FWIW, I agree with the comment made by The_Noid on the same lwn page I previously mentioned about how the manner in which Theo handled this was very appropriate:
If the details to this vulnerability would have been released (even with patches) just about every Linux box on the planet would have been cracked before the owners would've had time to install the patch. Publishing a fix to this problem will only tell the cracker exactly where the problem is.
So they first work around the bug, without actually fixing the bug and telling what is it and where it is, so crackers can't make an exploit before people are immune (and I repeat, a direct fix would exactly tell the cracker what the bug is.)
A bug like this is what every cracker is dreaming of, a way into just about every unix machine on the planet!
Check out this little snippet (the whole message can be found on lwn.net) from an email from Theo:
We've been trying to warn vendors about 3.3 and the need for privsep, but they really have not heeded our call for assistance. They have basically ignored us. Some, like Alan Cox, even went further stating that privsep was not being worked on because "Nobody provided any info which proves the problem, and many people dont trust you theo" and suggested I "might be feeding everyone a trojan" (I think I'll publish that letter -- it is just so funny).
Please do publish that letter, Theo. That would be very interesting.
Yep. Plus I'd add that Mozilla doesn't trick people into relying on proprietary technologies which have lock-in ramifications beyond the browser market. Microsoft weaves a tangled web, and IE is one of the stickiest threads.
Fascism is a particular political philosophy, not an organization whose politics you don't like. It places the rights and interests of the state above the rights and interests of the individual, because of a belief that the importance of the state to its citizens supercedes the importance of individual members.
The point Karl Auerbah, John Gilmore, and others are making is that ICANN behaves exactly as you have described. Which would make the use of the term 'fascist' entirely appropriate.
You don't obviate the need for rationally dispelling a contrary point of view by policing the use of language.
I should have said that I think/some/ of the systems legal protections are warranted. E.G. - someone responsible for a workplace accident should suffer some liability, but not to the extent that they lose their home and everything they own. But that's not the same as saying everything has to be structured the way it is now.
Usually a very few people. Even companies with a large number of shareholders, who are ostensibly "owners", are run by a select minority.
The power belongs to a few, not to "the people". The rules are made by a few, and enforced by a few. Did you ever vote for your company's next CEO? Did his/her term ever expire? Do company employees collectively decide which causes to lobby, which public official to support?
You're right that companies are not inherently evil. Neither are they inherently good. The problem is that power structure more closely resembles a feudal aristocracy than a democracy. Some time ago, and even today, there were popular uprisings, beheadings, and all manner of grisly events resulting from popular transitions to a different system.
I'm certainly not suggesting that the state of multi-national corporatism is such that this kind of reponse is called for. All that's happening here in this forum is that people are *talking* about the issue. And you're getting upset about it.
As for the legal protections corporations provide, you're right, they are a good idea. But that doesn't necessarily argue a need for the status quo.
Oh, I see. It's a completely random process. You reassess what your evaluation criteria should be for each job. And you shouldn't share anything you learn during this process with others - let them fend for themselves. It's certainly not fair to let them stand your shoulders, is it? Like you say, fuck 'em.
I love it. But I was curious to see Ian Jackson, dpkg developer, say in this interview that he didn't think apt was so hot. Clearly Ian has a better perspective than I do. Can someone explain Ian's perspective? I don't really understand his objections very well.
Who makes the decision about where CGI ends, and reality begins? What factors come into play when making this decision? How do you expect to see this line in the sand evolve over the next ten years? I'm sure different movies approach these matters each in their own fashion. Are there any generalizations you would make? Care to share some fun industry anectodes?
here's 1,000 CD copies of MS Foobar Pro, each worth $5,000 !! So we just made a donation of $5,000,000 and it's tax deductible (not that we pay taxes)
That's a good point. Who's calculating the value of this donation? Microsoft. Based on what? The retail shelf price?
Donations should be valued according to what it costs the vendor to provide them. Peru is not giving MS upteen million dollars. MS is not providing Peru with software that they could have sold somewhere else. They are simply printing money.
Since congress is so hot-to-trot about corporate oversight these days, maybe they should take a closer look at this particular form of bullshit accounting.
I'd add, though, that you would still probably like to have at least a good conceptual idea about what you're asking for before beginning consultations with an architect. Don't assume an architect knows what is and isn't important to you.
Also remember, the most important design decisions happen early. As the project progresses, the broad brush strokes of the early conceptual design will become more detailed.
Good architects listen, communicate, and would like your feedback. If you find yourself doing business with someone who does the meet-and-greet and then disappears for awhile... you might consider finding someone else.
Not that its justification, but there are products that wouldn't have market share.. or obtained market share if they didn't embrance piracy.
Personally, I hope that these mofos succeed in their ambitions to squash unauthorized copying of their precious intellectual poop. The consequences will serve them right.
For all the awful things about the capitalist system, it is designed to model how humans actually act, which makes it a heck of a lot more likely to succeed than systems that rely on human nature to be different or that rely on a central body of "experts" to dictacte how things should be.
Huh? Who said that a "body of experts" should dictate how things should be?
No one is arguing against capitalism here. I was merely proposing that that what/used/ to be the capitalist status quo - corporate behaviour resulting from consumers voting with their pocketbooks - was, and is, a better system than corporate directors gaming the system in whatever fashions best suits shareholders.
Can you give some examples of how shareholders acting in their own selfish interest have benefitted consumers in a fashion that retail economics could not have accomplished?
Certainly any number of industries, particularly high-tech, benefit from by using venture capital to do R&D. You can't finance R&D with as-of-yet non-existant product revenue. And because such enterprises are inherently risky ventures, the risks should correlate with corresponding rewards.
There are different types of shareholders. Some certaily deserve a particularly high level of attention. But the bread and butter of Wall Street is the institutional investor. They are attempting to provide return on the dollar. Period. They have no interest in corporate policy, corporate oversight, or in many cases even corporate profitibility. All they care about is whether or not they can sell their stock for more than they bought it. These are the bread and butter "shareholders" I'm talking about. And they are definitively not the backbone of healthy capitalism.
The problem has not been that shareholders came first. The problem was that the MANAGEMENT came first. Sure, management owned shares, but if Ken Lay was a majority owner of Enron, you could be damn sure that he wouldn't have pulled the tricks he did.
In a certain sense you are right - the people who own stock in a company are its "owners". But they are certainly not owners in the sense conveyed by your lawnmower example. By in large, people own stock in companies because they believe they will get a return on their investment. They're in it for the money, pure and simple. Hell, most people investing probably don't even know where their money really is - it's just thrown into a mutual fund or some such thing. They are certainly not taking an active interest in the operation of the company.
Alas, however, I fear you are right. You are describing the way most people expect the sytem does and should work. I just beg to differ. I think it should be otherwise.
Really, though, we both want the same thing - companies that provide value to their shareholders and value to their customers. I just happen to think the customer should come first. When customers come first, the rest will follow quite naturally. When shareholders come first, sometimes the customers don't even count anymore.
Basically, corporations such as Disney and industry groups such as the MPAA and RIAA (Recording Industry Association of America) cannot seem to fathom the existence of a customer...
I would put the period right there. Too many corporations cannot fathom the existence of a customer.
I was watching some talking head on one of the tv money shows the other night. They were discussing, what else, corporate mismanagement. This guy was some kind of hot-shot investor, and he was all hot and bothered because company executives had forgotten their one true purpose:to serve the shareholders!.
WTF?!
The ignorance is so rampant, no frickin' wonder we're witnessing such a show of corporate suicide. What about the goddamn customer?! What about developing, manufacturing, marketing, distributing, and supporting a product that customers want to buy!?
The tail is wagging the dog. Customer satisfaction has taken a back seat to corporate profitability and shareholder value. Selfishness is regularly promoted as the root of all that is good and holy. It should be the other way around. Hence the expression "the customer is always right." - it used to be a maxim of good business practice. When is the last time you heard anything resembling that expression on "Money News with Pinstripe Boy"?
Look no further than that epitomy of self-serving capitalism - Microsoft - to see just how far awry this philosophy has taken us. If they can't compel people to buy their products because they want to, then damn it, let's force them to upgrade by continually changing file formats and protocols. Oh, and let's not forget lobbying Congress to create new laws declaring certain undesireable competitors criminals.
Exactly. And as long as the truth gets out, there should really be nothing to worry about.
There are still two possible problems.
Patents. Nothing new here, just the usual problem of software patents being inherently evil.
Legislation. As long as the so-called "content industry" has nitwits like Sen. Hollings in their pocket, general purpose computing faces the threat of being outlawed.
As long as you can continue to use your general purpose computer without going to jail, the free market will dispose of ill-concieved notions like Palladium quite nicely.
The other reason for IP protection is to prevent misrepresentation. This concept should always be upheld, even regardless of whether a copyright, patent, or trademark has expired.
Huh? Says who? IP law did and does not materialize from the ether. Congress makes laws according to powers prescribed by the constitution. If they overstep their mandate, the courts, in due course, correct their misbehavior.
See article 1, section 8 of the United States Constitution for more information on this matter.
The problem with "marketspeak gobbledygook" occurs when people pay for something they aren't getting. My question is, what does UL's "certification" really mean? If it means someone will stand behind the certification and take a hit if they don't fulfill their promises, that's worth something. If not, why should anyone prefer UL over any other brand? I see brand building, but so far, that's all I see.
By maintaining strict control of the binaries... UL can fully test and certify that "out-of-the-box" the software and server combos are completely compatible.
There is certainly a value-add here, and I don't question the validity of this business model. What I'd like to know, though, is whether these "guarantees" and "certifications" imply that UL will assume liability for product performance? If not, I don't see how this "certification" is anything other than yet another piece of paper with colorful scrollwork you can put in your office. Is this for real, or (Roblimo's introduction to the contrary) is this just more marketspeak gobbledygook?
Slashdot Mirror
Oh, I agree with you. I'm just saying this sounds like a reasonable explanation of how to respond to an exploit of this nature.
FWIW, I agree with the comment made by The_Noid on the same lwn page I previously mentioned about how the manner in which Theo handled this was very appropriate:
If the details to this vulnerability would have been released (even with patches) just about every Linux box on the planet would have been cracked before the owners would've had time to install the patch. Publishing a fix to this problem will only tell the cracker exactly where the problem is.
So they first work around the bug, without actually fixing the bug and telling what is it and where it is, so crackers can't make an exploit before people are immune (and I repeat, a direct fix would exactly tell the cracker what the bug is.)
A bug like this is what every cracker is dreaming of, a way into just about every unix machine on the planet!
This whole episode is very bizarre.
Just to be clear - this does not, of course, imply that Theo has anything to do with this. But the message is uncanny.
Check out this little snippet (the whole message can be found on lwn.net) from an email from Theo:
We've been trying to warn vendors about 3.3 and the need for privsep, but they really have not heeded our call for assistance. They have basically ignored us. Some, like Alan Cox, even went further stating that privsep was not being worked on because "Nobody provided any info which proves the problem, and many people dont trust you theo" and suggested I "might be feeding everyone a trojan" (I think I'll publish that letter -- it is just so funny).
Please do publish that letter, Theo. That would be very interesting.
PU
Yep. Plus I'd add that Mozilla doesn't trick people into relying on proprietary technologies which have lock-in ramifications beyond the browser market. Microsoft weaves a tangled web, and IE is one of the stickiest threads.
Fascism is a particular political philosophy, not an organization whose politics you don't like. It places the rights and interests of the state above the rights and interests of the individual, because of a belief that the importance of the state to its citizens supercedes the importance of individual members.
The point Karl Auerbah, John Gilmore, and others are making is that ICANN behaves exactly as you have described. Which would make the use of the term 'fascist' entirely appropriate.
You don't obviate the need for rationally dispelling a contrary point of view by policing the use of language.
John presents his take on things in an recent Salon interview.
And what's SAIC up to these days (read John's interview)? Homeland security. They're on our side (cough).
I should have said that I think /some/ of the systems legal protections are warranted. E.G. - someone responsible for a workplace accident should suffer some liability, but not to the extent that they lose their home and everything they own. But that's not the same as saying everything has to be structured the way it is now.
A corporation IS OWNED BY PEOPLE.
Usually a very few people. Even companies with a large number of shareholders, who are ostensibly "owners", are run by a select minority.
The power belongs to a few, not to "the people". The rules are made by a few, and enforced by a few. Did you ever vote for your company's next CEO? Did his/her term ever expire? Do company employees collectively decide which causes to lobby, which public official to support?
You're right that companies are not inherently evil. Neither are they inherently good. The problem is that power structure more closely resembles a feudal aristocracy than a democracy. Some time ago, and even today, there were popular uprisings, beheadings, and all manner of grisly events resulting from popular transitions to a different system.
I'm certainly not suggesting that the state of multi-national corporatism is such that this kind of reponse is called for. All that's happening here in this forum is that people are *talking* about the issue. And you're getting upset about it.
As for the legal protections corporations provide, you're right, they are a good idea. But that doesn't necessarily argue a need for the status quo.
Oh, I see. It's a completely random process. You reassess what your evaluation criteria should be for each job. And you shouldn't share anything you learn during this process with others - let them fend for themselves. It's certainly not fair to let them stand your shoulders, is it? Like you say, fuck 'em.
I like your attitude.
Apt-get makes upgrades/installations much easier.
I love it. But I was curious to see Ian Jackson, dpkg developer, say in this interview that he didn't think apt was so hot. Clearly Ian has a better perspective than I do. Can someone explain Ian's perspective? I don't really understand his objections very well.
F**k advocacy. Use the best tool for the job.
Define "best". Congratulations! You're an advocate!
Who makes the decision about where CGI ends, and reality begins? What factors come into play when making this decision? How do you expect to see this line in the sand evolve over the next ten years? I'm sure different movies approach these matters each in their own fashion. Are there any generalizations you would make? Care to share some fun industry anectodes?
here's 1,000 CD copies of MS Foobar Pro, each worth $5,000 !! So we just made a donation of $5,000,000 and it's tax deductible (not that we pay taxes)
That's a good point. Who's calculating the value of this donation? Microsoft. Based on what? The retail shelf price?
Donations should be valued according to what it costs the vendor to provide them. Peru is not giving MS upteen million dollars. MS is not providing Peru with software that they could have sold somewhere else. They are simply printing money.
Since congress is so hot-to-trot about corporate oversight these days, maybe they should take a closer look at this particular form of bullshit accounting.
- PreservePermissions should work
- Better commit function triggers
- Checkout function triggers - e.g. push files through a filter (which may be part of the file set) on checkout - see next item
- Non-CVS checkouts. Example: check out system config files (which possibly require host-specific edits - see item above).
OK, so I'm a weirdo - what can I say.Good advice.
... you might consider finding someone else.
I'd add, though, that you would still probably like to have at least a good conceptual idea about what you're asking for before beginning consultations with an architect. Don't assume an architect knows what is and isn't important to you.
Also remember, the most important design decisions happen early. As the project progresses, the broad brush strokes of the early conceptual design will become more detailed.
Good architects listen, communicate, and would like your feedback. If you find yourself doing business with someone who does the meet-and-greet and then disappears for awhile
Not that its justification, but there are products that wouldn't have market share .. or obtained market share if they didn't embrance piracy.
Personally, I hope that these mofos succeed in their ambitions to squash unauthorized copying of their precious intellectual poop. The consequences will serve them right.
For all the awful things about the capitalist system, it is designed to model how humans actually act, which makes it a heck of a lot more likely to succeed than systems that rely on human nature to be different or that rely on a central body of "experts" to dictacte how things should be.
/used/ to be the capitalist status quo - corporate behaviour resulting from consumers voting with their pocketbooks - was, and is, a better system than corporate directors gaming the system in whatever fashions best suits shareholders.
Huh? Who said that a "body of experts" should dictate how things should be?
No one is arguing against capitalism here. I was merely proposing that that what
Can you give some examples of how shareholders acting in their own selfish interest have benefitted consumers in a fashion that retail economics could not have accomplished?
Certainly any number of industries, particularly high-tech, benefit from by using venture capital to do R&D. You can't finance R&D with as-of-yet non-existant product revenue. And because such enterprises are inherently risky ventures, the risks should correlate with corresponding rewards.
There are different types of shareholders. Some certaily deserve a particularly high level of attention. But the bread and butter of Wall Street is the institutional investor. They are attempting to provide return on the dollar. Period. They have no interest in corporate policy, corporate oversight, or in many cases even corporate profitibility. All they care about is whether or not they can sell their stock for more than they bought it. These are the bread and butter "shareholders" I'm talking about. And they are definitively not the backbone of healthy capitalism.
The problem has not been that shareholders came first. The problem was that the MANAGEMENT came first. Sure, management owned shares, but if Ken Lay was a majority owner of Enron, you could be damn sure that he wouldn't have pulled the tricks he did.
Why?
In a certain sense you are right - the people who own stock in a company are its "owners". But they are certainly not owners in the sense conveyed by your lawnmower example. By in large, people own stock in companies because they believe they will get a return on their investment. They're in it for the money, pure and simple. Hell, most people investing probably don't even know where their money really is - it's just thrown into a mutual fund or some such thing. They are certainly not taking an active interest in the operation of the company.
Alas, however, I fear you are right. You are describing the way most people expect the sytem does and should work. I just beg to differ. I think it should be otherwise.
Really, though, we both want the same thing - companies that provide value to their shareholders and value to their customers. I just happen to think the customer should come first. When customers come first, the rest will follow quite naturally. When shareholders come first, sometimes the customers don't even count anymore.
Basically, corporations such as Disney and industry groups such as the MPAA and RIAA (Recording Industry Association of America) cannot seem to fathom the existence of a customer...
I would put the period right there. Too many corporations cannot fathom the existence of a customer.
I was watching some talking head on one of the tv money shows the other night. They were discussing, what else, corporate mismanagement. This guy was some kind of hot-shot investor, and he was all hot and bothered because company executives had forgotten their one true purpose: to serve the shareholders!.
WTF?!
The ignorance is so rampant, no frickin' wonder we're witnessing such a show of corporate suicide. What about the goddamn customer?! What about developing, manufacturing, marketing, distributing, and supporting a product that customers want to buy!?
The tail is wagging the dog. Customer satisfaction has taken a back seat to corporate profitability and shareholder value. Selfishness is regularly promoted as the root of all that is good and holy. It should be the other way around. Hence the expression "the customer is always right." - it used to be a maxim of good business practice. When is the last time you heard anything resembling that expression on "Money News with Pinstripe Boy"?
Look no further than that epitomy of self-serving capitalism - Microsoft - to see just how far awry this philosophy has taken us. If they can't compel people to buy their products because they want to, then damn it, let's force them to upgrade by continually changing file formats and protocols. Oh, and let's not forget lobbying Congress to create new laws declaring certain undesireable competitors criminals.
Exactly. And as long as the truth gets out, there should really be nothing to worry about.
There are still two possible problems.
As long as you can continue to use your general purpose computer without going to jail, the free market will dispose of ill-concieved notions like Palladium quite nicely.
The other reason for IP protection is to prevent misrepresentation. This concept should always be upheld, even regardless of whether a copyright, patent, or trademark has expired.
Huh? Says who? IP law did and does not materialize from the ether. Congress makes laws according to powers prescribed by the constitution. If they overstep their mandate, the courts, in due course, correct their misbehavior.
See article 1, section 8 of the United States Constitution for more information on this matter.
There's more to life than the GPL. ;)
The problem with "marketspeak gobbledygook" occurs when people pay for something they aren't getting. My question is, what does UL's "certification" really mean? If it means someone will stand behind the certification and take a hit if they don't fulfill their promises, that's worth something. If not, why should anyone prefer UL over any other brand? I see brand building, but so far, that's all I see.
By maintaining strict control of the binaries ... UL can fully test and certify that "out-of-the-box" the software and server combos are completely compatible.
There is certainly a value-add here, and I don't question the validity of this business model. What I'd like to know, though, is whether these "guarantees" and "certifications" imply that UL will assume liability for product performance? If not, I don't see how this "certification" is anything other than yet another piece of paper with colorful scrollwork you can put in your office. Is this for real, or (Roblimo's introduction to the contrary) is this just more marketspeak gobbledygook?