OpenID is a great system, and it's hardly dying. It's just changing.
The traditional (and right now, standard) view of OpenID is that you use a URL (or an i-name, which are all but useless because, hey, there's a lot of people qualified for =john.doe - and they are not free. How many people do you know with a.name URL?) to sign in to a website. This is pointless, because nobody wants to be identified by their blog when they log into facebook, or by their myspace account when they comment on blogger.
The way it's increasingly being used now is as a federated authentication mechanism, kind of like Windows Live Passport, except an open protocol. It's more or less completely transparent to the end user - I go to Zoho Office and click the button to log in with either Google or Yahoo, and it bounces me to the selected provider's OpenID page without forcing me to remember something like https://www.google.com/accounts/o8/id. That kind of system - transparent federated authentication - is much more likely to catch on with your average end-user.
This process sounds (like me) a lot like the NEWS plug-in for Azureus/Vuze. It measures network speed and latency and compares it to peers in order to try to detect filtering/shaping.
Try reading that again. GP isn't saying that if a handful of members of a church you are in go against your principles you should leave, sie is saying that if the leadership violates your principles, it's time to find new leadership. Whether it refers to leadership at the level of a class, a congregation (ref. "radical imam" or Westboro Baptist Church), an area, or a religion (ref. Church of Scientology), it is time to find new leadership at that level.
That could just mean a different class in a given church. It could mean a new church, or it could mean a new religion (or sect thereof).
There was a fork of Blaster that installed the patch for the hole it used to spread, then deleted itself. Unfortunately, like Blaster, it had a tendency to crash the Messenger service, which causes Windows to reboot without letting the user interrupt the reboot. The anti-Blaster didn't get very far.
I remember ars put it this way, but you'll have to look it up yourself.
Throwing away partitioning, IPv6 has an entire IPv4 address space for each second of every person on Earth's life until the heat death of the universe, if population and life trends remain stable.
Even with the partitioning (which isn't actually stupid, it's forward-thinking - things like multicast and anycast are kludges in v4 and built into v6 instead, should make them work better and improve routing tuning capabilities), v6 has plenty of space.
Re:Every country has a different threshold
on
China Blocks iTunes
·
· Score: 2, Informative
Two things to note:
Number one, we don't ban bomb making instructions. Google "Anarchist's Cookbook". Get your facts straight before attempting to troll.
Laws prohibiting the distribution and possession of child pornography ban speech because of the manner in which it is produced, regardless of its serious literary or artistic value.
If you don't understand how this is different from China blocking all of iTMS because a handful of songs protested their takeover and violent suppression of a sovereign nation, by all means emigrate to China.
Please no comparing Tibet to Iraq here. One might recall that we're in the final stages of talks with Iraq to fully remove American troops over time (having already handed over control of the nation to the new government), where China refuses to recognize the existence of Tibet as a separate culture and violently suppresses any suggestion that they do. Go ahead and see what happens when you walk down the street in DC with a tape of Iraq war protest songs in a ghetto blaster. Hint: odd looks, but nothing else.
Actually btrfs is looking very much like a ZFS-killer, as it were - it does volume management, snapshots, redundancy... If the FS is half as good as the published concepts, it may become the Linux equivalent to ZFS.
In fact some of the more interesting threads that made it to kerneltrap recently deal with btrfs, in some cases with the developer doing certain programming gymnastics to avoid violating layering in the kernel (I'm not sure I have the terminology right). This is, incidentally, why Reiser4 is not in the kernel - because Reiser was a dick, and among other things Reiser4 violated boundaries between parts of the kernel in a big way, and he refused to fix it. That's another interesting lkml thread that can be found on kerneltrap.
Except it isn't really a promise of any of those things. You'll find that almost all SLAs say that scheduled maintenance and things outside the control of the provider - like *their* provider - don't count towards downtime for SLA purposes.
I think you can bend that rule a bit when you're giving away a scarce product as opposed to an infinitely reproducible product, but good point nonetheless.
It's probably for the better if Lexmark just curls up and dies. I've never had a Lexmark printer I considered particularly good, and I absolutely hate their little toolkit app.
Notably the free printers HP bundles with their OEM machines suck too, but what do you expect for free...
Re:Does XEN have a future?
on
Running Xen
·
· Score: 1
I think the difference GP is trying to point out is that Xen is targeted more for the VMWare ESX market - the dom0 OS can (and should) be as stripped down as possible - whereas KVM is (currently) more targeted for the VMWare Workstation or QEMU market of bolting a VM onto an existing general-purpose system. That could change on both counts, and kvm developers have stated that they intend it to be general purpose, so there's really no reason that Xen could not be ported to kvm, as it were.
I doubt they'll come out and say that. But look at how flaky twitter is (try using it for a while). The two biggest sites on the internet that are built on RoR - Penny Arcade and twitter - are flaky as hell. I've met the PA coder, and I'm not willing to believe the twitter guys are incompetent, so it's obviously not their fault.
RoR is known for obscenely high resource usage. I can't believe it'd be a good choice for large sites like twitter, long term.
Quick question - are you American? (disclaimer: I am, I'm not dissing the US, just making a point re pot, kettle, etc)
The legal age for pornography has been 18 in the US for... at least 40 years. The age of consent is as low as 16 in many states, maybe 15 in one state? Can't remember. Odd as it may sound, this kind of thing is common. Japan? Age of consent in some prefectures is as low as 14 (though I think it's 16 nationally, laws are weird there) but the age for pornography is still 18.
Yes, but presumably you don't let the entire world get on your DC network. If only trusted people access vulnerable systems, the vulnerabilities are less significant. Yes they're still there, and yes there's still a risk, but what would the cost be of replacing or reprogramming all the IPMI cards? Security is all about risk/reward, except with a few more variables. If your demonstrable risk is minimal, the reward to reduce or eliminate it will also be minimal. If the cost outweighs the benefit, it's just bad business. Even if it is a good idea.
Well trolled. However: a Cubit is a highly inaccurate measure - although roughly 18 inches, it is measured according to the length of one's forearm - not an accurate measure by any standard. And if you adjust for significant figures, as at least one other commenter suggested, it is exactly right. Or if it's rounded, or...
IMAP and MAPI are two separate protocols. IMAP is a standard protocol used for semi-connected work on folders actually hosted on a server (it can work disconnected and sync up later), whereas MAPI is a Microsoft proprietary protocol that accomplishes approximately the same thing.
I tend to think that the name MAPI is a typical Microsoft attempt to get people to confuse (it worked, didn't it?) open, widely used standards and Microsoft proprietary crap. See also OOXML vs ODF (formerly OOXML, before Microsoft even dreamed of that acronym...)
It's not that hard - marker on acrylic comes off with a bit of rubbing alcohol pretty easily. And there's a perfectly good reason - I have it on good authority that policy is to restore repaired consoles to a "like new" condition, because most people prefer it that way.
The studies I have heard of show that atypical sexual biases (homosexuality, transgender, that sort of thing) are typically related to unusual chemical balances in the womb. This also can explain why homosexuality is more common in children who were born to older mothers, as hormones start to go crazy at a certain age.
Mod parent up. The word "cult" is thrown around far too much, to the point where anyone who doesn't like a given religion decides to call it a cult. But as parent points out, it has a specific meaning, and most organizations that do fit the meaning are at best an extreme danger to their followers, and at worst a danger to the fabric of society.
Although I understand what you're trying to say, it does seem a little irrelevant.
I don't really see how it's irrelevant - if a "security defect" exists but cannot be exploited (i.e. if there's a buffer overflow bug but it deals with internal data or data that's already been thoroughly sanitized), it does not present the same risk as a bug that may be easily exploited, for example in the input sanitizing code. It's not really clear how many of these bugs are of each type, and I think it's significant that the phrase "security defect" was chosen instead of "security hole" or some other phrase that is more commonly used for known significant risks.
Of course, "cannot be exploited" is relative - no matter what you do, there's always a real possibility that someone's going to come up with a creative way to get their data in the wrong place at the wrong time and break all your nice sanitizing code and layers you've erected over that heavily protected buffer overflow, so the real resolution is of course to fix it. Still, I think it's an important distinction, especially when dealing with statistics.
1. PDFs are much, much smaller - as AC sibling said, about the size of PS after compression 2. PDFs are relatively tamper-resistant 3. PDFs are more widely understood 4. PDFs are lighter to render
I could go on about how they handle images and whatnot better too, but PS is a wonderful format when you still need to work with the document - I'm being completely serious here - but PDF is better as the final distribution method.
Re:Guarantee of Reliability is not Free (as in bee
on
NYSE Moves to Linux
·
· Score: 1
Indeed - I used to work desktop support at a financial/insurance company, and some of the crap I saw on some of the users' mainframe sessions (you'd think that mainframe programmers should be able to figure this stuff out, but I guess instead of waiting for someone to build a better idiot, Microsoft just makes everyone look like an idiot) was unlike anything I'd seen, until I started poking around on Wikipedia and figured out that what they were doing on "the AS360" (can't remember the number, mainframe wasn't our problem) was this bizarre database (or something) programming language called RPG... oddly enough, saw a COBOL printout on that same person's desk.
Evidently there's still money to be made in selling your soul to IBM and supporting stuff that hasn't been unplugged for decades, much less upgraded.
I wasn't really clear in my earlier post. You're absolutely right - H.264 is extremely processor-heavy. However, as time has passed decoders have become more efficient (or maybe 'learned' to use processor features better, you can only improve an algorithm so much) and processors faster, so I meant the perceived strain relative to what the strain was, say, three years ago, not relative to the strain of XviD/DivX with MP3.
First off, it's actually AAC. And it's not proprietary, at least not to Apple - AAC (Advanced Audio Coding) is part of the MPEG-4 standard and intended as a successor to MP3, though like MP3 it legally requires a patent license. Also H.264 is not an Apple codec - it's an ITU standard, also known as MPEG-4 Part 10, or AVC (but again with the patent nonsense).
I think why Apple picked them up is that they are about the best codecs out there (I'm not going to entertain a debate between AAC and OGG quality, please, the reasoning here is that H.264 and AAC are DESIGNED to work together). Also AAC is very good at surround sound, something MP3 has never been popular for, perhaps for the reasons below.
The reason that the community and market have been slow to accept them are that they are more complicated, thus heavier and/or more expensive to implement, as well as the fact that Xvid and Divx (same thing, different encoders - another part of MPEG-4 by the way) can (or used to) produce smaller filesizes for video, and at standard def you wouldn't really know the difference. But as HD content has become more popular, it's become more common to find media in H.264 with AAC 5.1 audio, and as en- and decoders get better (not to mention computers) H.264 and AAC present less of a relative strain on both disk (or bandwidth) and processor, and at HD resolution the hit to speed is completely worth it.
I think this might be way Nokia is pushing H.264 and AAC - they present real possibility for advancement into high-def streaming content, something that other codecs really don't. Please note that I really haven't had any experience with Ogg Theora (which is NOT the same as Ogg Vorbis) in high-def environments, so I can't really say for sure. Also I'm not sure how it is at streaming.
Actually I'm pretty sure that the ARRL was neutral on the federal level, pretty much just advising caution and supporting advancement. Being a member of the ARRL at the time, the temperature of most of the community seemed to be that striking that requirement was a good idea, save for the ever-present 'vocal minority' who seemed to think that it would bring about the Eternal September (or maybe the End) of Amateur Radio (though I never saw that term used... I suspect they had never heard of that newfangled Usenet thing). Well... it didn't. Probably something to do with the written tests.
Slashdot Mirror
OpenID is a great system, and it's hardly dying. It's just changing.
The traditional (and right now, standard) view of OpenID is that you use a URL (or an i-name, which are all but useless because, hey, there's a lot of people qualified for =john.doe - and they are not free. How many people do you know with a .name URL?) to sign in to a website. This is pointless, because nobody wants to be identified by their blog when they log into facebook, or by their myspace account when they comment on blogger.
The way it's increasingly being used now is as a federated authentication mechanism, kind of like Windows Live Passport, except an open protocol. It's more or less completely transparent to the end user - I go to Zoho Office and click the button to log in with either Google or Yahoo, and it bounces me to the selected provider's OpenID page without forcing me to remember something like https://www.google.com/accounts/o8/id. That kind of system - transparent federated authentication - is much more likely to catch on with your average end-user.
This process sounds (like me) a lot like the NEWS plug-in for Azureus/Vuze. It measures network speed and latency and compares it to peers in order to try to detect filtering/shaping.
Try reading that again. GP isn't saying that if a handful of members of a church you are in go against your principles you should leave, sie is saying that if the leadership violates your principles, it's time to find new leadership. Whether it refers to leadership at the level of a class, a congregation (ref. "radical imam" or Westboro Baptist Church), an area, or a religion (ref. Church of Scientology), it is time to find new leadership at that level.
That could just mean a different class in a given church. It could mean a new church, or it could mean a new religion (or sect thereof).
There was a fork of Blaster that installed the patch for the hole it used to spread, then deleted itself. Unfortunately, like Blaster, it had a tendency to crash the Messenger service, which causes Windows to reboot without letting the user interrupt the reboot. The anti-Blaster didn't get very far.
I remember ars put it this way, but you'll have to look it up yourself.
Throwing away partitioning, IPv6 has an entire IPv4 address space for each second of every person on Earth's life until the heat death of the universe, if population and life trends remain stable.
Even with the partitioning (which isn't actually stupid, it's forward-thinking - things like multicast and anycast are kludges in v4 and built into v6 instead, should make them work better and improve routing tuning capabilities), v6 has plenty of space.
Two things to note:
Number one, we don't ban bomb making instructions. Google "Anarchist's Cookbook". Get your facts straight before attempting to troll.
Number two, the ban on child pornography is not because the porn itself is obscene, it is because its production is harmful. See this page: http://en.wikipedia.org/wiki/Ashcroft_v._Free_Speech_Coalition#Majority_opinion
If you don't understand how this is different from China blocking all of iTMS because a handful of songs protested their takeover and violent suppression of a sovereign nation, by all means emigrate to China.
Please no comparing Tibet to Iraq here. One might recall that we're in the final stages of talks with Iraq to fully remove American troops over time (having already handed over control of the nation to the new government), where China refuses to recognize the existence of Tibet as a separate culture and violently suppresses any suggestion that they do. Go ahead and see what happens when you walk down the street in DC with a tape of Iraq war protest songs in a ghetto blaster. Hint: odd looks, but nothing else.
Actually btrfs is looking very much like a ZFS-killer, as it were - it does volume management, snapshots, redundancy... If the FS is half as good as the published concepts, it may become the Linux equivalent to ZFS.
In fact some of the more interesting threads that made it to kerneltrap recently deal with btrfs, in some cases with the developer doing certain programming gymnastics to avoid violating layering in the kernel (I'm not sure I have the terminology right). This is, incidentally, why Reiser4 is not in the kernel - because Reiser was a dick, and among other things Reiser4 violated boundaries between parts of the kernel in a big way, and he refused to fix it. That's another interesting lkml thread that can be found on kerneltrap.
Except it isn't really a promise of any of those things. You'll find that almost all SLAs say that scheduled maintenance and things outside the control of the provider - like *their* provider - don't count towards downtime for SLA purposes.
I think you can bend that rule a bit when you're giving away a scarce product as opposed to an infinitely reproducible product, but good point nonetheless.
It's probably for the better if Lexmark just curls up and dies. I've never had a Lexmark printer I considered particularly good, and I absolutely hate their little toolkit app.
Notably the free printers HP bundles with their OEM machines suck too, but what do you expect for free...
I think the difference GP is trying to point out is that Xen is targeted more for the VMWare ESX market - the dom0 OS can (and should) be as stripped down as possible - whereas KVM is (currently) more targeted for the VMWare Workstation or QEMU market of bolting a VM onto an existing general-purpose system. That could change on both counts, and kvm developers have stated that they intend it to be general purpose, so there's really no reason that Xen could not be ported to kvm, as it were.
...was using Ruby on Rails"
I doubt they'll come out and say that. But look at how flaky twitter is (try using it for a while). The two biggest sites on the internet that are built on RoR - Penny Arcade and twitter - are flaky as hell. I've met the PA coder, and I'm not willing to believe the twitter guys are incompetent, so it's obviously not their fault.
RoR is known for obscenely high resource usage. I can't believe it'd be a good choice for large sites like twitter, long term.
Quick question - are you American? (disclaimer: I am, I'm not dissing the US, just making a point re pot, kettle, etc)
The legal age for pornography has been 18 in the US for... at least 40 years. The age of consent is as low as 16 in many states, maybe 15 in one state? Can't remember. Odd as it may sound, this kind of thing is common. Japan? Age of consent in some prefectures is as low as 14 (though I think it's 16 nationally, laws are weird there) but the age for pornography is still 18.
Yes, but presumably you don't let the entire world get on your DC network. If only trusted people access vulnerable systems, the vulnerabilities are less significant. Yes they're still there, and yes there's still a risk, but what would the cost be of replacing or reprogramming all the IPMI cards? Security is all about risk/reward, except with a few more variables. If your demonstrable risk is minimal, the reward to reduce or eliminate it will also be minimal. If the cost outweighs the benefit, it's just bad business. Even if it is a good idea.
Well trolled. However: a Cubit is a highly inaccurate measure - although roughly 18 inches, it is measured according to the length of one's forearm - not an accurate measure by any standard. And if you adjust for significant figures, as at least one other commenter suggested, it is exactly right. Or if it's rounded, or...
Warning: offtopic
IMAP and MAPI are two separate protocols. IMAP is a standard protocol used for semi-connected work on folders actually hosted on a server (it can work disconnected and sync up later), whereas MAPI is a Microsoft proprietary protocol that accomplishes approximately the same thing.
I tend to think that the name MAPI is a typical Microsoft attempt to get people to confuse (it worked, didn't it?) open, widely used standards and Microsoft proprietary crap. See also OOXML vs ODF (formerly OOXML, before Microsoft even dreamed of that acronym...)
It's not that hard - marker on acrylic comes off with a bit of rubbing alcohol pretty easily. And there's a perfectly good reason - I have it on good authority that policy is to restore repaired consoles to a "like new" condition, because most people prefer it that way.
Logic would dictate that that's not genetic...
The studies I have heard of show that atypical sexual biases (homosexuality, transgender, that sort of thing) are typically related to unusual chemical balances in the womb. This also can explain why homosexuality is more common in children who were born to older mothers, as hormones start to go crazy at a certain age.
Mod parent up. The word "cult" is thrown around far too much, to the point where anyone who doesn't like a given religion decides to call it a cult. But as parent points out, it has a specific meaning, and most organizations that do fit the meaning are at best an extreme danger to their followers, and at worst a danger to the fabric of society.
Also interesting point about the Salvation Army.
I don't really see how it's irrelevant - if a "security defect" exists but cannot be exploited (i.e. if there's a buffer overflow bug but it deals with internal data or data that's already been thoroughly sanitized), it does not present the same risk as a bug that may be easily exploited, for example in the input sanitizing code. It's not really clear how many of these bugs are of each type, and I think it's significant that the phrase "security defect" was chosen instead of "security hole" or some other phrase that is more commonly used for known significant risks.
Of course, "cannot be exploited" is relative - no matter what you do, there's always a real possibility that someone's going to come up with a creative way to get their data in the wrong place at the wrong time and break all your nice sanitizing code and layers you've erected over that heavily protected buffer overflow, so the real resolution is of course to fix it. Still, I think it's an important distinction, especially when dealing with statistics.
1. PDFs are much, much smaller - as AC sibling said, about the size of PS after compression
2. PDFs are relatively tamper-resistant
3. PDFs are more widely understood
4. PDFs are lighter to render
I could go on about how they handle images and whatnot better too, but PS is a wonderful format when you still need to work with the document - I'm being completely serious here - but PDF is better as the final distribution method.
Indeed - I used to work desktop support at a financial/insurance company, and some of the crap I saw on some of the users' mainframe sessions (you'd think that mainframe programmers should be able to figure this stuff out, but I guess instead of waiting for someone to build a better idiot, Microsoft just makes everyone look like an idiot) was unlike anything I'd seen, until I started poking around on Wikipedia and figured out that what they were doing on "the AS360" (can't remember the number, mainframe wasn't our problem) was this bizarre database (or something) programming language called RPG... oddly enough, saw a COBOL printout on that same person's desk.
Evidently there's still money to be made in selling your soul to IBM and supporting stuff that hasn't been unplugged for decades, much less upgraded.
I wasn't really clear in my earlier post. You're absolutely right - H.264 is extremely processor-heavy. However, as time has passed decoders have become more efficient (or maybe 'learned' to use processor features better, you can only improve an algorithm so much) and processors faster, so I meant the perceived strain relative to what the strain was, say, three years ago, not relative to the strain of XviD/DivX with MP3.
First off, it's actually AAC. And it's not proprietary, at least not to Apple - AAC (Advanced Audio Coding) is part of the MPEG-4 standard and intended as a successor to MP3, though like MP3 it legally requires a patent license. Also H.264 is not an Apple codec - it's an ITU standard, also known as MPEG-4 Part 10, or AVC (but again with the patent nonsense).
I think why Apple picked them up is that they are about the best codecs out there (I'm not going to entertain a debate between AAC and OGG quality, please, the reasoning here is that H.264 and AAC are DESIGNED to work together). Also AAC is very good at surround sound, something MP3 has never been popular for, perhaps for the reasons below.
The reason that the community and market have been slow to accept them are that they are more complicated, thus heavier and/or more expensive to implement, as well as the fact that Xvid and Divx (same thing, different encoders - another part of MPEG-4 by the way) can (or used to) produce smaller filesizes for video, and at standard def you wouldn't really know the difference. But as HD content has become more popular, it's become more common to find media in H.264 with AAC 5.1 audio, and as en- and decoders get better (not to mention computers) H.264 and AAC present less of a relative strain on both disk (or bandwidth) and processor, and at HD resolution the hit to speed is completely worth it.
I think this might be way Nokia is pushing H.264 and AAC - they present real possibility for advancement into high-def streaming content, something that other codecs really don't. Please note that I really haven't had any experience with Ogg Theora (which is NOT the same as Ogg Vorbis) in high-def environments, so I can't really say for sure. Also I'm not sure how it is at streaming.
Actually I'm pretty sure that the ARRL was neutral on the federal level, pretty much just advising caution and supporting advancement. Being a member of the ARRL at the time, the temperature of most of the community seemed to be that striking that requirement was a good idea, save for the ever-present 'vocal minority' who seemed to think that it would bring about the Eternal September (or maybe the End) of Amateur Radio (though I never saw that term used... I suspect they had never heard of that newfangled Usenet thing). Well... it didn't. Probably something to do with the written tests.