And please before I get flamed for disliking the American system and pure Capatalism, there is no price you can put on a human life. For such a "advanced" state you guys dont even have free medical and medicine. You guys hate each other so much that you can ACTUALLY put a price on human life? Thats sick. Everyone has the right to live, all medical should be free.
Our medical care sucks because we've managed to make it at least twice as expensive to provide care as almost any other country. I'm not exactly sure which element of our system is responsible, but it is obvious that compared to Europe, equivalent treatment for any condition is a lot more expensive. Our treatment isn't any better, just more expensive. Until that problem gets solved, we will have worse health care on average that a lot of the world.
As for putting a price on human life -- that is a necessity in every country. The only behavior that would truely equate to not putting a price on life would be if every man, woman, and child in the country stopped being otherwise productive and worked to extend the lives of sick people. Within weeks, the country would collapse. We have to deny somebody treatment for something.
Anybody who says they don't put a price on life is simply ignoring reality so they can feel better about themselves. Real men make real choices with real consequences. Only in a fairy tale can you save everybody.
You can't get a deadlock on a simple read operation by default in MS SQL Server. The only way to get a deadlock that involves a read is to have already written a record, and are now waiting to read a record that is locked by another user. Then, that other user has to try to read the record that you previously wrote.
Since SQL has row level locking by default, this couldn't have happened from simply logging traffic as two users would never write the same log record.
The site had to do something monumentally stupid to make MS SQL produce this error message on a website page view. If they performed the same monumental stupidity on Oracle, they'd get the same deadlock.
I have yet to see an iPhone in the wild. I work in IT with 20 geeks that have well paying jobs. I have a lot of gadget freaks in my family and there are many blackberries at family events. Yet somehow, none of them have iPhones.
BTW, my personal observations are just as representative as yours. That is to say, neither of our observation reflect the market penetration of the iPhone.
Hmmmm.... When consumer reports tested the Sharper Image Ionic Breeze air purifiers, it found them nearly useless. They gave them such a bad review that the share price of Sharper Image went down 9%. Sharper Image took them to court for libel and lost. They lost so bad that they were forced to pay Consumer Union's legal fees. http://www.aircleaners.com/sharperimage2.phtml
BTW, most allergens collect on surfaces, they don't float around in the air. Pet dander is most notorious for this, but other allergens behave the same way. Most doctor's recommend that allergy sufferers don't spend their money on air filters. An excerpt from the web site of the Asthsma and Allergy Foundation of America ( http://www.aafa.org/display.cfm?id=9&sub=18&cont=2 22 ):
Air filters are worth considering, but not as a solution to your asthma or allergy problems by themselves. In fact, research studies disagree on whether or not filters give much added relief in a clean and well-ventilated home.
I'm six miles from the nearest CO and I have 3.5Mbps DSL. They ran fiber to the big box a few thousand feet from my house and put something (a DSLAM maybe?) in the box. Presto, I have DSL. I live near the city, but my neighbors are cows and horses.
The article was about the fact that the government paid $200B either directly or indirectly so that the telco companies would do it. They didn't, but still cashed the checks.
A more comparable example would be if you opened a pizza shop on a small business grant from a county with a written understanding that you would deliver to every resident in the county. Then you simply decided to eat the pizza yourself.
The GP was promised high speed Internet service by 2000 by the government. He is currently promised at least 200kbps by the end of the year. Both mandates were funded and the telco cashed both checks. But, he'll get it when the telco sees that the customers will pay for it for the third time. If the telco's drag their feet long enough, the US gov't will eventually pony up for a brand new shiny fiber-to-the-premises infrastructure. When that happens, they'll pull the copper infrastructure and charge $80 a month for fiber service. They are already doing it in the areas where fiber is being installed. I'll have fiber available to me shortly and if I sign up, I can never go back to the less expensive copper service.
Bonneville cars usually carry a ton (sometimes literally) of ballast. Since they have seven miles from start to stop, they don't need a lot of acceleration. The extra weight give them better traction.
My motorcyle will do 0 to 200 to 0 in under 2 miles and has a power to weight ratio of 3 pounds per HP, including rider. I have quality parts on it, but the brakes and suspension certainly aren't NASCAR grade. NASCAR grade stuff can take a relentless pounding for hours on end and that simply isn't relevent for top speed racing.
I'm not saying the compiler is necessarily unaware of it, I'm saying the compiler has to figure it out. With a break, it is explicit. By announcing your intentions to the compiler, it can tell you when you are doing something that is inconsistent with the design of the application. This comes in very handy when you modify the code in the future by making it harder to unintentionally introduce bugs.
Also, modern compilers are good at this kind of stuff. I'll bet a lot of old (like 1960's old) compilers blindly turned GOTOs into JMPs.
I think part of the problem might be that compilers have a hard time figuring out gotos. GOTO doesn't imply any scope transition and the compiler has to figure it out. However, BREAK is very clear on which scope is being abandoned. Also, a goto will always compile (well, it depends on the language), but a break with a label will only compile if used in a sane manner.
BTW, I met a guy whose biggest dissapointment with VB.Net was that they did away with GOSUB. I shot him.
If you can't figure out a denominator to put under those saved lives and express it as "1 life saved per xxx", then you are not being rational and your results are meaningless. Every denominator that makes red light cameras a success will lead to logic that, taken to the extreme, comes out to "no more driving = no more driving deaths".
Besides, even if you are right about the benefits of red light cameras outweighing the costs, they aren't the right way to do it. Our traffic laws were never meant to be enforced this way. They are written in such a way that a regular bad driver will be caught by the police and sent to traffic school. Automated enforcement of existing laws catches the wrong people 99% of the time just to get the 1%, and then calls it a success. By this measure, simply raising registration fees to $10,000 a year would be a success because it would save a lot of lives. Less people on the road means less lives lost.
Also, red light cameras are a cess-pool of corruption. San Diego had to take them out in 2001 because they let Lockheed Martin fleece the public without making any safety improvements. California eventually had to pass laws to prevent localities from handing over control of the citizen's wallets to red light companies. They'd still be doing it if it weren't made illegal. Just last year ACS, the company the spun off of Lockheed Martin, was involved in a bribery scandal involving red light cameras. Police departments regularly harrass innocent people into "squealing" on their friends and relatives to collect fine money, and they stoop to almost illegal levels to do so. I have links for all four of these if you are interested.
If you want to make driving safer in the US, raise the bar for getting a license (more training and harder tests), and have regular re-tests.
Police officers swear by the reduction in accidents and the crash statistics are clear that red-light cameras save lives and reduce the costs of accidents.
At the risk of sounding inflammatory, I don't care what police officers swear by. 80% of them obviously don't believe what they spout off or the world would be a different place. If police officers really felt that the actual fine was what taught people a lesson and saved their lives, then more of them would give that fine to their co-workers and self professed best friends (other cops). The fact that police professional courtesy exists, even in a small fraction, shows that cops are sparing their friends inconvenience, not lessons. If they really thought a ticket was a significant part of saving someone's life, they'd write more to each other. Instead of bringing up the opinion of police officers, show me independent, non-biased research, of which there is very little on red light cameras.
Red light cameras increase the accident rate as often as they decrease it. Also, the real dangerous drivers that actually run the middle of the red light and T-bone innocent drivers, aren't paying attention. Before red light cameras they weren't paying attention in a situation where their life was at stake, now they aren't paying attention in a situation where their life plus a $100 ticket is at stake. It isn't a deterrent to the real problem.
The people who actually get tickets are the ones that don't even see the red light. If it changes while you are in the intersection, you are running it. When traffic is heavy, sometimes you get caught in it. The alternative is to wait back at the line for a huge clearing and go if the light hasn't turned yellow yet. I know of many intersections where there is no left turn signal and at rush hour, the only time to turn left is at the yellow when oncoming traffic stops. If people were to obey the letter of the law, it would take an hour to turn left.
There are also plenty of cases where the yellow duration is set at less than the legal minimum for an intersection of the type it is installed at. Sometimes, conveniently, they fix the timing three months after the camera is installed and claim that the reduction in fines is from the camera itself, while it is really from the adjustment of the timing.
In summary, red light cameras mostly ticket people who are not a threat to anyone and they unfairly target those who have one on their drive to work. Some people are scrutinized 500 times a year and not allowed to make a single mistake while others never get a look from a camera because of where they live.
I live near Buffalo, NY. Buffalo is considering putting red light cameras downtown and desyncronizing the lights on Delaware Avenue. They want people to hit more red lights. Buffalo doesn't like to raise property taxes because it is politically unpopular and nearly 50% of downtown land is tax-free. Buffalo loves "alternative revenue streams", our sales tax is around 9% (due to several recent hikes), we recently started charging sales tax for airport parking, the residents are still mad about a bunch of fees that have been newly assessed like a "garbage user fee" that used to be paid for with tax money. The Mayor even admits that revenue is part of the reason they are being considered.
They are neither free to own or operate, over their lifetime very few will pay for themselves in the fines they are able to inflict.
This is untrue. There are companies that will install the cameras for free, operate them for free, and only ask for a cut of the ticket money. There is zero chance that the city will lose money and I'm sure the chance that the operating company will lose money is also slim. In California, many red light cameras are operated by Lockheed Martin. In 2001, they were sued for camera placement in San Diego and had to refund a bunch of tickets after it was discovered that they had the cameras installed primarily in intersections where the yellow was too short or there was some other design flaw increasing the liklihood of someone running the red. No cameras were installed in the top 10 most dangerous intersections. Also, if you go to court to fight a citation, a CHP officer stands in to "represent the policies of the vendor". You never get to question your actual accuser.
I said business move. If you factor your personal beliefs into your business decisions, you might be a good niche business, but you'll never be able to compete at the Fortune 500 level.
I do agree with your sentiment. But businesses not being slimey won't fix the problem. It will just make the truely slimey ones more powerful.
The real answer is to get some transparency legislation enacted or to increase fines/punishments for violating the trust and privacy of customers. Right now there is almost zero cost for being a corporate jerk. Increase the cost or make sure that the evil companies get bad press and the problem will go away.
BTW, if slavery were legal and cheap, successful businesses would do it. Actually, they do it now by outsourcing to China. Only when those options are gone will businesses behave properly.
I work at a Fortune 100 company. You are an exception to the norm. Everyone who sends us "marketing leads" doesn't seem to exercise anywhere as much care as you do. Oh, and we buy leads, so somebody sells them.
Honestly, not selling your data is a bad business move. All your competitors do it. The poor suckers who gave you the data won't know the difference. There is no way to sell the "we don't sell your data" story because everyone claims the same and it is very difficult for a consumer to tell who is telling the truth and who is employing some sort of third party work around to sell the data (rent the data to a trusted third party who signs an NDA, that third party then sells the data and folds the company -- the third party is usually run by the brother-in-law of a company officer). Also, it has recently been tested that you don't have to live up to your own privacy policy.
but it's an organized way to solve problems if that goes of at the terminal it will kill hundreds if it goes off in the plane.. probably a few more.. if it's used to gain control of a plane and crash it into a building... ALOT... not to mention nation wide mass hysteria
OK, so we are trying to prevent terrorists from crashing a plane into a building..... by making sure they don't have explosives with them? That makes no sense. The banning of liquids is to prevent the terrorist from detonating it on the plane, not preventing hijacking. In that regard, the bin at the security checkpoint would likely take out more people than having it go off on the plane. As for the hijacking part, that's already covered without a liquids ban. It was a really simple fix, no one gets into the cockpit. Also, if the crew veers off course and doesn't have a good explanation for the FAA, someone is going to shoot it down.
So why do I have to fly thirsty?
BTW, DHS has the threat level at "high" right now. Apparently, the empirical definition of "high" is:
- No terrorist plots successfully executed in the US for six consecutive years
- No terrorist plots attempted in the US for six consecutive years
- No terrorist plots thwarted in the US for six consecutive years
- Daily killing in a war zone by a smaller and less armed enemy using guerilla tactics
This sounds more like an example of a "time of peace and tranquility" than a high risk situation. It's been a long time since the US has had six years of peace (not counting the war that we started). I wonder what DHS would have said about the threat level on December 8, 1941? Maybe ultra-super-mega-high?
Prior to 2001, here are our streaks of time between politically motivated attacks on our people:
1 year from the USS Cole to 9/11
2 years from the US embassy in Kenya to the USS Cole
1 year from a sniper on the Empire State Building to Kenya
2 years from Oklahoma City to ESB
2 years from the first WTC attempt to Oklahoma City
10 years from the US Embassy in Beirut to the first WTC attempt
Even leaving out the unprovoked attacks on US targets outside of the US leaves us in a pretty good era. Of course it doesn't hurt that we are hanging 125,000 of our soldiers out to dry so that we can draw fire away from "The Homeland".
' DECLARE @tbl varchar(128) DECLARE x CURSOR FOR SELECT name FROM sysobjects WHERE type='U' OPEN x FETCH NEXT FROM x INTO @tbl WHILE @@FETCH_STATUS=0 BEGIN EXEC('DELETE ' + @tbl) FETCH NEXT FROM x INTO @tbl END CLOSE x DEALLOCATE x --
It's a bridge to a place that used to be nowhere until some genius decided to build an airport there.
You might argue that is the only place the airport would fit and that Ketchikan has no viable real estate left. Well, maybe the federal government should be obligated to fix this problem too and level the mountains to the east. Death valley has very little water, is anybody obligated to build a reservior there?
The fact is that Ketchikan is becoming an unsuitable destination to move to..... so what? This will either increase property value more if it is truely worth it to be there, or it will cause some people to leave thereby solving the land use problem and bringing the population down to the point where the ferrys can effectively transport them. There is no problem here to be solved, federal money is being used to increase the value of a town. It is exactly the same as simply bringing the money there in trucks and giving it to them.
Now, if there were something the federal government would gain by incubating this town, I'm willing to listen. If we get access to a specific natural resource or a better position from which to provide security for our nation, then write the check.
Putting an immobilizer on all Accords and Civics is stupid. Any given Civic is not at high risk for theft. On the other hand, any given Cadillac Escalade is at high risk for theft and is an expensive insurance payout. It would make more fiscal sense to put lo-jack transponders on Escalades than to put immobilizers on Civics.
Although the Civic is always near the top of the list of most stolen cars, it makes it there for two reasons; it is popular and cheap. By being popular, if cars were stolen based on opportunity rather than selected by value, Civics would naturally float to the tops of the list. By being cheap, it is more likely to be parked in dangerous neighborhoods and more likely to not be in a garage. Both significantly raise the chance of theft.
It would make a whole lot more sense to use location rather than make and model to decide which cars to fit with immobilizers. I hate these "most stolen" lists because they almost always read exactly like a "most units registered" list and don't give anyone any real indication of whether their car is going to be stolen. A better list would be a "theft rate", or what percentage of the total unit registered have been stolen. Every single year the most stolen list comes out and every statistician in the country has a small stroke.
Another problem is that immobilizers slightly raise the risk of a prospective thief breaking into the house for the keys or taking the car from the owner at gunpoint.
But.... It is still trivia if asked on a Java test. A single technology specific exam should not strive to test the breadth of related knowledge. The collection of a person's certifications and experiences will give that bit of information at a quick glance.
If you put COBOL questions on a Java test, you could create a situation where someone cannot prove that they are qualified in a single technology for an entry level job because they can't get the certification in one specific technology simply because they don't know a related technology.
Now, COBOL questions may be relevant on a "Java Integration" exam. But each exam should not try to test everything on earth.
Instead of trying to validate mail, just make it computationally expensive to send. Anyone with a compromised Windows box will know immediately because it will be running at 100% CPU utilization constantly. Even if they don't have the technical expertise to know what's wrong, they'll still have an idea that it's broke.
How come these guys never realize that if a scheme can't stop bots, it's worthless. Also, all these fancy schemes are bound to fail because they try to make fighting spam the lever to get everyone on earth to register with them so they can be the toll collector for the future of email.
The only problem with HashCash is that the biggest detractors will be the providers of free email services. They happen to control most of the mailboxes. They don't want their service to become more expensive, and they don't want to see all their hard work not turn into some future monopoly.
Liquid nitrogen isn't a big deal as long as you aren't intentionally trying to make it dangerous. Capping the vent would be a "bad thing". I worked as an electron microscopist for a few years and I know first hand that 99% of the fun things you can do with LN2 don't involve freezing stuff, but rather putting a bit of liquid nitrogen into various sealed containers.
No, it doesn't. That's the false dichotomy that sp supporters like to espouse. A poorly called sp is vulnerable to SQL injection, while a well written, properly called ad-hoc query is not vulnerable. Just using a stored procedure does not protect you from SQL injection and just avoiding them does not make you vulnerable to it. I just worked up a real quick ad-hoc paraeterized SQLCommand in Visual Studio and here is what SQL Profiler shows me is really executing;
exec sp_executesql N'SELECT * FROM Employees WHERE EmployeeID=@EmployeeID', N'@EmployeeID int', @EmployeeID = 3
This is 100% SQL injection proof and is very likely to be cached and reused regardless of the value used for the parameter on the next call.
Debugging stored procs in Visual Studio is easy. This of course is impossible to do with dynamic sql.
That proves debugging is possible, not that it works well. Where are the conditional breakpoints? How do you attach to an already executing stored procedure? How do you inspect the contents of a local table variable in the midst of a procedure call? The MS Procedure debugger has all the features of a ten year old product that has not been enhanced. If I write my logic in C#, I get a far better debugger.
As for the claim that it is impossible to debug with dynamic SQL... sure. But, most of the time I don't put non-trivial logic into SQL at all. The lack of debugging isn't a problem because there is no logic to debug. If a particular situation requires me to run complex logic on the database server, then I do use stored procedures. However, that is only about 5% of the time.
I have embarked on a campaign at work to rewrite a bunch of 2000 line SPs as.Net code and the result is far more maintainable and debuggable code that gives us better error messages, better logging, and better performance. I'm not saying this will always be the case, but the people who first wrote this code blindly implemented it as stored procedures. This code is a bunch of complex data transformations that simply are easier to implement in a real language. Also, there are many processing exception that can arise and tracking those exceptions and alerting the correct people is far easier outside of the SQL server.
What about my argument that T-SQL is a horrible language? You have one looping construct and one statement level conditional construct. Cursor loops require you to write the FETCH both before the loop and at the end of the loop making maintenance that much more tedious. Compile errors can be tough to track down as the messages are often vague. Hidden gotchas like compiling a procedure with QUOTED_IDENTIFIERS on and modifying it with them off are always fun. No select construct (as in a traditional programming language, not record selection). Until the latest version, no exception handling. Things like allowing run-time selection of record ordering have to be implemented with EXEC(), which actually opens you up to SQL injection vulnerabilities. Also, common constructs like this...
SELECT
X, Y, Z
FROM
MyTable
WHERE
(X = @X OR @X IS NULL)
AND
(Y = @Y OR @Y IS NULL)
AND
(Z = @Z OR @Z IS NULL)
... actually make reuse of execution plans undesireable. These techniques are often necessary to avoid having to create 18 million SPs each with slightly different criteria, but in doing so, you shoot your primary argument for using SPs in the first place in the foot. If you decide not to implement these types of solutions, then you have a maintenance nightmare for application that allow highly customizable searching. An EXEC() based alternative opens you up to SQL injection and also ruins the ability to grant execute permission to the SPs while denying access to the tables.
This is just a handful of specific examples of the inferiority of T-SQL as a language for complex logic. There are many more as T-SQL hasn't really been enhanced in 15 years.
Most database engines takes advantage of store procedures to create a pre-prepared execution plan which is used to optimise and speed execution time.
Most database engines also apply the exact same techniques to plain text queries. If the plain text queries are parameterized, then it works even better.
All Visual Studio gives you is a nice environment in which to extract sql scripts and check them into source control
Visual Studio also give you powerful tools to build parameterized queries and wraps them in class modules. It gives you the same tools for calling stored procedures. At the end of the day, what really matters is that you use some type of data access abstraction. Which type you use is a matter of personal preference and which technology is best for which situation. Microsoft's Transact-SQL is an absolutely horrible language that is very difficult to debug and had very poor error handling. Making a concious descision to implement complex code in that environment shows a serious lack of awareness of the costs incurred by your decisions. On the other hand, Oracle's PL/SQL is an OK language having better error handling and more useful constructs. However, PL/SQL still isn't as good as 90% of the languages that are common today. It is also fairly difficult to pass complex parameters into or out of stored procedures in any language.
A proxy server is just a web server. It happens to server any content you choose, but it is still just a web server. Calling this a breach of security is quite a stretch.
With this rationale, you could create a policy that says "You shall not circumvent our security measures and walk on the grass". Then if anyone walks on the grass, expel them for breach of security policies, regardless of what measures were in place. Afterall, they violated the written policy.
Policies really need to be written to the actual intent, not the mechanism. The policy should state that the students shouldn't view offensive material. The WebSense server should help keep the students under control. Any violation should be related to the material being viewed, not the manner in which it was reached. This trend of policing methods instead of outcomes has led to a lot of the bad laws passed recently, the DMCA being the most obvious example.
This is also another example of the dangers of the nanny mentality. Everyone seems to want to do something, and doing nothing is seen as unacceptable from the outside. So, we have to screen old ladies at airports, we have to pass laws prohibiting incandescent lightbulbs even though the market will take care of the problem if it is the right thing to do, and we have to "protect" our children even though in some cases protecting them deprives them of coping skills.
My take on this article is that it is a bad thing to seperate "IT Operations" from "Security". It annoys me every time I see a company that has a "Chief Security Officer". Security is a fairly unique problem and can't be handled the same way as getting the lawn cut.
You can always create a "Groundkeeping Crew" and then no one else in the entire company would have to worry about the grass. However, the day you create an "IT Security Task Force", everyone else lets down their guard. Products like personal firewalls and anti-spyware have allowed application and OS developers to sell insecure software without retribution. If security were forced back to the source where the problem is easiest to solve, we would be in better shape today.
Instead, I see a security team trying to lock down the network and application architecture teams trying to get as much data through as possible. Since everyone's goals are 180 degrees from each other, things go much more smoothly when they keep the other side in the dark.
Slashdot Mirror
And please before I get flamed for disliking the American system and pure Capatalism, there is no price you can put on a human life. For such a "advanced" state you guys dont even have free medical and medicine. You guys hate each other so much that you can ACTUALLY put a price on human life? Thats sick. Everyone has the right to live, all medical should be free.
Our medical care sucks because we've managed to make it at least twice as expensive to provide care as almost any other country. I'm not exactly sure which element of our system is responsible, but it is obvious that compared to Europe, equivalent treatment for any condition is a lot more expensive. Our treatment isn't any better, just more expensive. Until that problem gets solved, we will have worse health care on average that a lot of the world.
As for putting a price on human life -- that is a necessity in every country. The only behavior that would truely equate to not putting a price on life would be if every man, woman, and child in the country stopped being otherwise productive and worked to extend the lives of sick people. Within weeks, the country would collapse. We have to deny somebody treatment for something.
Anybody who says they don't put a price on life is simply ignoring reality so they can feel better about themselves. Real men make real choices with real consequences. Only in a fairy tale can you save everybody.
You can't get a deadlock on a simple read operation by default in MS SQL Server. The only way to get a deadlock that involves a read is to have already written a record, and are now waiting to read a record that is locked by another user. Then, that other user has to try to read the record that you previously wrote.
Since SQL has row level locking by default, this couldn't have happened from simply logging traffic as two users would never write the same log record.
The site had to do something monumentally stupid to make MS SQL produce this error message on a website page view. If they performed the same monumental stupidity on Oracle, they'd get the same deadlock.
So.... nearly everyone has one?
I have yet to see an iPhone in the wild. I work in IT with 20 geeks that have well paying jobs. I have a lot of gadget freaks in my family and there are many blackberries at family events. Yet somehow, none of them have iPhones.
BTW, my personal observations are just as representative as yours. That is to say, neither of our observation reflect the market penetration of the iPhone.
Hmmmm.... When consumer reports tested the Sharper Image Ionic Breeze air purifiers, it found them nearly useless. They gave them such a bad review that the share price of Sharper Image went down 9%. Sharper Image took them to court for libel and lost. They lost so bad that they were forced to pay Consumer Union's legal fees. http://www.aircleaners.com/sharperimage2.phtml
2 22 ):
BTW, most allergens collect on surfaces, they don't float around in the air. Pet dander is most notorious for this, but other allergens behave the same way. Most doctor's recommend that allergy sufferers don't spend their money on air filters. An excerpt from the web site of the Asthsma and Allergy Foundation of America ( http://www.aafa.org/display.cfm?id=9&sub=18&cont=
Air filters are worth considering, but not as a solution to your asthma or allergy problems by themselves. In fact, research studies disagree on whether or not filters give much added relief in a clean and well-ventilated home.
I'm six miles from the nearest CO and I have 3.5Mbps DSL. They ran fiber to the big box a few thousand feet from my house and put something (a DSLAM maybe?) in the box. Presto, I have DSL. I live near the city, but my neighbors are cows and horses.
The article was about the fact that the government paid $200B either directly or indirectly so that the telco companies would do it. They didn't, but still cashed the checks.
A more comparable example would be if you opened a pizza shop on a small business grant from a county with a written understanding that you would deliver to every resident in the county. Then you simply decided to eat the pizza yourself.
The GP was promised high speed Internet service by 2000 by the government. He is currently promised at least 200kbps by the end of the year. Both mandates were funded and the telco cashed both checks. But, he'll get it when the telco sees that the customers will pay for it for the third time. If the telco's drag their feet long enough, the US gov't will eventually pony up for a brand new shiny fiber-to-the-premises infrastructure. When that happens, they'll pull the copper infrastructure and charge $80 a month for fiber service. They are already doing it in the areas where fiber is being installed. I'll have fiber available to me shortly and if I sign up, I can never go back to the less expensive copper service.
Bonneville cars usually carry a ton (sometimes literally) of ballast. Since they have seven miles from start to stop, they don't need a lot of acceleration. The extra weight give them better traction.
My motorcyle will do 0 to 200 to 0 in under 2 miles and has a power to weight ratio of 3 pounds per HP, including rider. I have quality parts on it, but the brakes and suspension certainly aren't NASCAR grade. NASCAR grade stuff can take a relentless pounding for hours on end and that simply isn't relevent for top speed racing.
I'm not saying the compiler is necessarily unaware of it, I'm saying the compiler has to figure it out. With a break, it is explicit. By announcing your intentions to the compiler, it can tell you when you are doing something that is inconsistent with the design of the application. This comes in very handy when you modify the code in the future by making it harder to unintentionally introduce bugs.
Also, modern compilers are good at this kind of stuff. I'll bet a lot of old (like 1960's old) compilers blindly turned GOTOs into JMPs.
I think part of the problem might be that compilers have a hard time figuring out gotos. GOTO doesn't imply any scope transition and the compiler has to figure it out. However, BREAK is very clear on which scope is being abandoned. Also, a goto will always compile (well, it depends on the language), but a break with a label will only compile if used in a sane manner.
BTW, I met a guy whose biggest dissapointment with VB.Net was that they did away with GOSUB. I shot him.
If you can't figure out a denominator to put under those saved lives and express it as "1 life saved per xxx", then you are not being rational and your results are meaningless. Every denominator that makes red light cameras a success will lead to logic that, taken to the extreme, comes out to "no more driving = no more driving deaths".
Besides, even if you are right about the benefits of red light cameras outweighing the costs, they aren't the right way to do it. Our traffic laws were never meant to be enforced this way. They are written in such a way that a regular bad driver will be caught by the police and sent to traffic school. Automated enforcement of existing laws catches the wrong people 99% of the time just to get the 1%, and then calls it a success. By this measure, simply raising registration fees to $10,000 a year would be a success because it would save a lot of lives. Less people on the road means less lives lost.
Also, red light cameras are a cess-pool of corruption. San Diego had to take them out in 2001 because they let Lockheed Martin fleece the public without making any safety improvements. California eventually had to pass laws to prevent localities from handing over control of the citizen's wallets to red light companies. They'd still be doing it if it weren't made illegal. Just last year ACS, the company the spun off of Lockheed Martin, was involved in a bribery scandal involving red light cameras. Police departments regularly harrass innocent people into "squealing" on their friends and relatives to collect fine money, and they stoop to almost illegal levels to do so. I have links for all four of these if you are interested.
If you want to make driving safer in the US, raise the bar for getting a license (more training and harder tests), and have regular re-tests.
Police officers swear by the reduction in accidents and the crash statistics are clear that red-light cameras save lives and reduce the costs of accidents.
At the risk of sounding inflammatory, I don't care what police officers swear by. 80% of them obviously don't believe what they spout off or the world would be a different place. If police officers really felt that the actual fine was what taught people a lesson and saved their lives, then more of them would give that fine to their co-workers and self professed best friends (other cops). The fact that police professional courtesy exists, even in a small fraction, shows that cops are sparing their friends inconvenience, not lessons. If they really thought a ticket was a significant part of saving someone's life, they'd write more to each other. Instead of bringing up the opinion of police officers, show me independent, non-biased research, of which there is very little on red light cameras.
West coast fines are usually over $100. East coast fines are usually $100 or less. Both have similar success rates.
I hope this is a troll.....
Red light cameras increase the accident rate as often as they decrease it. Also, the real dangerous drivers that actually run the middle of the red light and T-bone innocent drivers, aren't paying attention. Before red light cameras they weren't paying attention in a situation where their life was at stake, now they aren't paying attention in a situation where their life plus a $100 ticket is at stake. It isn't a deterrent to the real problem.
The people who actually get tickets are the ones that don't even see the red light. If it changes while you are in the intersection, you are running it. When traffic is heavy, sometimes you get caught in it. The alternative is to wait back at the line for a huge clearing and go if the light hasn't turned yellow yet. I know of many intersections where there is no left turn signal and at rush hour, the only time to turn left is at the yellow when oncoming traffic stops. If people were to obey the letter of the law, it would take an hour to turn left.
There are also plenty of cases where the yellow duration is set at less than the legal minimum for an intersection of the type it is installed at. Sometimes, conveniently, they fix the timing three months after the camera is installed and claim that the reduction in fines is from the camera itself, while it is really from the adjustment of the timing.
In summary, red light cameras mostly ticket people who are not a threat to anyone and they unfairly target those who have one on their drive to work. Some people are scrutinized 500 times a year and not allowed to make a single mistake while others never get a look from a camera because of where they live.
I live near Buffalo, NY. Buffalo is considering putting red light cameras downtown and desyncronizing the lights on Delaware Avenue. They want people to hit more red lights. Buffalo doesn't like to raise property taxes because it is politically unpopular and nearly 50% of downtown land is tax-free. Buffalo loves "alternative revenue streams", our sales tax is around 9% (due to several recent hikes), we recently started charging sales tax for airport parking, the residents are still mad about a bunch of fees that have been newly assessed like a "garbage user fee" that used to be paid for with tax money. The Mayor even admits that revenue is part of the reason they are being considered.
They are neither free to own or operate, over their lifetime very few will pay for themselves in the fines they are able to inflict.
This is untrue. There are companies that will install the cameras for free, operate them for free, and only ask for a cut of the ticket money. There is zero chance that the city will lose money and I'm sure the chance that the operating company will lose money is also slim. In California, many red light cameras are operated by Lockheed Martin. In 2001, they were sued for camera placement in San Diego and had to refund a bunch of tickets after it was discovered that they had the cameras installed primarily in intersections where the yellow was too short or there was some other design flaw increasing the liklihood of someone running the red. No cameras were installed in the top 10 most dangerous intersections. Also, if you go to court to fight a citation, a CHP officer stands in to "represent the policies of the vendor". You never get to question your actual accuser.
I said business move. If you factor your personal beliefs into your business decisions, you might be a good niche business, but you'll never be able to compete at the Fortune 500 level.
I do agree with your sentiment. But businesses not being slimey won't fix the problem. It will just make the truely slimey ones more powerful.
The real answer is to get some transparency legislation enacted or to increase fines/punishments for violating the trust and privacy of customers. Right now there is almost zero cost for being a corporate jerk. Increase the cost or make sure that the evil companies get bad press and the problem will go away.
BTW, if slavery were legal and cheap, successful businesses would do it. Actually, they do it now by outsourcing to China. Only when those options are gone will businesses behave properly.
I work at a Fortune 100 company. You are an exception to the norm. Everyone who sends us "marketing leads" doesn't seem to exercise anywhere as much care as you do. Oh, and we buy leads, so somebody sells them.
Honestly, not selling your data is a bad business move. All your competitors do it. The poor suckers who gave you the data won't know the difference. There is no way to sell the "we don't sell your data" story because everyone claims the same and it is very difficult for a consumer to tell who is telling the truth and who is employing some sort of third party work around to sell the data (rent the data to a trusted third party who signs an NDA, that third party then sells the data and folds the company -- the third party is usually run by the brother-in-law of a company officer). Also, it has recently been tested that you don't have to live up to your own privacy policy.
but it's an organized way to solve problems if that goes of at the terminal it will kill hundreds if it goes off in the plane.. probably a few more.. if it's used to gain control of a plane and crash it into a building... ALOT... not to mention nation wide mass hysteria
OK, so we are trying to prevent terrorists from crashing a plane into a building..... by making sure they don't have explosives with them? That makes no sense. The banning of liquids is to prevent the terrorist from detonating it on the plane, not preventing hijacking. In that regard, the bin at the security checkpoint would likely take out more people than having it go off on the plane. As for the hijacking part, that's already covered without a liquids ban. It was a really simple fix, no one gets into the cockpit. Also, if the crew veers off course and doesn't have a good explanation for the FAA, someone is going to shoot it down.
So why do I have to fly thirsty?
BTW, DHS has the threat level at "high" right now. Apparently, the empirical definition of "high" is:
- No terrorist plots successfully executed in the US for six consecutive years
- No terrorist plots attempted in the US for six consecutive years
- No terrorist plots thwarted in the US for six consecutive years
- Daily killing in a war zone by a smaller and less armed enemy using guerilla tactics
This sounds more like an example of a "time of peace and tranquility" than a high risk situation. It's been a long time since the US has had six years of peace (not counting the war that we started). I wonder what DHS would have said about the threat level on December 8, 1941? Maybe ultra-super-mega-high?
Prior to 2001, here are our streaks of time between politically motivated attacks on our people:
1 year from the USS Cole to 9/11
2 years from the US embassy in Kenya to the USS Cole
1 year from a sniper on the Empire State Building to Kenya
2 years from Oklahoma City to ESB
2 years from the first WTC attempt to Oklahoma City
10 years from the US Embassy in Beirut to the first WTC attempt
Even leaving out the unprovoked attacks on US targets outside of the US leaves us in a pretty good era. Of course it doesn't hurt that we are hanging 125,000 of our soldiers out to dry so that we can draw fire away from "The Homeland".
So who is going to step up and try:
:-)
' DELETE Employees --
or
' DECLARE @tbl varchar(128) DECLARE x CURSOR FOR SELECT name FROM sysobjects WHERE type='U' OPEN x FETCH NEXT FROM x INTO @tbl WHILE @@FETCH_STATUS=0 BEGIN EXEC('DELETE ' + @tbl) FETCH NEXT FROM x INTO @tbl END CLOSE x DEALLOCATE x --
It's *not* a bridge to nowhere.
It's a bridge to a place that used to be nowhere until some genius decided to build an airport there.
You might argue that is the only place the airport would fit and that Ketchikan has no viable real estate left. Well, maybe the federal government should be obligated to fix this problem too and level the mountains to the east. Death valley has very little water, is anybody obligated to build a reservior there?
The fact is that Ketchikan is becoming an unsuitable destination to move to..... so what? This will either increase property value more if it is truely worth it to be there, or it will cause some people to leave thereby solving the land use problem and bringing the population down to the point where the ferrys can effectively transport them. There is no problem here to be solved, federal money is being used to increase the value of a town. It is exactly the same as simply bringing the money there in trucks and giving it to them.
Now, if there were something the federal government would gain by incubating this town, I'm willing to listen. If we get access to a specific natural resource or a better position from which to provide security for our nation, then write the check.
Putting an immobilizer on all Accords and Civics is stupid. Any given Civic is not at high risk for theft. On the other hand, any given Cadillac Escalade is at high risk for theft and is an expensive insurance payout. It would make more fiscal sense to put lo-jack transponders on Escalades than to put immobilizers on Civics.
Although the Civic is always near the top of the list of most stolen cars, it makes it there for two reasons; it is popular and cheap. By being popular, if cars were stolen based on opportunity rather than selected by value, Civics would naturally float to the tops of the list. By being cheap, it is more likely to be parked in dangerous neighborhoods and more likely to not be in a garage. Both significantly raise the chance of theft.
It would make a whole lot more sense to use location rather than make and model to decide which cars to fit with immobilizers. I hate these "most stolen" lists because they almost always read exactly like a "most units registered" list and don't give anyone any real indication of whether their car is going to be stolen. A better list would be a "theft rate", or what percentage of the total unit registered have been stolen. Every single year the most stolen list comes out and every statistician in the country has a small stroke.
Another problem is that immobilizers slightly raise the risk of a prospective thief breaking into the house for the keys or taking the car from the owner at gunpoint.
But.... It is still trivia if asked on a Java test. A single technology specific exam should not strive to test the breadth of related knowledge. The collection of a person's certifications and experiences will give that bit of information at a quick glance.
If you put COBOL questions on a Java test, you could create a situation where someone cannot prove that they are qualified in a single technology for an entry level job because they can't get the certification in one specific technology simply because they don't know a related technology.
Now, COBOL questions may be relevant on a "Java Integration" exam. But each exam should not try to test everything on earth.
Instead of trying to validate mail, just make it computationally expensive to send. Anyone with a compromised Windows box will know immediately because it will be running at 100% CPU utilization constantly. Even if they don't have the technical expertise to know what's wrong, they'll still have an idea that it's broke.
How come these guys never realize that if a scheme can't stop bots, it's worthless. Also, all these fancy schemes are bound to fail because they try to make fighting spam the lever to get everyone on earth to register with them so they can be the toll collector for the future of email.
The only problem with HashCash is that the biggest detractors will be the providers of free email services. They happen to control most of the mailboxes. They don't want their service to become more expensive, and they don't want to see all their hard work not turn into some future monopoly.
Liquid nitrogen isn't a big deal as long as you aren't intentionally trying to make it dangerous. Capping the vent would be a "bad thing". I worked as an electron microscopist for a few years and I know first hand that 99% of the fun things you can do with LN2 don't involve freezing stuff, but rather putting a bit of liquid nitrogen into various sealed containers.
plus it opens you up to sql injection
.Net code and the result is far more maintainable and debuggable code that gives us better error messages, better logging, and better performance. I'm not saying this will always be the case, but the people who first wrote this code blindly implemented it as stored procedures. This code is a bunch of complex data transformations that simply are easier to implement in a real language. Also, there are many processing exception that can arise and tracking those exceptions and alerting the correct people is far easier outside of the SQL server.
... actually make reuse of execution plans undesireable. These techniques are often necessary to avoid having to create 18 million SPs each with slightly different criteria, but in doing so, you shoot your primary argument for using SPs in the first place in the foot. If you decide not to implement these types of solutions, then you have a maintenance nightmare for application that allow highly customizable searching. An EXEC() based alternative opens you up to SQL injection and also ruins the ability to grant execute permission to the SPs while denying access to the tables.
No, it doesn't. That's the false dichotomy that sp supporters like to espouse. A poorly called sp is vulnerable to SQL injection, while a well written, properly called ad-hoc query is not vulnerable. Just using a stored procedure does not protect you from SQL injection and just avoiding them does not make you vulnerable to it. I just worked up a real quick ad-hoc paraeterized SQLCommand in Visual Studio and here is what SQL Profiler shows me is really executing;
exec sp_executesql N'SELECT * FROM Employees WHERE EmployeeID=@EmployeeID', N'@EmployeeID int', @EmployeeID = 3
This is 100% SQL injection proof and is very likely to be cached and reused regardless of the value used for the parameter on the next call.
Debugging stored procs in Visual Studio is easy. This of course is impossible to do with dynamic sql.
That proves debugging is possible, not that it works well. Where are the conditional breakpoints? How do you attach to an already executing stored procedure? How do you inspect the contents of a local table variable in the midst of a procedure call? The MS Procedure debugger has all the features of a ten year old product that has not been enhanced. If I write my logic in C#, I get a far better debugger.
As for the claim that it is impossible to debug with dynamic SQL... sure. But, most of the time I don't put non-trivial logic into SQL at all. The lack of debugging isn't a problem because there is no logic to debug. If a particular situation requires me to run complex logic on the database server, then I do use stored procedures. However, that is only about 5% of the time.
I have embarked on a campaign at work to rewrite a bunch of 2000 line SPs as
What about my argument that T-SQL is a horrible language? You have one looping construct and one statement level conditional construct. Cursor loops require you to write the FETCH both before the loop and at the end of the loop making maintenance that much more tedious. Compile errors can be tough to track down as the messages are often vague. Hidden gotchas like compiling a procedure with QUOTED_IDENTIFIERS on and modifying it with them off are always fun. No select construct (as in a traditional programming language, not record selection). Until the latest version, no exception handling. Things like allowing run-time selection of record ordering have to be implemented with EXEC(), which actually opens you up to SQL injection vulnerabilities. Also, common constructs like this...
SELECT X, Y, Z FROM MyTable WHERE (X = @X OR @X IS NULL) AND (Y = @Y OR @Y IS NULL) AND (Z = @Z OR @Z IS NULL)
This is just a handful of specific examples of the inferiority of T-SQL as a language for complex logic. There are many more as T-SQL hasn't really been enhanced in 15 years.
Most database engines takes advantage of store procedures to create a pre-prepared execution plan which is used to optimise and speed execution time.
Most database engines also apply the exact same techniques to plain text queries. If the plain text queries are parameterized, then it works even better.
All Visual Studio gives you is a nice environment in which to extract sql scripts and check them into source control
Visual Studio also give you powerful tools to build parameterized queries and wraps them in class modules. It gives you the same tools for calling stored procedures. At the end of the day, what really matters is that you use some type of data access abstraction. Which type you use is a matter of personal preference and which technology is best for which situation. Microsoft's Transact-SQL is an absolutely horrible language that is very difficult to debug and had very poor error handling. Making a concious descision to implement complex code in that environment shows a serious lack of awareness of the costs incurred by your decisions. On the other hand, Oracle's PL/SQL is an OK language having better error handling and more useful constructs. However, PL/SQL still isn't as good as 90% of the languages that are common today. It is also fairly difficult to pass complex parameters into or out of stored procedures in any language.
A proxy server is just a web server. It happens to server any content you choose, but it is still just a web server. Calling this a breach of security is quite a stretch.
With this rationale, you could create a policy that says "You shall not circumvent our security measures and walk on the grass". Then if anyone walks on the grass, expel them for breach of security policies, regardless of what measures were in place. Afterall, they violated the written policy.
Policies really need to be written to the actual intent, not the mechanism. The policy should state that the students shouldn't view offensive material. The WebSense server should help keep the students under control. Any violation should be related to the material being viewed, not the manner in which it was reached. This trend of policing methods instead of outcomes has led to a lot of the bad laws passed recently, the DMCA being the most obvious example.
This is also another example of the dangers of the nanny mentality. Everyone seems to want to do something, and doing nothing is seen as unacceptable from the outside. So, we have to screen old ladies at airports, we have to pass laws prohibiting incandescent lightbulbs even though the market will take care of the problem if it is the right thing to do, and we have to "protect" our children even though in some cases protecting them deprives them of coping skills.
My take on this article is that it is a bad thing to seperate "IT Operations" from "Security". It annoys me every time I see a company that has a "Chief Security Officer". Security is a fairly unique problem and can't be handled the same way as getting the lawn cut.
You can always create a "Groundkeeping Crew" and then no one else in the entire company would have to worry about the grass. However, the day you create an "IT Security Task Force", everyone else lets down their guard. Products like personal firewalls and anti-spyware have allowed application and OS developers to sell insecure software without retribution. If security were forced back to the source where the problem is easiest to solve, we would be in better shape today.
Instead, I see a security team trying to lock down the network and application architecture teams trying to get as much data through as possible. Since everyone's goals are 180 degrees from each other, things go much more smoothly when they keep the other side in the dark.