the entire BSD software ecosystem suffers because of it. There are a few outstanding examples of software (postgresql is a great example, freebsd itself to a lesser extent, and others)
That's true, if you limit the scope to the BSD license itself. That overlooks the Apache license, which is very similar to the BSD license and has a very robust ecosystem of products: Apache server, Tomcat, Eclipse, to name a few. If you consider "BSD-style" non-copyleft licenses, there's a lot of stuff out there that I use every work day.
I support the goals of copyleft myself, but it looks to me like a lot of the non-copyleft projects are also producing good outcomes.
So there is some interesting prejudice at play here, in people who wrote the headline and people who read the headline jumping to conclusions that the study doesn't remotely advocate or support.
If you see fewer women than men presenting at conferences, there could be many reasons for that. For example, is the ratio of women to men presenting at top conferences different from the ratio of women to men receiving doctoral degrees from top universities?
There could be filtering mechanisms in place at many stages in an academic career that favor one gender over another. In chronological order: admission to undergraduate degree program, graduation from undergraduate programs, admission to graduate degree program, awarding of research funding to graduate students, primary authorship of papers, acceptance of papers, presentation of papers, awarding of graduate degrees, postdoctoral fellowships, awarding of research grants, tenure-track faculty appointments, awarding of tenure, etc., etc.
So these authors picked one of those stages out of the approximate middle of the professional chain I just outlined and found the number of women is less than the number of men. I could have guessed that. The researchers say only "there are many potential contributing factors," which is not much of a causal explanation.
I am beginning to understand why some men get a bit defensive when headlines like this appear. It sounds like more than a hint of accusation, yet without enough evidence to actually accuse anyone with. So let's not forget how frustrating the lack of causal explanation can be to men. (Disclaimer: I am a man.)
If you're actually interested in the causes and effects of gender imbalance in academe, I would recommend the MIT Gender Equity Project. Its methodology was more comprehensive than just counting Y chromosomes in one sub-field.
I don't really blame the biologists who did this study for failing to pin down the root cause of the gender imbalance they saw. If the root cause were easy to find, academics would either have fixed it (if inequity exists) or stopped caring (if the reason is simply fewer girls than boys want to study science). Even the MIT study concluded this is a complex issue.
If real estate prices were the primary consideration, tech companies would be starting up in rural Oklahoma, not Silicon Valley. Companies need to access to a concentration of talent, and professionals like to live in places where they have multiple career opportunities. A good place to locate your tech company is near other tech companies.
Personally, I think for tech companies to be located near universities is also an advantage, because it gives them access to interns and makes recruiting easier.
So Rothenberg doesn't want the companies he represents to have their activities tracked and to be profiled without their consent? I seem to remember reading a rule about that. Golden something-or-other...
That you are worried once the NSA has a call log with your phone number and that a Microsoft device is the one with the webcam makes you seem paranoid.
By that logic, the Social Security Administration already has your Social Security number, so if you wouldn't want me to have it as well, you're paranoid.
Out of curiosity, if the Xbox One were exactly as it was announced except that the OS was open-source, would you be less concerned about the always on camera?
I'd be less concerned about the camera only if the device were never connected to any network. Open-source has nothing to do with it.
I'm tired of being called "paranoid" for not wanting the NSA to log my phone calls and Microsoft to install a webcam in my living room. Speaking of the world we had before...
I can't answer your specific question (I am mostly ignorant of PHP), but perhaps I can be of help with the broader issue of helping people learn about secure coding practices.
One of the basic principles of secure coding is to validate user input to ensure it is what you expect. If you are checking the image size and MIME type you are headed in the right direction. Whether you've gone sufficiently far, I'll leave to PHP experts.
To get started learning more, you can do worse than the OWASP Top 10 (PDF) -- skip to page 5 to bypass a thicket of jargon that may confuse you at first. Probably other readers can suggest other, gentler, starting points. I am suggesting the OWASP Top 10 because it's commonly cited and because it discusses how to prevent each of the major classes of application vulnerabilities. It's not perfect. It will take some time and thought for a newcomer to digest, but for me the effort was worth it.
You can also go to OWASP meetings if there is a chapter near you, or maybe find a local PHP user's group and ask about security.
The phrase is "bad guys." Because that's how high-ranking law enforcement and military officials are supposed to talk nowadays -- like preschoolers. I can't figure out whether that indicates their own intelligence and maturity, or their opinion of the public's.
Given how many people are driving, how often, and how long, low probability scenarios happen every freaking day on the roads. I agree with you that overall safety can be improved simply by concentrating on the typical cases. That is not to say an autonomous car will be safer than a professional driver in every circumstance. I fully expect someone to get killed by an autonomous car in an accident that a human driver could have avoided. I am even prepared to accept that victim could be me, because I'm convinced that lots of other lives will be saved by a car that never falls asleep at the wheel, gets drunk, or panics and loses control. But I expect a self-driving car will be at fault in one improbable, fatal accident sooner rather than later, and I'm disappointed that no one seems to be discussing how we should handle when that occurs.
What the "national security" cloak is really about is controlling the evidence. It's easy to claim you're stopping terrorism when you control all the evidence that shows whether there was any terrorist threat in the first place. When the government goes to the bother of having a trial -- and that will be increasingly rarely -- they can bring out their best stuff and prevent the defense from ever seeing anything remotely exculpatory. When we get to the point where the government fabricates a key piece of evidence now and then, how will the court know? Who's to say that is not happening routinely?
Why the courts admit secret evidence totally escapes me. Quite possibly, that's a worse breach of personal freedom than the surveillance itself, because without secret evidence the surveillance couldn't be (legally) used against citizens.
That's what I meant by "random access" vs. "sequential access." I guess that's a data point supporting my thesis that writing clear and useful prose takes more effort than some people (read, I) are willing to commit.
Drifting off-topic here, but I agree, and I can explain why.
Typical reading speed is 250-300 words per minute with random access. Typical speaking rate is more variable but I'll go with the audiobook reading rate, 160 words per minute with sequential access. So it is a much better use of my time to read an article than to watch or hear a presentation of that article.
That said, _writing_, especially writing well-reasoned and coherent prose such as one can not-infrequently find on Slashdot, takes disproportionately longer than reading the same prose. So the audio and audiovisual formats are appealing to the presenter, because speaking is easier than writing for people with the right skills. An expert, reasonably experienced at public speaking, can give an illuminating presentation with little or no preparation.
My opinion is that video and podcasts can be worthwhile if you know the speaker is good, and are willing to trade off efficient use of your time for efficient use of his.
Show me a credible validation plan for a truck tractor that can deal with a high-side load like a moving van, filled to maximum legal weight, going down the western slope of the Sierra Nevada on I-80, in the rain, coming to a curve at the bottom of a 6% grade, dealing with a jack-ass driver in a light hatch-back returning from a ski trip cutting off the truck.
That particular scenario does not sound like one most human truck drivers could reliably handle, either. I fear the trucking company may be willing to accept the risk. Policymakers seem all too ready to shrug say "that doesn't sound like it will happen very often" instead of actually considering the low-probability scenarios. Considering the political pressure fleet owners (including but not limited to Wal-Mart) can bring to bear, and the knee-jerk anti-regulatory sentiment that was created by a lot of excessive and/or ill-considered regulation, I do not expect validation requirements on robot trucks to be as strict as an engineer would want them to be.
People do not think beyond their immediate personal convenience
And why is that? Is it:
A) They're stupid (and we who understand the Truth get to feel superior, yay!)
B) About 90% of the population gets about 90% of their information from corporate-controlled sources, and are bombarded literally thousands of times a day with messages about how they should choose convenience
Can't read TFA due to paywall, but does he suggest a reason why re-examining "low quality" patents is a better approach than establishing stricter eligibility criteria and a more rigorous process to weed out "low quality" patents before they're granted?
Or, buy a new handset and phone number for every call and only pay cash.
And don't call anyone with, because the NSA is also monitoring all the incoming activity at the other endpoint of your call and can very likely deduce your identity that way.
Slashdot Mirror
I'm as surprised as you are. :-)
That's true, if you limit the scope to the BSD license itself. That overlooks the Apache license, which is very similar to the BSD license and has a very robust ecosystem of products: Apache server, Tomcat, Eclipse, to name a few. If you consider "BSD-style" non-copyleft licenses, there's a lot of stuff out there that I use every work day.
I support the goals of copyleft myself, but it looks to me like a lot of the non-copyleft projects are also producing good outcomes.
So there is some interesting prejudice at play here, in people who wrote the headline and people who read the headline jumping to conclusions that the study doesn't remotely advocate or support.
Does that mean we can sic the patent trolls on the spammers? Hold on, lemme get some popcorn!
If you see fewer women than men presenting at conferences, there could be many reasons for that. For example, is the ratio of women to men presenting at top conferences different from the ratio of women to men receiving doctoral degrees from top universities?
There could be filtering mechanisms in place at many stages in an academic career that favor one gender over another. In chronological order: admission to undergraduate degree program, graduation from undergraduate programs, admission to graduate degree program, awarding of research funding to graduate students, primary authorship of papers, acceptance of papers, presentation of papers, awarding of graduate degrees, postdoctoral fellowships, awarding of research grants, tenure-track faculty appointments, awarding of tenure, etc., etc.
So these authors picked one of those stages out of the approximate middle of the professional chain I just outlined and found the number of women is less than the number of men. I could have guessed that. The researchers say only "there are many potential contributing factors," which is not much of a causal explanation.
I am beginning to understand why some men get a bit defensive when headlines like this appear. It sounds like more than a hint of accusation, yet without enough evidence to actually accuse anyone with. So let's not forget how frustrating the lack of causal explanation can be to men. (Disclaimer: I am a man.)
If you're actually interested in the causes and effects of gender imbalance in academe, I would recommend the MIT Gender Equity Project. Its methodology was more comprehensive than just counting Y chromosomes in one sub-field.
I don't really blame the biologists who did this study for failing to pin down the root cause of the gender imbalance they saw. If the root cause were easy to find, academics would either have fixed it (if inequity exists) or stopped caring (if the reason is simply fewer girls than boys want to study science). Even the MIT study concluded this is a complex issue.
If real estate prices were the primary consideration, tech companies would be starting up in rural Oklahoma, not Silicon Valley. Companies need to access to a concentration of talent, and professionals like to live in places where they have multiple career opportunities. A good place to locate your tech company is near other tech companies.
Personally, I think for tech companies to be located near universities is also an advantage, because it gives them access to interns and makes recruiting easier.
And on an open-source OS, you can.
If the New World Order is trying to keep sub-Saharan Africa down, they're doing it wrong.
So Rothenberg doesn't want the companies he represents to have their activities tracked and to be profiled without their consent? I seem to remember reading a rule about that. Golden something-or-other ...
By that logic, the Social Security Administration already has your Social Security number, so if you wouldn't want me to have it as well, you're paranoid.
I'd be less concerned about the camera only if the device were never connected to any network. Open-source has nothing to do with it.
I'm tired of being called "paranoid" for not wanting the NSA to log my phone calls and Microsoft to install a webcam in my living room. Speaking of the world we had before ...
I can't answer your specific question (I am mostly ignorant of PHP), but perhaps I can be of help with the broader issue of helping people learn about secure coding practices.
One of the basic principles of secure coding is to validate user input to ensure it is what you expect. If you are checking the image size and MIME type you are headed in the right direction. Whether you've gone sufficiently far, I'll leave to PHP experts.
To get started learning more, you can do worse than the OWASP Top 10 (PDF) -- skip to page 5 to bypass a thicket of jargon that may confuse you at first. Probably other readers can suggest other, gentler, starting points. I am suggesting the OWASP Top 10 because it's commonly cited and because it discusses how to prevent each of the major classes of application vulnerabilities. It's not perfect. It will take some time and thought for a newcomer to digest, but for me the effort was worth it.
You can also go to OWASP meetings if there is a chapter near you, or maybe find a local PHP user's group and ask about security.
Dude, that is the scariest thing I've heard in years.
WTF is freedom if not the ability to decide for yourself where your duty lies?
I will be working until 2050, you insensitive clod! :-)
The phrase is "bad guys." Because that's how high-ranking law enforcement and military officials are supposed to talk nowadays -- like preschoolers. I can't figure out whether that indicates their own intelligence and maturity, or their opinion of the public's.
Given how many people are driving, how often, and how long, low probability scenarios happen every freaking day on the roads. I agree with you that overall safety can be improved simply by concentrating on the typical cases. That is not to say an autonomous car will be safer than a professional driver in every circumstance. I fully expect someone to get killed by an autonomous car in an accident that a human driver could have avoided. I am even prepared to accept that victim could be me, because I'm convinced that lots of other lives will be saved by a car that never falls asleep at the wheel, gets drunk, or panics and loses control. But I expect a self-driving car will be at fault in one improbable, fatal accident sooner rather than later, and I'm disappointed that no one seems to be discussing how we should handle when that occurs.
What the "national security" cloak is really about is controlling the evidence. It's easy to claim you're stopping terrorism when you control all the evidence that shows whether there was any terrorist threat in the first place. When the government goes to the bother of having a trial -- and that will be increasingly rarely -- they can bring out their best stuff and prevent the defense from ever seeing anything remotely exculpatory. When we get to the point where the government fabricates a key piece of evidence now and then, how will the court know? Who's to say that is not happening routinely?
Why the courts admit secret evidence totally escapes me. Quite possibly, that's a worse breach of personal freedom than the surveillance itself, because without secret evidence the surveillance couldn't be (legally) used against citizens.
That's what I meant by "random access" vs. "sequential access." I guess that's a data point supporting my thesis that writing clear and useful prose takes more effort than some people (read, I) are willing to commit.
Drifting off-topic here, but I agree, and I can explain why.
Typical reading speed is 250-300 words per minute with random access. Typical speaking rate is more variable but I'll go with the audiobook reading rate, 160 words per minute with sequential access. So it is a much better use of my time to read an article than to watch or hear a presentation of that article.
That said, _writing_, especially writing well-reasoned and coherent prose such as one can not-infrequently find on Slashdot, takes disproportionately longer than reading the same prose. So the audio and audiovisual formats are appealing to the presenter, because speaking is easier than writing for people with the right skills. An expert, reasonably experienced at public speaking, can give an illuminating presentation with little or no preparation.
My opinion is that video and podcasts can be worthwhile if you know the speaker is good, and are willing to trade off efficient use of your time for efficient use of his.
That particular scenario does not sound like one most human truck drivers could reliably handle, either. I fear the trucking company may be willing to accept the risk. Policymakers seem all too ready to shrug say "that doesn't sound like it will happen very often" instead of actually considering the low-probability scenarios. Considering the political pressure fleet owners (including but not limited to Wal-Mart) can bring to bear, and the knee-jerk anti-regulatory sentiment that was created by a lot of excessive and/or ill-considered regulation, I do not expect validation requirements on robot trucks to be as strict as an engineer would want them to be.
And why is that? Is it:
A) They're stupid (and we who understand the Truth get to feel superior, yay!)
B) About 90% of the population gets about 90% of their information from corporate-controlled sources, and are bombarded literally thousands of times a day with messages about how they should choose convenience
C) other, please specify
I think all that means is she knows more about science than the local-newspaper reporter who wrote TFA.
From TFS:
So this system will prevent people who are looking for normal porn from finding child porn by mistake.
I'm in favor of that because, yuck.
Can't read TFA due to paywall, but does he suggest a reason why re-examining "low quality" patents is a better approach than establishing stricter eligibility criteria and a more rigorous process to weed out "low quality" patents before they're granted?
And don't call anyone with, because the NSA is also monitoring all the incoming activity at the other endpoint of your call and can very likely deduce your identity that way.