Google does MUCH better than that.
on
Mr Anti-Google
·
· Score: 2
Google has been a strong advocate of including all sides in the ranking. They very clearly came down on the side of xenu.org when the Scientologists came knocking. Moreover, their policy to ensure that pro-Scientology sites appear before their detractors makes perfect sense, just as I would fully expect to see the history, culture and art of African Americans to appear before the Arian Nation when I search on "african american."
For a quality search engine, the balance should always be tilted in favor of the individuals directly referenced in the search so that those parties can address grievences and possibly make amends without having to simultaneously battle for position in the ranks to be heard. If I wanted the contrary view, I would have explicitly asked for it. Since google sends me the contrary view anyway, I appreciate that they sort it after the material that I requested.
Lastly, I find it interesting that someone who starts out with "this is a crock of shit" should summarize with "if you'd like to argue for civil discourse instead of flame fests and random insults, I will be the first to add my voice to yours." I would not have even replied to this, except that it was modded +3, which frankly, I find rather sad.
The Wright Brothers were precisely the amateurs you mention. They did patent their invention and spent the next ten years fighting off other competing companies for exclusive rights to this body of work. They prevailed in court and yet completely failed to prevent rivals such as Glenn Curtiss from building airplanes. Moreover, they wasted years of useful energy and a tremendous fortune in the process. Most importantly, Curtiss' wing design was superior to theirs, and the movable surfaces which replaced the Wrights wing-warping system is the basis for the ailerons of virtually all aircraft built since.
I work with H2O2 regularly and I can tell you from experience that concentrations of 50% and down are comparatively benign. Concentrations of 30% and 50% will give you a nasty white rash if you come in contact with them. The rash forms within about 10 seconds of contact, faster if the concentration is higher. The rash last for anywhere from 10 minutes to an hour and then goes away. Meanwhile, the skin remains tender for some time afterwards.
Concentrations exceeding approximately 74% require more care and consideration, both in storage and handling.
I disagree with this assessment for several reasons. Even if the virus scanner code is junk, the attacker is successfully manipulating this program in ways that the program should not have to deal with.
1. If the program creates an edit control and specifies that the maximum input size is X, then it better stay X until it is changed by authorized code- namely the process that created it.
2. The means for fetching text out of that edit control is WM_GETTEXT. This message takes a destination buffer length as a parameter. It should not be possible to overrun the destination buffer regardless of how many characters are in the edit control. The input would merely be truncated.
3. The exploit code is most likely in the edit control's internal buffer- not the application's dynamic memory. Unless the user clicks OK or some sort of OnChanged handler has copied that data to a new location, the application has not had the chance to touch it. The attacker merely needs to guess the location of the edit control's internal buffer. Apparently, it's less difficult than one would hope.
And finally, even if none of that were the case:
4. Being able to send any message that passes a pointer across applications is foolish. I could send WM_GETTEXT or a raft of similar calls to an application and have it trash itself. The destination address could be any valid place in the target's dynamic memory. If the application attempted to validate the pointer, it would pass. Moreover, important information resides in dynamic memory, not the least of which is the vtbl pointers of important objects like MFC's global CWinApp.
Now, I have a question. How is that this code can be executed at all? Unless the permissions on the pages holding the exploit code permit execution, I don't see how the exploit can even run. Instead, I would expect to see some sort of access violation. Apparently not.
A cursory look through the hook API does not suggest that one can block messages based on the calling process. There appears to be a way to determine if the current thread made the call, but that is largely useless. Threads post inter-thread messages all the time. The real question is whether that thread belongs to the same processes as the receiving window.
The callback function has the following prototype:
There is nothing of use here that would permit a filter to determine the origin of a message. At most it could kill all inter-thread messaging, seriously breaking multi-threaded applications.
Neither Jefferson nor Franklin were Christians. Jefferson in particular had many choice and uncomplimentary things to say about Christians. I suggest you check your facts. What is known is that Jefferson had an appreciation for elements of the morality of Jesus Christ; however, he was particularly unimpressed by the mystic elements of the religion as practiced.
Among the sayings and discourses imputed to him [Jesus] by his biographers, I find many passages of fine imagination, correct morality, and of the most lovely benevolence; and others again of so much ignorance, so much absurdity, so much untruth, charlatanism, and imposture, as to pronounce it impossible that such contradictions should have proceeded from the same being. -Thomas Jefferson, letter to William Short, April 13, 1820
The ^S (Ctrl-S) on the first line suspended the output... the user was typing in the dark until the ^Q at the very end because the keystrokes were being buffered, but the terminal wasn't processing them.
^C and ^D are typical ways of getting out of programs which are being recalcitrant, ^C meaning "stop now" and ^D meaning "I'm done." Unfortunately, until the ^Q went through, all this was merely buffered up, and the actual sequence of events probably involved ^C successfully exiting, while ^D indicating completion- now of the shell, rather than the annoying program. Hence, the terminal closed. It's a screamer, if you've ever lived through terminal shell life.
The fact is, I do trust the Apache group. And for good reason. I know the code is flawed because I write software for a living. All code is flawed, and to believe otherwise is folly. I also know that the competing products are also flawed. What Apache offers that none of their major competitors provide is access to the code. Give me the patch, and I'll apply it myself. If I'm still concerned, I can have a look around the code. And most importantly, they do a much better job at getting the fixes out in a timely manner.
Unfortunately, the exploit clock is now actively running which, no thanks to ISS, was an otherwise unnecessary hassle. That said however, I am confident that hundreds of very concerned and capable open source programmers will be able to outpace the dozen or so overworked and underpaid software engineers who have the misfortune of handling Microsoft's IIS holes.
Lastly, the vendors who provide Apache in their distributions do not have a monopoly on the market place. Their response time is critical to their relationship with their customers. Microsoft, by comparison, has no such relationship with their customers. Having personally been on the receiving end of many thousands of hours of Microsoft's service contracts, partnership deals, inside promotions, and developer support, I can safely say that we spent a lot of money for nothing. Microsoft ignores their preferred partners and Fortune 500 customers just as much as they discount the average desktop user. Through various positions, I've participated directly in all three cases, and after years of poor support from Microsoft, Linux has become a necessary and major factor in how I do business.
With all due respect, I believe Marc Andreessen is being intentionally short-sighted here.
First, he engaged Microsoft head-to-head and lost in a rather public manner. Second, the only way for a man of his stature to save face is to acknowledge that the battle could not be won. Third, Microsoft is a partner of Loudcloud, his new company, and they rely on Microsoft for their web-based application development business.
Call me cynical, but typical American business practices consider 18 months to be a long-term business horizon. I am not impressed by the estimates of people who live, work, fight, and lose in this environment, particularly regarding the impact of something as immense and subtle as an open source browser.
The fact is, open source impacts everyone in varying degrees, and in all cases, the magnitude of that degree is ever increasing, however slowly. Anyone familiar with the time value of money should be aware of the incredible power of the cummulative effect of time over an exponential rate. The issue is only whether the rate exceeds that of Microsoft's ability to respond. I contend that it does, but I am far too happy with the present situation to bother arguing the point. Microsoft is competing against human nature. It won't work for the RIAA or MPAA, so why should Microsoft be any more successful? Money in the bank cannot buy goodwill or customer loyalty.
My original post was intended to be a subtle jab at all those involved, particularly the use of the court system for compensating for the failures of contract law in the United States, but as usual, subtlety is a wasted effort. Turner's position has no merit, and there obviously is no contract. But let us wait for the court's decision, since that is the one that will matter, hence the actual reason behind the suit. Personally, I would like to see Turner have to argue the bathroom issue in court. If they're going to waste public resources and consumer goodwill, they can at least be made to look ridiculous in the process.
Generally, the determination of whether a contract exists or not, especially when there is an absence of a document, and to what effect it is binding on a given circumstance is normally decided in a court of law.
Placing an order for 10,000 widgets which you subsequently reject on the basis that you never signed a contract could easily land you in court. Even if you used the phone and never signed anything, you could still be held responsible for damages (restocking fees, shipment, etc.) Granted, IANAL, so this example may fall under some other legal classification, but near as I can tell, it is all basically breach of contract. Perhaps someone who studies law could help clarify.
At least the networks were thoughtful enough to make a provision for you to use the restroom...
In an interview with [INSIDE] Magazine, Turner Broadcasting CEO Jamie Kellner voiced this opinion on the issue: "[T]he ad skips . ... It's theft. Your contract with the network when you get the show is you're going to watch the spots. Otherwise you couldn't get the show on an ad-supported basis. Any time you skip a commercial or watch the button you're actually stealing the programming." When prompted, Kellner did admit that "there's a certain amount of tolerance for going to the bathroom."
The problem lies with using vague wording like "a certain amount," and it is for that reason that a proactive lawsuit is necessary to define exactly how long is too long. The downside is that if the networks win, they may even be able to show a breach of contract and be awarded damages for each minute you're gone. Could provisions be made for people who are actually ill? Only in a court of law can the fine points of contracts really be resolved.
Add that's the real danger of using contracts for this type of relationship. Unfortunately, I cannot seem to find my copy to check the specifics, but I suggest you all re-read the relevent sections. I wonder if I can request a copy from Turner?
I don't think that children react to situations like those you described in the same way as adults. Without a frame of reference, the severity of the content has so much less impact. Put another way, children tend to be more accepting of what they see without coming to immediate conclusions; it usually just sparks off more questions. I base this off of my own experiences of course, but it seems to hold true with my observations of many children that I know.
And for what it is worth, when I was child, I got to see a lot more visually disturbing stuff than what was described above. My father was a plastic surgeon for the Air Force, and his preferred method of explaining life's more fatal lessons was show and tell.
I've seen children with everything from fingers to ears to faces chewed off. I've seen a motorcyclist who managed to survive the head trauma but ultimately died because half his skin came off while he bounced down the interstate at 80mph (despite his leathers). If there was an opportunity for proving an ugly, messy point, Dad made sure I was with him during rounds that morning. Look son, dogs bred for fighting can do bad things to children. This is what can happen to a motorcyclist who hits gravel on the freeway.
I came away with two very valuable lessons. 1) The human body can put up with some amazing damage before it gives out. 2) I wasn't going to be a doctor when I grew up, as I didn't like seeing the insides of people.
That said however, if I was ever confronted with a gaping chest wound, I doubt that I would find it as traumatizing as I would have without the experience.
And oddly enough, only after years of other experiences did I ever finally conclude that large, mean, inbred dogs are inherently dangerous. As for motorcycles, I came to a completely different conclusion than my father- though risky, motorcycles have their place. So even then, my father could only provide the information; he could not provide the conclusion.
I fail to see how you got from availability of information and the First Amendment to pedophiles hunting children in libraries. If your library is infested with child molesters you need to call the police.
There are very few things which need to be controlled- plutonium maybe. Information? Never. Children love information. They will acquire it whether you restrict their access to it or not. The best thing you can do as a parent is provide them access to accurate information so that they don't waste time and energy with factually incorrect or misleading information. A child with a well-developed, critical mind is in a better position to defend himself from and successfully interact with the world. This above all is your responsibility as a parent. If you cannot do this, then your child will be rolled as soon as they leave the sanctuary of your home.
Also, as for unblocking content on demand- this simply does not hold, and the court stated as much. A child doing research for a class may consider requesting that a site be unblocked, but a child doing research on her own most likely will not. Case in point: I helped a classmate locate information on ovarian cancer in high school. Due to the strict manner in which she was raised, the subject mortified her; it was uncomfortably close to "down there." She pointedly refused to involve any adults. Had this taken place today, she could have found all that information online, on her own, without my help or that of anybody else. Except, if the site was blocked.
Why did she need this information? Well, that's none of my business, your business, or the business of the librarian. And that's the whole point.
Although the law does not seem to fully back this view, I believe that even a 16 year should have a reasonable right to privacy.
The whole business of the EULA is obviously ridiculous, but for the Average Joe, why not an application that allows him to modify the EULA on the fly? Or remove it altogether? It seems to me that it would further empower Joe to blow the whole thing off and further bring about the following realization:
Ordinarily, both parties negotiate the terms of a contract, modifying the contract up until the point at which it is signed (somtimes after, if provisions are made for it.) You should be able to modify the EULA prior to actually agreeing to it. The fact that the vendor is not present is irrelevent since they will never receive a copy of it or sign it themselves anyway. If that really mattered to them, they'd make provisions for it.
As for the technical challenge, I would imagine that attaching to the process in the same manner as a debugger would be a good start. The EULA control handle is easily retrievable and a newly added code page with a SendMessage(hEULA,WM_SETTEXT,pszNewEULA) would largely do the trick. If not, how about SendMessage(hEULA,WM_DESTROY) and blow it away altogether. Presumably, this problem is a simple task for some innovative programmer.
Hopefully in the end, if ever brought to court, a judge would throw the entire sordid mess out based on the fact that any user can change the text of any EULA at any time, making whatever draconian provisions the vendor is forcing on the consumers completely unenforceable without a signed contract. At any rate, it might break the technical barrier for a non-tech-savvy judge.
After re-reading my notes, some older articles by Don Box, and the preface to Professional ATL COM programming, I am inclined to disagree with you. The COM programming environment was not lacking for boilerplate- MFC already provided all this and more, but only in an application framework. Meanwhile, historically, Microsoft was pushing the idea of ActiveX controls which could be downloaded quickly and conveniently from the web. The requested size was on the order of 5 to 15k, a ridiculous demand for an MFC application. In order to pull this off, it was necessary to strip everything, including a large portion of the C runtime library. The designers implemented a stripped-down static runtime to handle general C memory management, they disabled exceptions by default, and employed templates for tight, minimalist implementations of what we would both agree amounts to boilerplate code.
The primary objective was very specifically to make ActiveX controls which would further cement the dominance of IE over Netscape. This is evidenced by the facts that 1) the first objects outside of "simple" objects that could be instantiated from ATL were in fact ActiveX controls, 2) the testing environments for ATL objects centered around full ActiveX controls and their test containers and were largely uninteresting for anything else, 3) the recommended build targets were geared for minimum size and minimum dependency - usually mutually exclusive but both requirements for web deployment, 4) great effort was taken to completely circumvent using the CRT including generating custom winMainCRTStartup code for ATL projects, and 5) until ATL version 2.1, there was barely even a sufficient IDE in MSDev to code in ATL. The only people using it in earnest were Microsoft developers themselves- for the implementation of ActiveX controls.
Follow the money. Microsoft did not write template code because it was a Good Idea; they wrote template code because it made their code small, download fast, enhance the browsing experience, and further push Netscape off the map. Of course, this is all academic now.
To illustrate the above text with some actual code, here's a simple example which iterates a list and prints the result. Code is compiled with MSVC6. Very simple stuff.
esi = vectStr.begin;// esi is the iterator eax = vectStr.end; if (esi == eax) goto done; esi += 4 bytes;// advance esi to string data
next: eax = *esi;// dereference string data
if (eax != NULL/*ebx === 0*/) goto print;// casual check for null (c_str() inlined) eax = "";
print: push eax;// param 2 to printf push address of string "%s ";// param 1 to printf call printf;// ebp === printf
ecx = vectStr.end;// stack is off by 8 here because of call to printf esi += 0x10;// step forward 16 bytes to get to next string data pointer esp += 8;// pop 8 bytes off stack (cleanup printf call) eax = esi - 4;// eax gets current position of string (esi points to string data, not the string itself) if (eax != ecx) goto next;
done:
Not exactly what I would call bloated code. Could you do it faster by hand? Of course, but why bother- it's just a vector of strings. Certainly you could find a better use for your time.
C++ templates are one of the best features of the language...
They are no different than a majority of languages out there...
...regarding templates being created at compile-time as being a bad thing. That's what generic programming is all about!!!
No sir. Generics should be resolved at run-time as much as possible...
C++ is an extension of C; its primary objective was to provide aspects of object-oriented programming to C. Both C and C++ compile to assembly at very-nearly a 1:1 basis. This makes both very fast, with virtual functions being only slightly slower. There is little to no runtime information provided as these are features of higher-level languages which are formulated around support for late-binding. Use the correct tool for the job.
Call the wrong function name in java or python and you get a runtime exception; call the wrong function in C++ you get a compile-time error. The difference in these two methodologies translates to raw execution speed. RTTI is underutilized in C++ because it's largely unnecessary and facilitates breaking the strong-data-type model. This model is what makes C and C++ so fast; it provides immediate function linkage with no time-consuming function lookup or indirection.
As with all languages- show me the code -- the final assembly code. I am very impressed with how well templated code is inlined, optimized, and scheduled on multiple-pipeline processors. After stripping the symbols from the executable, I don't detect any appreciable code bloat inconsistent with the increase in speed I received by inlining my collection classes. Even MSVC6 can do this.
I'd love to hear an example of a language that implements some kind of generic stuff at runtime.
Smalltalk, Python, Dynace, Objective-C and even C... all nice languages
With the exception of C (and possibly ObjC), all the languages listed use runtime function-name/prototype to function-code binding which is nowhere near as efficient as C or C++'s compile-time function linking. Your mention of C is either erroneous, or you are referring simply to collection classes of opaque data. This is hardly an improvement over the existing options- particularly since it completely circumvents the strong-type model already available with C and C++.
It makes absolutely no difference at runtime.
I beg to differ. *every* template you instantiate adds to the binary size because of the need to use them. If I create a vector<string> and vector<int> I get *two* vector class and it will increase the binary size accordingly. Another downfall is that you can't mix and match types, so you have to encapsulate your nodes in yet *another* class... adding even more to the binary.
This is a serious stretch of the truth. Every template you instantiate will increase the size of the code- by the size of the vector constructor code- which is usually a dozen or so bytes at most. Only the functions actually used are included in the code- not every function in the template. Most functions are inlined so you can fully expect those to increase the size of the code while providing an increase in execution speed. The typical functions like begin, end, and iterator increment while typically resolve to a single assembly instruction- less than the equivalent function call to a general collection class!
If you create a vector<string> and a vector<int> you will get two completely different sets of code. The vector<int> will not attempt to call constructors for your int's and can ultimately use an assembly-level memcpy to transfer the contents. The vector<string> will call the constructor and/or copy-constructor of every string you add, which is fine since that's what you want. Two completely different implementations for two completely different types- both optimized for their respective characteristics. No runtime vector implementation is going to provide that, period. You will always get worst-case implementation for both int's and string's because strings necessitate special handling for construction, copying, and deconstruction. At runtime, you get the same poor performance for your int's that you do for your strings.
As for mixing strings and int's in a vector... why? Performance considerations must be weighed against implementation. If mixing int's with strings substantially increases the cost of using the vector, there had better be a really good reason. The first reason might be that execution time is less critical than coding time, in which case, you're probably not using the correct language anyway. Java or python might be more appropriate. Again, use the right tool for the job. As far as I'm concerned, mixing types as you described is a recipe for distaster as it substantially increases the complexity of auditing the code in the future. If I'm enumerating this vector, how can I guarantee that I'm not going to find some other data type in there? Do I throw an exception or try to convert to an int? Or should I convert to a string instead?
C++ is a young language with a young standard.
Even more reason not to use it!! the STL is *not* standardized, check your implementations.
It's being used, standard or no standard, because the utility of the language exceeds the cost of failing to compile properly on all target platforms. Implementations which fail to compile properly can be remedied, as necessary, on the build target. Field fixes are common in cross-compilation, nothing to see here, move along.
YOU SHOULD NEVER INHERENT FROM AN STL CONTAINER. Period.
I disagree. You want to extend an STL containter to create better ones.
I couldn't care less if someone derives from an STL container or not. The risks are clearly stated, possibly even overrated. I've found that inheriting directly from a container without declaring the new class as a template itself usually leads to confusion later. A private member variable tends to be more effective. Once you leave the realm of "general template" and enter the realm of "implementation", it makes sense to hide the collection class. Who knows, you may decide to dump the STL class for another class later. If the code which relies on your class breaks when this happens, you've done a poor job at object-oriented programming. Plus, this solves the multiple inheritance problem mentioned by another poster since your new aggregating object can have any baseclass it wants.
For instance??? You are doing yourself an extreme disservice by avoiding STL.
hmm.. wxWindows, QT, Gtk+, Plib, and any other library that wishes to be *portable*. IMO, you do yourself a great disservice for using the STL.
Assuming you are compiling with gcc, which covers a considerable number of platforms, just how less portable are you realistically going to be? MSVC does a fair job- ATL COM is built entirely on templates (for better or worse, although their primary objective was reduced code size for ActiveX components- templates where largely responsible for this).
I was a skeptic of templates for a long time until I examined the compilation process at an assembly-language level. Sold! Now I use them daily. The time savings is simply beyond belief. I'll never implement a red-black binary tree again. What a template does for general programming is nothing short of exciting- try looking at difference between the assembly generated by vector<string> and vector<int> sometime- it's inspirational!
Your point that using GPL'd software does not impact software users comes through very strongly. I'd like to add however, that the GPL does not "prevent" you from doing anything; copyright law does. The GPL grants you additional, limited rights. Yes, it's spin, but the distinction is very important when comparing to other licenses, particularly EULA's of proprietary software which frequently do prohibit specific actions.
Apparently, you do not understand the meaning of the word "proven." Moreover, this plainly shows that you, the maintainers of the page you linked to, and the good doctor quoted below spend more time with your heads in the clouds than on God's green earth. 9:00AM on October 23, 4004 BC? What hubris. In elapsed hours, that's like 8 significant digits.
Ussher was able to use the ages of famous pre-flood personages in the Bible to estimate the number of years between creation and the flood. In 1650 CE, he arrived at an estimate of 4004-OCT-22 BCE. Dr. John Lightfoot, Vice-Chancellor of the University of Cambridge in the 19th century refined the calculations and arrived at 4004-OCT-23 BCE, at 9 AM. (We assume that this was Greenwich Mean Time). This would make the time interval between the creation of the world and a common estimate of the birth of Christ at precisely 4000 years. Some people believe that Ussher fudged the data to make it come out this neatly. This date found general acceptance among Christians.
As a Christian myself, I do not accept this date or the methodology used to derive it. In fact, I find it an insult to my intelligence. I'm surprised that you do not have a better sense of self-worth.
My wife refers to my linux boxes as "the other women" in my life (presumably based on the time I spend with them.)
And secondly, my wife claims she actually prefers the command prompt (in combination with the desktop) because "it's more consistent." She plays her AVI movies by popping up a console, cd'ing to her movie directory and typing aviplay and the file name (with tab completion). I pointed out that she can open it up in Nautilus just as easily, but no thanks, she likes the CLI.
Actually, this is a reasonable question.
Launching from a sub offers a number of things.
1) mobility (potentially better choice of latitude)
2) a reasonably safe environment to splash and/or crash
if something goes wrong. The trajectory was sub-orbital
so presumably a failure would mean a quick return trip.
All in all, launching from the ocean is more
convenient than land if you discount the infrastructure
required to make it happen.
There are many rights which cannot be waived in a contract. Similarly, there are many laws which provide protections which cannot be abdicated. Consumer protection laws are normally in this category, as are rent control laws. In some states, for example, signing a year-long lease agreement has no more binding effect than signing a month-to-month lease.
If the State of Connecticut has a law that prevents a company from imposing penalties without proving damage, then signing a contract that explicitly provides the company with this option will not allow that company to collect. Period. For this reason, many contracts contain clauses stating that if any portion of the contract is found to conflict with state or federal law, the remaining portion of the contract will still remain valid and in full effect.
IANAL, but I deal with contracts often. You cannot use a contract to break the law, and not every right can be waived.
As for your phone company, one principal holds true: "service rendered, payment due". If you wish to contest your bill, you had better be
prepared to prove that either 1) the service was not rendered, or 2) the payment is something other than what the provider has stated. Due process IS available in this case; it's called small claims court.
BEN: Remember, a Lisp Programmer can feel the Recursion flowing through him.
LUKE: You mean it controls your algorithms?
BEN: Partially. But it also obeys your commands.
... luke gets his parentheses wrong and crashs. Han laughs heartily...
HAN: Hokey religions and ancient syntaxes are no match for a good C compiler at your side, kid.
LUKE: You don't believe in Lisp, do you?
HAN: Kid, I've hacked from one side of this galaxy to the other. I've seen a lot of strange code, but I've never seen anything to make me believe there's one all-powerful language for programming everything. There's no mystical programming model
that controls my destiny.
... Ben smiles quietly...
HAN: It's all a lot of static casts and nonsense.
BEN: I suggest you try it again, Luke.
... Ben fires up emacs and separates out the parentheses...
BEN: This time, let go your conscious self and act on instinct.
LUKE: (laughing) With the parentheses all over the place, I can't even grok the code. How am I supposed to debug?
BEN: Your eyes can deceive you. Don't trust them.
... Han shakes his head. Luke runs the code, and it crashes again. Luke lets out a yell and attempts to smack the monitor...
BEN: Stretch out with your feelings.
... Luke stands in one place, seemingly frozen. Luke counts out fifteen levels of parentheses in his head and adds a sixteenth. The code runs.
BEN: You see, you can do it.
HAN: I call it luck.
BEN: In my experience, there's no such thing as luck.
HAN: Look, going good against AI is one thing. Going good against UI? That's something else.
In an incredible display of coordination and maturity, the decentralized Open Source community, honoring the contributions of Tatu Ylonen, opted to rename their secure shell implementation from "OpenSSH" to "Fresh" thereby respecting his (albeit dubious) trademark, and subsequently avoided incidentally cutting off his customer base using his own name. Despite the fact that the author of SSH failed to enforce his trademark in an appropriate timeframe, the organizers, developers, and users of OpenSSH forgave him the oversight and simply renamed the package, symbolically linked "ssh" to "fresh," and went on their merry way. Thus is the power of *nix. Thus is the power of Open Source. Thus is the power of Open Source development.
Slashdot Mirror
Google has been a strong advocate of including all sides in the ranking. They very clearly came down on the side of xenu.org when the Scientologists came knocking. Moreover, their policy to ensure that pro-Scientology sites appear before their detractors makes perfect sense, just as I would fully expect to see the history, culture and art of African Americans to appear before the Arian Nation when I search on "african american."
For a quality search engine, the balance should always be tilted in favor of the individuals directly referenced in the search so that those parties can address grievences and possibly make amends without having to simultaneously battle for position in the ranks to be heard. If I wanted the contrary view, I would have explicitly asked for it. Since google sends me the contrary view anyway, I appreciate that they sort it after the material that I requested.
Lastly, I find it interesting that someone who starts out with "this is a crock of shit" should summarize with "if you'd like to argue for civil discourse instead of flame fests and random insults, I will be the first to add my voice to yours." I would not have even replied to this, except that it was modded +3, which frankly, I find rather sad.
-Hope
The Wright Brothers were precisely the amateurs you mention. They did patent their invention and spent the next ten years fighting off other competing companies for exclusive rights to this body of work. They prevailed in court and yet completely failed to prevent rivals such as Glenn Curtiss from building airplanes. Moreover, they wasted years of useful energy and a tremendous fortune in the process. Most importantly, Curtiss' wing design was superior to theirs, and the movable surfaces which replaced the Wrights wing-warping system is the basis for the ailerons of virtually all aircraft built since.
-Hope
I work with H2O2 regularly and I can tell you from experience that concentrations of 50% and down are comparatively benign. Concentrations of 30% and 50% will give you a nasty white rash if you come in contact with them. The rash forms within about 10 seconds of contact, faster if the concentration is higher. The rash last for anywhere from 10 minutes to an hour and then goes away. Meanwhile, the skin remains tender for some time afterwards.
Concentrations exceeding approximately 74% require more care and consideration, both in storage and handling.
-Hope
I disagree with this assessment for several reasons. Even if the virus scanner code is junk, the attacker is successfully manipulating this program in ways that the program should not have to deal with.
1. If the program creates an edit control and specifies that the maximum input size is X, then it better stay X until it is changed by authorized code- namely the process that created it.
2. The means for fetching text out of that edit control is WM_GETTEXT. This message takes a destination buffer length as a parameter. It should not be possible to overrun the destination buffer regardless of how many characters are in the edit control. The input would merely be truncated.
3. The exploit code is most likely in the edit control's internal buffer- not the application's dynamic memory. Unless the user clicks OK or some sort of OnChanged handler has copied that data to a new location, the application has not had the chance to touch it. The attacker merely needs to guess the location of the edit control's internal buffer. Apparently, it's less difficult than one would hope.
And finally, even if none of that were the case:
4. Being able to send any message that passes a pointer across applications is foolish. I could send WM_GETTEXT or a raft of similar calls to an application and have it trash itself. The destination address could be any valid place in the target's dynamic memory. If the application attempted to validate the pointer, it would pass. Moreover, important information resides in dynamic memory, not the least of which is the vtbl pointers of important objects like MFC's global CWinApp.
Now, I have a question. How is that this code can be executed at all? Unless the permissions on the pages holding the exploit code permit execution, I don't see how the exploit can even run. Instead, I would expect to see some sort of access violation. Apparently not.
I will research this more.
-Hope
A cursory look through the hook API does not suggest that one can block messages based on the calling process. There appears to be a way to determine if the current thread made the call, but that is largely useless. Threads post inter-thread messages all the time. The real question is whether that thread belongs to the same processes as the receiving window.
The callback function has the following prototype:
LRESULT CALLBACK CallWndProc(int nCode, WPARAM wParam, LPARAM lParam);
nCode specifies handling semantics.
wParam specifies whether the message was sent by the current thread.
lParam is a pointer to a CWPSTRUCT structure.
The CWPSTRUCT contains the following:
typedef struct
{
LPARAM lParam;
WPARAM wParam;
UINT message;
HWND hwnd;
} CWPSTRUCT, *PCWPSTRUCT;
There is nothing of use here that would permit a filter to determine the origin of a message. At most it could kill all inter-thread messaging, seriously breaking multi-threaded applications.
-Hope
There is plenty more online.
-Hope
For those who didn't get it...
The ^S (Ctrl-S) on the first line suspended the output... the user was typing in the dark until the ^Q at the very end because the keystrokes were being buffered, but the terminal wasn't processing them.
^C and ^D are typical ways of getting out of programs which are being recalcitrant, ^C meaning "stop now" and ^D meaning "I'm done." Unfortunately, until the ^Q went through, all this was merely buffered up, and the actual sequence of events probably involved ^C successfully exiting, while ^D indicating completion- now of the shell, rather than the annoying program. Hence, the terminal closed. It's a screamer, if you've ever lived through terminal shell life.
-Hope
The fact is, I do trust the Apache group. And for good reason. I know the code is flawed because I write software for a living. All code is flawed, and to believe otherwise is folly. I also know that the competing products are also flawed. What Apache offers that none of their major competitors provide is access to the code. Give me the patch, and I'll apply it myself. If I'm still concerned, I can have a look around the code. And most importantly, they do a much better job at getting the fixes out in a timely manner.
Unfortunately, the exploit clock is now actively running which, no thanks to ISS, was an otherwise unnecessary hassle. That said however, I am confident that hundreds of very concerned and capable open source programmers will be able to outpace the dozen or so overworked and underpaid software engineers who have the misfortune of handling Microsoft's IIS holes.
Lastly, the vendors who provide Apache in their distributions do not have a monopoly on the market place. Their response time is critical to their relationship with their customers. Microsoft, by comparison, has no such relationship with their customers. Having personally been on the receiving end of many thousands of hours of Microsoft's service contracts, partnership deals, inside promotions, and developer support, I can safely say that we spent a lot of money for nothing. Microsoft ignores their preferred partners and Fortune 500 customers just as much as they discount the average desktop user. Through various positions, I've participated directly in all three cases, and after years of poor support from Microsoft, Linux has become a necessary and major factor in how I do business.
-Hope
With all due respect, I believe Marc Andreessen is being intentionally short-sighted here.
First, he engaged Microsoft head-to-head and lost in a rather public manner. Second, the only way for a man of his stature to save face is to acknowledge that the battle could not be won. Third, Microsoft is a partner of Loudcloud, his new company, and they rely on Microsoft for their web-based application development business.
Call me cynical, but typical American business practices consider 18 months to be a long-term business horizon. I am not impressed by the estimates of people who live, work, fight, and lose in this environment, particularly regarding the impact of something as immense and subtle as an open source browser.
The fact is, open source impacts everyone in varying degrees, and in all cases, the magnitude of that degree is ever increasing, however slowly. Anyone familiar with the time value of money should be aware of the incredible power of the cummulative effect of time over an exponential rate. The issue is only whether the rate exceeds that of Microsoft's ability to respond. I contend that it does, but I am far too happy with the present situation to bother arguing the point. Microsoft is competing against human nature. It won't work for the RIAA or MPAA, so why should Microsoft be any more successful? Money in the bank cannot buy goodwill or customer loyalty.
-Hope
My original post was intended to be a subtle jab at all those involved, particularly the use of the court system for compensating for the failures of contract law in the United States, but as usual, subtlety is a wasted effort. Turner's position has no merit, and there obviously is no contract. But let us wait for the court's decision, since that is the one that will matter, hence the actual reason behind the suit. Personally, I would like to see Turner have to argue the bathroom issue in court. If they're going to waste public resources and consumer goodwill, they can at least be made to look ridiculous in the process.
Generally, the determination of whether a contract exists or not, especially when there is an absence of a document, and to what effect it is binding on a given circumstance is normally decided in a court of law.
Placing an order for 10,000 widgets which you subsequently reject on the basis that you never signed a contract could easily land you in court. Even if you used the phone and never signed anything, you could still be held responsible for damages (restocking fees, shipment, etc.) Granted, IANAL, so this example may fall under some other legal classification, but near as I can tell, it is all basically breach of contract. Perhaps someone who studies law could help clarify.
-Hope
The problem lies with using vague wording like "a certain amount," and it is for that reason that a proactive lawsuit is necessary to define exactly how long is too long. The downside is that if the networks win, they may even be able to show a breach of contract and be awarded damages for each minute you're gone. Could provisions be made for people who are actually ill? Only in a court of law can the fine points of contracts really be resolved.
Add that's the real danger of using contracts for this type of relationship. Unfortunately, I cannot seem to find my copy to check the specifics, but I suggest you all re-read the relevent sections. I wonder if I can request a copy from Turner?
-Hope
I don't think that children react to situations like those you described in the same way as adults. Without a frame of reference, the severity of the content has so much less impact. Put another way, children tend to be more accepting of what they see without coming to immediate conclusions; it usually just sparks off more questions. I base this off of my own experiences of course, but it seems to hold true with my observations of many children that I know.
And for what it is worth, when I was child, I got to see a lot more visually disturbing stuff than what was described above. My father was a plastic surgeon for the Air Force, and his preferred method of explaining life's more fatal lessons was show and tell.
I've seen children with everything from fingers to ears to faces chewed off. I've seen a motorcyclist who managed to survive the head trauma but ultimately died because half his skin came off while he bounced down the interstate at 80mph (despite his leathers). If there was an opportunity for proving an ugly, messy point, Dad made sure I was with him during rounds that morning. Look son, dogs bred for fighting can do bad things to children. This is what can happen to a motorcyclist who hits gravel on the freeway.
I came away with two very valuable lessons. 1) The human body can put up with some amazing damage before it gives out. 2) I wasn't going to be a doctor when I grew up, as I didn't like seeing the insides of people.
That said however, if I was ever confronted with a gaping chest wound, I doubt that I would find it as traumatizing as I would have without the experience.
And oddly enough, only after years of other experiences did I ever finally conclude that large, mean, inbred dogs are inherently dangerous. As for motorcycles, I came to a completely different conclusion than my father- though risky, motorcycles have their place. So even then, my father could only provide the information; he could not provide the conclusion.
-Hope
I fail to see how you got from availability of information and the First Amendment to pedophiles hunting children in libraries. If your library is infested with child molesters you need to call the police.
There are very few things which need to be controlled- plutonium maybe. Information? Never. Children love information. They will acquire it whether you restrict their access to it or not. The best thing you can do as a parent is provide them access to accurate information so that they don't waste time and energy with factually incorrect or misleading information. A child with a well-developed, critical mind is in a better position to defend himself from and successfully interact with the world. This above all is your responsibility as a parent. If you cannot do this, then your child will be rolled as soon as they leave the sanctuary of your home.
Also, as for unblocking content on demand- this simply does not hold, and the court stated as much. A child doing research for a class may consider requesting that a site be unblocked, but a child doing research on her own most likely will not. Case in point: I helped a classmate locate information on ovarian cancer in high school. Due to the strict manner in which she was raised, the subject mortified her; it was uncomfortably close to "down there." She pointedly refused to involve any adults. Had this taken place today, she could have found all that information online, on her own, without my help or that of anybody else. Except, if the site was blocked.
Why did she need this information? Well, that's none of my business, your business, or the business of the librarian. And that's the whole point.
Although the law does not seem to fully back this view, I believe that even a 16 year should have a reasonable right to privacy.
-Hope
The whole business of the EULA is obviously ridiculous, but for the Average Joe, why not an application that allows him to modify the EULA on the fly? Or remove it altogether? It seems to me that it would further empower Joe to blow the whole thing off and further bring about the following realization:
Ordinarily, both parties negotiate the terms of a contract, modifying the contract up until the point at which it is signed (somtimes after, if provisions are made for it.) You should be able to modify the EULA prior to actually agreeing to it. The fact that the vendor is not present is irrelevent since they will never receive a copy of it or sign it themselves anyway. If that really mattered to them, they'd make provisions for it.
As for the technical challenge, I would imagine that attaching to the process in the same manner as a debugger would be a good start. The EULA control handle is easily retrievable and a newly added code page with a SendMessage(hEULA,WM_SETTEXT,pszNewEULA) would largely do the trick. If not, how about SendMessage(hEULA,WM_DESTROY) and blow it away altogether. Presumably, this problem is a simple task for some innovative programmer.
Hopefully in the end, if ever brought to court, a judge would throw the entire sordid mess out based on the fact that any user can change the text of any EULA at any time, making whatever draconian provisions the vendor is forcing on the consumers completely unenforceable without a signed contract. At any rate, it might break the technical barrier for a non-tech-savvy judge.
-Hope
This is a really minor nitpick, but whatever.
After re-reading my notes, some older articles by Don Box, and the preface to Professional ATL COM programming, I am inclined to disagree with you. The COM programming environment was not lacking for boilerplate- MFC already provided all this and more, but only in an application framework. Meanwhile, historically, Microsoft was pushing the idea of ActiveX controls which could be downloaded quickly and conveniently from the web. The requested size was on the order of 5 to 15k, a ridiculous demand for an MFC application. In order to pull this off, it was necessary to strip everything, including a large portion of the C runtime library. The designers implemented a stripped-down static runtime to handle general C memory management, they disabled exceptions by default, and employed templates for tight, minimalist implementations of what we would both agree amounts to boilerplate code.
The primary objective was very specifically to make ActiveX controls which would further cement the dominance of IE over Netscape. This is evidenced by the facts that 1) the first objects outside of "simple" objects that could be instantiated from ATL were in fact ActiveX controls, 2) the testing environments for ATL objects centered around full ActiveX controls and their test containers and were largely uninteresting for anything else, 3) the recommended build targets were geared for minimum size and minimum dependency - usually mutually exclusive but both requirements for web deployment, 4) great effort was taken to completely circumvent using the CRT including generating custom winMainCRTStartup code for ATL projects, and 5) until ATL version 2.1, there was barely even a sufficient IDE in MSDev to code in ATL. The only people using it in earnest were Microsoft developers themselves- for the implementation of ActiveX controls.
Follow the money. Microsoft did not write template code because it was a Good Idea; they wrote template code because it made their code small, download fast, enhance the browsing experience, and further push Netscape off the map. Of course, this is all academic now.
-Hope
To illustrate the above text with some actual code, here's a simple example which iterates a list and prints the result. Code is compiled with MSVC6. Very simple stuff.
// FYI: typedef vector<string> STRINGS;
a r_traits@D@std@@V?$allocator@D@2@@std@
// esi is the iterator // advance esi to string data
// dereference string data
/*ebx === 0*/) goto print; // casual check for null (c_str() inlined)
// param 2 to printf // param 1 to printf // ebp === printf
// stack is off by 8 here because of call to printf // step forward 16 bytes to get to next string data pointer // pop 8 bytes off stack (cleanup printf call) // eax gets current position of string (esi points to string data, not the string itself)
STRINGS::iterator s;
for (s=vectStr.begin(); s<vectStr.end(); ++s)
printf("%s ",s->c_str());
Compiles to a whopping 51 bytes. Explanation is below for non-assembly readers.
31: STRINGS::iterator s;
32: for (s=vectStr.begin(); s<vectStr.end(); ++s)
004012BE 8B 74 24 28 mov esi,dword ptr [esp+28h]
004012C2 8B 44 24 2C mov eax,dword ptr [esp+2Ch]
004012C6 3B F0 cmp esi,eax
004012C8 73 27 jae main+2F1h (004012f1)
004012CA 83 C6 04 add esi,4
33: printf("%s ",s->c_str());
004012CD 8B 06 mov eax,dword ptr [esi]
004012CF 3B C3 cmp eax,ebx
004012D1 75 05 jne main+2D8h (004012d8)
004012D3 A1 20 20 40 00 mov eax,[__imp_?_C@?1??_Nullstr@?$basic_string@DU?$ch
004012D8 50 push eax
004012D9 68 14 30 40 00 push offset string "%s " (00403014)
004012DE FF D5 call ebp
004012E0 8B 4C 24 34 mov ecx,dword ptr [esp+34h]
004012E4 83 C6 10 add esi,10h
004012E7 83 C4 08 add esp,8
004012EA 8D 46 FC lea eax,[esi-4]
004012ED 3B C1 cmp eax,ecx
004012EF 72 DC jb main+2CDh (004012cd)
And now the explanation...
esi = vectStr.begin;
eax = vectStr.end;
if (esi == eax) goto done;
esi += 4 bytes;
next:
eax = *esi;
if (eax != NULL
eax = "";
print: push eax;
push address of string "%s ";
call printf;
ecx = vectStr.end;
esi += 0x10;
esp += 8;
eax = esi - 4;
if (eax != ecx) goto next;
done:
Not exactly what I would call bloated code. Could you do it faster by hand? Of course, but why bother- it's just a vector of strings. Certainly you could find a better use for your time.
-Hope
Call the wrong function name in java or python and you get a runtime exception; call the wrong function in C++ you get a compile-time error. The difference in these two methodologies translates to raw execution speed. RTTI is underutilized in C++ because it's largely unnecessary and facilitates breaking the strong-data-type model. This model is what makes C and C++ so fast; it provides immediate function linkage with no time-consuming function lookup or indirection.
As with all languages- show me the code -- the final assembly code. I am very impressed with how well templated code is inlined, optimized, and scheduled on multiple-pipeline processors. After stripping the symbols from the executable, I don't detect any appreciable code bloat inconsistent with the increase in speed I received by inlining my collection classes. Even MSVC6 can do this.
With the exception of C (and possibly ObjC), all the languages listed use runtime function-name/prototype to function-code binding which is nowhere near as efficient as C or C++'s compile-time function linking. Your mention of C is either erroneous, or you are referring simply to collection classes of opaque data. This is hardly an improvement over the existing options- particularly since it completely circumvents the strong-type model already available with C and C++.
This is a serious stretch of the truth. Every template you instantiate will increase the size of the code- by the size of the vector constructor code- which is usually a dozen or so bytes at most. Only the functions actually used are included in the code- not every function in the template. Most functions are inlined so you can fully expect those to increase the size of the code while providing an increase in execution speed. The typical functions like begin, end, and iterator increment while typically resolve to a single assembly instruction- less than the equivalent function call to a general collection class!
If you create a vector<string> and a vector<int> you will get two completely different sets of code. The vector<int> will not attempt to call constructors for your int's and can ultimately use an assembly-level memcpy to transfer the contents. The vector<string> will call the constructor and/or copy-constructor of every string you add, which is fine since that's what you want. Two completely different implementations for two completely different types- both optimized for their respective characteristics. No runtime vector implementation is going to provide that, period. You will always get worst-case implementation for both int's and string's because strings necessitate special handling for construction, copying, and deconstruction. At runtime, you get the same poor performance for your int's that you do for your strings.
As for mixing strings and int's in a vector... why? Performance considerations must be weighed against implementation. If mixing int's with strings substantially increases the cost of using the vector, there had better be a really good reason. The first reason might be that execution time is less critical than coding time, in which case, you're probably not using the correct language anyway. Java or python might be more appropriate. Again, use the right tool for the job. As far as I'm concerned, mixing types as you described is a recipe for distaster as it substantially increases the complexity of auditing the code in the future. If I'm enumerating this vector, how can I guarantee that I'm not going to find some other data type in there? Do I throw an exception or try to convert to an int? Or should I convert to a string instead?
It's being used, standard or no standard, because the utility of the language exceeds the cost of failing to compile properly on all target platforms. Implementations which fail to compile properly can be remedied, as necessary, on the build target. Field fixes are common in cross-compilation, nothing to see here, move along.
I couldn't care less if someone derives from an STL container or not. The risks are clearly stated, possibly even overrated. I've found that inheriting directly from a container without declaring the new class as a template itself usually leads to confusion later. A private member variable tends to be more effective. Once you leave the realm of "general template" and enter the realm of "implementation", it makes sense to hide the collection class. Who knows, you may decide to dump the STL class for another class later. If the code which relies on your class breaks when this happens, you've done a poor job at object-oriented programming. Plus, this solves the multiple inheritance problem mentioned by another poster since your new aggregating object can have any baseclass it wants.
Assuming you are compiling with gcc, which covers a considerable number of platforms, just how less portable are you realistically going to be? MSVC does a fair job- ATL COM is built entirely on templates (for better or worse, although their primary objective was reduced code size for ActiveX components- templates where largely responsible for this).
I was a skeptic of templates for a long time until I examined the compilation process at an assembly-language level. Sold! Now I use them daily. The time savings is simply beyond belief. I'll never implement a red-black binary tree again. What a template does for general programming is nothing short of exciting- try looking at difference between the assembly generated by vector<string> and vector<int> sometime- it's inspirational!
-Hope
So you're the guy who wrote this!? There couldn't be more than one out there.
std::map<std::string, std::vector<std::string> >::iterator i = m_dict.find(std::string(key));
Thank god for typedefs. Life's hard enough with multi-line error messages.
-Hope
Your point that using GPL'd software does not impact software users comes through very strongly. I'd like to add however, that the GPL does not "prevent" you from doing anything; copyright law does. The GPL grants you additional, limited rights. Yes, it's spin, but the distinction is very important when comparing to other licenses, particularly EULA's of proprietary software which frequently do prohibit specific actions.
As a Christian myself, I do not accept this date or the methodology used to derive it. In fact, I find it an insult to my intelligence. I'm surprised that you do not have a better sense of self-worth.
-H
Two comments on this.
My wife refers to my linux boxes as "the other women" in my life (presumably based on the time I spend with them.)
And secondly, my wife claims she actually prefers the command prompt (in combination with the desktop) because "it's more consistent." She plays her AVI movies by popping up a console, cd'ing to her movie directory and typing aviplay and the file name (with tab completion). I pointed out that she can open it up in Nautilus just as easily, but no thanks, she likes the CLI.
I LOVE THIS WOMAN!!!
Actually, this is a reasonable question.
Launching from a sub offers a number of things.
1) mobility (potentially better choice of latitude)
2) a reasonably safe environment to splash and/or crash
if something goes wrong. The trajectory was sub-orbital
so presumably a failure would mean a quick return trip.
All in all, launching from the ocean is more
convenient than land if you discount the infrastructure
required to make it happen.
There are many rights which cannot be waived in a contract. Similarly, there are many laws which provide protections which cannot be abdicated. Consumer protection laws are normally in this category, as are rent control laws. In some states, for example, signing a year-long lease agreement has no more binding effect than signing a month-to-month lease.
If the State of Connecticut has a law that prevents a company from imposing penalties without proving damage, then signing a contract that explicitly provides the company with this option will not allow that company to collect. Period. For this reason, many contracts contain clauses stating that if any portion of the contract is found to conflict with state or federal law, the remaining portion of the contract will still remain valid and in full effect.
IANAL, but I deal with contracts often. You cannot use a contract to break the law, and not every right can be waived.
As for your phone company, one principal holds true: "service rendered, payment due". If you wish to contest your bill, you had better be prepared to prove that either 1) the service was not rendered, or 2) the payment is something other than what the provider has stated. Due process IS available in this case; it's called small claims court.
BEN: Remember, a Lisp Programmer can feel the Recursion flowing through him.
... luke gets his parentheses wrong and crashs. Han laughs heartily...
... Ben smiles quietly...
... Ben fires up emacs and separates out the parentheses...
... Han shakes his head. Luke runs the code, and it crashes again. Luke lets out a yell and attempts to smack the monitor...
... Luke stands in one place, seemingly frozen. Luke counts out fifteen levels of parentheses in his head and adds a sixteenth. The code runs.
LUKE: You mean it controls your algorithms?
BEN: Partially. But it also obeys your commands.
HAN: Hokey religions and ancient syntaxes are no match for a good C compiler at your side, kid.
LUKE: You don't believe in Lisp, do you?
HAN: Kid, I've hacked from one side of this galaxy to the other. I've seen a lot of strange code, but I've never seen anything to make me believe there's one all-powerful language for programming everything. There's no mystical programming model that controls my destiny.
HAN: It's all a lot of static casts and nonsense.
BEN: I suggest you try it again, Luke.
BEN: This time, let go your conscious self and act on instinct.
LUKE: (laughing) With the parentheses all over the place, I can't even grok the code. How am I supposed to debug?
BEN: Your eyes can deceive you. Don't trust them.
BEN: Stretch out with your feelings.
BEN: You see, you can do it.
HAN: I call it luck.
BEN: In my experience, there's no such thing as luck.
HAN: Look, going good against AI is one thing. Going good against UI? That's something else.
In an incredible display of coordination and maturity, the decentralized Open Source community, honoring the contributions of Tatu Ylonen, opted to rename their secure shell implementation from "OpenSSH" to "Fresh" thereby respecting his (albeit dubious) trademark, and subsequently avoided incidentally cutting off his customer base using his own name. Despite the fact that the author of SSH failed to enforce his trademark in an appropriate timeframe, the organizers, developers, and users of OpenSSH forgave him the oversight and simply renamed the package, symbolically linked "ssh" to "fresh," and went on their merry way. Thus is the power of *nix. Thus is the power of Open Source. Thus is the power of Open Source development.
Maybe.