I'm just wondering when someone is going to sue Comcast for not providing the service they are selling. Must be in the TOS contract that they don't have to provide any.
Most service contracts and agreements quite explicitly state that you, the customer, are expected to pay your bills on time or be subject to debt collection and/or litigation. But they, the provider, have no obligation to provide any service whatsoever.
But in truth, I'd be more concerned about unbrided capitalism and monopolistic practices,
I guess I don't understand why capitalism is a dirty word around here. Isn't it a good thing that businesses are not run by the state? Does competition not spur innovation? Which economic system would you have in capitalism's place?
No. Unions are useful in one case, and only one case: when a lack of industry regulation puts workers in peril. Unions were once necessary to combat hazardous working conditions, unreasonable hours, and mistreatment (i.e., verbal and physical abuse). In today's industrialized countries, strong laws and regulations exist to protect employees from these perils and thus unions are, in the vast majority of cases, completely unnecessary.
Today's unions are used not for protecting workers, but instead: - bargaining for pay raises and other benefit increases - organizing election votes along the union's party line - making it unduly difficult to fire under-performing employees - making it impossible (and sometimes illegal) to hire otherwise qualified non-union employees - requiring that a worker join the union upon employment and pay union dues, even if she desires no union representation
So, unions probably are necessary right now in some newly-industrialized countries like China where "middle-class" just means "don't have to steal food anymore." But here in the good old Magnited States of America, our society has evolved to include strong worker protection laws.
Now, even if I were to believe that most unions had a place in modern western industrialized nations, Apple Inc. employees would still pretty much the last ones in the entire universe who would be qualified to join the trade union party. I have close friends who worked in Apple stores and they certainly did not think they were mistreated. Yeah, you have to drink a lot of Apple koolaid. And yes, they said it was demanding work. But the benefits sounded quite reasonable (certainly better than what I was getting at the time for similar work) and they gained experience, solid resume material, and tons of networking. I think most any Slashdotter will agree that most entry-level I.T. and retail jobs are far worse than having to pitch Apple gear all day long.
Honestly, if I was even considering writing malware, this would smell like a major sting operation.
It's not (yet) illegal to write any kind of software you like, no matter what its purpose. What's illegal is how it's used and/or distributed.
If ever it became illegal to write software which exploits security vulnerabilities in software, there would be a whole community of white-hat researchers who'd be out of a job overnight.
Rainbow tables are basically premeditated brute forcing. They're only useful to attackers when the password hashing in use is weak. Which is quite still common, unfortunately.
For example, every developer knows (or damn well should) that it's a remarkably bad idea to store user passwords as plaintext in a database. So when it comes time to write the code, many of them just pick an arbitrary hashing function that isn't widely known to be broken and move on. After they're attacked and the user database stolen, all the attackers need to do is run the database against any of the common rainbow tables floating around and they have the passwords for a good percentage of the database.
Some people will say, "well duh, that's why you add a salt before you hash!" But where do you propose to store the salt? That's right, in the database. The one that the attackers may eventually have access to. It might cost them some time, and possibly some money, but it wouldn't be at all impossible to rent some time on EC2 or a botnet to effectively create their own specialized rainbow table for the job.
It is still not common knowledge that you need to use a more secure password hashing function. This is called key stretching. Key stretching makes it deliberately expensive to brute-force every password combination and, to an extent, dictionary attacks. Plain old hashing functions are designed to be very quick and efficient. You can generate thousands (millions?) of hashes per second on modern hardware. A good password hashing function which employs key stretching is deliberately designed to be many orders of magnitude slower so as to make brute-forcing and rainbow tables computationally infeasible. The idea is, if each guess takes 2-3 seconds to compute (as opposed to 2-3 milliseconds), you will be waiting a very long time before you have anything close to a usable rainbow table.
This doesn't mean users are off the hook when it comes to using secure passwords. Even with key stretching, any dictionary-based password can be found with some patience. But a secure hash of any reasonably "random" password can be safe for a very long time even if^H^Hwhen the password database is compromised.
Another issue with the OCZ product: What problem does it actually solve which cannot also be solved by a good OS, a competent admin, an SSD, and a spinning disk?
At present only industrial customers pay different rates for their electricity based on the time of day.
Because a single industrial company can easily consume much more energy than all of the densely-populated neighborhoods within a 1-mile radius.
Domestic electricity prices are constant all day.
This isn't necessarily the case anymore. At least, not everywhere. In places where smart meters are being deployed, you can be charged more during peak usage and less during off-peak. Although to me, the idea of charging more for energy during peak usage is just as greedy as setting an arbitrary bandwidth cap and charging for going over it.
There is no incentive for anyone to defer their power consumption to off-peak hours, or to invest in any technology to smoothen out their power consumption curve.
To the majority of us, "off-peak" means those times which we are either at work or asleep. Do you propose people wake up at 3 a.m. to wash their clothes? Run home during lunch to take a shower?
If we pay one price for the day time electricity and get a deep discount for the night time electricity, these fly wheel storage devices can be used to soak up energy at night and use it during the day.
Are you talking about putting the flywheels on the consumer side or the utility side? They really don't make sense on the consumer side. They're already being used in utilities, datacenters, and industry as an energy buffer between "power out" and "diesel generators running".
Since most of the day time power consumption is air conditioning, we could simply make ice/chill water at night and use it to cool the home during the day.
Now you're talking crazy. Doing that would use more energy on average because you would be running a compressor constantly for a long period of time to cool down a large quantity of water. An AC unit, by comparison only runs intermittently and doesn't need to run as hard because it's only cooling the air 10-25 degrees (Fahrenheit) below ambient temperature rather than 50-70 degrees.
I could never understand what is with all these digits in version numbers. If it was up to me the kernel would be in version 8.x or 9.x already.
Why? What six or seven major changes have happened to the kernel since 2.6.0 to justify as many major version bumps? Or is the kernel just old enough that it "feels" like it should be in version 8 or 9 by now? How would that be any different than Linus suddenly bumping the version to 3.0 purely (by his own admittance) on a whim?
What's with open source and all these version numbers starting with 0.x?. Why are they so afraid of just a freaking number?
The rule of thumb is that a release with a version number < 1 is considered incomplete by its authors. Of course, "incomplete" can mean different things to different people. Also, never reaching 1.0 can lend a feeling of "perpetual beta" to the project. It feels a lot less fun to be working on a project that can be considered finished.
Linus just realized that version numbers are about marketing more than anything else. Microsoft has been doing this for decades. I should buy me some redhat stock.
Not sure what correlation you're implying... Linus doesn't work for Red Hat. And Red Hat doesn't ship the mainline kernel, they ship their own.
One of the researchers was interviewed on NPR and he said that a round electron throws an unknown variable into a lot of unproven theories. Many scientists were apparently hoping for a significantly elliptical shape in order to make their calculations work out. (Sorry I can't provide a better description. I'm only regurgitating what I heard on the radio.)
One interesting bit is that they had been collecting data for over 10 years, but the researchers prevented themselves from looking at it before the experiment was over so as to not introduce bias into their final results. That's some scientific integrity right there.
This feature will never come to stock Android. Google makes their money from Android by delivering ads, which is what pays for all those free apps. If I could download a free app and block it's ability to connect to the internet, I instantly block the ads. You can like it or hate it, but the fact is this ability would cripple the entire current Android ecosystem.
I would almost believe your story, if it weren't for the fact that over the last 10 years or so I've been running a full-fledged desktop PC with thousands of free apps installed and yet not a single one of them is ad-supported.
I'm not against developers charging for software, or offering software for free with ads, but I really can't take the "ads or nothing" mentality of this new wave of mobile developers who think that they deserve instant riches just because they've managed to hack together a tiny single-purpose application after reading a book on Objective C or Java.
However, it will be difficult for Internet policymakers, engineers and the user community at large to tell how the upgrade to IPv6 is progressing because no one has accurate or comprehensive statistics about how much Internet traffic is IPv6 versus IPv4."
I'm sorry, but that's utterly wrong. There are people who are watching this stuff. One of them is Craig Labovitz, Chief Scientist at Arbor Networks. He authored a paper six months ago called Six Months, Six Providers, and IPv6. In it, he says that tunneled IPv6 accounts for between 0.01% and 0.05% of all Internet traffic while IPv6 on providers which support it natively accounts for about 0.1% of all traffic. I'm willing to bet that he and/or Arbor will have some news about IPv6 traffic levels on IPv6 day.
If you scroll down a bit, you'll also see that P2P amounts to the majority (61%) of v6 traffic. I also find it fascinating that SSH and Web traffic both account for 4.6% of v6 right now.
Now, the author of TermKit has a valid point in his article on the sofware's design: not enough file handles are used by traditional Unix utilities. STDOUT and STDERR are both used to produce human-readable and machine-readable output.
I disagree with this assertion and with the author's belief that another channel is needed for command-line programs. The inventors of Unix (and the systems that came before it) thought very hard about how to get data in and out of programs and they didn't make a mistake when they settled on three channels (stdin, stdout, and stderr).
stdout can produce human- and/or machine-readable output, depending on the program and depending on how you invoke it. With no special arguments to the contrary, most programs should assume that they are being run interactively and that all input is provided by and all output is produced for humans. If you want machine-readable output (as input to another program, for example), require the use of a flag to do so. If you want both at the same time, then produce human-readable output on stdout and use one of the many interprocess communication facilities that modern operating systems already provide.
But it is a rare (and likely broken) program that produces exclusively machine-readable output on stderr by default. stderr is what programs use when to report an error message when something goes wrong. stderr is on a separate channel for the explicit reason that errors should not be used as input to the next script in the pipeline, if there is one. It doesn't matter whether the program was run interactively, in a pipeline with other programs, or via a script. Error messages should always be human-readable.
Comcast's cap at 250GB could be seen as somewhat reasonable, until you consider that an HD video stream is going to blow right by it. But AT&T's cap of 150GB make Netflix a complete non-option for even casual TV users.
My evidence? We have a subscription to Netflix in our household and all of us put together only watch an hour or two of TV a day. Netflix is easily what we spend the majority of our bandwidth on. My router says that we typically pull between 100 and 150GB of data per month. And that's watching slightly less than standard-definition video on a crappy 3Mbit DSL connection. The math doesn't lie: an average household could easily pull at least 500GB per month of high-def video on a fast cable connection.
The Anonymous Coward above me is exactly right: Broadband usage caps are nothing to do with maintaining the infrastructure. They exist entirely to make third-party video streaming services impossible for consumers to use.
Re:Perl - the COBOL of scripting languages
on
Perl 5.14 Released
·
· Score: 1
Php is somewhat painful to code in by comparison but both have their place.
I respect your opinion, but my experience has been different. I forced myself to learn Perl twice and never could quite get the hang of it. So much of the language is context sensitive (e.g., this arbitrary symbol means a certain thing, except in some cases where it means something completely different) and there are so many features that I always felt overwhelmed. Sure, I always managed to get the code working but it felt hackish and thanks to "there's more than one way to do it," I was never sure if the way I implemented was the right way.
PHP is far simpler. It's the only language that I've learned solely by reading code. Yeah, PHP has its warts (I'm looking at you, zillions of global functions) but I never find myself staring at a line of PHP wondering what it's doing.
I don't agree with you about Java either, but that's a rant for another day.
Re:The question nobody wants to ask....
on
Perl 5.14 Released
·
· Score: 2
Er, no it wouldn't because Perl is neither Javascript or Python.
You can kill Al Qaeda. You can kill the borg. You can kill anonymous. It takes effort and a longstanding commitment, and the most effective longterm methodology is to neutralize what motivates its organic membership.
I'm sure that's roughly how the war on drugs was sold. How's that going?
It doesn't sound like you understand Anonymous any better than the media does...
If you are Anonymous in the collective term, then where one goes, you all go. It is part of the concept of Anonymous.
No, it isn't. You only follow the group if the group is doing something that you find amusing, interesting, or worthwhile. For example, when the Scientology protests happened awhile back, the protesters identified themselves as Anonymous and so the media called them that. But back online, forums occupied by "Anonymous" were quite busy ridiculing the protesters as just a bunch of retarded teenagers with nothing better to do with their time. (Of course, there's some irony in that considering the source but I digress.)
There is never any consensus across Anonymous about what they should do. Everything attributed to Anonymous is just a small subset of the overall population who decided to amuse themselves in some way and call themselves Anonymous. There is no membership, there are no leaders, there are no ranks, there are no "key sites" that Anonymous uses to communicate with.
A person who posts content or information publicly on the Internet without specifically identifying himself (or herself) is Anonymous. No other definition is accurate.
I've been developing software since before the Web was invented
If you've been developing software since before the web, then you have years of experience and (I'm sure) an impressive resume and tons of references. You're probably established enough that you could switch jobs in a heartbeat just by calling up some old contacts. TFA was about junior developers that show up for an interview with "Software Engineer" on their resume and can't even answer basic programming questions.
I don't write apps for Android and there's no service on the Internet that I can point to and say "I did that all by myself!" I'm a systems programmer and I make a nice living writing code for embedded systems that make it possible for this Evan guy to post his ridiculous rants on the Internet.
The argument could be made that a developer with a little bit of cross-domain knowledge is a better new-hire candidate than one without.
Slashdot Mirror
Most service contracts and agreements quite explicitly state that you, the customer, are expected to pay your bills on time or be subject to debt collection and/or litigation. But they, the provider, have no obligation to provide any service whatsoever.
I guess I don't understand why capitalism is a dirty word around here. Isn't it a good thing that businesses are not run by the state? Does competition not spur innovation? Which economic system would you have in capitalism's place?
No. Unions are useful in one case, and only one case: when a lack of industry regulation puts workers in peril. Unions were once necessary to combat hazardous working conditions, unreasonable hours, and mistreatment (i.e., verbal and physical abuse). In today's industrialized countries, strong laws and regulations exist to protect employees from these perils and thus unions are, in the vast majority of cases, completely unnecessary.
Today's unions are used not for protecting workers, but instead:
- bargaining for pay raises and other benefit increases
- organizing election votes along the union's party line
- making it unduly difficult to fire under-performing employees
- making it impossible (and sometimes illegal) to hire otherwise qualified non-union employees
- requiring that a worker join the union upon employment and pay union dues, even if she desires no union representation
So, unions probably are necessary right now in some newly-industrialized countries like China where "middle-class" just means "don't have to steal food anymore." But here in the good old Magnited States of America, our society has evolved to include strong worker protection laws.
Now, even if I were to believe that most unions had a place in modern western industrialized nations, Apple Inc. employees would still pretty much the last ones in the entire universe who would be qualified to join the trade union party. I have close friends who worked in Apple stores and they certainly did not think they were mistreated. Yeah, you have to drink a lot of Apple koolaid. And yes, they said it was demanding work. But the benefits sounded quite reasonable (certainly better than what I was getting at the time for similar work) and they gained experience, solid resume material, and tons of networking. I think most any Slashdotter will agree that most entry-level I.T. and retail jobs are far worse than having to pitch Apple gear all day long.
</rant>
It's not (yet) illegal to write any kind of software you like, no matter what its purpose. What's illegal is how it's used and/or distributed.
If ever it became illegal to write software which exploits security vulnerabilities in software, there would be a whole community of white-hat researchers who'd be out of a job overnight.
Rainbow tables are basically premeditated brute forcing. They're only useful to attackers when the password hashing in use is weak. Which is quite still common, unfortunately.
For example, every developer knows (or damn well should) that it's a remarkably bad idea to store user passwords as plaintext in a database. So when it comes time to write the code, many of them just pick an arbitrary hashing function that isn't widely known to be broken and move on. After they're attacked and the user database stolen, all the attackers need to do is run the database against any of the common rainbow tables floating around and they have the passwords for a good percentage of the database.
Some people will say, "well duh, that's why you add a salt before you hash!" But where do you propose to store the salt? That's right, in the database. The one that the attackers may eventually have access to. It might cost them some time, and possibly some money, but it wouldn't be at all impossible to rent some time on EC2 or a botnet to effectively create their own specialized rainbow table for the job.
It is still not common knowledge that you need to use a more secure password hashing function. This is called key stretching. Key stretching makes it deliberately expensive to brute-force every password combination and, to an extent, dictionary attacks. Plain old hashing functions are designed to be very quick and efficient. You can generate thousands (millions?) of hashes per second on modern hardware. A good password hashing function which employs key stretching is deliberately designed to be many orders of magnitude slower so as to make brute-forcing and rainbow tables computationally infeasible. The idea is, if each guess takes 2-3 seconds to compute (as opposed to 2-3 milliseconds), you will be waiting a very long time before you have anything close to a usable rainbow table.
This doesn't mean users are off the hook when it comes to using secure passwords. Even with key stretching, any dictionary-based password can be found with some patience. But a secure hash of any reasonably "random" password can be safe for a very long time even if^H^Hwhen the password database is compromised.
That of not having a good OS or competent admin.
Because a single industrial company can easily consume much more energy than all of the densely-populated neighborhoods within a 1-mile radius.
This isn't necessarily the case anymore. At least, not everywhere. In places where smart meters are being deployed, you can be charged more during peak usage and less during off-peak. Although to me, the idea of charging more for energy during peak usage is just as greedy as setting an arbitrary bandwidth cap and charging for going over it.
To the majority of us, "off-peak" means those times which we are either at work or asleep. Do you propose people wake up at 3 a.m. to wash their clothes? Run home during lunch to take a shower?
Are you talking about putting the flywheels on the consumer side or the utility side? They really don't make sense on the consumer side. They're already being used in utilities, datacenters, and industry as an energy buffer between "power out" and "diesel generators running".
Now you're talking crazy. Doing that would use more energy on average because you would be running a compressor constantly for a long period of time to cool down a large quantity of water. An AC unit, by comparison only runs intermittently and doesn't need to run as hard because it's only cooling the air 10-25 degrees (Fahrenheit) below ambient temperature rather than 50-70 degrees.
Why? What six or seven major changes have happened to the kernel since 2.6.0 to justify as many major version bumps? Or is the kernel just old enough that it "feels" like it should be in version 8 or 9 by now? How would that be any different than Linus suddenly bumping the version to 3.0 purely (by his own admittance) on a whim?
The rule of thumb is that a release with a version number < 1 is considered incomplete by its authors. Of course, "incomplete" can mean different things to different people. Also, never reaching 1.0 can lend a feeling of "perpetual beta" to the project. It feels a lot less fun to be working on a project that can be considered finished.
Not sure what correlation you're implying... Linus doesn't work for Red Hat. And Red Hat doesn't ship the mainline kernel, they ship their own.
Fine, here are some of the consumer-facing ISPs that host Fedora 15 mirrors:
One of the researchers was interviewed on NPR and he said that a round electron throws an unknown variable into a lot of unproven theories. Many scientists were apparently hoping for a significantly elliptical shape in order to make their calculations work out. (Sorry I can't provide a better description. I'm only regurgitating what I heard on the radio.)
One interesting bit is that they had been collecting data for over 10 years, but the researchers prevented themselves from looking at it before the experiment was over so as to not introduce bias into their final results. That's some scientific integrity right there.
http://mirrors.fedoraproject.org/publiclist/Fedora/15/
Scroll down to the US mirrors, you'll see plenty of ISPs hosting Fedora mirrors.
I would almost believe your story, if it weren't for the fact that over the last 10 years or so I've been running a full-fledged desktop PC with thousands of free apps installed and yet not a single one of them is ad-supported.
I'm not against developers charging for software, or offering software for free with ads, but I really can't take the "ads or nothing" mentality of this new wave of mobile developers who think that they deserve instant riches just because they've managed to hack together a tiny single-purpose application after reading a book on Objective C or Java.
If an (attempted) rapist was the "most promising" candidate, France is in even worse shape than I thought.
Oh, apparently TFA has a page 2.
I'm sorry, but that's utterly wrong. There are people who are watching this stuff. One of them is Craig Labovitz, Chief Scientist at Arbor Networks. He authored a paper six months ago called Six Months, Six Providers, and IPv6. In it, he says that tunneled IPv6 accounts for between 0.01% and 0.05% of all Internet traffic while IPv6 on providers which support it natively accounts for about 0.1% of all traffic. I'm willing to bet that he and/or Arbor will have some news about IPv6 traffic levels on IPv6 day.
If you scroll down a bit, you'll also see that P2P amounts to the majority (61%) of v6 traffic. I also find it fascinating that SSH and Web traffic both account for 4.6% of v6 right now.
I disagree with this assertion and with the author's belief that another channel is needed for command-line programs. The inventors of Unix (and the systems that came before it) thought very hard about how to get data in and out of programs and they didn't make a mistake when they settled on three channels (stdin, stdout, and stderr).
stdout can produce human- and/or machine-readable output, depending on the program and depending on how you invoke it. With no special arguments to the contrary, most programs should assume that they are being run interactively and that all input is provided by and all output is produced for humans. If you want machine-readable output (as input to another program, for example), require the use of a flag to do so. If you want both at the same time, then produce human-readable output on stdout and use one of the many interprocess communication facilities that modern operating systems already provide.
But it is a rare (and likely broken) program that produces exclusively machine-readable output on stderr by default. stderr is what programs use when to report an error message when something goes wrong. stderr is on a separate channel for the explicit reason that errors should not be used as input to the next script in the pipeline, if there is one. It doesn't matter whether the program was run interactively, in a pipeline with other programs, or via a script. Error messages should always be human-readable.
Comcast's cap at 250GB could be seen as somewhat reasonable, until you consider that an HD video stream is going to blow right by it. But AT&T's cap of 150GB make Netflix a complete non-option for even casual TV users.
My evidence? We have a subscription to Netflix in our household and all of us put together only watch an hour or two of TV a day. Netflix is easily what we spend the majority of our bandwidth on. My router says that we typically pull between 100 and 150GB of data per month. And that's watching slightly less than standard-definition video on a crappy 3Mbit DSL connection. The math doesn't lie: an average household could easily pull at least 500GB per month of high-def video on a fast cable connection.
The Anonymous Coward above me is exactly right: Broadband usage caps are nothing to do with maintaining the infrastructure. They exist entirely to make third-party video streaming services impossible for consumers to use.
I respect your opinion, but my experience has been different. I forced myself to learn Perl twice and never could quite get the hang of it. So much of the language is context sensitive (e.g., this arbitrary symbol means a certain thing, except in some cases where it means something completely different) and there are so many features that I always felt overwhelmed. Sure, I always managed to get the code working but it felt hackish and thanks to "there's more than one way to do it," I was never sure if the way I implemented was the right way.
PHP is far simpler. It's the only language that I've learned solely by reading code. Yeah, PHP has its warts (I'm looking at you, zillions of global functions) but I never find myself staring at a line of PHP wondering what it's doing.
I don't agree with you about Java either, but that's a rant for another day.
Er, no it wouldn't because Perl is neither Javascript or Python.
I'm sure that's roughly how the war on drugs was sold. How's that going?
It doesn't sound like you understand Anonymous any better than the media does...
No, it isn't. You only follow the group if the group is doing something that you find amusing, interesting, or worthwhile. For example, when the Scientology protests happened awhile back, the protesters identified themselves as Anonymous and so the media called them that. But back online, forums occupied by "Anonymous" were quite busy ridiculing the protesters as just a bunch of retarded teenagers with nothing better to do with their time. (Of course, there's some irony in that considering the source but I digress.)
There is never any consensus across Anonymous about what they should do. Everything attributed to Anonymous is just a small subset of the overall population who decided to amuse themselves in some way and call themselves Anonymous. There is no membership, there are no leaders, there are no ranks, there are no "key sites" that Anonymous uses to communicate with.
A person who posts content or information publicly on the Internet without specifically identifying himself (or herself) is Anonymous. No other definition is accurate.
If you've been developing software since before the web, then you have years of experience and (I'm sure) an impressive resume and tons of references. You're probably established enough that you could switch jobs in a heartbeat just by calling up some old contacts. TFA was about junior developers that show up for an interview with "Software Engineer" on their resume and can't even answer basic programming questions.
The argument could be made that a developer with a little bit of cross-domain knowledge is a better new-hire candidate than one without.
I used to work on H-53s in the Air Force and I had a similar exchange with a Marine. Only his punch line was:
"Helicopters don't fly, they beat the air into submission."
Yes, downloading and installing a vim plugin (or using vim in the first place) is indeed reasonably difficult for most people.
Don't mind me, just karma-whoring: http://mywiki.wooledge.org/FtpMustDie