So if my neighbor murders his wife and throws the gun in my pool. The cops can not use that gun as evidence because they did not have a warrant for it when I brought it to them?
As long as they have probable cause to think a murder has been committed fine, otherwise they should arrest you for stealing his gun.
So under your thinking my IT department at work should not be able to read my e-mail or this post before it lets the network traffic be sent to/.?
Your IT department can read it all they want, but the government (even if given the data by your IT department without being asked) would need a warrent to read it.
At least this is what decades of legal precedent have said. There have recently been moves to roll back that protection which is what many (including myself) are against.
However why is it assumed that when I use someone else's network that my conversation is secure?
That question is irrelevant. The question should be, "However why is it assumed that when I use someone else's network that my conversation isn't monitored by the government without a warrent?". And the answer to that question is: the Constitution.
These problems go away if the researchers either announce with proof ASAP, or if they announce once a patch is ready.
I don't think either of those suggestions are "bad", just that sadly they have historically had thier own issues which at least in many peoples opinions outway the gains of those methods.
"announce with proof ASAP" - sadly history shows that when this is done unscrupulous people will then take that knowledge and use it to create malware which can cause MAJOR damage. This is why there has been talk of even making this illegal (which I COMPLETELY disagree with). It is true that "with proof" a tiny percentage of the computer using population will be able to avoid the issue. However, the VAST majority still won't even hear of the issue (as they don't follow such news) let alone know what to do about it. The result is hackers are given the gift of complete knowledge of an exploit which many millions of computers and users will have no defense against.
"announce once a patch is ready" - again sadly it has been shown over and over again that many (if not most) products will not put the urgency into a security fix unless there is public pressure to do so. This has certainly improved greatly over the last decade, but I still don't think we are at a point where we can trust them on this without pressure.
There is a fairly popular variation on your second idea which is to notify the software developer but don't announce until you have given them reasonable time to patch it. This will give them the chance to do the "right thing" on thier own without the public pressure but researchers can still release the information later if they feel the patch is too long in coming.
I actually do prefer that option, but there is the arguement that a company will never feel quite the sense of urgency as they would when an overview of the issue hits the media. And it follows that then the patch will take longer and someone less than altruistic could also find the same issue in the mean time and release an exploit.
I don't have a real strong preference between the options of notify the software developers first and wait a reasonable amount of time, or notify and release high level overview at the same time. I'd actually probably have a slight preference for the former, but it does seem the later is the more popular. Probably for the reasons you give, that they want to be sure they are given the credit (and attention) of the find;-)
Patience grasshopper, details will be released soon enough. Their method of reporting seems to be becoming kind of an accepted best practice for "responsible reporting" of bugs. I fully support ones right to just release day 0 exploit sample code if they so choose, though I don't think it's the best idea. It seems notifying the makers of effected software at roughly same time as releasing very high level information about the exploit is becoming the best way to both avoid in the wild attacks as well as ensure the issue is addressed.
In this case, additional researchers have even verified the issue after the initial report. If you still don't believe there is an issue (fair enough it's good to be skeptical), you can always do a tad of research into these researches history to help decide if you think they are trustworthy or not. If still that isn't enough, well then I guess you'll have to just find these issues yourself and you can publish anything you want about them. Until then the researchers who find an issue should have the right to handle it any way they choose. They don't answer to you.
It's like yelling "fire" in a crowded room.
Seems more like they are more warning that there is a pile of debris in the room which could be a fire hazard. You suggestion would be more like noticing that fire hazard and deciding to dump gas on it and then toss on a match.
Unfortunately the Novell/MS IP sharing deal doesn't extend past Novell and it's direct customers.
Correct me if I'm wrong (as I'm sure others here have looked into this deal much more than I have), but doesn't that clause only relate to the "we won't sue you for any patents of ours which may be in Linux" piece. There is a much broader IP sharing, interoperability, and cooperation on projects which I don't believe has anything to do with that "Novell and thier clients" business.
I mean, when you hit compile, it generates and spews out a command line to a little text window. Which is fine, but it doesn't bother to actually parse that data and present it in a meaningful way. You end up scrolling through dozens of warnings (if you're not compiling with the equivilent of -ferror) to find relevant errors.
Of course if you choose to view the raw output via the "Output" view, then yes you will get that. Of course, I always find it much easier to choose the "Error List" view where you can just toggle to choose if you want to see errors and/or warnings and/or information messages. Then just click on each any item in that list to take me to the corresponding issue in code.
I think the above shows your level of "I've tried using visual studio tools", so I don't see the need to go further (in fact I didn't read any further);-)
Most of the mono team works for Novell so are getting paid. I also assume cooperation between MS and Mono is part of the larger Novell/MS IP sharing agreements, but that is just an assumption.
Because at least for me, its not an issue of them selling out. Its an issue of convience. I know for a fact that I want the game. I also know I'd rather not have to drive across town to the store to get it. Thus buying online makes sense. So my options are either pre-order it now, or I guess I could set a reminder on my computer to remind me to go to a website on launch day to order it but why bother with that? I'd prefer to just buy it online now and be done with it, then one day shortly after launch it will just show up at my door.
Not sure if this qualifies as an answer as it is neither magic nor HTTP 2.0 (in fact its more web admin 101), but inspecting host headers will do that for you.
You seem confused. FISA stands for (Foreign Intelligence Surveillance Act) in case you weren't aware. Internal communications are covered by a seperate set of laws. You are saying laws on foreign intelligence gathering shouldn't apply to foreign intelligence gathering but instead for internal?
Anyway, I don't know that we'll ever agree on this but it's been a pleasure. You certainly do make logical points and well thought out agruments which can be all to rare;-) I'm already late for a beach party, so gotta run but it's been a good disagreement;-)
A delay IS a difference in the end result, quite clearly. Maybe it is not an important difference to you.
OK, the above really seems to be our disagreement. I grant that a delay may certainly cause hardship or extended discomfort (physical and/or emotional). However, I still don't see how interm "feelings" effect the end result. I think we could probably basically agree on that at least from a physical stand point. Now there may be lingering bad "feelings" about having to wait for a procedure which if included as part of the end result could be considered in fact a different end result. I was only speaking of the end physical result.
Listen on the consitutional grounds you've mentioned on other posts, I agree. However, I also disagree in part. Before I get to the part I disagree with, let me first state what I think "should" happen. First, I do NOT think there should be federally mandated social health care even though I think it is a good idea. I do however think there should be a federal social health care system and each state can choose to either opt-in or opt-out. I personally would like to live in a state that would choose to opt-in and I do belive it would result in vastly improved health care (including issues you raise about hardships in delays, etc) for the vast majority of the people. But that is just my feeling and I think it should be deicded at the state level. Certainly each state could do this itself, but having 50 different agencies doing the same thing is just wasteful, which is why I think it should be a federal agency (with opt-in, opt-out options at the state level).
Now to the slight disagreement in constitutional grounds. I've seen you in other posts talking about how Medicare and Medicaid, etc is unconstitutional based on the 10th amendment. To simply read the amendment, that seems a true statement. However, at least the way I took your writing it seems it was stated as a legal fact and that is where I guess I have my problem. The constitution itself as a whole does allow a system of interpretation and judgements and it clearly defines whos responsibility to make that legal judgement. Thus far the judical system has NOT rules such programs/laws unconstitutional and so according to the constituion itself they are therefore NOT unconstitutional (at least yet). It may be your opinion that they should be, but until they are successfully challanged and found to be they are not.
In general I think we probably actually agree on most of this accept perhaps if social medicine is good or not. However, this is where I probably differ a bit from your view. I consider myself a constitutionalist, but not perhaps a "strict" constitutionalist. I do belive in the "living document" theory. It should not be static and must evolve. For example, for roughly the first 100 years after the bill or rights was passed the courts took the strict reading of those 10 (or 9 depending how you look at it) amendments and routinly rules they didn't apply to state or local goverments. So while the federal goverment couldn't restrict your right to freedom or religion, press, to bear arms, etc any state or local government could. Strictly speaking the consitution is a federal document and restricts what the federal government can do so the courts using a strict reading decided this meant it didn't apply to other lower governments and thus allowed them to restrict these things. Now over time that reading became more liberal and it was decided that in fact it did apply to all government and this "evolution" is something I'm very happy about.
OK, I've actually rambled a bit here and I'm not sure where I was going with it;-)
So you won't accept actual evidence of my claim as evidence of my claim.
Of course I will. Your claim was "for many people, it has significantly worse results". A result is the end state or consequence of a series of actions. So unless you can show proof of a case where the end result was different because a delay in reaching the final result, then any delay in reaching the result is a non-issue to your original claim. If you wish to state a different claim, please feel free.
But if someone decided it wasn't an emergency, and I wasn't OK... that's a problem.
Of course it is. Bad medicine can be practiced in any system and it always has been and sadly always will be a problem. Look at these Google results of how much worse than this happens all too often in America's private health care system. Neither a private or social health care system will ever get rid of bad medicine or too long of wait periods. However, until I see evidence (and I have done a fair bit of research on this) that social health care leads to more cases of "bad medicine" I will continue to find the social impact of denying care based on social status to be an unacceptable situation.
Very good catch about "elective" vs. "non-emergency" procedures though. That is true and I should have worded my original post better.
Indeed, for many people, it has significantly worse results, especially those in the upper and upper middle class
Care to backup that statement with facts? OK, I'll make it easy how about you just supply a single verifiable case where this is true. Don't even bother with "significantly" or "many people". Just ONE single case where some one has "worse results" in Canada because it uses social health care. BTW, I will not accept having to wait 4 weeks insteads of one day to have a mole removed as proof of "worse results". The results are the same, just requires a little patients.
Listen, really the only thing bad that can be said about any number of all the other western countries using social health care is there can be longer wait times. However, here is how I see it. If the choice is between: "I can have the procedure today, but some other people will be denied the procedure to make it happen" or "I'll have to wait a few weeks for the procedure, but everyone can have it". Well maybe it makes me a commie bastard, but I'll take option two.
BTW, social health care DOESN'T have long waiting times for emergency procedures. Its the elective procedures which have wait times.
That same goverment already manages Medicare and Medicade which has an overhead of 1-3% (depending where you get your numbers). One thing that is perhaps a bit counter intuitive about social health care is that it actually removes massive amounts of bureaucracy. Insurance companies go over basically every single claim trying to find reasons not to approve it, while with social healthcare as long as a says it is required, but basically automatically aproved (no need to spend all the money trying to find reasons to deny it and pay lawyers to defend that action). There are some sporatic reviews to make sure doctors and over-billing etc but it is trival compared to the private health care system.
One large vendor doing so has caused enough disruption.
What disruption? The only "disruption" I suffered was all the time I spent reading a bunch of blogs going crazy about the Novell deal was the end of the world.... then I went back to work.
Well, I guess that basically leaves us with Matroska as its at least the only public domain video format I know of. Of course that may mean only.000001% of the public will actually have the required software to see it, but at least its public!;-)
I'm not a web developer, so maybe I just don't understand the realities but these two statements seem contradict each other:
Safari on Windows effectively serves as a development environment for non-OS X developers who want to deploy iPhone apps. And in the end, even 5% total marketshare for Safari is good because it pushes web standards just a little bit more.
If Safari is so standards compliant, why does would developers need Safari on Windows to develop for iPhone? Couldn't they just use another standards based browser like FireFox and Opera? Or do they all use seperate sets of "standards"?;-)
Its discounted sure, but there is also a lot of other revenue they make when Windows is preinstalled. Google (or some other search provider) pays to have thier search engine set as the default, AOL pays to have thier crapware installed. McAfee pays to have thier 60 free-trial installed. etc, etc, etc.
I don't know that any real numbers have ever been released, but many analysts I've read think the main PC sellers actually make money just by including Windows because of all the other stuff they install on the PC with it.
(now if'n you can get Vista to install w/o a GUI, well - that I've gotta see...)
Actually with the server version of Vista you will be able to, just hasn't make much sense with the current desktop version. Of course, its a bit funny that this is mentioned as being an innovation in the article, but thats for another day;-)
Slashdot Mirror
If they claim to have shipped 8.9M units
They don't claim that. The NDP numbers are sales not shipments.
So if my neighbor murders his wife and throws the gun in my pool. The cops can not use that gun as evidence because they did not have a warrant for it when I brought it to them?
As long as they have probable cause to think a murder has been committed fine, otherwise they should arrest you for stealing his gun.
So under your thinking my IT department at work should not be able to read my e-mail or this post before it lets the network traffic be sent to /.?
Your IT department can read it all they want, but the government (even if given the data by your IT department without being asked) would need a warrent to read it.
At least this is what decades of legal precedent have said. There have recently been moves to roll back that protection which is what many (including myself) are against.
However why is it assumed that when I use someone else's network that my conversation is secure?
That question is irrelevant. The question should be, "However why is it assumed that when I use someone else's network that my conversation isn't monitored by the government without a warrent?". And the answer to that question is: the Constitution.
These problems go away if the researchers either announce with proof ASAP, or if they announce once a patch is ready.
;-)
I don't think either of those suggestions are "bad", just that sadly they have historically had thier own issues which at least in many peoples opinions outway the gains of those methods.
"announce with proof ASAP" - sadly history shows that when this is done unscrupulous people will then take that knowledge and use it to create malware which can cause MAJOR damage. This is why there has been talk of even making this illegal (which I COMPLETELY disagree with). It is true that "with proof" a tiny percentage of the computer using population will be able to avoid the issue. However, the VAST majority still won't even hear of the issue (as they don't follow such news) let alone know what to do about it. The result is hackers are given the gift of complete knowledge of an exploit which many millions of computers and users will have no defense against.
"announce once a patch is ready" - again sadly it has been shown over and over again that many (if not most) products will not put the urgency into a security fix unless there is public pressure to do so. This has certainly improved greatly over the last decade, but I still don't think we are at a point where we can trust them on this without pressure.
There is a fairly popular variation on your second idea which is to notify the software developer but don't announce until you have given them reasonable time to patch it. This will give them the chance to do the "right thing" on thier own without the public pressure but researchers can still release the information later if they feel the patch is too long in coming.
I actually do prefer that option, but there is the arguement that a company will never feel quite the sense of urgency as they would when an overview of the issue hits the media. And it follows that then the patch will take longer and someone less than altruistic could also find the same issue in the mean time and release an exploit.
I don't have a real strong preference between the options of notify the software developers first and wait a reasonable amount of time, or notify and release high level overview at the same time. I'd actually probably have a slight preference for the former, but it does seem the later is the more popular. Probably for the reasons you give, that they want to be sure they are given the credit (and attention) of the find
Patience grasshopper, details will be released soon enough. Their method of reporting seems to be becoming kind of an accepted best practice for "responsible reporting" of bugs. I fully support ones right to just release day 0 exploit sample code if they so choose, though I don't think it's the best idea. It seems notifying the makers of effected software at roughly same time as releasing very high level information about the exploit is becoming the best way to both avoid in the wild attacks as well as ensure the issue is addressed.
In this case, additional researchers have even verified the issue after the initial report. If you still don't believe there is an issue (fair enough it's good to be skeptical), you can always do a tad of research into these researches history to help decide if you think they are trustworthy or not. If still that isn't enough, well then I guess you'll have to just find these issues yourself and you can publish anything you want about them. Until then the researchers who find an issue should have the right to handle it any way they choose. They don't answer to you.
It's like yelling "fire" in a crowded room.
Seems more like they are more warning that there is a pile of debris in the room which could be a fire hazard. You suggestion would be more like noticing that fire hazard and deciding to dump gas on it and then toss on a match.
Unfortunately the Novell/MS IP sharing deal doesn't extend past Novell and it's direct customers.
Correct me if I'm wrong (as I'm sure others here have looked into this deal much more than I have), but doesn't that clause only relate to the "we won't sue you for any patents of ours which may be in Linux" piece. There is a much broader IP sharing, interoperability, and cooperation on projects which I don't believe has anything to do with that "Novell and thier clients" business.
I mean, when you hit compile, it generates and spews out a command line to a little text window. Which is fine, but it doesn't bother to actually parse that data and present it in a meaningful way. You end up scrolling through dozens of warnings (if you're not compiling with the equivilent of -ferror) to find relevant errors.
;-)
Of course if you choose to view the raw output via the "Output" view, then yes you will get that. Of course, I always find it much easier to choose the "Error List" view where you can just toggle to choose if you want to see errors and/or warnings and/or information messages. Then just click on each any item in that list to take me to the corresponding issue in code.
I think the above shows your level of "I've tried using visual studio tools", so I don't see the need to go further (in fact I didn't read any further)
Most of the mono team works for Novell so are getting paid. I also assume cooperation between MS and Mono is part of the larger Novell/MS IP sharing agreements, but that is just an assumption.
Does this mean 2008 will be the year of the Linux desktop? ;-)
Because at least for me, its not an issue of them selling out. Its an issue of convience. I know for a fact that I want the game. I also know I'd rather not have to drive across town to the store to get it. Thus buying online makes sense. So my options are either pre-order it now, or I guess I could set a reminder on my computer to remind me to go to a website on launch day to order it but why bother with that? I'd prefer to just buy it online now and be done with it, then one day shortly after launch it will just show up at my door.
Not sure if this qualifies as an answer as it is neither magic nor HTTP 2.0 (in fact its more web admin 101), but inspecting host headers will do that for you.
You seem confused. FISA stands for (Foreign Intelligence Surveillance Act) in case you weren't aware. Internal communications are covered by a seperate set of laws. You are saying laws on foreign intelligence gathering shouldn't apply to foreign intelligence gathering but instead for internal?
Anyway, I don't know that we'll ever agree on this but it's been a pleasure. You certainly do make logical points and well thought out agruments which can be all to rare ;-) I'm already late for a beach party, so gotta run but it's been a good disagreement ;-)
A delay IS a difference in the end result, quite clearly. Maybe it is not an important difference to you.
;-)
OK, the above really seems to be our disagreement. I grant that a delay may certainly cause hardship or extended discomfort (physical and/or emotional). However, I still don't see how interm "feelings" effect the end result. I think we could probably basically agree on that at least from a physical stand point. Now there may be lingering bad "feelings" about having to wait for a procedure which if included as part of the end result could be considered in fact a different end result. I was only speaking of the end physical result.
Listen on the consitutional grounds you've mentioned on other posts, I agree. However, I also disagree in part. Before I get to the part I disagree with, let me first state what I think "should" happen. First, I do NOT think there should be federally mandated social health care even though I think it is a good idea. I do however think there should be a federal social health care system and each state can choose to either opt-in or opt-out. I personally would like to live in a state that would choose to opt-in and I do belive it would result in vastly improved health care (including issues you raise about hardships in delays, etc) for the vast majority of the people. But that is just my feeling and I think it should be deicded at the state level. Certainly each state could do this itself, but having 50 different agencies doing the same thing is just wasteful, which is why I think it should be a federal agency (with opt-in, opt-out options at the state level).
Now to the slight disagreement in constitutional grounds. I've seen you in other posts talking about how Medicare and Medicaid, etc is unconstitutional based on the 10th amendment. To simply read the amendment, that seems a true statement. However, at least the way I took your writing it seems it was stated as a legal fact and that is where I guess I have my problem. The constitution itself as a whole does allow a system of interpretation and judgements and it clearly defines whos responsibility to make that legal judgement. Thus far the judical system has NOT rules such programs/laws unconstitutional and so according to the constituion itself they are therefore NOT unconstitutional (at least yet). It may be your opinion that they should be, but until they are successfully challanged and found to be they are not.
In general I think we probably actually agree on most of this accept perhaps if social medicine is good or not. However, this is where I probably differ a bit from your view. I consider myself a constitutionalist, but not perhaps a "strict" constitutionalist. I do belive in the "living document" theory. It should not be static and must evolve. For example, for roughly the first 100 years after the bill or rights was passed the courts took the strict reading of those 10 (or 9 depending how you look at it) amendments and routinly rules they didn't apply to state or local goverments. So while the federal goverment couldn't restrict your right to freedom or religion, press, to bear arms, etc any state or local government could. Strictly speaking the consitution is a federal document and restricts what the federal government can do so the courts using a strict reading decided this meant it didn't apply to other lower governments and thus allowed them to restrict these things. Now over time that reading became more liberal and it was decided that in fact it did apply to all government and this "evolution" is something I'm very happy about.
OK, I've actually rambled a bit here and I'm not sure where I was going with it
So you won't accept actual evidence of my claim as evidence of my claim.
... that's a problem.
Of course I will. Your claim was "for many people, it has significantly worse results". A result is the end state or consequence of a series of actions. So unless you can show proof of a case where the end result was different because a delay in reaching the final result, then any delay in reaching the result is a non-issue to your original claim. If you wish to state a different claim, please feel free.
But if someone decided it wasn't an emergency, and I wasn't OK
Of course it is. Bad medicine can be practiced in any system and it always has been and sadly always will be a problem. Look at these Google results of how much worse than this happens all too often in America's private health care system. Neither a private or social health care system will ever get rid of bad medicine or too long of wait periods. However, until I see evidence (and I have done a fair bit of research on this) that social health care leads to more cases of "bad medicine" I will continue to find the social impact of denying care based on social status to be an unacceptable situation.
Very good catch about "elective" vs. "non-emergency" procedures though. That is true and I should have worded my original post better.
Indeed, for many people, it has significantly worse results, especially those in the upper and upper middle class
Care to backup that statement with facts? OK, I'll make it easy how about you just supply a single verifiable case where this is true. Don't even bother with "significantly" or "many people". Just ONE single case where some one has "worse results" in Canada because it uses social health care. BTW, I will not accept having to wait 4 weeks insteads of one day to have a mole removed as proof of "worse results". The results are the same, just requires a little patients.
Listen, really the only thing bad that can be said about any number of all the other western countries using social health care is there can be longer wait times. However, here is how I see it. If the choice is between: "I can have the procedure today, but some other people will be denied the procedure to make it happen" or "I'll have to wait a few weeks for the procedure, but everyone can have it". Well maybe it makes me a commie bastard, but I'll take option two.
BTW, social health care DOESN'T have long waiting times for emergency procedures. Its the elective procedures which have wait times.
That same goverment already manages Medicare and Medicade which has an overhead of 1-3% (depending where you get your numbers). One thing that is perhaps a bit counter intuitive about social health care is that it actually removes massive amounts of bureaucracy. Insurance companies go over basically every single claim trying to find reasons not to approve it, while with social healthcare as long as a says it is required, but basically automatically aproved (no need to spend all the money trying to find reasons to deny it and pay lawyers to defend that action). There are some sporatic reviews to make sure doctors and over-billing etc but it is trival compared to the private health care system.
Thats exactly what I was thinking ;-)
One large vendor doing so has caused enough disruption.
What disruption? The only "disruption" I suffered was all the time I spent reading a bunch of blogs going crazy about the Novell deal was the end of the world.... then I went back to work.
Well, I guess that basically leaves us with Matroska as its at least the only public domain video format I know of. Of course that may mean only .000001% of the public will actually have the required software to see it, but at least its public! ;-)
Any other tips on how I can change my ways?
;-)
Yes, encourage your students to preview their comments before posting as to avoid lots of "hte" and "adn"s.
I'm not a web developer, so maybe I just don't understand the realities but these two statements seem contradict each other:
;-)
Safari on Windows effectively serves as a development environment for non-OS X developers who want to deploy iPhone apps. And in the end, even 5% total marketshare for Safari is good because it pushes web standards just a little bit more.
If Safari is so standards compliant, why does would developers need Safari on Windows to develop for iPhone? Couldn't they just use another standards based browser like FireFox and Opera? Or do they all use seperate sets of "standards"?
Its discounted sure, but there is also a lot of other revenue they make when Windows is preinstalled. Google (or some other search provider) pays to have thier search engine set as the default, AOL pays to have thier crapware installed. McAfee pays to have thier 60 free-trial installed. etc, etc, etc.
I don't know that any real numbers have ever been released, but many analysts I've read think the main PC sellers actually make money just by including Windows because of all the other stuff they install on the PC with it.
(now if'n you can get Vista to install w/o a GUI, well - that I've gotta see...)
;-)
Actually with the server version of Vista you will be able to, just hasn't make much sense with the current desktop version. Of course, its a bit funny that this is mentioned as being an innovation in the article, but thats for another day
Believe it or not the goal of these missions is to gather scientific data, not provide you with a pretty screen saver ;-)