I don't know about the gp but you can do a graceful reload on Apache and that has been in there since forever (before Microsoft's automatic worker process recycling). It doesn't cause any interruption and if you have your sessions handled correctly, nobody would notice. Next to that, I hate worker processes on IIS. You can't have more than 20 on a box before hitting the end of your memory, threading (what AWP basically is) in Apache is handled much better. Putting each site (I'm talking about 500 sites) in it's own AWP effectively kills the box and the memory and CPU limiting based on per minute samples makes it worse and very difficult for troubleshooting
1) Historic reasons. The project started small with GCC and the code has been building from there. Through historic code it became increasingly more difficult to use non-GCC compilers.
2) Compatibility: As no. 1, the project start with GCC and requires a bit of rewriting in the core functions that the people with non-gcc compilers won't always understand. It might also be difficult to find alternatives stuff that isn't in the C/C++ standard but can be done compiler specific. It would become increasingly difficult and expensive not only to write code for each specific compiler but also to maintain it.
3) Cost: You have to remember, these are volunteers doing this stuff in their spare time. Some might have access to other non-free compilers but prohibited to make a copy for personal use or non-company use. Some of these compilers can cost 1000's of dollars and then you might still not be able to use them because of 4, or the increase in performance only minimal or worse, decreased. It's only valuable for people that absolutely need to squeeze every percent of performance out of a cluster. For most other cases, throwing that money for the compiler in new hardware might be cheaper.
4) Licensing: You never know if non-free software has certain usage limitations or patents related to it. If you decide to eg. use Visual C++ and Microsoft has somewhere in the EULA that if any code written is specifically for Visual C++ (exception cases) they become the owners of the project, then you have tainted the Linux kernel. It's difficult and expensive to get a lawyer to go through each piece of documentation on a) the kernel and b) the compiler to see if stuff is becoming tainted.
Why don't we get these type of phones in Europe or the US? I think we have a large market as well and some of these phones would be welcomed. Instead we're stuck with crappy phones and the iPhone is nearly the best well known product we can get. Where is our 3G? Where is our full speed internet and cable tv on a phone?
RAMBUS comes to mind.., just saying that Microsoft is no different than it was a few years ago. Everything Microsoft does to become more 'open' will have some type of document attached to it that either limits it use to developers, requires you make a payment to Microsoft or that requires you to bend over while disallowing the lube.
I like the way Apple approaches that problem in their Quartz Composer tool. Basically you have JavaScript for all types of funky validations, requests and calculations you would like to do but the 'vulnerable' classes that would allow reading/writing local files, networking or creating annoying popups have been removed.
We have some not-so-common research software. One of them you actually have to e-mail their sales staff with a code which they will respond in one of the following days (or later if it's a weekend coming up) with a serial number. Another one decided to use dongles. Of course the headache of keeping track of who used the dongle last time and why the 2001 drivers aren't working on Windows XP SP3 is big enough, in the upgrade they decided to give us an upgrade dongle. But since it's an upgrade you also need the old dongle to install it (both can't be plugged in a the same time) which then gets upgraded to the new dongle effectively disabling old versions that you might want to keep around for compatibility. There was also no disk, you have to download the software from the site. The software on the site however is the 'Pro' version ('standard' version not available yet) which will install but because of the licensing you don't have rights to load the extras of the Pro. The options are however available in the menu because you installed the Pro version but because the license key is 'standard' they will give you a nice error message.
I hate proprietary software licensing. I haven't even installed Office on the new machines because neither me nor Microsoft knows what the 3 previous generations of sysadmins purchased, I recommend using OpenOffice 3 and it seems to work well for everybody.
On 1: Why would I as a developer need to specify what others do with my page? If others can include my page in their site that's their problem. This can easily be circumvented by not adhering to that standard or other means (like filtering the page through a makeshift proxy (could even be in JS) that removes the tags).
On 2: What developers have to do is better input/output control. XSS attacks are circumvented simply by failing the request (server side) anytime somebody specifies something with:// as the page to include or send to, failing if you see that the page doesn't come from your site or not relying on other sites to host things for you (like Google hosting your funky framework)
Just stick to the Strict DTD and all will be ok (for standards compliant browsers). If anyone complains tell them to use Firefox, Opera or Safari.
iframe tags are a Microsoft's invention and got pushed through by their monopoly. They are not in the Strict DTD's of either HTML or XHTML and make for giant security holes.
I don't know why spankings should be forbidden. As long as you don't abuse your kid or slap too hard there is nothing wrong with it. I think most police and judges would agree that a parent spanking their kids is authorized.
If I would have pulled something like that off with my parents (calling the cops or whatever) I would get a spanking just for doing that.
Adults these days are too afraid to do anything for fear they might end up in court. There is something definitely wrong with that since these days anything out of the ordinary will end you in jail and that is being taught to our kids by these examples (if you do anything wrong, we'll call the cops and you'll go to jail).
But that's our legal and educational system that needs an update, not our individual parenting system.
Correction: They were never 'good' charges. They were 'their best' charges. Actually ~50% of the charges were thrown out. The charges actually thrown out were the charges that they were themselves infringing on copyright, the charges of aiding in copyright infringement stand. Their RIAA techniques are definitely doing them no good in places where judges have half a brain: "When it was movie industry lawyer Monique Wadsted's turn, she wasted no time in unexpectedly introducing new evidence. Both the defense and the court complained at this point, with Wadsted choosing to shout down the judge."
So it sucks when the best charges you can bring are thrown out the first day. It also sucks when you can't seem to intimidate the judges.
I have the exact opposite results actually. I love XServe's since they're easy to work on (hardware) and have great interfaces for monitoring and management. If you've ever used Dell's interface then you'll know what CAN be wrong about it. The only ones that come close are HP and IBM only IF you buy they're (quite expensive) management packages. Next to that, the pricing on similar 1U servers from HP, Dell and IBM is far higher than Apple's XServe unless you're assembling yourself (and having worked on SuperMicro cases: not a good idea).
On the longevity: my XServe's are still chugging along after 5 years without as much as a dead hard drive (although I am going to replace them as a precaution soon) while the PowerMac's and Dell servers, workstations and desktops are dying left and right (almost all hard drives have been replaced over the last year and most are only 3 years old), 1 Dell and 1 Mac with a dead video card and 1 iMac and a few Dells with blown power supplies).
There is indeed somewhat of a tradeoff that the packages are somewhat older (especially on 10.4) but I like that it doesn't break spectacularly like some of Red Hat's updates have done in the past (SpamAssassin and Amavis having new configuration file styles) even on production systems. On 10.5 the package ages are very similar to Debian installations unless a security update requires different which gives for a very stable system. What I would like is the interfaces to expand much more than they do now and allow for more advanced settings. Currently I'm still regularly messing with raw configuration files for certain setups.
Actually, there is a push to go open source/Linux in the professional business environment. Off course a lot of desk jobs are always going to require Windows because of some cobbled up ERP program but the people that actually do the work (engineers, scientists, researchers) are using Linux a lot more. Even in the classical Apple powerhouses (like audio, video and imaging) I see both Apple and Microsoft being replaced or augmented by typical Linux-based software and workstations (on Apple's you can run most Linux software but I see a lot of GTK, X11 and QT-based software as well as Python instead of the Aqua interface).
And what do you think Amazon will do? They will just close down their NYS affiliates further hurting the local economy and the job market. They don't care if they or the customer will have to pay 50c extra on UPS, most customers won't even notice.
NYS is just corrupt until the bone. It's good Hillary or Giuliani didn't become president, I was fearing for that already.
Wikipedia is more of an experiment in some type of direct Democracy/Demarchy (where the whole world rules) while Citizendium is an experiment in Meritocracy (where only the smart rule)
We see the results after a few years. Wikipedia has a much higher level of quality even though there are a lot of bad things about it. Citizendium might be more factually correct on some issues but the problem is that it doesn't have the vast amount of resources Wikipedia gives. Which one is better is a matter of choice. If you give negative points for anything that is not existing, Wikipedia wins. If you don't care that it's not there but what is there is correct then Citizendium is more correct. In the end Wikipedia will be more correct on current culture, things that are evolving constantly and new items while Citizendium will get things that are more scientific better. I think the two should merge some articles and things that are a matter of fact (history, mathematics, chemistry) should be better locked down on Wikipedia. On the other hand our understanding of matters is continually improving even on history but the fact is that even historians keep on rewriting history. Eventually Bush and Hitler will be good (or not-so-bad) guys to certain generations and within a few hundred years we'll have explored the sub-sub-quantum physics as well. It's all evolving and no knowledge is permanent even if they were a matter of "fact", it's all in the eye of the observer.
How about using cable ducts? Could be as simple as plastic sewage tubing which you can plug up with fibre glass isolating material (rodents don't like them) and as a bonus you'll find it easier to lay down new cables
That's what the general populace (and with it lawyers and judges) do indeed think and the RIAA thinks that way too. However that way is incorrect.
Eg. if I put an ASCII image of or an erotic story about child porn in this post and you read it, according to law you have now downloaded/accessed child porn and you are liable to the full extent of the law (according to that thinking). The fact alone that your computer is on the internet means it is accessible by anyone on the internet and if your system does certain things without you being knowledgeable (like loading a virus or caching a hidden image) then that makes you liable since you accessed those things and you have no proof that you didn't (after all you DID access it whether you saw it or not is not important).
(Most) computers are like cars with an unremovable key in the ignition and the doors unlocked. Somebody can take your car for a spin without your knowledge, park it back in the same spot and kill somebody with it in the mean time. The judges, the RIAA and lawyers think/rule that because it's your (or your family's) car, you have driven it and since there is brain matter on the bottom of that car you also killed that somebody.
Still, I work in research environment and I find it impossible to find an 8-core Xeon on par with the current Mac Pro for less than the Apple price and that thing is almost a year old. Yeah, I can find it in a 4-core or 8-core desktop CPU (ECC is kinda important if you're running large computations over several days) and I can find it in several older CPU's but then they don't support enough PCIe or multiple hard drives. And then there is an extra surcharge for 64-bit Windows.
Even with the best out-of-band management, if your switch doesn't respond or doesn't accept commands because it's out of cpu there is not much you can do. Also, just because a port is down doesn't always mean the CPU will/can ignore it. Sometimes there is no alternative than to pull out the cable.
I work at a University with a Hospital attached to it:
What are you trying to protect? Most likely personal identifiable information or personal health information. Could be anything from student records to social security numbers. Protected under state law and HIPAA.
From what? What attacks? What value does it have to the attacker? What value does the secret hold to you? Who are the attackers? Most likely from loss or theft. The value of that information is 99% zero but our dear government has requested that all such loss is reported and all those people be informed and given compensation. Mostly it's frothing of the mouth over 'they lost my information, now my identity is stolen' which the media likes to amplify. Usually it's the image of the school/hospital/entity that has to be protected. By encrypting they don't have to disclose or pay anything.
For example if the value of the secret is low to you, then spending money on protecting it is a waste. Encryption costs to buy, costs to run, costs to manage keys, costs in convenience. eg. (Most secrets aren't worth a trip across town because you forgot your keys once) Yes, implementing a freaking department to handle it and spending $1m on an all-covering solution is very wasteful. But it has to be done, the big wigs think it's absolutely necessary since some vendor or lawyer has told them. It also increases budgets and manpower in IT so they don't complain either.
If the attackers are internal, (they usually are), then encryption buys you nothing. Yes, because the encryption doesn't work on your home computer (although you have licenses for it people don't want to install it). So the users copy it on a personal external hard drive or usb stick which is usually lost and since it wasn't officially purchased and formatted by your IT department they don't know, they don't have to disclose and if it ever gets high enough up the chain to cause commotion all the end user gets is at most a stern lecture about not doing that again.
If the value of the secret is large and the attackers have physical access, then encryption is the strongest link in a very weak chain. Not only that, the passwords for the users that actually need encryption (enrollment, HR, doctor offices) are generally very weak, shared or have a post-it to the device so if the attacker really wanted, they could use a day of dictionary-based brute forcing and usually you'll have a result.
If many people have access to the secret, then social engineering will weasel it out no matter what your encryption. Of course, but that doesn't matter. You have it encrypted so as long as nobody tells or goes public that they have the freaking thing decrypted (which attacker would acknowledge that anyway - PATRIOT act?) no disclosure is necessary.
If the attackers are evil and powerful, then encryption is a red flag to very Bad Bulls. You better off with more primitive methods that require real humans to eye ball it. I don't know what you mean exactly.
Not really. For me an OS should have an e-mail available so I can use it out of the box even if I'm not connected to the internet. There really should be 2 tiers to Ubuntu for Users on install-time:
Standard: Have all necessary applications installed for ease-of-use and have this the recommended
Lite: Have only the basic applications to get to a GUI with a browser and a package manager. I believe the simplest way would be to have a repository locally (on CD) or remotely (on FTP) as currently exists of your debs and use placeholders in the menu for the different programs and as you want to launch them it will ask you to put the CD in or connect to the network (automatically) and get the necessary debs and install them in the background. This could all be in a small application window saying: deploying application please wait... That way you would build your wanted distro over time and then you can backup a list of the set of applications on a USB stick so next time you install it, you'll have all of them automatically (or if you would like to deploy this distro to a large number of clients)
I'll turn your argument around: let's say I am a car manufacturer, new to the market. I sell the RemmeltCar and have exclusive contracts with dealerships. Spare parts can only be had through them or directly from me.
Would you buy my car based on this information?
You probably did yourself. It is very hard to get brand named spare parts through non-dealers and either way they are very expensive. The "aftermarket" as the auto industry calls it are basically reverse-engineered spare parts for frequently used products. But if your car comes with not-so-frequently-used parts (like a specific Variable Assisted Steering system on certain older Buick Park Avenue cars or fog light bulbs on my wife's Hyundai Elantra) then you are shit out of luck and you can pay big bucks (resp. $300 and $30) for the part. Or something as simple as a busted front light enclosure on an Acura can cost you $400 from the dealer.
Computer parts are greatly interchangeable compared to cars. Even Apple's can be upgraded, augmented and expanded fairly simple using 'aftermarket' parts (like hard drives and memory). However specific laptop circuit boards of iMac and Macbook's won't be (similar to Dell, HP and IBM/Lenovo parts.
Another entity than your own ISP? Unless you're running your own DNS you can't really talk about it. I trust OpenDNS more than my ISP (Time Warner) just because of who betrays trust more often (TW is in bed with the RIAA). I also trust OpenDNS at work more than my uplink (AT&T) again for the same reasons (AT&T might just let the government wiretap their DNS without telling (and it says so in their agreements) while OpenDNS promises (again in an agreement) they won't).
On the other hand, I cache OpenDNS at work so they can't really track how much or what is being requested and I get much better responses than AT&T (which takes >1s to find google.com and blocks several e-mail blacklists (like spamhaus) for no good reason (http://www.spamhaus.org/faq/answers.lasso?section=DNSBL%20Usage#83)) and TW also proxies my requests into an ad-laden page without any good explanation (which is worse than OpenDNS who at least gives me some search results and a halfway decent error message).
I have tried running my own DNS as well directly contacting the root servers but again, that takes a lot of time to answer queries and I've heard that the root server admins don't like that the whole world queries their servers. On the other hand, AT&T Business redirects those requests as well.
And the same goes for other ISP's. You shouldn't trust Verizon, AT&T (and subsidiaries like SBC), Time Warner (and subsidiaries like Road Runner), Comcast or AOL because I've been burnt by all of them. OpenDNS although not perfect (I wish they would give NXDOMAIN returns) at least only does do stuff when I sign up for it. If I don't like the blocking, I can disable it. If I don't like the proxy, I can disable it. I like their phishing protection but I'm not blocking pr0n or any other 'malicious' sites since I don't care if my co-workers do stuff like that.
The only way to get a revolution (almost anywhere) is by hitting people directly in their pockets. American Civil War: slaves were a cheap workforce and not having them or having to pay them was bad for a lot of people's business. Thus they revolted. Same goes for the Soviets. They went along as long as they weren't affected. As soon as people started disappearing on large scales and the whole 'communist' thing meant that they were working but weren't getting food but the big wigs in the Party did get all the perks of the communist idea they started revolting. Same for the French: As long as they had it fairly good they went along. But then when the government started raising taxes to the point of famine they started revolting. African nations the same: as long as they are fed they will be fine with whatever ruler comes along, have 1 group/tribe/area excluded from food and that group is larger than a village, that group will start a rebel movement or a civil war. Israel-Palestine is trickier because they will kill each other because they hate each other but the same goes there: having 2 states is all fine and well even with the occasional bombing but one side starts to close borders and rationing food/gas/supplies and you'll have a revolt.
Yay, the next intelligent species on earth will use us as fuel within a few million years! (I'm joking)
I don't know about the gp but you can do a graceful reload on Apache and that has been in there since forever (before Microsoft's automatic worker process recycling). It doesn't cause any interruption and if you have your sessions handled correctly, nobody would notice. Next to that, I hate worker processes on IIS. You can't have more than 20 on a box before hitting the end of your memory, threading (what AWP basically is) in Apache is handled much better. Putting each site (I'm talking about 500 sites) in it's own AWP effectively kills the box and the memory and CPU limiting based on per minute samples makes it worse and very difficult for troubleshooting
Why they don't do it:
1) Historic reasons. The project started small with GCC and the code has been building from there. Through historic code it became increasingly more difficult to use non-GCC compilers.
2) Compatibility: As no. 1, the project start with GCC and requires a bit of rewriting in the core functions that the people with non-gcc compilers won't always understand. It might also be difficult to find alternatives stuff that isn't in the C/C++ standard but can be done compiler specific. It would become increasingly difficult and expensive not only to write code for each specific compiler but also to maintain it.
3) Cost: You have to remember, these are volunteers doing this stuff in their spare time. Some might have access to other non-free compilers but prohibited to make a copy for personal use or non-company use. Some of these compilers can cost 1000's of dollars and then you might still not be able to use them because of 4, or the increase in performance only minimal or worse, decreased. It's only valuable for people that absolutely need to squeeze every percent of performance out of a cluster. For most other cases, throwing that money for the compiler in new hardware might be cheaper.
4) Licensing: You never know if non-free software has certain usage limitations or patents related to it. If you decide to eg. use Visual C++ and Microsoft has somewhere in the EULA that if any code written is specifically for Visual C++ (exception cases) they become the owners of the project, then you have tainted the Linux kernel. It's difficult and expensive to get a lawyer to go through each piece of documentation on a) the kernel and b) the compiler to see if stuff is becoming tainted.
Why don't we get these type of phones in Europe or the US? I think we have a large market as well and some of these phones would be welcomed. Instead we're stuck with crappy phones and the iPhone is nearly the best well known product we can get. Where is our 3G? Where is our full speed internet and cable tv on a phone?
RAMBUS comes to mind.., just saying that Microsoft is no different than it was a few years ago. Everything Microsoft does to become more 'open' will have some type of document attached to it that either limits it use to developers, requires you make a payment to Microsoft or that requires you to bend over while disallowing the lube.
I like the way Apple approaches that problem in their Quartz Composer tool. Basically you have JavaScript for all types of funky validations, requests and calculations you would like to do but the 'vulnerable' classes that would allow reading/writing local files, networking or creating annoying popups have been removed.
We have some not-so-common research software. One of them you actually have to e-mail their sales staff with a code which they will respond in one of the following days (or later if it's a weekend coming up) with a serial number. Another one decided to use dongles. Of course the headache of keeping track of who used the dongle last time and why the 2001 drivers aren't working on Windows XP SP3 is big enough, in the upgrade they decided to give us an upgrade dongle. But since it's an upgrade you also need the old dongle to install it (both can't be plugged in a the same time) which then gets upgraded to the new dongle effectively disabling old versions that you might want to keep around for compatibility. There was also no disk, you have to download the software from the site. The software on the site however is the 'Pro' version ('standard' version not available yet) which will install but because of the licensing you don't have rights to load the extras of the Pro. The options are however available in the menu because you installed the Pro version but because the license key is 'standard' they will give you a nice error message.
I hate proprietary software licensing. I haven't even installed Office on the new machines because neither me nor Microsoft knows what the 3 previous generations of sysadmins purchased, I recommend using OpenOffice 3 and it seems to work well for everybody.
On 1: Why would I as a developer need to specify what others do with my page? If others can include my page in their site that's their problem. This can easily be circumvented by not adhering to that standard or other means (like filtering the page through a makeshift proxy (could even be in JS) that removes the tags).
On 2: What developers have to do is better input/output control. XSS attacks are circumvented simply by failing the request (server side) anytime somebody specifies something with :// as the page to include or send to, failing if you see that the page doesn't come from your site or not relying on other sites to host things for you (like Google hosting your funky framework)
Just stick to the Strict DTD and all will be ok (for standards compliant browsers). If anyone complains tell them to use Firefox, Opera or Safari.
iframe tags are a Microsoft's invention and got pushed through by their monopoly. They are not in the Strict DTD's of either HTML or XHTML and make for giant security holes.
I don't know why spankings should be forbidden. As long as you don't abuse your kid or slap too hard there is nothing wrong with it. I think most police and judges would agree that a parent spanking their kids is authorized.
If I would have pulled something like that off with my parents (calling the cops or whatever) I would get a spanking just for doing that.
Adults these days are too afraid to do anything for fear they might end up in court. There is something definitely wrong with that since these days anything out of the ordinary will end you in jail and that is being taught to our kids by these examples (if you do anything wrong, we'll call the cops and you'll go to jail).
But that's our legal and educational system that needs an update, not our individual parenting system.
Correction: They were never 'good' charges. They were 'their best' charges. Actually ~50% of the charges were thrown out. The charges actually thrown out were the charges that they were themselves infringing on copyright, the charges of aiding in copyright infringement stand. Their RIAA techniques are definitely doing them no good in places where judges have half a brain: "When it was movie industry lawyer Monique Wadsted's turn, she wasted no time in unexpectedly introducing new evidence. Both the defense and the court complained at this point, with Wadsted choosing to shout down the judge."
So it sucks when the best charges you can bring are thrown out the first day. It also sucks when you can't seem to intimidate the judges.
I have the exact opposite results actually. I love XServe's since they're easy to work on (hardware) and have great interfaces for monitoring and management. If you've ever used Dell's interface then you'll know what CAN be wrong about it. The only ones that come close are HP and IBM only IF you buy they're (quite expensive) management packages. Next to that, the pricing on similar 1U servers from HP, Dell and IBM is far higher than Apple's XServe unless you're assembling yourself (and having worked on SuperMicro cases: not a good idea).
On the longevity: my XServe's are still chugging along after 5 years without as much as a dead hard drive (although I am going to replace them as a precaution soon) while the PowerMac's and Dell servers, workstations and desktops are dying left and right (almost all hard drives have been replaced over the last year and most are only 3 years old), 1 Dell and 1 Mac with a dead video card and 1 iMac and a few Dells with blown power supplies).
There is indeed somewhat of a tradeoff that the packages are somewhat older (especially on 10.4) but I like that it doesn't break spectacularly like some of Red Hat's updates have done in the past (SpamAssassin and Amavis having new configuration file styles) even on production systems. On 10.5 the package ages are very similar to Debian installations unless a security update requires different which gives for a very stable system. What I would like is the interfaces to expand much more than they do now and allow for more advanced settings. Currently I'm still regularly messing with raw configuration files for certain setups.
Actually, there is a push to go open source/Linux in the professional business environment. Off course a lot of desk jobs are always going to require Windows because of some cobbled up ERP program but the people that actually do the work (engineers, scientists, researchers) are using Linux a lot more. Even in the classical Apple powerhouses (like audio, video and imaging) I see both Apple and Microsoft being replaced or augmented by typical Linux-based software and workstations (on Apple's you can run most Linux software but I see a lot of GTK, X11 and QT-based software as well as Python instead of the Aqua interface).
And what do you think Amazon will do? They will just close down their NYS affiliates further hurting the local economy and the job market. They don't care if they or the customer will have to pay 50c extra on UPS, most customers won't even notice.
NYS is just corrupt until the bone. It's good Hillary or Giuliani didn't become president, I was fearing for that already.
Wikipedia is more of an experiment in some type of direct Democracy/Demarchy (where the whole world rules) while Citizendium is an experiment in Meritocracy (where only the smart rule)
We see the results after a few years. Wikipedia has a much higher level of quality even though there are a lot of bad things about it. Citizendium might be more factually correct on some issues but the problem is that it doesn't have the vast amount of resources Wikipedia gives. Which one is better is a matter of choice. If you give negative points for anything that is not existing, Wikipedia wins. If you don't care that it's not there but what is there is correct then Citizendium is more correct. In the end Wikipedia will be more correct on current culture, things that are evolving constantly and new items while Citizendium will get things that are more scientific better. I think the two should merge some articles and things that are a matter of fact (history, mathematics, chemistry) should be better locked down on Wikipedia. On the other hand our understanding of matters is continually improving even on history but the fact is that even historians keep on rewriting history. Eventually Bush and Hitler will be good (or not-so-bad) guys to certain generations and within a few hundred years we'll have explored the sub-sub-quantum physics as well. It's all evolving and no knowledge is permanent even if they were a matter of "fact", it's all in the eye of the observer.
Maybe Geico wants to fund it?
How about using cable ducts? Could be as simple as plastic sewage tubing which you can plug up with fibre glass isolating material (rodents don't like them) and as a bonus you'll find it easier to lay down new cables
That's what the general populace (and with it lawyers and judges) do indeed think and the RIAA thinks that way too. However that way is incorrect.
Eg. if I put an ASCII image of or an erotic story about child porn in this post and you read it, according to law you have now downloaded/accessed child porn and you are liable to the full extent of the law (according to that thinking). The fact alone that your computer is on the internet means it is accessible by anyone on the internet and if your system does certain things without you being knowledgeable (like loading a virus or caching a hidden image) then that makes you liable since you accessed those things and you have no proof that you didn't (after all you DID access it whether you saw it or not is not important).
(Most) computers are like cars with an unremovable key in the ignition and the doors unlocked. Somebody can take your car for a spin without your knowledge, park it back in the same spot and kill somebody with it in the mean time. The judges, the RIAA and lawyers think/rule that because it's your (or your family's) car, you have driven it and since there is brain matter on the bottom of that car you also killed that somebody.
Still, I work in research environment and I find it impossible to find an 8-core Xeon on par with the current Mac Pro for less than the Apple price and that thing is almost a year old. Yeah, I can find it in a 4-core or 8-core desktop CPU (ECC is kinda important if you're running large computations over several days) and I can find it in several older CPU's but then they don't support enough PCIe or multiple hard drives. And then there is an extra surcharge for 64-bit Windows.
Even with the best out-of-band management, if your switch doesn't respond or doesn't accept commands because it's out of cpu there is not much you can do. Also, just because a port is down doesn't always mean the CPU will/can ignore it. Sometimes there is no alternative than to pull out the cable.
I work at a University with a Hospital attached to it:
What are you trying to protect?
Most likely personal identifiable information or personal health information. Could be anything from student records to social security numbers. Protected under state law and HIPAA.
From what? What attacks? What value does it have to the attacker? What value does the secret hold to you? Who are the attackers?
Most likely from loss or theft. The value of that information is 99% zero but our dear government has requested that all such loss is reported and all those people be informed and given compensation. Mostly it's frothing of the mouth over 'they lost my information, now my identity is stolen' which the media likes to amplify. Usually it's the image of the school/hospital/entity that has to be protected. By encrypting they don't have to disclose or pay anything.
For example if the value of the secret is low to you, then spending money on protecting it is a waste. Encryption costs to buy, costs to run, costs to manage keys, costs in convenience. eg. (Most secrets aren't worth a trip across town because you forgot your keys once)
Yes, implementing a freaking department to handle it and spending $1m on an all-covering solution is very wasteful. But it has to be done, the big wigs think it's absolutely necessary since some vendor or lawyer has told them. It also increases budgets and manpower in IT so they don't complain either.
If the attackers are internal, (they usually are), then encryption buys you nothing.
Yes, because the encryption doesn't work on your home computer (although you have licenses for it people don't want to install it). So the users copy it on a personal external hard drive or usb stick which is usually lost and since it wasn't officially purchased and formatted by your IT department they don't know, they don't have to disclose and if it ever gets high enough up the chain to cause commotion all the end user gets is at most a stern lecture about not doing that again.
If the value of the secret is large and the attackers have physical access, then encryption is the strongest link in a very weak chain.
Not only that, the passwords for the users that actually need encryption (enrollment, HR, doctor offices) are generally very weak, shared or have a post-it to the device so if the attacker really wanted, they could use a day of dictionary-based brute forcing and usually you'll have a result.
If many people have access to the secret, then social engineering will weasel it out no matter what your encryption.
Of course, but that doesn't matter. You have it encrypted so as long as nobody tells or goes public that they have the freaking thing decrypted (which attacker would acknowledge that anyway - PATRIOT act?) no disclosure is necessary.
If the attackers are evil and powerful, then encryption is a red flag to very Bad Bulls. You better off with more primitive methods that require real humans to eye ball it.
I don't know what you mean exactly.
Not really. For me an OS should have an e-mail available so I can use it out of the box even if I'm not connected to the internet. There really should be 2 tiers to Ubuntu for Users on install-time:
Standard: Have all necessary applications installed for ease-of-use and have this the recommended
Lite: Have only the basic applications to get to a GUI with a browser and a package manager. I believe the simplest way would be to have a repository locally (on CD) or remotely (on FTP) as currently exists of your debs and use placeholders in the menu for the different programs and as you want to launch them it will ask you to put the CD in or connect to the network (automatically) and get the necessary debs and install them in the background. This could all be in a small application window saying: deploying application please wait... That way you would build your wanted distro over time and then you can backup a list of the set of applications on a USB stick so next time you install it, you'll have all of them automatically (or if you would like to deploy this distro to a large number of clients)
I'll turn your argument around: let's say I am a car manufacturer, new to the market. I sell the RemmeltCar and have exclusive contracts with dealerships. Spare parts can only be had through them or directly from me.
Would you buy my car based on this information?
You probably did yourself. It is very hard to get brand named spare parts through non-dealers and either way they are very expensive. The "aftermarket" as the auto industry calls it are basically reverse-engineered spare parts for frequently used products. But if your car comes with not-so-frequently-used parts (like a specific Variable Assisted Steering system on certain older Buick Park Avenue cars or fog light bulbs on my wife's Hyundai Elantra) then you are shit out of luck and you can pay big bucks (resp. $300 and $30) for the part. Or something as simple as a busted front light enclosure on an Acura can cost you $400 from the dealer.
Computer parts are greatly interchangeable compared to cars. Even Apple's can be upgraded, augmented and expanded fairly simple using 'aftermarket' parts (like hard drives and memory). However specific laptop circuit boards of iMac and Macbook's won't be (similar to Dell, HP and IBM/Lenovo parts.
Another entity than your own ISP? Unless you're running your own DNS you can't really talk about it. I trust OpenDNS more than my ISP (Time Warner) just because of who betrays trust more often (TW is in bed with the RIAA). I also trust OpenDNS at work more than my uplink (AT&T) again for the same reasons (AT&T might just let the government wiretap their DNS without telling (and it says so in their agreements) while OpenDNS promises (again in an agreement) they won't).
On the other hand, I cache OpenDNS at work so they can't really track how much or what is being requested and I get much better responses than AT&T (which takes >1s to find google.com and blocks several e-mail blacklists (like spamhaus) for no good reason (http://www.spamhaus.org/faq/answers.lasso?section=DNSBL%20Usage#83)) and TW also proxies my requests into an ad-laden page without any good explanation (which is worse than OpenDNS who at least gives me some search results and a halfway decent error message).
I have tried running my own DNS as well directly contacting the root servers but again, that takes a lot of time to answer queries and I've heard that the root server admins don't like that the whole world queries their servers. On the other hand, AT&T Business redirects those requests as well.
And the same goes for other ISP's. You shouldn't trust Verizon, AT&T (and subsidiaries like SBC), Time Warner (and subsidiaries like Road Runner), Comcast or AOL because I've been burnt by all of them. OpenDNS although not perfect (I wish they would give NXDOMAIN returns) at least only does do stuff when I sign up for it. If I don't like the blocking, I can disable it. If I don't like the proxy, I can disable it. I like their phishing protection but I'm not blocking pr0n or any other 'malicious' sites since I don't care if my co-workers do stuff like that.
The only way to get a revolution (almost anywhere) is by hitting people directly in their pockets. American Civil War: slaves were a cheap workforce and not having them or having to pay them was bad for a lot of people's business. Thus they revolted. Same goes for the Soviets. They went along as long as they weren't affected. As soon as people started disappearing on large scales and the whole 'communist' thing meant that they were working but weren't getting food but the big wigs in the Party did get all the perks of the communist idea they started revolting. Same for the French: As long as they had it fairly good they went along. But then when the government started raising taxes to the point of famine they started revolting. African nations the same: as long as they are fed they will be fine with whatever ruler comes along, have 1 group/tribe/area excluded from food and that group is larger than a village, that group will start a rebel movement or a civil war. Israel-Palestine is trickier because they will kill each other because they hate each other but the same goes there: having 2 states is all fine and well even with the occasional bombing but one side starts to close borders and rationing food/gas/supplies and you'll have a revolt.