a downside compared to Fortran, at least for purely numeric processing tasks.
You think you've seen bugs? Try unravelling all the GOTOs and CALLs in the typical patched-up FORTRAN program.
Moreover, I have no desire to go back to those stupid "FORMAT" statements! YECCHH!!! Believe me, you can be a lot more productive in other languages.
Yes, this one may indeed be "obvious" (and therefore invalid). It would have be well known to anyone who knew anything in this field in 1998 (when this patent was filed) that some URLs contain at least nominal indicators of geographic origin (like, doh). And it would have been obvious, I would say, to take advantage of this in order to qualify people on the Web (to an approximation) based on their location.
On the other hand, how much clout does this patent have, anyway? On a (very) quick reading, the claims of the patent all seem to be limited to making a go/no go determination based on parsing the "custom" (domain) name or retrieving registrar data on it and making some sort of classification or probablistic determination based on the retrieved information. This seems like a pretty weak test to me - it would seem to me that one could do a little better, perhaps, by analyzing the network address itself, which this patent doesn't seem to cover (i.e., analyzing the network address based on IANA assignments and database info as opposed to retrieving and working with the "custom name").
Does anyone know what the state of the art is these days in determining the true geographic location for someone accessing information over the Web? It seems to me that companies like Oracle (which provides downloads of software having export control issues) must have figured out a more reliable means than what is in this patent in order to verify a recipient's geographic location.
It seems to me also that the probabilistic techniques disclosed here would be more suitable for analysis (e.g., marketing analysis) than for deciding who to allow to download content. But the patent seems only to cover the go/no go stuff. Maybe it would have been TOO brazen to have attempted to get a patent merely on reading one's logs!
So being Paladium-compliant has problems - who is going to pay for a certification every time you recompile your kernel?
Maybe a complete alternative is necessary that does not unnecessarily tie up the OS and the application software with "approvals" and "certifications". It seems to me that a chip can control access to the hardware in accordance with applicable DRM requirements, and that the OS and applications are really irrelevant if the chip is doing its job. It seems to me that there could readily be a hardware solution that was agnostic as regards the OS.
OTOH, good luck finding a hardware manufacturer that will spend the significant bucks required here in order to support some relatively small base of users. It's be way too orphaned ever to get off the ground.
I think the battle here, unfortunately, has to be waged on the political level.
This potentialy pulls the rug from everything -- yanks GNU/GPL to a screeching halt.
Somebody has got to start talking about BIG BROTHER - Hate to sound paranoic, but I think that's what this is ultimately about.
Taco is just churning the pot on a slow day. You can see the watermark, can't you? T --- R --- O --- L --- L
Now, a private standard, as opposed to a government imposed one, has to catch on through market forces (OK, perhaps augmented by monopoly power). Still, this would leave room for a competing standard that was more open, and gave the consumer more choices. Perhaps a chip whose logic and firmware were open, so that it could be provably shown (to the user) that all it is doing is DRM. And at the same time, provably shown (to the content owner) that the DRM had not been compromised.
I know even THINKING about IMPLEMENTING DRM is anathema to most Slashdotters (WTF *ARE* digital RIGHTS, anyway?), but maybe the time has come.
Maybe they got it right now, but in 8.0 and 8.1 the update utility would always die with some RPM dependency issue. It looked pretty good for a couple of months, but then you wanted to install the latest and greatest application upgrades, and slowly but surely, everything started to break.
At least this avoids the Windows Tax.
When mine was installed, the Tech said he *would* come back to install a filter so I wouldn't get free cable TV. He never came back. So I get about a dozen channels - just the broadcast ones, though, not even basic cable.
This is actually pretty good. They will as a practical matter be bound in many cases, because there is a legal rule called "estoppel" which will prevent them from changing their mind on someone after they have acted in reliance on this policy. The permission given here should actually be pretty difficult to shake off.
So "good guys" who operate under open source/free lienses should be reasonably well protected here, and at the same time the patents CAN be asserted against those producing proprietary software. Not bad at all, I would say.
In fact, it could be a net plus for free software.
The IDEA of ANYTHING can NEVER be copyrighted. Nor can this one. So what.
IMO no Debian user is going to bolt for Red Hat - certainly not so they can get a portion of their $0.00 back.
I once did pay $19.00 for a boxed Debian CD, but now with a cable connection and netinst, there is no need - though GIVING them money is a good idea.
Are you helpless? Just try linuxiso.org (slow!) or just Google for linux iso. Better yet, try the Debian "netinst" CD (a 30 meg iso that installs most of the remaining parts of itself over the 'net) and avoid all the unnecessary downloading. Poke around Debian.org and you'll find a link to it.
Well, can you write Javascript script for the referring page so as to stuff the target site's URL into the HTTP_REFERRER variable (Hee Hee)?
For most purposes, Woody has been pretty stable for months. All this new date means is that "Woody" becomes the officially released "Stable" Debian distribution.
Debian is a little behind because they insist that all software be packaged and configured in a consistent way. It makes for a more stable and upgradeable system.
Debian has high quality standards, which contributes to these kinds of delays.
Trading off a few weeks of bleeding edge currency for stability seems well worth it to me.