You can criticize free (as in beer) stuff, but if you want free (as in freedom) stuff, you should create/build/host it on your own or under the umbrella of free licenses (e.g. GPL, creative commons, etc.).
You can't have it built and run by any profit-oriented corporation and then expect that you can use it freely (as in freedom).
Those are the rules and they are known since centuries. No exception.
Absolutely right: If you don't pay, you are not the customer, but the product. And you do not have any rights; you actually wave them when uploading any content.
BTW: Today you can easily host the content on your own Web site - it's very easy.
This is absolutely wrong. My wife's Math books last semester were $400 more for the text book over the e-book version. That paid for our new iPad.
OK, now we know the difference. How is this possible? Did the textbooks cost $800 and by using the electronic versions you got 50% off - or did you pirate textbooks that cost otherwise $400?
And, what I also do not understand: I also studied Math and Physics; textbooks cost some money, but $400 per semester is quite a lot.
In many cases maybe your data is even more secure in a cloud than on your own servers, especially if you choose your 'cloud' carefully (outside of your country/jurisdiction).
The real threats to your data are your own employees and your government. The outside 'hackers' come as a very distant third.
Actually the real thread comes from the government, where the cloud provider resides. If you are running a corporation in Europe, it is probably illegal to use US based cloud providers (even, if your data stays on their European servers) for anything that contains user or employee data - and this is thanks to the Patriot Act or similar, which gives the US government the right to inspect all all accounts and their data of an US provider. And this is illegal to (most) European countries law. And since this is illegal and the European company knows this fact, the European firm can get itself in trouble, when using cloud serviced from a US provider.
Somehow the whole story is a deja vu. Remember, how encryption could not get exported from the US market? This created lots of opportunities for encryption software vendors outside of the USA. I am just looking for the global (minus USA) cloud providers to pop up and making loads of money by just replicating existing cloud models and running them in a different jurisdiction.
Fully agreed. As long as most cloud providers are US companies (or other global companies with a strong US presence) and the Patriot Act (and similar) exist, there is no way that a non-US corporation could even think about using their services for any sensitive data. Of course, for Web hosting (without user logging) a cloud service is optimal.
Non-global providers might be a solution, but then you also lose the big advantage of having your cloud services replicated near to the locations where they are used.
Did the college teach hardware theory, engineering, compiler theory (assembly language, tokenisers, parsers, code optimization, operating systems)?
He made his Ph.D. in the design of programming languages. I think the point is: Richie was a real computer scientist and had a very solid background from his studies and work in one of the best laboratories. And this is completely different from learning a programming language in school.
France needs to import energy for peak times during winter.
This happens, if you keep the electricity price (artificially) low and even put subventions on electrical heaters. Obviously, the nuclear power industry in France is very pleased by this (not by having to import, but by having strong reasons to deny any possibility of generating less electricity).
The only alternative is coal. Nucular and coal is all there is. And coal is worse. Coal ash has more radioactive emissions than nucular plants, and arsenic and landslides too. There is no geothermal. Don't look at geothermal.
In Europe I believe the backup plan is buying more natural gas from Russia.
Normal, as the majority of uranium comes from Kazakhstan.
Wrong conclusion. Better would be to get more teachers and better educated teachers - and yes, you would need to pay them. And no, private schools are not the solution.
that I would pay Netflix $75-100 per month for full streaming access to everything they have, plus recent TV shows.
Does not have to be 1080p either. 720p is just fine.
Up to $1200 per year for movie and show consumption at home??? Wow. Think what you could do with that money and time, if you just kick your TV out of your home.
Silent updates is the worst idea ever. Something that worked yesterday, stops working today - and I have no clue why. It is OK for some users to enable automatic updates (e.g. if you use only a Web browser and no specific plugins), but even then: Make the users aware about each update. Most users are far better off with a planned update.
How often did your AV actually block a virus that would have been executed otherwise (this questions excludes emails with attachments that you would have never opened? It never has happened to me within the last 10 years. So what's the value of an AV for a user, who knows what he does?
However, I have seen many people with AV that have been infected nevertheless (especially by downloading and installing games from dubious sources). So, what's the value of an AV, if some viruses come through?
Note: Software patches and firewalls are different, but AV is snake-oil.
1. Cheap security, sell certs 2. Get hacked, face huge liability claims 3. Transfer all money to parent company 4. Close shop 5. Profit $$$
Conclusion: If an CA can declare "bankruptcy" so simple, without having enough money to face liability, the certs of such a CA are worth nothing. We shouldn't trust those CAs in the beginning. What about a mandatory liability insurance for CAs? The insurance will check that you operate securely, I bet...
The only solution is delegate the "trust" relationship in a way that it economically VERY interesting that the delegate checks the trustworthiness of the CA. E.g. your bank for certs that is used for online payments - if the (by the bank trusted) CA fails, it's the bank that pays the damages. Unfortunately, I do not have yet an idea of certs used by "free" Webmail (e.g. gmail).
You got the problem completely wrong. Let's say my bank is highly knowledgable, they figured out that there are 10 CAs they can trust one hundred percent and the others are a bit dodgy, and they use one of the 10 CAs that are hundred percent trustworthy. The problem is that any of the dodgy CAs can create a certificate for the bank's website that will be trusted by your browser until it is found out and revoked, without the bank being involved at all.
No, the idea is that you only trust the CAs that have been trusted by the bank and not the dodgy CAs (so no more default lists of hundreds of 'trustworthy" CAs). Did I explain it that badly that this was not obvious?
However, the real problem stays: There are hundreds of CAs out, which are trusted by default by your browser. You probably never heard about most of them. They operate in different countries - you cannot sue them easily from your country. All of them can (technically) also issue certs for all Web sites (even for Web sites that have an existing cert from somebody else).
That's not the real problem. The real problem is that what happened to Diginotar could happen to a really big CA, and then removing it from the browser breaks half the web.
Well, it can only happen to CAs, which do not know security (and since we have hundreds of them in our browsers, it is very likely that there are others that are as bad as DigiNotar). However, reducing the number of CAs is not a solution, as this will just elevate the risk for a each security breach at a CA. The only solution is delegate the "trust" relationship in a way that it economically VERY interesting that the delegate checks the trustworthiness of the CA. E.g. your bank for certs that is used for online payments - if the (by the bank trusted) CA fails, it's the bank that pays the damages. Unfortunately, I do not have yet an idea of certs used by "free" Webmail (e.g. gmail).
And it is a BIG problem, that each CA can issue a cert, even for Web sites that already have a cert from another CA (as it happened for gmail in the DigiNotar case).
However, the real problem stays: There are hundreds of CAs out, which are trusted by default by your browser. You probably never heard about most of them. They operate in different countries - you cannot sue them easily from your country. All of them can (technically) also issue certs for all Web sites (even for Web sites that have an existing cert from somebody else).
The whole CA system in broken. I would rather like to trust only CAs that have earned the trust. E.g. CAs that have been validated by my bank for online payments (but not for my email).
We should have a hierarchy of different levels of trust. E.g. if my bank trusts a CA for credit card payments, I should be able to see in my browser that a secure Web site for payments is trusted by the payment trust chain. I will trust this site, because my bank trusted it (and will reimburse me, if the trust was not merited). For emails, e.g. I only trust my two email providers, and I got there certs pushed to my mobile phone for enhanced security. Etc.
The whole "One CA is trusted for everything" is insane.
I agree that most 'software patents' are fairly obvious garbage. But to say *all* are garbage is not true.
Lets start with the one that started it all. The LZW one. This is the one that pissed everyone off.
Garbage does not mean "unusable" - but that it should not have been patented. For LZW it is even obvious: It's pure mathematics. Do you want to patent any advancements in mathematics?
Slashdot Mirror
...useful arts
LOL. What the heck is "useful arts"? And what has it to do with copyright? So, not-so-useful arts get no copyrights?
You can criticize free (as in beer) stuff, but if you want free (as in freedom) stuff, you should create/build/host it on your own or under the umbrella of free licenses (e.g. GPL, creative commons, etc.).
You can't have it built and run by any profit-oriented corporation and then expect that you can use it freely (as in freedom).
Those are the rules and they are known since centuries. No exception.
Absolutely right: If you don't pay, you are not the customer, but the product. And you do not have any rights; you actually wave them when uploading any content.
BTW: Today you can easily host the content on your own Web site - it's very easy.
If you relativize "good" and "evil", you end of having nothing.
For the evil the good is evil.
This is absolutely wrong. My wife's Math books last semester were $400 more for the text book over the e-book version. That paid for our new iPad.
OK, now we know the difference. How is this possible? Did the textbooks cost $800 and by using the electronic versions you got 50% off - or did you pirate textbooks that cost otherwise $400?
And, what I also do not understand: I also studied Math and Physics; textbooks cost some money, but $400 per semester is quite a lot.
Actually when somebody is paying by the hour instead for the work done, you can bet that the hour is not too productive.
In many cases maybe your data is even more secure in a cloud than on your own servers, especially if you choose your 'cloud' carefully (outside of your country/jurisdiction).
The real threats to your data are your own employees and your government. The outside 'hackers' come as a very distant third.
Actually the real thread comes from the government, where the cloud provider resides. If you are running a corporation in Europe, it is probably illegal to use US based cloud providers (even, if your data stays on their European servers) for anything that contains user or employee data - and this is thanks to the Patriot Act or similar, which gives the US government the right to inspect all all accounts and their data of an US provider. And this is illegal to (most) European countries law. And since this is illegal and the European company knows this fact, the European firm can get itself in trouble, when using cloud serviced from a US provider.
Somehow the whole story is a deja vu. Remember, how encryption could not get exported from the US market? This created lots of opportunities for encryption software vendors outside of the USA. I am just looking for the global (minus USA) cloud providers to pop up and making loads of money by just replicating existing cloud models and running them in a different jurisdiction.
Fully agreed. As long as most cloud providers are US companies (or other global companies with a strong US presence) and the Patriot Act (and similar) exist, there is no way that a non-US corporation could even think about using their services for any sensitive data. Of course, for Web hosting (without user logging) a cloud service is optimal.
Non-global providers might be a solution, but then you also lose the big advantage of having your cloud services replicated near to the locations where they are used.
Did the college teach hardware theory, engineering, compiler theory (assembly language, tokenisers, parsers, code optimization, operating systems)?
He made his Ph.D. in the design of programming languages. I think the point is: Richie was a real computer scientist and had a very solid background from his studies and work in one of the best laboratories. And this is completely different from learning a programming language in school.
Dennis Ritchie didn't learn C in college.
No, he created it.
OK, I'm a reactor operator for a nuclear reactor [...]
In my opinion, Fukushima was a success. [...]
Ok, unfair quotation. But still, I am afraid...
No.
France needs to import energy for peak times during winter.
This happens, if you keep the electricity price (artificially) low and even put subventions on electrical heaters. Obviously, the nuclear power industry in France is very pleased by this (not by having to import, but by having strong reasons to deny any possibility of generating less electricity).
The only alternative is coal. Nucular and coal is all there is. And coal is worse. Coal ash has more radioactive emissions than nucular plants, and arsenic and landslides too. There is no geothermal. Don't look at geothermal.
In Europe I believe the backup plan is buying more natural gas from Russia.
Normal, as the majority of uranium comes from Kazakhstan.
I assure you that you do not want to be flying on Ryanair...
Wrong conclusion. Better would be to get more teachers and better educated teachers - and yes, you would need to pay them. And no, private schools are not the solution.
My custom made GPS navigation unit in my car with my wife's voice .... :-)
that I would pay Netflix $75-100 per month for full streaming access to everything they have, plus recent TV shows.
Does not have to be 1080p either. 720p is just fine.
Up to $1200 per year for movie and show consumption at home??? Wow. Think what you could do with that money and time, if you just kick your TV out of your home.
Silent updates is the worst idea ever. Something that worked yesterday, stops working today - and I have no clue why.
It is OK for some users to enable automatic updates (e.g. if you use only a Web browser and no specific plugins), but even then: Make the users aware about each update. Most users are far better off with a planned update.
How often did your AV actually block a virus that would have been executed otherwise (this questions excludes emails with attachments that you would have never opened? It never has happened to me within the last 10 years. So what's the value of an AV for a user, who knows what he does?
However, I have seen many people with AV that have been infected nevertheless (especially by downloading and installing games from dubious sources). So, what's the value of an AV, if some viruses come through?
Note: Software patches and firewalls are different, but AV is snake-oil.
1. Cheap security, sell certs
2. Get hacked, face huge liability claims
3. Transfer all money to parent company
4. Close shop
5. Profit $$$
Conclusion: If an CA can declare "bankruptcy" so simple, without having enough money to face liability, the certs of such a CA are worth nothing. We shouldn't trust those CAs in the beginning. What about a mandatory liability insurance for CAs? The insurance will check that you operate securely, I bet ...
The only solution is delegate the "trust" relationship in a way that it economically VERY interesting that the delegate checks the trustworthiness of the CA. E.g. your bank for certs that is used for online payments - if the (by the bank trusted) CA fails, it's the bank that pays the damages. Unfortunately, I do not have yet an idea of certs used by "free" Webmail (e.g. gmail).
You got the problem completely wrong. Let's say my bank is highly knowledgable, they figured out that there are 10 CAs they can trust one hundred percent and the others are a bit dodgy, and they use one of the 10 CAs that are hundred percent trustworthy. The problem is that any of the dodgy CAs can create a certificate for the bank's website that will be trusted by your browser until it is found out and revoked, without the bank being involved at all.
No, the idea is that you only trust the CAs that have been trusted by the bank and not the dodgy CAs (so no more default lists of hundreds of 'trustworthy" CAs). Did I explain it that badly that this was not obvious?
However, the real problem stays: There are hundreds of CAs out, which are trusted by default by your browser. You probably never heard about most of them. They operate in different countries - you cannot sue them easily from your country. All of them can (technically) also issue certs for all Web sites (even for Web sites that have an existing cert from somebody else).
That's not the real problem. The real problem is that what happened to Diginotar could happen to a really big CA, and then removing it from the browser breaks half the web.
Well, it can only happen to CAs, which do not know security (and since we have hundreds of them in our browsers, it is very likely that there are others that are as bad as DigiNotar). However, reducing the number of CAs is not a solution, as this will just elevate the risk for a each security breach at a CA. The only solution is delegate the "trust" relationship in a way that it economically VERY interesting that the delegate checks the trustworthiness of the CA. E.g. your bank for certs that is used for online payments - if the (by the bank trusted) CA fails, it's the bank that pays the damages. Unfortunately, I do not have yet an idea of certs used by "free" Webmail (e.g. gmail).
And it is a BIG problem, that each CA can issue a cert, even for Web sites that already have a cert from another CA (as it happened for gmail in the DigiNotar case).
DigiNotar got what it deserved.
However, the real problem stays: There are hundreds of CAs out, which are trusted by default by your browser. You probably never heard about most of them. They operate in different countries - you cannot sue them easily from your country. All of them can (technically) also issue certs for all Web sites (even for Web sites that have an existing cert from somebody else).
The whole CA system in broken. I would rather like to trust only CAs that have earned the trust. E.g. CAs that have been validated by my bank for online payments (but not for my email).
Absolutely true.
We should have a hierarchy of different levels of trust. E.g. if my bank trusts a CA for credit card payments, I should be able to see in my browser that a secure Web site for payments is trusted by the payment trust chain. I will trust this site, because my bank trusted it (and will reimburse me, if the trust was not merited).
For emails, e.g. I only trust my two email providers, and I got there certs pushed to my mobile phone for enhanced security.
Etc.
The whole "One CA is trusted for everything" is insane.
I agree that most 'software patents' are fairly obvious garbage. But to say *all* are garbage is not true.
Lets start with the one that started it all. The LZW one. This is the one that pissed everyone off.
Garbage does not mean "unusable" - but that it should not have been patented. For LZW it is even obvious: It's pure mathematics. Do you want to patent any advancements in mathematics?