Hmmm, sounds a lot like Objectivism. I read alot of Ayn Rand in my younger days (probably what lead me to being a libertarian). And the ideas seem to follow this line. Everyone acting in their own interests create the result of a better life for all. You are only responsible to yourself. The problem with this is that some things (national intersate system) can be too big for any individual to do, and possibly extremely difficult to organize a collection of people to do. Another problem is there may not be sufficient motivation to ensure the poor are educated. The plus side is when a disaster like Hurricane Katrina comes by, you don't have people relying on an agency like FEMA, people are prepared themselves. ($20 inflatable boat plus $80 of canned food and bottled water could keep someone going for over a month in a flood zone)
I think what we need is for people to have spirit of objectivism/libertarianism in that they strive to be self reliant and independent while maintaining a society that ensures that everyone is able to start adulthood with a minimum level of preparation and that there is some kind of safety net to prevent productive people from falling. Of course, there is no way to establish a government like this because, peoples attitudes are personal options (for now anyway). One thing that would greatly help would be to reduce the number of corporations, and make it very difficult to form one. Also, make it easier to start a business. Limiting the liability of decision makers is dangerous. In a sole-proprietership, or a partnership, people are liable for their decisions. This encourages greater responsibility (a good thing in my mind).
This is the first time I've heard anyone make fascism look attractive. Maybe I need to break out of my idiot savant mode and study some political science.
I guess what made the article stand out is the multitude of events. (for the record, I know almost nothing of fascism, and my sig is an honest question to 'hopefully' lead me to enlightenment. I had never even thought fascism could be the answer. Its a sign of my ignorance in this area that I hope to eliminate) Some things that make me worry (and ring with the article linked). - detaining POW's after the conflict has ended - detaining anybody without charges or trial - having the FBI look for 'criminal obsenity' - DNA database - preemptive strikes - science being replaced with religion in the classroom - ever-growing military spending (who is *really* going to invade us?) - constant fear-mongering of the terrorist boogeyman instead of preparing for common disasters - DMCA - USA PATRIOT act - rampant corruption - constant degredation of the courts with the term "judicial activism"
Before reading that article, I saw these things as just wacked. As for conspiracies, I really don't think the government is organised enough or has people smart enough to pull em off (based on my observations). However, sometimes people get caught-up in a course of events that leads them to places they never expected to go (Nazi Germany is the best example of this). Another commonality that I'll throw out. I'm willing to bet that all of the guys leading their countries into fascism probably thought they were doing the best thing for their people (seems most also had the *consent* of the populace too, from some quick googling). I really hope we aren't going this way but, everytime I turn on the news, things look a little bit worse.
Show me there's nothing to worry about, and I'll shut up.
And before anybody tries to cast me as some wacko liberal, I should make clear, I was a registered Republican until Bush beat McCain in the primaries. I was so disgusted that I switched to the Libertarian party. I also served in the US Army as an Airborne Combat Engineer (for the lay person, this means jumping out of a C-130 aircraft from 800ft with 80lbs of explosives in your rucksack).
Dude, I've just finished reading that and the linked list from it. (twice) You have just blown my mind and scared the hell out of me.
You know, if only a couple of things in that list of 14 characteristics, I'd not worry. But, when I am seeing all of them around us daily... just creepy, very creepy
Mandra-driva are still stuck on 1.0.4. They still haven't provided updates. boohoo. maybe its time to get the cooker RPM's and break some dependencies.
Have you checked the source of Lynx to make sure the HTML parser can't be exploited? Many IE and Moz exploits start with breaking the html parser (can you say buffer overflow). How about junk in the response headers, many exploits involved causing buffer overflows and heap exploits by sending bogified http response headers. Even if Lynx isn't running javascript, plugins, activeX, applets, etc... it is still operating on data supplied by an outside source. You better double check the source code. Check all those string copies. Its good thing its open source, and you are able to do so.
36,000 people a year die from the flu according to the CDC, this gets rare news coverage. People die every single day on the hiway. People are murdered just about every day. Thousands of people are starving to death in Africa.
A plane with a busted nose gear makes huge news.
Reporting about an IE exploit would be as excting as reporting a flu death. The rare events make for more drama. The news is about drama, not NEWS.
You make an excellent point. I'll (probably upset a few people) say that with open source software more bugs are FOUND and thus fixed. Because people are able to identify deeper bugs. All developers know that intermittent bugs are the hardest to identify. If you have source code and a debugger, you can usually find them. In closed source, a user says *x* happened. The user can't get a consistent repro, so the developer gets no repro. The bug gets ignored. In open source, many users are developers, and there are more developers involved overall. If an intermittent bug comes up they can run a debugger, read core dumps, and actually locating the source of the bug. Remember, just because bugs are not found/reported doesn't mean they aren't there. With open source, its easier to find bugs, thus more get reported, and more get fixed (this is bad how?).
One other thing that helps (although it can help closed software too) it that most open source software is ported to more than one platform. Many times (in my experience) in the process of making cross-platform C/C++ difficult bugs are uncovered. I'm sure other devs who have built multi-platform programs will concur.
you should not have problems with programs that can start executing code without permissions
By starting your browser, you gave it permission to execute code. It will execute as whatever user the browser is. You comment about the OS keeping the access level as that user is correct.
Keep in mind that the shell code in the exploit will need to be made specific to the CPU and OS of the target system. Of course, this can generally be extracted from the http request header, and the browser can query for it in js. Not that this is a big deal, web developers are accustomed to having to deal with platform incompatibilities;)
Generally search indexing does not create complete copies of pages (granted google cache does but, that is a different matter). Usually, search indexes are created which represent trees of data where parts are generally shared from all of the things being indexed. Also, most search indexers throw out small common words like, and, the, a, etc...
MS is like communism, if there is a problem, we suppress it, and the central planner will let you know when an update is released. Mozilla is like libertarianism. There's a problem, YOU are free to fix it. Someone else may fix it and share their solution.
Unfortunately, your comment is very true, and becoming more so with the current political environment. I'm all for closed software but, I think it should be on open footing with open source. Full disclosure provides the only long term protection.
Lets keep in mind a few things. Google is being sued for a service that is not available to the public (or anyone). Google has not yet even provided details about what the service actually is. If they were not actually making copies of the text but, instead were building search trees, then they would be doing nothing illegal. Just this would have a great potential.
Hell, they could be building a modern library of Alexandria for safe keeping, or maybe they are brute force training language interpretation software, maybe the GoogleCluster has become self aware and its studying us humans. I'm just sick of everyone jumping into a lawsuit before they even know what they are suing someone for. These guys are probably just using legal trickery to set up a precedent for compensation of digially distributed works instead of 'negotiating' contracts like in the old days.
One would hope that instead of transmitting static data that the card would (at a minimum) receive a number, apply a one way hash to it, and return it with whatever its identifying info is. Only problem, unless the banks had a separate secret barf for each customer, this would get reversed engineered pretty quickly. Even if they did, maybe someone sits next to you transmitting numbers to build a table of hashes.
Whatever, there is no security. If the reward is high enough, someone WILL figure out a way to break the system. And like all things there is a trade off. Generally convienence at one end and security at the other. The closer you toward one the further your get from the other.
haha, forgive me for laughing but, its used to be hard to copy normal credit cards, now you buy kits to make them online pretty cheap.
It used to be "hard" to copy CDs.
It used to be "hard" to copy DVDs.
My solution for the big touchpads. First, just glance around that no one near you has their cell phone (camera) out. Block their view as best as possible with your body. Enter 8 digit pin. Most people are used to a 4 digit pin so the unexpected blows them off. Note: sometimes cashiers are freaked by the bigger pin number.
Finally, do business with a bank that lets you change your pin at the ATM. Then change it every once and awhile and make it big.
In my version, lots of radioshack "super-bright" infrared LEDs mounted in a pair in sunglasses. No one knows you've got em unless they happen to be looking at a video monitor. Total cost about $50 for the shades and $20 for lithium battery and LEDs. Simple, effective, and low budget. Only problem, they are only really effective when looking directly at the camera so, they'll still get your profile.
I wasn't suggesting they stole anything (how can you steal free software anyway?). I seem to remember reading a MS license that mentioned that it contained contained software from berkley. I'm sure some folks more knowledgable than myself might clarify.
I think the state of our schools really sucks when people believe these things. Energy from the battery....and where do you think that comes from? magic? Lets see, we take electricity from the battery to power electrolysis generating hydrogen and oxygen. In the process we lose energy to heat. Then, recombine them in combustion, losing about 2/3's of the energy to heat. Now, since the energy from the battery is being consumed, the engine must work harder to power the alternator to charge the battery. Again, more energy is lost to heat. Simple high-school science should show you that this is snake oil and will actually make the engine less efficient. Maybe everybody is so busy learning creationism instead of science, that they even think this crap is plausible. Unbelievable
Actually, before JUnit was a thought, this was an idea pushed to support clean, logical, maintainable, and well designed code. If a method is easy to test that might indicate that it has a well defined purpose and a well defined interface, these are good things even if you don't care about testing, agile dev or whatever. Before agile, this just used to be called good code. Maybe that "bad refactoring" isn't so bad after all. Code shouldn't be refactored to JUnit, it should be refactored to be well structured, clean, and maintainable. If that makes it easier to test, then all the better. I think when they say refactor to JUnit they really mean that its better to refactor to make the code simpler and cleaner than to not refactor at all.
I say the holy grail is combining unit testing with genetic algorithms. Then you just write the tests and let the code "evolve" until it passes them. Meanwhile, you get to sit around and drink beer.
The requirement of complex setup for tests suggests one of two things: Your tests may be beyond the scope of "unit" tests. Integration tests maybe? The code needs to be broken up into simpler units that are easier to test individually.
Regarding the first case, how would you validate the code without testing? The second is just some code that requires refactoring.
Interesting you've judged something impossible that thousands of professional developers perform daily.
Using mock objects makes unit testing servlet code pretty easy. Keeping your objects reasonable in size and single purposed in function also simplifies testing. If a servlet is so complex that its hard to test then, that is a sign that it should be broken up and delegate to smaller classes with simpler methods that are easy to test.
JSP's should not have any logic in them, or if they do, it should be trivial. With no logic, there is nothing to test. Move the logic into a servlet (or Action for struts) or for presentation logic, put it in a custom tag. Then you have java that can be validated with the compiler and easily tested.
HttpUnit is very easy to use for testing live web applications but, its reaching beyond the scope of Unit testing and getting into the realm of Acceptance and Integration testing (better tool for qa than a developer).
Stuff in the rights places? Page formatted correctly? Sounds like you want screen capture and image analysis, maybe NASA can help you. JK, really, at some point you just have to look at your pages in the various browsers.
Slashdot Mirror
Hmmm, sounds a lot like Objectivism.
I read alot of Ayn Rand in my younger days (probably what lead me to being a libertarian). And the ideas seem to follow this line. Everyone acting in their own interests create the result of a better life for all. You are only responsible to yourself.
The problem with this is that some things (national intersate system) can be too big for any individual to do, and possibly extremely difficult to organize a collection of people to do. Another problem is there may not be sufficient motivation to ensure the poor are educated.
The plus side is when a disaster like Hurricane Katrina comes by, you don't have people relying on an agency like FEMA, people are prepared themselves.
($20 inflatable boat plus $80 of canned food and bottled water could keep someone going for over a month in a flood zone)
I think what we need is for people to have spirit of objectivism/libertarianism in that they strive to be self reliant and independent while maintaining a society that ensures that everyone is able to start adulthood with a minimum level of preparation and that there is some kind of safety net to prevent productive people from falling. Of course, there is no way to establish a government like this because, peoples attitudes are personal options (for now anyway).
One thing that would greatly help would be to reduce the number of corporations, and make it very difficult to form one. Also, make it easier to start a business. Limiting the liability of decision makers is dangerous. In a sole-proprietership, or a partnership, people are liable for their decisions. This encourages greater responsibility (a good thing in my mind).
This is the first time I've heard anyone make fascism look attractive.
Maybe I need to break out of my idiot savant mode and study some political science.
I guess what made the article stand out is the multitude of events.
(for the record, I know almost nothing of fascism, and my sig is an honest question to 'hopefully' lead me to enlightenment. I had never even thought fascism could be the answer. Its a sign of my ignorance in this area that I hope to eliminate)
Some things that make me worry (and ring with the article linked).
- detaining POW's after the conflict has ended
- detaining anybody without charges or trial
- having the FBI look for 'criminal obsenity'
- DNA database
- preemptive strikes
- science being replaced with religion in the classroom
- ever-growing military spending (who is *really* going to invade us?)
- constant fear-mongering of the terrorist boogeyman instead of preparing for common disasters
- DMCA
- USA PATRIOT act
- rampant corruption
- constant degredation of the courts with the term "judicial activism"
Before reading that article, I saw these things as just wacked. As for conspiracies, I really don't think the government is organised enough or has people smart enough to pull em off (based on my observations). However, sometimes people get caught-up in a course of events that leads them to places they never expected to go (Nazi Germany is the best example of this). Another commonality that I'll throw out. I'm willing to bet that all of the guys leading their countries into fascism probably thought they were doing the best thing for their people (seems most also had the *consent* of the populace too, from some quick googling). I really hope we aren't going this way but, everytime I turn on the news, things look a little bit worse.
Show me there's nothing to worry about, and I'll shut up.
And before anybody tries to cast me as some wacko liberal, I should make clear, I was a registered Republican until Bush beat McCain in the primaries. I was so disgusted that I switched to the Libertarian party. I also served in the US Army as an Airborne Combat Engineer (for the lay person, this means jumping out of a C-130 aircraft from 800ft with 80lbs of explosives in your rucksack).
Dude, I've just finished reading that and the linked list from it. (twice)
You have just blown my mind and scared the hell out of me.
You know, if only a couple of things in that list of 14 characteristics, I'd not worry. But, when I am seeing all of them around us daily... just creepy, very creepy
and I was taught that the unloaded guns are the most dangerous ones.
Mandra-driva are still stuck on 1.0.4.
They still haven't provided updates. boohoo.
maybe its time to get the cooker RPM's and break some dependencies.
Have you checked the source of Lynx to make sure the HTML parser can't be exploited?
Many IE and Moz exploits start with breaking the html parser (can you say buffer overflow).
How about junk in the response headers, many exploits involved causing buffer overflows and heap exploits by sending bogified http response headers.
Even if Lynx isn't running javascript, plugins, activeX, applets, etc... it is still operating on data supplied by an outside source. You better double check the source code. Check all those string copies.
Its good thing its open source, and you are able to do so.
36,000 people a year die from the flu according to the CDC, this gets rare news coverage.
People die every single day on the hiway.
People are murdered just about every day.
Thousands of people are starving to death in Africa.
A plane with a busted nose gear makes huge news.
Reporting about an IE exploit would be as excting as reporting a flu death. The rare events make for more drama. The news is about drama, not NEWS.
You make an excellent point.
I'll (probably upset a few people) say that with open source software more bugs are FOUND and thus fixed. Because people are able to identify deeper bugs. All developers know that intermittent bugs are the hardest to identify.
If you have source code and a debugger, you can usually find them.
In closed source, a user says *x* happened. The user can't get a consistent repro, so the developer gets no repro. The bug gets ignored. In open source, many users are developers, and there are more developers involved overall. If an intermittent bug comes up they can run a debugger, read core dumps, and actually locating the source of the bug.
Remember, just because bugs are not found/reported doesn't mean they aren't there. With open source, its easier to find bugs, thus more get reported, and more get fixed (this is bad how?).
One other thing that helps (although it can help closed software too) it that most open source software is ported to more than one platform. Many times (in my experience) in the process of making cross-platform C/C++ difficult bugs are uncovered. I'm sure other devs who have built multi-platform programs will concur.
you should not have problems with programs that can start executing code without permissions
;)
By starting your browser, you gave it permission to execute code. It will execute as whatever user the browser is. You comment about the OS keeping the access level as that user is correct.
Keep in mind that the shell code in the exploit will need to be made specific to the CPU and OS of the target system. Of course, this can generally be extracted from the http request header, and the browser can query for it in js. Not that this is a big deal, web developers are accustomed to having to deal with platform incompatibilities
Generally search indexing does not create complete copies of pages (granted google cache does but, that is a different matter).
n +law%22+%22Oliver+Wendell+Holmes%22&btnG=Search
Usually, search indexes are created which represent trees of data where parts are generally shared from all of the things being indexed. Also, most search indexers throw out small common words like, and, the, a, etc...
On another topic, search for public domain works on print.google.com returns pages marked as "Copyrighted Material". Now, whats up with that?
I chose "The Common Law" for my example just for the irony.
http://print.google.com/print?ie=UTF-8&q=%22commo
You've been reading Alvin Toffler again haven't you? ;)
MS is like communism, if there is a problem, we suppress it, and the central planner will let you know when an update is released.
Mozilla is like libertarianism. There's a problem, YOU are free to fix it. Someone else may fix it and share their solution.
Unfortunately, your comment is very true, and becoming more so with the current political environment.
I'm all for closed software but, I think it should be on open footing with open source. Full disclosure provides the only long term protection.
Lets keep in mind a few things.
Google is being sued for a service that is not available to the public (or anyone).
Google has not yet even provided details about what the service actually is.
If they were not actually making copies of the text but, instead were building search trees, then they would be doing nothing illegal. Just this would have a great potential.
Hell, they could be building a modern library of Alexandria for safe keeping, or maybe they are brute force training language interpretation software, maybe the GoogleCluster has become self aware and its studying us humans.
I'm just sick of everyone jumping into a lawsuit before they even know what they are suing someone for. These guys are probably just using legal trickery to set up a precedent for compensation of digially distributed works instead of 'negotiating' contracts like in the old days.
One would hope that instead of transmitting static data that the card would (at a minimum) receive a number, apply a one way hash to it, and return it with whatever its identifying info is.
Only problem, unless the banks had a separate secret barf for each customer, this would get reversed engineered pretty quickly.
Even if they did, maybe someone sits next to you transmitting numbers to build a table of hashes.
Whatever, there is no security. If the reward is high enough, someone WILL figure out a way to break the system. And like all things there is a trade off.
Generally convienence at one end and security at the other. The closer you toward one the further your get from the other.
It's a lot harder to clone...
haha, forgive me for laughing but, its used to be hard to copy normal credit cards, now you buy kits to make them online pretty cheap.
It used to be "hard" to copy CDs.
It used to be "hard" to copy DVDs.
My solution for the big touchpads. First, just glance around that no one near you has their cell phone (camera) out. Block their view as best as possible with your body. Enter 8 digit pin. Most people are used to a 4 digit pin so the unexpected blows them off. Note: sometimes cashiers are freaked by the bigger pin number.
Finally, do business with a bank that lets you change your pin at the ATM. Then change it every once and awhile and make it big.
In my version, lots of radioshack "super-bright" infrared LEDs mounted in a pair in sunglasses. No one knows you've got em unless they happen to be looking at a video monitor.
Total cost about $50 for the shades and $20 for lithium battery and LEDs. Simple, effective, and low budget. Only problem, they are only really effective when looking directly at the camera so, they'll still get your profile.
I wasn't suggesting they stole anything (how can you steal free software anyway?). I seem to remember reading a MS license that mentioned that it contained contained software from berkley.
I'm sure some folks more knowledgable than myself might clarify.
I think the state of our schools really sucks when people believe these things.
Energy from the battery....and where do you think that comes from? magic?
Lets see, we take electricity from the battery to power electrolysis generating hydrogen and oxygen. In the process we lose energy to heat. Then, recombine them in combustion, losing about 2/3's of the energy to heat. Now, since the energy from the battery is being consumed, the engine must work harder to power the alternator to charge the battery. Again, more energy is lost to heat.
Simple high-school science should show you that this is snake oil and will actually make the engine less efficient.
Maybe everybody is so busy learning creationism instead of science, that they even think this crap is plausible.
Unbelievable
Isn't their tcp/ip layer also from BSD?
Are you trying to stop all software development worldwide?
No caffeine?
No alcohol?
Devs need their caffeine to keep going all day, and their alcohol to get sleep. This is how software is made.
Actually, before JUnit was a thought, this was an idea pushed to support clean, logical, maintainable, and well designed code. If a method is easy to test that might indicate that it has a well defined purpose and a well defined interface, these are good things even if you don't care about testing, agile dev or whatever. Before agile, this just used to be called good code.
Maybe that "bad refactoring" isn't so bad after all. Code shouldn't be refactored to JUnit, it should be refactored to be well structured, clean, and maintainable. If that makes it easier to test, then all the better.
I think when they say refactor to JUnit they really mean that its better to refactor to make the code simpler and cleaner than to not refactor at all.
I say the holy grail is combining unit testing with genetic algorithms.
Then you just write the tests and let the code "evolve" until it passes them. Meanwhile, you get to sit around and drink beer.
The requirement of complex setup for tests suggests one of two things:
Your tests may be beyond the scope of "unit" tests. Integration tests maybe?
The code needs to be broken up into simpler units that are easier to test individually.
Regarding the first case, how would you validate the code without testing?
The second is just some code that requires refactoring.
Interesting you've judged something impossible that thousands of professional developers perform daily.
Using mock objects makes unit testing servlet code pretty easy. Keeping your objects reasonable in size and single purposed in function also simplifies testing. If a servlet is so complex that its hard to test then, that is a sign that it should be broken up and delegate to smaller classes with simpler methods that are easy to test.
JSP's should not have any logic in them, or if they do, it should be trivial. With no logic, there is nothing to test. Move the logic into a servlet (or Action for struts) or for presentation logic, put it in a custom tag. Then you have java that can be validated with the compiler and easily tested.
HttpUnit is very easy to use for testing live web applications but, its reaching beyond the scope of Unit testing and getting into the realm of Acceptance and Integration testing (better tool for qa than a developer).
Stuff in the rights places? Page formatted correctly? Sounds like you want screen capture and image analysis, maybe NASA can help you. JK, really, at some point you just have to look at your pages in the various browsers.