Compliance is easy. Never even look at GPL code. If it's not under BSD, don't touch it.
That is completely idiotic in this context. The problem wasn't that the company used GPL code and didn't comply with the license. The problem is that they bought code from another company, they believed that they had all the copyrights, and the company that sold the code cheated on them.
That can happen with proprietary code as well, as Microsoft found out when a company sold them lots of video code that they had originally written for Apple, and to which Apple had the copyrights.
Well, yes. Many of the people demanding 'better working conditions' in China seem to believe that, if they can increase manufacturing costs in China, manufacturing jobs will magically return to America. In reality, they'll go elsewhere in Asia, and most work that does return to America will be done by machines.
It's actually a quite perverted point of view that better working conditions would have to increase cost. For example, improving worker safety and having fewer accidents reduces costs. Having a clean workplace makes it easier to produce items that pass quality control than dirty workplaces. Sexism, racism, or just plain bullying in the workplace doesn't exactly make workers more productive. Excessive overtime increases cost because the work is done by exhausted workers who can't concentrate and therefore work slower and make more costly mistakes.
Even if there were some questionable rendering of the facts, Mr. Daisey seems to be spot on about Chinese factories.
With Mr. Daisey, there was no "questionable rendering of the facts". What he did was purely made up, based on his prejudices and what he thought would get him audiences, with complete disregard to any facts.
The problem with Mike Daisey is that way too fucking many people consider "This American Life" to be journalistic instead of anecdotal (which is what the piece from Daisey clearly falls into).
When it's made up, as Daisey's stuff clearly was, it isn't anecdotal.
Clever abuse of statistics. These people at Foxconn didn't commit suicide at work, they committed suicide where they lived - which was usually at a dormitory near work. Very few Americans will commit suicide at work. The favorite suicide tool, the gun, is something you cannot easily take to work. Cutting your wrists or taking sleeping tablets is not something you do at work, because there are plenty of people around to save and rescue you.
But if you like statistics, you could compare the rate at which US retail workers are murdered at their workplace, which is about the same as the suicide rate at Foxconn.
In a factory with many workers they can easily assign people to appropriate tasks, or provide a step. In the west this kind of discrimination is illegal, and it is also supposed to be in China.
Is it? It's certainly not nice, but what law is there that disallows size discrimination?
Accidents happen. For what happens when companies don't care, take Samsung as an example, where hundreds were injured through chemicals and the company refuses to pay up.
But according to you, Apple should have some magic touch that enables it to prevent any accidents in the workplace whatsoever.
::Apple is the only technical company to actually provide reports on factory conditions, and impose worker limits on factories assembling for them. Nice of them. Of course, those same condition would be illegal in the US. They are still terrible condiions in china, report or no report.
What conditions exactly would be illegal in the USA? There may some minimum wage, but that is based relative to the cost of living, which is a lot lower in China. For example, do you think it would be illegal to offer cheap housing in dorms, which makes it possible for workers to safe more than half their wages?
If Apple was serious about getting these conditions improved, they would be proactive about, not reactive. They only do something about it when they get bad press about it and then they basically hire a 3rd party to say "Oh, everything is OK. It's just a handful of troublemakers jumping off the building to make Apple look bad"
From what I hear, they are quite proactive actually. They just didn't tell the world until accusation, including some completely made up accusations, kept flying at them.
Just like with Daisy or Greenpeace or the other people that have made allegations about factories in China, they all attach the Apple name to get attention even if Apple is not involved. Daisy was not a "nutjob", he was just less careful than others doing the same thing.
I remember "hundreds of workers threaten suicide at iPhone factory". Why? "They are afraid of losing their jobs because of reduced Xbox production".
That makes it a more reasonable but still short 10,746,000,000 to 115,690,000,000
The ten billion is _cash_. Like stashes of bank notes and money in a current account. There is for example another 92 billion in long term investments, 20 billion in receivables, and a few smaller items.
The x86 architecture, since the 8081, has double precision 64 bit floats, and a special 80 bit float--some compilers call this long double and use 128 bits to store this. How does this compare to other architectures?
The 80 bit format is not in any way "special", it is the standard extended precision format. Unfortunately, PowerPC didn't support it:-) Compilers tend to use 128 bits to store it, the hardware actually reads and writes 80 bits. In practice, long double isn't used very much.
The real difference is elsewhere: 1. A C or C++ compiler can decide which precision to use for intermediate results. 2. A C or C++ compiler can decide whether fused multiply-add is allowed. 3. Java doesn't allow extended precision but allows in some cases extended exponent range. 4. Fortran allows replacing arithmetic operations with mathematically equivalent operation.
If a numerical problem is so sensitive to the details of the arithmetic used that it produces different results with different compiler options or different hardware then that means that the problem is hard and neither solution can really be trusted.
The large costs will be when students get attacked for carrying around $1000 electronics.
Let me think. I can think of a very simple solution to avoid such attacks. Maybe you can as well, if you turn your brain on instead of posting drivel here.
The Ipad is DRM. The kids cannot study, share or modify the code or freely run the programs as they wish
And WTF makes you think the kids are supposed to learn programming with these computers? WTF makes you think they are supposed to run the programs _they_ wish and not the programs the school wants them to run?
Depending on their age, they are supposed to use these computers to learn reading, writing, arithmetic, or later on maths, physics, biology, chemistry, English and other languages, literature, music, history and so on. Not programming.
1. A company shouldn't have my password stored anywhere in a form that they can decrypt it.
2. A company shouldn't have the answers to my security questions stored anywhere in a form that they can decrypt it.
That makes it very easy then: "We would gladly comply with your request, but sorry, we can't".
The premise of the article is completely wrong. Apple isn't Google's rival at all. Apple sells devices to end users, Google sells end users to advertisers.
What will happen however is that Apple will do more and more to upset Google's business, just as Google has been working hard to upset Apple's and Microsoft's business. The first step is Apple's maps, which meant that Apple isn't paying anymore for licensing maps from Google, and Apple is destroying Google ad revenue (Apple maps comes without adverts). iWork in the cloud is another step. Apple switching to Bing is another one.
Yes, If you don't understand that *Google* spent $12.5Billion on acquiring patents to protect Android...Its mobile platform...to deliver advertising on. Not to become a Patent Rapist like Nokiasoft.
So why are they suing Microsoft over some shitty h.264 patents?
The issue is that the counterfeit chargers short and deliver the mains directly to the head. It doesn't matter what electronic device is involved. hell, doesn't matter if any electronic device is connected to the end of the other side of the USB cable when the circuit is completed.
In the case of the woman who died, it was reported that her iPhone was still fine. So it seems 220 Volt was delivered only to her, and not to the phone at all (I doubt an iPhone or any other phone would survive being hit by 220 Volt).
As long as you have the CA's key, you can sign your own private key to execute a MITM attack. You don't need to have the real private key to do this. In the middle, you decrypt and re-encrypt before sending packets along. The site visitor doesn't know if they're connecting to the "correct" private key. There's no way to know that. They just know they're connecting to a site that's using a public key that has also been used to sign a certificate.
So as a practical example, if the NSA had the private keys used by the CA that Amazon is using, they wouldn't be able to get Amazon's private keys, and they wouldn't be able to decode any traffic between you and Amazon that happened before. However, they could create a fake Amazon certificate that looks absolutely genuine to your browser, pretend to you to be Amazon, pretend to Amazon to be you, and listen in.
A partial solution would be if big sites like Google, Amazon, Facebook etc. published their certificate, your browser stored that certificate, and if your browser wouldn't accept real-looking certificates for these sites but only the exact same certificate (don't know how exactly that would be done technically, but it should be possible). Of course if they can pressure a CA into handing over their private keys, they can pressure these big sites as well.
Couldn't somebody like the EFF or ACLU create a certificate that people could trust?
Hypothetically, if the right people in the EFF were given a choice of handing over private keys or disappearing, what would they do? And after these people disappeared, what would their replacements do?
The problem is that the blind is leading the stupid. Or, in other words, the idiots voting her in ain't any smarter. Sadly, having a clue is neither a requirement for a political office nor one to vote in elections.
Well, we got rid of that Labour minister Jackie whatshername who had about the same attitude, and then it turned in the MP expenses scandal that the British taxpayers had actually paid for her husbands porn...
That says it all right there. Be careful about the sources of your software. If you're installing software from shady sources or vendors, you probably don't care that the signature matches one of a legitimate program or not.
This is not about apps, it is about updates. Any hacker can create perfectly signed malware - "signed by evil@hacker.com", so at that point you'd have to check where your app comes from. But updates are supposed to be signed by the some entity that signed the original app, so evil@hacker.com can update apps signed by evil@hacker.com, but not apps signed by anyone else. And that's what this vulnerability does: It allows hackers to update legitimate apps with malware by taking a legitimate, signed update and adding their malware to it.
And keeping them in a warehouse does what good for shareholders, exactly?
It gives Microsoft a chance to come back with a better product and crack a market where they could make billions over billions if successful. A firesale destroys that chance forever.
What an article, with no common sense forever. Of course Microsoft would sell lots of these tablets for $50-$75, or for $99. I would buy one immediately and use it to replace a picture frame or an alarm clock at that price. But it should be obvious to anyone that at this price, Microsoft will lose hundreds of dollars on each device, and they will forever destroy any chance of ever coming back.
The submitter went on about HP, and how they couldn't even deliver fast enough. Of course not. But they had contracts in place that forced them to pay for the parts, and to pay for the tablets being built and shipped, so they delivered the last tablets from the assembly line as the arrived, even though they were losing lots of money on each of those. But then the product was dead, with no chance of HP ever getting back into the market. If Microsoft went that way, then for a few hundred million dollars they would forever destroy their chance to ever crack the tablet market.
So someone that prints a book with Beethoven's 5th in it can copyright the book. And from that point on, can destroy anyone that plays it, every CD with Beethoven's 5th on it? None of that sounds right. Are you sure you haven't been licking the frogs again?
Of course not. That person might have the copyright on a book (most likely not, because writing the book is what gets you the copyright, not printing it); but the CD wouldn't be a copy of that book, or a work derived from the book.
And you would only have copyright to the difference between the original work that Beethoven created, and your book. The original work is out of copyright.
Slashdot Mirror
Compliance is easy. Never even look at GPL code. If it's not under BSD, don't touch it.
That is completely idiotic in this context. The problem wasn't that the company used GPL code and didn't comply with the license. The problem is that they bought code from another company, they believed that they had all the copyrights, and the company that sold the code cheated on them.
That can happen with proprietary code as well, as Microsoft found out when a company sold them lots of video code that they had originally written for Apple, and to which Apple had the copyrights.
Well, yes. Many of the people demanding 'better working conditions' in China seem to believe that, if they can increase manufacturing costs in China, manufacturing jobs will magically return to America. In reality, they'll go elsewhere in Asia, and most work that does return to America will be done by machines.
It's actually a quite perverted point of view that better working conditions would have to increase cost. For example, improving worker safety and having fewer accidents reduces costs. Having a clean workplace makes it easier to produce items that pass quality control than dirty workplaces. Sexism, racism, or just plain bullying in the workplace doesn't exactly make workers more productive. Excessive overtime increases cost because the work is done by exhausted workers who can't concentrate and therefore work slower and make more costly mistakes.
Even if there were some questionable rendering of the facts, Mr. Daisey seems to be spot on about Chinese factories.
With Mr. Daisey, there was no "questionable rendering of the facts". What he did was purely made up, based on his prejudices and what he thought would get him audiences, with complete disregard to any facts.
The problem with Mike Daisey is that way too fucking many people consider "This American Life" to be journalistic instead of anecdotal (which is what the piece from Daisey clearly falls into).
When it's made up, as Daisey's stuff clearly was, it isn't anecdotal.
Clever abuse of statistics. These people at Foxconn didn't commit suicide at work, they committed suicide where they lived - which was usually at a dormitory near work. Very few Americans will commit suicide at work. The favorite suicide tool, the gun, is something you cannot easily take to work. Cutting your wrists or taking sleeping tablets is not something you do at work, because there are plenty of people around to save and rescue you.
But if you like statistics, you could compare the rate at which US retail workers are murdered at their workplace, which is about the same as the suicide rate at Foxconn.
In a factory with many workers they can easily assign people to appropriate tasks, or provide a step. In the west this kind of discrimination is illegal, and it is also supposed to be in China.
Is it? It's certainly not nice, but what law is there that disallows size discrimination?
Accidents happen. For what happens when companies don't care, take Samsung as an example, where hundreds were injured through chemicals and the company refuses to pay up.
But according to you, Apple should have some magic touch that enables it to prevent any accidents in the workplace whatsoever.
::Apple is the only technical company to actually provide reports on factory conditions, and impose worker limits on factories assembling for them. Nice of them. Of course, those same condition would be illegal in the US. They are still terrible condiions in china, report or no report.
What conditions exactly would be illegal in the USA? There may some minimum wage, but that is based relative to the cost of living, which is a lot lower in China. For example, do you think it would be illegal to offer cheap housing in dorms, which makes it possible for workers to safe more than half their wages?
If Apple was serious about getting these conditions improved, they would be proactive about, not reactive. They only do something about it when they get bad press about it and then they basically hire a 3rd party to say "Oh, everything is OK. It's just a handful of troublemakers jumping off the building to make Apple look bad"
From what I hear, they are quite proactive actually. They just didn't tell the world until accusation, including some completely made up accusations, kept flying at them.
Just like with Daisy or Greenpeace or the other people that have made allegations about factories in China, they all attach the Apple name to get attention even if Apple is not involved. Daisy was not a "nutjob", he was just less careful than others doing the same thing.
I remember "hundreds of workers threaten suicide at iPhone factory". Why? "They are afraid of losing their jobs because of reduced Xbox production".
That makes it a more reasonable but still short 10,746,000,000 to 115,690,000,000
The ten billion is _cash_. Like stashes of bank notes and money in a current account. There is for example another 92 billion in long term investments, 20 billion in receivables, and a few smaller items.
The x86 architecture, since the 8081, has double precision 64 bit floats, and a special 80 bit float--some compilers call this long double and use 128 bits to store this. How does this compare to other architectures?
The 80 bit format is not in any way "special", it is the standard extended precision format. Unfortunately, PowerPC didn't support it :-) Compilers tend to use 128 bits to store it, the hardware actually reads and writes 80 bits. In practice, long double isn't used very much.
The real difference is elsewhere: 1. A C or C++ compiler can decide which precision to use for intermediate results. 2. A C or C++ compiler can decide whether fused multiply-add is allowed. 3. Java doesn't allow extended precision but allows in some cases extended exponent range. 4. Fortran allows replacing arithmetic operations with mathematically equivalent operation.
If a numerical problem is so sensitive to the details of the arithmetic used that it produces different results with different compiler options or different hardware then that means that the problem is hard and neither solution can really be trusted.
The large costs will be when students get attacked for carrying around $1000 electronics.
Let me think. I can think of a very simple solution to avoid such attacks. Maybe you can as well, if you turn your brain on instead of posting drivel here.
The Ipad is DRM. The kids cannot study, share or modify the code or freely run the programs as they wish
And WTF makes you think the kids are supposed to learn programming with these computers? WTF makes you think they are supposed to run the programs _they_ wish and not the programs the school wants them to run?
Depending on their age, they are supposed to use these computers to learn reading, writing, arithmetic, or later on maths, physics, biology, chemistry, English and other languages, literature, music, history and so on. Not programming.
1. A company shouldn't have my password stored anywhere in a form that they can decrypt it.
2. A company shouldn't have the answers to my security questions stored anywhere in a form that they can decrypt it.
That makes it very easy then: "We would gladly comply with your request, but sorry, we can't".
The premise of the article is completely wrong. Apple isn't Google's rival at all. Apple sells devices to end users, Google sells end users to advertisers.
What will happen however is that Apple will do more and more to upset Google's business, just as Google has been working hard to upset Apple's and Microsoft's business. The first step is Apple's maps, which meant that Apple isn't paying anymore for licensing maps from Google, and Apple is destroying Google ad revenue (Apple maps comes without adverts). iWork in the cloud is another step. Apple switching to Bing is another one.
Yes, If you don't understand that *Google* spent $12.5Billion on acquiring patents to protect Android...Its mobile platform...to deliver advertising on. Not to become a Patent Rapist like Nokiasoft.
So why are they suing Microsoft over some shitty h.264 patents?
The issue is that the counterfeit chargers short and deliver the mains directly to the head. It doesn't matter what electronic device is involved. hell, doesn't matter if any electronic device is connected to the end of the other side of the USB cable when the circuit is completed.
In the case of the woman who died, it was reported that her iPhone was still fine. So it seems 220 Volt was delivered only to her, and not to the phone at all (I doubt an iPhone or any other phone would survive being hit by 220 Volt).
As long as you have the CA's key, you can sign your own private key to execute a MITM attack. You don't need to have the real private key to do this. In the middle, you decrypt and re-encrypt before sending packets along. The site visitor doesn't know if they're connecting to the "correct" private key. There's no way to know that. They just know they're connecting to a site that's using a public key that has also been used to sign a certificate.
So as a practical example, if the NSA had the private keys used by the CA that Amazon is using, they wouldn't be able to get Amazon's private keys, and they wouldn't be able to decode any traffic between you and Amazon that happened before. However, they could create a fake Amazon certificate that looks absolutely genuine to your browser, pretend to you to be Amazon, pretend to Amazon to be you, and listen in.
A partial solution would be if big sites like Google, Amazon, Facebook etc. published their certificate, your browser stored that certificate, and if your browser wouldn't accept real-looking certificates for these sites but only the exact same certificate (don't know how exactly that would be done technically, but it should be possible). Of course if they can pressure a CA into handing over their private keys, they can pressure these big sites as well.
Couldn't somebody like the EFF or ACLU create a certificate that people could trust?
Hypothetically, if the right people in the EFF were given a choice of handing over private keys or disappearing, what would they do? And after these people disappeared, what would their replacements do?
The problem is that the blind is leading the stupid. Or, in other words, the idiots voting her in ain't any smarter. Sadly, having a clue is neither a requirement for a political office nor one to vote in elections.
Well, we got rid of that Labour minister Jackie whatshername who had about the same attitude, and then it turned in the MP expenses scandal that the British taxpayers had actually paid for her husbands porn...
So what choice do you have?
That says it all right there. Be careful about the sources of your software. If you're installing software from shady sources or vendors, you probably don't care that the signature matches one of a legitimate program or not.
This is not about apps, it is about updates. Any hacker can create perfectly signed malware - "signed by evil@hacker.com", so at that point you'd have to check where your app comes from. But updates are supposed to be signed by the some entity that signed the original app, so evil@hacker.com can update apps signed by evil@hacker.com, but not apps signed by anyone else. And that's what this vulnerability does: It allows hackers to update legitimate apps with malware by taking a legitimate, signed update and adding their malware to it.
And keeping them in a warehouse does what good for shareholders, exactly?
It gives Microsoft a chance to come back with a better product and crack a market where they could make billions over billions if successful. A firesale destroys that chance forever.
What an article, with no common sense forever. Of course Microsoft would sell lots of these tablets for $50-$75, or for $99. I would buy one immediately and use it to replace a picture frame or an alarm clock at that price. But it should be obvious to anyone that at this price, Microsoft will lose hundreds of dollars on each device, and they will forever destroy any chance of ever coming back.
The submitter went on about HP, and how they couldn't even deliver fast enough. Of course not. But they had contracts in place that forced them to pay for the parts, and to pay for the tablets being built and shipped, so they delivered the last tablets from the assembly line as the arrived, even though they were losing lots of money on each of those. But then the product was dead, with no chance of HP ever getting back into the market. If Microsoft went that way, then for a few hundred million dollars they would forever destroy their chance to ever crack the tablet market.
So someone that prints a book with Beethoven's 5th in it can copyright the book. And from that point on, can destroy anyone that plays it, every CD with Beethoven's 5th on it? None of that sounds right. Are you sure you haven't been licking the frogs again?
Of course not. That person might have the copyright on a book (most likely not, because writing the book is what gets you the copyright, not printing it); but the CD wouldn't be a copy of that book, or a work derived from the book.
And you would only have copyright to the difference between the original work that Beethoven created, and your book. The original work is out of copyright.