It could matter plenty. Does it bother you at all how ridiculously one sided this story is? It makes no sense. People don't just attack random strangers, there is always a reason. Even if it doesn't change the outcome of the sentencing, I am still curious to know what could have provoked that sort of behavior.
I actually believe that there should exist places in the world where fucked up people like this can exist. I just want no part of it because I believe that a system like that will eventually collapse in on itself.
Of course, I may be wrong, and areas like that might prosper, and if that's the case, then I would expect that ideology to spread.
One of the key aspects of democracy is being able to look at other democratic systems, and seeing what is and is not working for them. If there was one set of global, homogeneous laws and philosophies, then there would never be progress.
google maps completely changed looking up directions online gmail completely changed the free email landscape
I'm keeping a healthy amount of skepticism myself, but from what I have seen this has some solid potential.
If they do it right, they could make the entire wave system cryptographically sound, and completely eliminate spam, forgery, and cleartext communication. This is google though, so I am expecting a nice UI, extremely useful features, and a big fat security fail.
Ya, sorry, I was sort of giving my view on how things should happen rather than the current legal status quo on the issue.
20 years is insane.
I sort of like the idea of property taxes on intellectual property. If microsoft offers to buy the idea for 8 million, and i4i claims the software is worth 10 million, then the value of the patent is set to 10 million, and i4i would need to pay something like 10% of that per year to keep the patent, or it goes into public domain.
When patent reform actually does happen, it's going to be awesome.
According to his wikipedia page[1] it looks like he consistently gets reelected by double digit margins. It also looks like a group attempted to circulate a petition to have him recalled, and about 3/4ths of those that were asked refused to sign, with 65% expressing support for his behavior. At this point in a democracy, if you are really opposed to what is happening, your best option is to move.
A patent troll with a PoC is still a patent troll. Looks to me like they sold a pretty simple plugin, and even made some money while doing it. Now that feature has been moved into the mainline version of word, and they worry about unfair competition.
If i4i has a better product, they have nothing to worry about. If Microsoft is interested in adding that functionality to word, then they can acquire i4i for a fair price. If neither side can agree on a fair price, then we have what is called innovation. Both sides crank out features as fast as they can, and compete for who can offer the best features for cheapest. Eventually they will agree on a fair price, and the consumers will be better off for it.
Using patents to prevent Microsoft from competing is anti-competitive.
I publish under different open source licenses. To me, GPL code is just proprietary code that I am able to read, but not use.
How is that any different than Microsoft's open source licenses? If I want to see how an app works, lack of source code isn't going to stop me from just reversing it, and getting a general view of the code structure.
It just annoys me that people say that GPL is more free than public domain code (which I hear a lot).
"sanitizing inputs" is not a trivial task. Significant work has been done to break out of even the most sound sanitization and parameterization techniques, even the ones built into the various programming languages.
Almost no developers are aware of this research, and even if they do think about sanitization, they often end up just doing a simple regex.
Um, you realize you can search google for hundreds of thousands of vulnerable webapps right? Those web apps will quickly give up a user shell, which can now be escalated to a root shell. Now that box can log ssh, arp poison the local network, and soon take over the data center.
Also, universities give out shells to all students, and professors are often given shells at large corporations and government research labs. Hosting companies give shells to anyone willing to pay a few dollars. Anyone who thinks that local root exploits are not a big deal is completely insane.
Also take into consideration the recent SSL bugs, and that almost none of the popular corporate VPN clients have been updated yet, so if anyone from your company has been by an airport in the past couple weeks, you undoubtedly have a number of attackers inside your corporation already. With proper scanning, local escalation, and rootkits, they will be there for as long as they feel like it.
Unless you have a team of developers and pentesters constantly maintaining your blog, you are better off getting it hosted somehwere else. Any given blog instance that is not properly maintained is only going to remain secure for about 6 months or so. If you, or you and a few people, or even a small company just want a simple blog to post stuff on, and you don't want to hire a staff of infosec monkeys, blogspot is definitely the way to go. The code is maintained by google, and data is redundantly backed up for you for free.
*laugh explosion* Ya, that's an awesome idea for making sure your app is secure. Remember that old rule about writing your own crypto? That still applies today to CMS webapps. Unless you have a *set* of friends that pentest webapps professionally, writing your own CMS is an absolutely terrible idea.
Re:Yup, beware of fascists... they are over THERE!
on
Leaving the GPL Behind
·
· Score: 1
It hurts the greater free software community by being an exclusive silly hats only club that doesn't even share code with other free licences.
Why should any developer need to write something that's already been written?
The reason I write open source code is to contribute to the global collective of free code. GPL is completely useless for that purpose, which is why I tell people not to use it. Most people, when they hear about the GPL for the first time, don't realize that there is the built in license lock in simply for the purpose of stroking some guy's ego and solidifying his legacy.
Sometimes, in your calculations (in physics class especially for me), you come across what seem to be magical numbers, and later realize it's something like e^5 or something weird like that. It has also been especially startling to me when certain numbers that appear are perfectly clean square or cube roots etc.
That's the strange thing about irrational numbers, there are only a few unique ones that are interesting. All the others are built from rational numbers, or other more interesting irrational numbers. I personally think this service would be pretty cool if done right.
I stopped after my undergraduate in math, so I don't really know, but is there any known way to take complicated combinations of more "elemental" irrational numbers (e, molarity, plank's constant, pi, etc) and break it back into it's elements WITHOUT having to enumerate every possibility? For example, if I show you 28.0282616... Is there some magical mathematical way to recognize that it's 17*sqrt(e)? I have met people that seem to be able to do that off the top of their head, but I can't imagine writing a straightforward algorithm to be able to do something like that.
Maybe it was a smart kid, maybe it was a dumb chimp. Maybe being a teacher requires a special bond, and the chimp just didn't care. Maybe that kind of learning is done best with subjects before they hit puberty. There are many things that can be extrapolated from an experiment like that, so I wouldn't really treat it as some sort of scientific proof that animals are dumb, and there is something special/magical about the human brain.
I make it very clear to all my potential employers that I am not willing to devote my life to any company. Drawing a paycheck isn't as interesting to me as just seeing new things and situations (I work in security), but I always keep a good balance between my professional life and my personal life. I never understood this notion that an interview was about showing a company how much cock you are willing to suck to get ahead.
When I interview I make it very clear that flexible hours are important, and I don't take work home. If someone is paying me to work on a project, it belongs to them, not me, and I will only invest my time into their project while they are paying me. This attitude is helpful at places like Intel, when projects get scrapped left and right. The last time a project I was working on got canned, I thought of it as an annoying waste of resources, but some others on my team were completely devastated and emotionally drained for weeks. Never drink the company cool-aide.
At the end of interviews, I always like asking them why they think security is important for their product/project/network. I don't like being the one they hire just so they can check off a box that says "we had a security auditor look at it". I break stuff, and I like to know that it's actually going to get fixed. It's always best to leave a company immediately if they don't take security seriously, because when the shit hits the fan, you become blame sponge, and your career will be over if people see that you just let security infractions slide.
Slashdot Mirror
Why would it need to wake the system up?
"Don't worry, you're going to be anonymous, but we just want to burn this number into your arm to keep track of you."
That's right, Mandelson is Hitler*, and eats puppies for lunch.
* Hitler died a long time ago and is never coming back.
It could matter plenty. Does it bother you at all how ridiculously one sided this story is? It makes no sense. People don't just attack random strangers, there is always a reason. Even if it doesn't change the outcome of the sentencing, I am still curious to know what could have provoked that sort of behavior.
... followed by a large discussion of various naming strategies and techniques that are actually relevant to the question being asked.
I actually believe that there should exist places in the world where fucked up people like this can exist. I just want no part of it because I believe that a system like that will eventually collapse in on itself.
Of course, I may be wrong, and areas like that might prosper, and if that's the case, then I would expect that ideology to spread.
One of the key aspects of democracy is being able to look at other democratic systems, and seeing what is and is not working for them. If there was one set of global, homogeneous laws and philosophies, then there would never be progress.
Bullshit, it can just as easily expose corruption and blatant abuses of power, as has been demonstrated over and over again in the past.
google maps completely changed looking up directions online
gmail completely changed the free email landscape
I'm keeping a healthy amount of skepticism myself, but from what I have seen this has some solid potential.
If they do it right, they could make the entire wave system cryptographically sound, and completely eliminate spam, forgery, and cleartext communication. This is google though, so I am expecting a nice UI, extremely useful features, and a big fat security fail.
Ya, sorry, I was sort of giving my view on how things should happen rather than the current legal status quo on the issue.
20 years is insane.
I sort of like the idea of property taxes on intellectual property. If microsoft offers to buy the idea for 8 million, and i4i claims the software is worth 10 million, then the value of the patent is set to 10 million, and i4i would need to pay something like 10% of that per year to keep the patent, or it goes into public domain.
When patent reform actually does happen, it's going to be awesome.
According to his wikipedia page[1] it looks like he consistently gets reelected by double digit margins. It also looks like a group attempted to circulate a petition to have him recalled, and about 3/4ths of those that were asked refused to sign, with 65% expressing support for his behavior. At this point in a democracy, if you are really opposed to what is happening, your best option is to move.
1. http://en.wikipedia.org/wiki/Joe_Arpaio
A patent troll with a PoC is still a patent troll. Looks to me like they sold a pretty simple plugin, and even made some money while doing it. Now that feature has been moved into the mainline version of word, and they worry about unfair competition.
If i4i has a better product, they have nothing to worry about. If Microsoft is interested in adding that functionality to word, then they can acquire i4i for a fair price. If neither side can agree on a fair price, then we have what is called innovation. Both sides crank out features as fast as they can, and compete for who can offer the best features for cheapest. Eventually they will agree on a fair price, and the consumers will be better off for it.
Using patents to prevent Microsoft from competing is anti-competitive.
I have a hard time understanding the concept of a site being blocked.
If a website that you are supposed to be able to see is blocked, then complain, move, or bounce past the blockage.
I publish under different open source licenses. To me, GPL code is just proprietary code that I am able to read, but not use.
How is that any different than Microsoft's open source licenses? If I want to see how an app works, lack of source code isn't going to stop me from just reversing it, and getting a general view of the code structure.
It just annoys me that people say that GPL is more free than public domain code (which I hear a lot).
"sanitizing inputs" is not a trivial task. Significant work has been done to break out of even the most sound sanitization and parameterization techniques, even the ones built into the various programming languages.
Almost no developers are aware of this research, and even if they do think about sanitization, they often end up just doing a simple regex.
You just gave me a great idea for a new movie.
Modulate the phase variance?
Um, you realize you can search google for hundreds of thousands of vulnerable webapps right? Those web apps will quickly give up a user shell, which can now be escalated to a root shell. Now that box can log ssh, arp poison the local network, and soon take over the data center.
Also, universities give out shells to all students, and professors are often given shells at large corporations and government research labs. Hosting companies give shells to anyone willing to pay a few dollars. Anyone who thinks that local root exploits are not a big deal is completely insane.
Also take into consideration the recent SSL bugs, and that almost none of the popular corporate VPN clients have been updated yet, so if anyone from your company has been by an airport in the past couple weeks, you undoubtedly have a number of attackers inside your corporation already. With proper scanning, local escalation, and rootkits, they will be there for as long as they feel like it.
blogspot
Unless you have a team of developers and pentesters constantly maintaining your blog, you are better off getting it hosted somehwere else. Any given blog instance that is not properly maintained is only going to remain secure for about 6 months or so. If you, or you and a few people, or even a small company just want a simple blog to post stuff on, and you don't want to hire a staff of infosec monkeys, blogspot is definitely the way to go. The code is maintained by google, and data is redundantly backed up for you for free.
*laugh explosion* Ya, that's an awesome idea for making sure your app is secure. Remember that old rule about writing your own crypto? That still applies today to CMS webapps. Unless you have a *set* of friends that pentest webapps professionally, writing your own CMS is an absolutely terrible idea.
It hurts the greater free software community by being an exclusive silly hats only club that doesn't even share code with other free licences.
Blah, of course it would not make it harder than if no code existed, but it could make it significantly easier if a reasonable license was used.
Why should any developer need to write something that's already been written?
The reason I write open source code is to contribute to the global collective of free code. GPL is completely useless for that purpose, which is why I tell people not to use it. Most people, when they hear about the GPL for the first time, don't realize that there is the built in license lock in simply for the purpose of stroking some guy's ego and solidifying his legacy.
If your work takes you more than 40 hours per week to deal with, then your team is understaffed.
Sometimes, in your calculations (in physics class especially for me), you come across what seem to be magical numbers, and later realize it's something like e^5 or something weird like that. It has also been especially startling to me when certain numbers that appear are perfectly clean square or cube roots etc.
That's the strange thing about irrational numbers, there are only a few unique ones that are interesting. All the others are built from rational numbers, or other more interesting irrational numbers. I personally think this service would be pretty cool if done right.
I stopped after my undergraduate in math, so I don't really know, but is there any known way to take complicated combinations of more "elemental" irrational numbers (e, molarity, plank's constant, pi, etc) and break it back into it's elements WITHOUT having to enumerate every possibility? For example, if I show you 28.0282616... Is there some magical mathematical way to recognize that it's 17*sqrt(e)? I have met people that seem to be able to do that off the top of their head, but I can't imagine writing a straightforward algorithm to be able to do something like that.
Maybe it was a smart kid, maybe it was a dumb chimp. Maybe being a teacher requires a special bond, and the chimp just didn't care. Maybe that kind of learning is done best with subjects before they hit puberty. There are many things that can be extrapolated from an experiment like that, so I wouldn't really treat it as some sort of scientific proof that animals are dumb, and there is something special/magical about the human brain.
I make it very clear to all my potential employers that I am not willing to devote my life to any company. Drawing a paycheck isn't as interesting to me as just seeing new things and situations (I work in security), but I always keep a good balance between my professional life and my personal life. I never understood this notion that an interview was about showing a company how much cock you are willing to suck to get ahead.
When I interview I make it very clear that flexible hours are important, and I don't take work home. If someone is paying me to work on a project, it belongs to them, not me, and I will only invest my time into their project while they are paying me. This attitude is helpful at places like Intel, when projects get scrapped left and right. The last time a project I was working on got canned, I thought of it as an annoying waste of resources, but some others on my team were completely devastated and emotionally drained for weeks. Never drink the company cool-aide.
At the end of interviews, I always like asking them why they think security is important for their product/project/network. I don't like being the one they hire just so they can check off a box that says "we had a security auditor look at it". I break stuff, and I like to know that it's actually going to get fixed. It's always best to leave a company immediately if they don't take security seriously, because when the shit hits the fan, you become blame sponge, and your career will be over if people see that you just let security infractions slide.