From Wikipedia: "Relief from judgment of a United States District Court is governed by Rule 60 of the Federal Rules of Civil Procedure.[1] The United States Court of Appeals for the Seventh Circuit noted that a vacated judgment "place[s] the parties in the position of no trial having taken place at all; thus a vacated judgment is of no further force or effect."[2] Thus, vacated judgments have no precedential effect.[3]"
That seems to say that he is now in a legal position as if the trial had never taken place. So can he be taken to court in the proper place now?
..except for where it gives the 13.8 figure right away in the second sentence of the article, and references it as a number estimated by the United Nations.
That's why you read things on wikipedia _carefully_. The number refers to the 1990's. And even though the number of executions was significantly higher back then, a little bit of maths with the data in the rest of the article shows this is still way off.
Singapore has 13.8 executions per 100,000 [wikipedia.org], which is more than the 12.5 murders per 100,000 in Africa (though I don't know the execution rate in Africa).
You are posting a link to wikipedia, which actually contradicts what you are saying. In the last 8 years, there have been 52 executions, or 6.5 on average per year. The population is about 5.3 million, which makes it about 0.12 executions per 100,000 per year, less than one percent of what you are saying. So were you just reckless with the truth, bad at maths, or trying to badmouth the country?
You could also move to Lichtenstein for example, there were 0 murders there, I don't know why Singapore is mentioned, perhaps the submitter is from there.
With Liechtenstein's small population, you'd expect that statistically they'd have a zero murder years in most years, but an excessively high rate of one in 20,000 for some years.
First, make sure that code that must be secure is transparent. That means little (or no) optimizations, standard calls to OS functions, and clearly structured. It's clear that the OpenSSL developers made their code more opaque than was prudent and the many eyes of open source land could not see through the murk. Yes, clearer code would mean that it ran more slowly and some folks would need to run a few more servers, but the security problem might have been uncovered sooner (or not have happened) if someone hadn't thought that performance was a reason to make the code more complex.
I think the developers thought their code runs slower if all variable names are single characters. Which isn't actually true. I had the joy to look through bits of openssl to figure out how some stuff worked, and it is just generally unreadable. Just writing down in the interface files what each function does would have helped as well.
Theo can complain as much as he likes about attack mitigation not working, but the fact is that this was a stupid bug which quite likely wouldn't have happened if struct members had had meaningful names that would have made it obvious that openssl sends more bytes back than it received.
I don't think that better code costs performance at all. Better code is so much easier to maintain, you have some spare time to make things quicker.
I understand Theo's point, to a certain degree I kinda understand it, but I'm more inclined to feel the problem is with OpenSSL's developers clearly not understanding the security concerns about malloc(). That is, if they were aware that OpenBSD's malloc() contained code to ensure against data leakage, it would seem to me to be highly probable they would have implemented the same deal in OpenSSL given, you know, their entire point is security. The fact they didn't makes me think they didn't know OpenBSD's malloc() had these measures in the first place.
Here is what happens, as far as I understand: a client sends two bytes of data to the server and asks the server to send the identical two bytes back to the client, to check that the server is still alive. That's how it works normally. A client could send 65,000 bytes and ask for the 65,000 bytes to be sent back, except that would be inefficient.
Instead, an attacker sends two bytes of data to the server and asks for the same 65,000 bytes back. The server stores the two bytes with a bit of overhead into a malloc block, creates a huge malloc block for the results, and memcpy's 65,000 bytes from the small malloc block to the huge one. 64,998 bytes that are copied are just whatever was in memory after that malloc block.
All the usual measures against buffer overwrites don't help, because there is no buffer overwrite. Nothing is destroyed on the server, instead it is tricked into giving information it didn't want to give. What could malloc do about that? A "free" and "realloc" implementation that sets memory to zero wouldn't hurt. Of course that doesn't help if the memory after the small malloc block is actually currently used. You'd need a malloc that will crash if you read past the end of a malloc buffer. That's hard to do efficiently.
"The sun rises and the sun sets, and hurries back to where it rises." - Ecclesiastes 1:5
That is a lot stronger than geocentric. It claims that the sun circles around the earth _once a day_. Even with a geocentric model, that's insane. It would be much more likely that the earth rotates about once a day, and the sun rotates around it once a hear. You could just for fun calculate the centrifugal force.
In the state of Maine we have an implied warranty law that states that if an item fails to function as advertised due to a manufacturers defect within 4 years the consumer can initiate legal action against the manufacturer.
You'd have to show then that any bugs actually stop the item from functioning as advertised. And there is a difference between "can initiate legal action" and "can win a case".
And can I just say that I'd like to see some actual text of that law? Since most of the time seller and manufacturer are not the same, and the seller does the advertising, I can't imagine you could hold the manufacturer responsible for claims that the seller made. If PCWorld claims that Windows improves your success with woman and you still don't get laid, could you sue Microsoft about that?
Actually, consumer protection laws would say different. After all these are not upgrades we are talking about. These are repairs to existing defects.
You are simplifying too much. In UK consumer law for example, a product isn't required to be free of defects - it must be of sufficient quality to be sold. If there is a bug that nobody has noticed for ten years, you can't really argue that this makes the product "not good enough to be sold".
Oh c'mon, you know how it would work in this time and age. If some blunder in MS software caused a nuclear meltdown, MS would be declared too big to fail and you can shove your damage claims where the sun doesn't shine.
If you use MS software (or anyone else's software) in a situation where it could cause a nuclear meltdown, you are using it against Microsoft's explicit terms and conditions, so they wouldn't be at fault at all.
that Apple took notice of some accusations that the NSA managed to modiy some open source codebases, reviewed all code that was checked in at about the suspicious time frame, and found the "goto fail" bug that way. No idea whether this is true, but I'd be curious who checked in this bug.
Now back to the question: Is there a Proof, that each solution to a NP-complete problem can be used to solve the factoring problem?
Of course. Any NP-complete problem can be used to solve any problem in NP by definition. To prove that a problem is NP-complete you prove that it can be used to solve SAT, or another problem in NP that can solve SAT, or another problem in NP that can solve a problem in NP that can solve SAT and so on. And SAT can solve the factoring problem.
Most laptops don't come with the ability to put in two drives so you can't have an SSD and platter. You'd have to have an external USB drive which most users would not want to lug around.
Thank heavens for the classic MacBook Pro. Well, you have to get rid of the optical drive, but an external one is £20 or so. SSD drive one side, 1 TB hard drive on the other side, do-it-yourself-fusion drive to bind it all together invisibly to the user.
The targeted ads are far better then random ones that mean little to the users.
Actually, no. Because most targeted ads are just stupid. Personally, I couldn't get rid of targeted ads for products similar to something I bought and gave to someone else as a Christmas present, ads for restaurants in a town 10,000 miles away from my home where I worked for two weeks years ago, ads for products that I investigated and bought and I don't need another one, and recently ads by some scumbags that cheat contractors out of money.
On top of that, since my eBay and Amazon accounts are used by myself and my wife with very different interests, I get quite a schizophrenic set of ads and product suggestions from them - which could be considered a severe privacy violation as well, since we both shouldn't know what the other one is browsing for, unless we tell each other.
People are well aware that hypermiling improves fuel economy. What they care a LOT more about is actually getting where they are going in a timely manner. Driving behind someone who is hypermiling is enough to drive even Mother Teresa to want to bust a cap in the asshat in front of them.
Look, the guy you were replying to was "hypermiling" and managed to get 30 miles per gallon! My battleship sized Mercedes did better than that without me even trying. My current car does about 70mpg UK / close to 60mpg US by driving carefully but without being in anyone's way.
What about contributors from countries where waiving moral rights is prohibited by law?
For example, in Germany it isn't illegal, but it's void. I can waive these rights as much as I like, sell them to you, whatever, it makes no difference. The right to say "I wrote this" just cannot be transferred to anyone else.
So, if I get this correctly, Dropbox will prevent you from sharing a file that was blocked due to somebody else uploading it and getting busted?
What does somebody else's data have to do with your data?
And what if there is a hash collision?
If there was a DMCA request, it means that Dropbox was told by a copyright holder that uploading this file is infringing someone's copyright. Therefore Dropbox knows that you are infringing the same copyright (except if you are the copyright holder, in which case - well, tough). Since they _know_ it is copyright infringement, it would be quite possible to argue that not blocking it would be Dropbox colluding in copyright infringement. And I mean you are not claiming that you have any right whatsoever to upload infringing content?
Hash collisions: They don't happen. If they happened, people would be complaining about losing data. But they don't happen.
The only people with a valid complaint would be copyright owners who ever sent a DMCA notice and then find out that they are unable to legally upload contents that would be illegal for others to upload. Maybe Dropbox should update their T&Cs if they haven't.
It also depends on the timing of the redesign. Did they redesign the part before his daughter was killed and fail to issue a recall notice, or was it done as a result of investigation into her accident?
Boss to engineer: "We have no actual evidence what caused the accident, and whether we are at fault. But we made a list of parts might possibly have been at fault, so have a look at the first item on the list and make a redesign that is as safe as possible, even though you can't see any problem with the original design". Engineer does it and produces a different part. Lawyer takes it as evidence of fault and sues.
With the angle-topped keys and the particular choice of layout, I think that I actually agree with Blackberry on this one, though I'd think this would fall into trademark territory more than patent technology. Maybe the curved ridges on the keys somehow have a patent I guess...
Neither patent nor trademark, but "design patent". US law unfortunately decided to call legally protected designs "design patents", which then every time someone sues over a design patent provokes an outcry of idiots on slashdot and elsewhere that don't understand the difference between a "utility patent" and a "design patent".
The question then becomes "Why have these problems been solved for years - a decade or more - in commercial/proprietary operating systems from corporate giants like Microsoft and Apple, who should - in theory - have even less interest in investing rime and money in providing services for the disabled?
Microsoft and Apple probably have some legal requirements. And in addition, disabled people are customers as well. It's not just disabled people that are affected. Imagine you have five employees who need to use the same software, and one of them is disabled. You then will buy the software that works for disabled people for all five. So you have four sales to people who are not disabled _because_ you support disabled customers.
So in this case it is apple and multiple publishers colluding?
Well, that is the question. The judge (the same one as in this case) declared that they were before the court case even started. Publishers who were willing to declare in the court that Apple wasn't part of any collusion were not allowed to testify in court. There is no actual evidence of collusion other than the judge's strong belief.
And it would be perfectly legal for Apple to offer the same contract to all publishers and all publishers accepting it, unless they all discuss that between themselves and agree. The publishers were basically threatened with bankruptcy unless they settled in court. Apple is just threatened with a fine that is ridiculous compared to the size of their eBook business and is fighting on since it doesn't threaten the company; the publishers just couldn't afford to do that.
This is similar to you getting an RIAA extortion letter and caving in because you can't afford to fight it, and your neighbour who happens to be rich getting the same letter and fighting it. Here the judge is doing the extorting, the publishers gave in and Apple didn't.
Lets see what happens on appeal then... of course if Apple loses it you'll just declare the next judge prejudiced as well.
Which just makes sense, because it is the same judge again. And this time, the judge would have to either judge against Apple or against her own previous judgement, so she effectively has to be prejudiced.
Slashdot Mirror
From Wikipedia: "Relief from judgment of a United States District Court is governed by Rule 60 of the Federal Rules of Civil Procedure.[1] The United States Court of Appeals for the Seventh Circuit noted that a vacated judgment "place[s] the parties in the position of no trial having taken place at all; thus a vacated judgment is of no further force or effect."[2] Thus, vacated judgments have no precedential effect.[3]"
That seems to say that he is now in a legal position as if the trial had never taken place. So can he be taken to court in the proper place now?
..except for where it gives the 13.8 figure right away in the second sentence of the article, and references it as a number estimated by the United Nations.
That's why you read things on wikipedia _carefully_. The number refers to the 1990's. And even though the number of executions was significantly higher back then, a little bit of maths with the data in the rest of the article shows this is still way off.
Singapore has 13.8 executions per 100,000 [wikipedia.org], which is more than the 12.5 murders per 100,000 in Africa (though I don't know the execution rate in Africa).
You are posting a link to wikipedia, which actually contradicts what you are saying. In the last 8 years, there have been 52 executions, or 6.5 on average per year. The population is about 5.3 million, which makes it about 0.12 executions per 100,000 per year, less than one percent of what you are saying. So were you just reckless with the truth, bad at maths, or trying to badmouth the country?
You could also move to Lichtenstein for example, there were 0 murders there, I don't know why Singapore is mentioned, perhaps the submitter is from there.
With Liechtenstein's small population, you'd expect that statistically they'd have a zero murder years in most years, but an excessively high rate of one in 20,000 for some years.
First, make sure that code that must be secure is transparent. That means little (or no) optimizations, standard calls to OS functions, and clearly structured. It's clear that the OpenSSL developers made their code more opaque than was prudent and the many eyes of open source land could not see through the murk. Yes, clearer code would mean that it ran more slowly and some folks would need to run a few more servers, but the security problem might have been uncovered sooner (or not have happened) if someone hadn't thought that performance was a reason to make the code more complex.
I think the developers thought their code runs slower if all variable names are single characters. Which isn't actually true. I had the joy to look through bits of openssl to figure out how some stuff worked, and it is just generally unreadable. Just writing down in the interface files what each function does would have helped as well.
Theo can complain as much as he likes about attack mitigation not working, but the fact is that this was a stupid bug which quite likely wouldn't have happened if struct members had had meaningful names that would have made it obvious that openssl sends more bytes back than it received.
I don't think that better code costs performance at all. Better code is so much easier to maintain, you have some spare time to make things quicker.
I understand Theo's point, to a certain degree I kinda understand it, but I'm more inclined to feel the problem is with OpenSSL's developers clearly not understanding the security concerns about malloc(). That is, if they were aware that OpenBSD's malloc() contained code to ensure against data leakage, it would seem to me to be highly probable they would have implemented the same deal in OpenSSL given, you know, their entire point is security. The fact they didn't makes me think they didn't know OpenBSD's malloc() had these measures in the first place.
Here is what happens, as far as I understand: a client sends two bytes of data to the server and asks the server to send the identical two bytes back to the client, to check that the server is still alive. That's how it works normally. A client could send 65,000 bytes and ask for the 65,000 bytes to be sent back, except that would be inefficient.
Instead, an attacker sends two bytes of data to the server and asks for the same 65,000 bytes back. The server stores the two bytes with a bit of overhead into a malloc block, creates a huge malloc block for the results, and memcpy's 65,000 bytes from the small malloc block to the huge one. 64,998 bytes that are copied are just whatever was in memory after that malloc block.
All the usual measures against buffer overwrites don't help, because there is no buffer overwrite. Nothing is destroyed on the server, instead it is tricked into giving information it didn't want to give. What could malloc do about that? A "free" and "realloc" implementation that sets memory to zero wouldn't hurt. Of course that doesn't help if the memory after the small malloc block is actually currently used. You'd need a malloc that will crash if you read past the end of a malloc buffer. That's hard to do efficiently.
"The sun rises and the sun sets, and hurries back to where it rises." - Ecclesiastes 1:5
That is a lot stronger than geocentric. It claims that the sun circles around the earth _once a day_. Even with a geocentric model, that's insane. It would be much more likely that the earth rotates about once a day, and the sun rotates around it once a hear. You could just for fun calculate the centrifugal force.
I suspect both Stallman and Torvalds would strongly object to being mixed together like that :-)
In the state of Maine we have an implied warranty law that states that if an item fails to function as advertised due to a manufacturers defect within 4 years the consumer can initiate legal action against the manufacturer.
You'd have to show then that any bugs actually stop the item from functioning as advertised. And there is a difference between "can initiate legal action" and "can win a case".
And can I just say that I'd like to see some actual text of that law? Since most of the time seller and manufacturer are not the same, and the seller does the advertising, I can't imagine you could hold the manufacturer responsible for claims that the seller made. If PCWorld claims that Windows improves your success with woman and you still don't get laid, could you sue Microsoft about that?
There is no monopoly. There are alternative OSes you can install on the exact same hardware.
Doesn't actually matter, because Microsoft isn't trying to sell Windows XP to anyone.
Actually, consumer protection laws would say different. After all these are not upgrades we are talking about. These are repairs to existing defects.
You are simplifying too much. In UK consumer law for example, a product isn't required to be free of defects - it must be of sufficient quality to be sold. If there is a bug that nobody has noticed for ten years, you can't really argue that this makes the product "not good enough to be sold".
Oh c'mon, you know how it would work in this time and age. If some blunder in MS software caused a nuclear meltdown, MS would be declared too big to fail and you can shove your damage claims where the sun doesn't shine.
If you use MS software (or anyone else's software) in a situation where it could cause a nuclear meltdown, you are using it against Microsoft's explicit terms and conditions, so they wouldn't be at fault at all.
that Apple took notice of some accusations that the NSA managed to modiy some open source codebases, reviewed all code that was checked in at about the suspicious time frame, and found the "goto fail" bug that way. No idea whether this is true, but I'd be curious who checked in this bug.
Now back to the question: Is there a Proof, that each solution to a NP-complete problem can be used to solve the factoring problem?
Of course. Any NP-complete problem can be used to solve any problem in NP by definition. To prove that a problem is NP-complete you prove that it can be used to solve SAT, or another problem in NP that can solve SAT, or another problem in NP that can solve a problem in NP that can solve SAT and so on. And SAT can solve the factoring problem.
it was out of warranty so i bought a hybrid drive at best buy. 1TB with 32MB of flash and it made a huge difference in speed.
I've known of drives with 32 MB RAM cache, which helps nicely in some situations. But 32 MB of flash?
Most laptops don't come with the ability to put in two drives so you can't have an SSD and platter. You'd have to have an external USB drive which most users would not want to lug around.
Thank heavens for the classic MacBook Pro. Well, you have to get rid of the optical drive, but an external one is £20 or so. SSD drive one side, 1 TB hard drive on the other side, do-it-yourself-fusion drive to bind it all together invisibly to the user.
The targeted ads are far better then random ones that mean little to the users.
Actually, no. Because most targeted ads are just stupid. Personally, I couldn't get rid of targeted ads for products similar to something I bought and gave to someone else as a Christmas present, ads for restaurants in a town 10,000 miles away from my home where I worked for two weeks years ago, ads for products that I investigated and bought and I don't need another one, and recently ads by some scumbags that cheat contractors out of money.
On top of that, since my eBay and Amazon accounts are used by myself and my wife with very different interests, I get quite a schizophrenic set of ads and product suggestions from them - which could be considered a severe privacy violation as well, since we both shouldn't know what the other one is browsing for, unless we tell each other.
People are well aware that hypermiling improves fuel economy. What they care a LOT more about is actually getting where they are going in a timely manner. Driving behind someone who is hypermiling is enough to drive even Mother Teresa to want to bust a cap in the asshat in front of them.
Look, the guy you were replying to was "hypermiling" and managed to get 30 miles per gallon! My battleship sized Mercedes did better than that without me even trying. My current car does about 70mpg UK / close to 60mpg US by driving carefully but without being in anyone's way.
What about contributors from countries where waiving moral rights is prohibited by law?
For example, in Germany it isn't illegal, but it's void. I can waive these rights as much as I like, sell them to you, whatever, it makes no difference. The right to say "I wrote this" just cannot be transferred to anyone else.
So, if I get this correctly, Dropbox will prevent you from sharing a file that was blocked due to somebody else uploading it and getting busted?
What does somebody else's data have to do with your data?
And what if there is a hash collision?
If there was a DMCA request, it means that Dropbox was told by a copyright holder that uploading this file is infringing someone's copyright. Therefore Dropbox knows that you are infringing the same copyright (except if you are the copyright holder, in which case - well, tough). Since they _know_ it is copyright infringement, it would be quite possible to argue that not blocking it would be Dropbox colluding in copyright infringement. And I mean you are not claiming that you have any right whatsoever to upload infringing content?
Hash collisions: They don't happen. If they happened, people would be complaining about losing data. But they don't happen.
The only people with a valid complaint would be copyright owners who ever sent a DMCA notice and then find out that they are unable to legally upload contents that would be illegal for others to upload. Maybe Dropbox should update their T&Cs if they haven't.
It also depends on the timing of the redesign. Did they redesign the part before his daughter was killed and fail to issue a recall notice, or was it done as a result of investigation into her accident?
Boss to engineer: "We have no actual evidence what caused the accident, and whether we are at fault. But we made a list of parts might possibly have been at fault, so have a look at the first item on the list and make a redesign that is as safe as possible, even though you can't see any problem with the original design". Engineer does it and produces a different part. Lawyer takes it as evidence of fault and sues.
With the angle-topped keys and the particular choice of layout, I think that I actually agree with Blackberry on this one, though I'd think this would fall into trademark territory more than patent technology. Maybe the curved ridges on the keys somehow have a patent I guess...
Neither patent nor trademark, but "design patent". US law unfortunately decided to call legally protected designs "design patents", which then every time someone sues over a design patent provokes an outcry of idiots on slashdot and elsewhere that don't understand the difference between a "utility patent" and a "design patent".
The question then becomes "Why have these problems been solved for years - a decade or more - in commercial/proprietary operating systems from corporate giants like Microsoft and Apple, who should - in theory - have even less interest in investing rime and money in providing services for the disabled?
Microsoft and Apple probably have some legal requirements. And in addition, disabled people are customers as well. It's not just disabled people that are affected. Imagine you have five employees who need to use the same software, and one of them is disabled. You then will buy the software that works for disabled people for all five. So you have four sales to people who are not disabled _because_ you support disabled customers.
So in this case it is apple and multiple publishers colluding?
Well, that is the question. The judge (the same one as in this case) declared that they were before the court case even started. Publishers who were willing to declare in the court that Apple wasn't part of any collusion were not allowed to testify in court. There is no actual evidence of collusion other than the judge's strong belief.
And it would be perfectly legal for Apple to offer the same contract to all publishers and all publishers accepting it, unless they all discuss that between themselves and agree. The publishers were basically threatened with bankruptcy unless they settled in court. Apple is just threatened with a fine that is ridiculous compared to the size of their eBook business and is fighting on since it doesn't threaten the company; the publishers just couldn't afford to do that.
This is similar to you getting an RIAA extortion letter and caving in because you can't afford to fight it, and your neighbour who happens to be rich getting the same letter and fighting it. Here the judge is doing the extorting, the publishers gave in and Apple didn't.
Lets see what happens on appeal then ... of course if Apple loses it you'll just declare the next judge prejudiced as well.
Which just makes sense, because it is the same judge again. And this time, the judge would have to either judge against Apple or against her own previous judgement, so she effectively has to be prejudiced.