At 224 units at a *very* low rate of 500 a month that is 1.4 million a year. Not a bad ROI.
For a 200 million dollar developement that's a terrible ROI. 0.7% and that is before expenses. A more reasonable 5% per annum yeild (before expenses) woudl require charging $3720 per month.
Is a $3720 per month rental considered "affordable" in that area?
You can't undo prison time already served but assuming the screwup comes to light before the person dies you can at least release them to live out the rest of the life as a free person. You could also compensate them financially though I don't know if any country actually does that.
Afaict the main reason the USA still has the death penalty is to bully people into plea bargins for life imprisonment (and no I don't think this is a good thing, I think the whole plea bargin system is abhorrent).
The summary is that they are introducing a new http header, this can be used to tell the browser to automatically use https instead of http to request resources used by the page. Thus avoiding "mixed content" warnings without requiring the website operator to go through the whole page (and potentially things like stylesheets referenced by the page) changing urls to https.
Be aware that some vendors list a product on thier web site as if it were a current production product when really it's at the "we have a few samples and will let you have one if we like you and/or you pay us a load of money" stage.
The rockets were basically empty at the time of landing. I would think a booster full of fumes would give something similar to a "hollywood explosion". Big fireball but relatively little bang.
If someone owns a particular trademark, why not just wait for someone to shell out for the.sucks version, and then lawyer the shit out of them?
If paypal could have shut down paypalsucks.com by "lawyering the shit out of them" don't you think they would have done so by now. I don't see why paypal.sucks would be any different.
The point is with expensive domains many people will chose not to buy a domain, they will then end up using their hosting providers domain and therefore locked in. I do not see being locked in as a good thing.
A business that needed a domain for their business probably only needs a few, and persons that wanted their own vanity site didn't really need more than one either.
OTOH I think allowing people to have freedom to move hosting provider for their email and for their personal/hobby site without changing address on each move or more than doubling the cost was a very good thing.
UTF-8 is a highly elegant and simple format. I'm certainly not aware of anything anyone has done to make it "extra complicated".
Now unicode itself is massively complicated but afaict that is mostly a reflection of the fact that some human languages refuse to fit nicely into the model of "a sequence of characters placed next to each other from left to right".
One thing that MS does for some buyers (this is certainly true for universities, I'd be very surprised if it wasn't true for other large organisations)is give them deeply discounted subscription licenses where the pricing model for those deeply discounted licenses is not based on the number of installations but on some measure of the size of the organisation as a whole.
From the point of view of the customer this initially looks like a great deal. As well as saving money on the licenses themselves they are freed from the need to track installations saving lots of money in license management and auditing. It's subscription based so they pay at a constant rate rather than bursts whenever a new version comes out making budgets easy to manage.
However once the customer is in such an arrangement they lose most of the incentive to reduce the use of the software or use cheaper/free alternatives. They would have to massively reduce their use of the software in question before buying and auditing individual licenses would be cheaper than the subscription. During the transition period of said massive reduciont they would be paying for internal auditing and accounting that would not deliver any benefit or serve any external purpose until the process was complete.
IMO File formats are not the real problem. Microsoft's binary word processor and spreadsheet formats were reverse engineered years ago and have been pretty stable since 2000. OOXML is XML based and even has some documentation available on how to read it.
The real problem is that office documents blur the line between input and output and this makes them fundamentally fragile. An office document is input to a layout (in the case of a word processor) or calculation (in the case of a spreadsheet) engine but the user always looks at the output of that engine. Especially with word processors since the user is always looking at the output they aren't thinking about the structure of the input, they just bash things arround (holding down the space bar or enter key for example or dragging boxes around with no idea if their position is text-relative or page-relative)
So I don't think this will solve anything, even if MS implements ODF and even if the UK government gets it's employees to start using it as their main format for storing files (good luck) I would expect loading a document from office into libreoffice to still have similar results to today. The input (text typed, pictures included, user-specified values in spreadsheet cells) will probablly carry across fine but in some cases it will result in noticably different output (different and possiblly unreadable layout for word processed documents, different rounding of results for spreadsheets). Especially for large badly structure docuements.
Even discounting the spoofing possibilities your proposal would mean that anyone who uses baidu from outside china will find themselves cut off from github. I expect that isn't what github wants.
The whole internet standards process works based on "asking nicely". You can tell people they shouldn't use an option or even that by using that option they will be non-compliant with the latest version of the standard but you can't really stop them from using it if they decide that compatibility with old clients outweighs security.
dunno whereabout in europe you live but here in the UK it's still fairly common to see traditional doors/frames with only a single point lock and with the door hung so it opens inwards. A well-aimed kick, a handheld battering ram or a correctly placed crowbar will more than likely break the lock from the frame on such a door.
Putting everything internal on one network is the lazy option. Seggregating stuff onto VLANS is extra work and cost and is only generally done by places large enough to have an IT department.
And the thorny issue is that this license is not compatible with the GPL. That's why projects have to modify the GPL to make a specific exception for it.
Exactly and in most cases the exception says "openssl". Does a slightly patched version from a distro still count as "openssl"? Does a forked and renamed version with substantial changes still count as "openssl"?
AIUI people (and retailers) take them seriously enough that game developers typically choose an ESRB rating and then tailor the content of their game to hit it (this tailoring can happen in either direction). In particular they try very hard to avoid the AO rating as many retailers refuse to stock games that have it. Which ESRB rating they try to hit depends on the audiance they have in mind.
There was a big blowup with GTA san andreas about a minigame that was disabled but not removed causing the ESRB to re-rate the game as AO with a subsequent replacement of most stock in the retail channel and a class-action lawsuit (though the number of members of the class who actually claimed anything was pretty small)
Theres also a thorny license issue, some projects released under the GPL make a exception for openssl and it's not always clear whether that would apply to forks of openssl.
With ssh the original project had moved to a propietary license so linux distros that only accepted free software had to go with a fork or stick with a very outdated version. With openssl the original project is still alive. So the developers of linux distros will have to have a big argument over whether the reduced security exposure outweighs the reduced feature set.
because the larger an epidemic grows the more expensive it is to deal with and the greater the chance of an infected person escaping and starting an outbreak elsewhere. The ebola epidemic got big enough to suck badly for the three main countries involved and there were a few minor outbreaks in other countries but fortunately the outbreak was contained in time to avoid any signficant outbreaks in the rest of the world.
If the shit hits the fan at a domain registrar there is a good chance your domain will remain active but with no way to reconfigure it until things are straightened out. If the shit hits the fan at a hosting provider there is a good chance your server will disappear.
So putting both at the same place seems stupid to me.
My question is how could OpenSSL still have had this potential backdoor? Why was this not removed at first opportunity?
The trouble with removing old/weak modes is that you break interoperability with systems that only support those modes. Implementations that were limited to export modes only didn't disappear the instant the export restrictions were lifted. In some cases old versions of software stick around for many years because there is some problem that blocks upgrading.
So someone has to make the difficult call as to when the risk posed by supporting the old/weak modes outweighs the interoperability issues that will be caused by removing support for them. Inevitablly making changes is harder than doing nothing so said calls tend to err on the side of "too late" rather than "too early".
Furthermore SSL/TLS is supposed to protect against downgrade attacks. So removing support for old modes doesn't seem as urgent as it otherwise would be. Recently however we are finding that the protection against downgrade attacks is not as good as it should be.
The thing is with a petrol/diesel/lpg/etc powered car you can drive until the tank is nearly empty. Then at a conviniant location along the route stop, fill the fuel tank, go to the toilet, stretch grab a snack etc and be back on the road quickly. Especially if you have more than one person in the car and so can share the burden of driving this allows travelling for long periods with minimal stopped time.
With an electric car so far you can't do that. You have to go out of your way to find a charging station (which are far less common than petrol stations) and then wait a considerable time for your vehicle to charge (how long depends on the particular station but even tesla superchargers which are few and far between apparently take 40 minuites to bring the car to 80% charge)
Slashdot Mirror
Big content providers have been enabling IPv6 but none have done what the GGP post proposed and disabled IPv4.
At 224 units at a *very* low rate of 500 a month that is 1.4 million a year. Not a bad ROI.
For a 200 million dollar developement that's a terrible ROI. 0.7% and that is before expenses. A more reasonable 5% per annum yeild (before expenses) woudl require charging $3720 per month.
Is a $3720 per month rental considered "affordable" in that area?
You can't undo prison time already served but assuming the screwup comes to light before the person dies you can at least release them to live out the rest of the life as a free person. You could also compensate them financially though I don't know if any country actually does that.
Afaict the main reason the USA still has the death penalty is to bully people into plea bargins for life imprisonment (and no I don't think this is a good thing, I think the whole plea bargin system is abhorrent).
The summary is that they are introducing a new http header, this can be used to tell the browser to automatically use https instead of http to request resources used by the page. Thus avoiding "mixed content" warnings without requiring the website operator to go through the whole page (and potentially things like stylesheets referenced by the page) changing urls to https.
Be aware that some vendors list a product on thier web site as if it were a current production product when really it's at the "we have a few samples and will let you have one if we like you and/or you pay us a load of money" stage.
The rockets were basically empty at the time of landing. I would think a booster full of fumes would give something similar to a "hollywood explosion". Big fireball but relatively little bang.
If someone owns a particular trademark, why not just wait for someone to shell out for the .sucks version, and then lawyer the shit out of them?
If paypal could have shut down paypalsucks.com by "lawyering the shit out of them" don't you think they would have done so by now. I don't see why paypal.sucks would be any different.
The point is with expensive domains many people will chose not to buy a domain, they will then end up using their hosting providers domain and therefore locked in. I do not see being locked in as a good thing.
A business that needed a domain for their business probably only needs a few, and persons that wanted their own vanity site didn't really need more than one either.
OTOH I think allowing people to have freedom to move hosting provider for their email and for their personal/hobby site without changing address on each move or more than doubling the cost was a very good thing.
UTF-8 is a highly elegant and simple format. I'm certainly not aware of anything anyone has done to make it "extra complicated".
Now unicode itself is massively complicated but afaict that is mostly a reflection of the fact that some human languages refuse to fit nicely into the model of "a sequence of characters placed next to each other from left to right".
One thing that MS does for some buyers (this is certainly true for universities, I'd be very surprised if it wasn't true for other large organisations)is give them deeply discounted subscription licenses where the pricing model for those deeply discounted licenses is not based on the number of installations but on some measure of the size of the organisation as a whole.
From the point of view of the customer this initially looks like a great deal. As well as saving money on the licenses themselves they are freed from the need to track installations saving lots of money in license management and auditing. It's subscription based so they pay at a constant rate rather than bursts whenever a new version comes out making budgets easy to manage.
However once the customer is in such an arrangement they lose most of the incentive to reduce the use of the software or use cheaper/free alternatives. They would have to massively reduce their use of the software in question before buying and auditing individual licenses would be cheaper than the subscription. During the transition period of said massive reduciont they would be paying for internal auditing and accounting that would not deliver any benefit or serve any external purpose until the process was complete.
IMO File formats are not the real problem. Microsoft's binary word processor and spreadsheet formats were reverse engineered years ago and have been pretty stable since 2000. OOXML is XML based and even has some documentation available on how to read it.
The real problem is that office documents blur the line between input and output and this makes them fundamentally fragile. An office document is input to a layout (in the case of a word processor) or calculation (in the case of a spreadsheet) engine but the user always looks at the output of that engine. Especially with word processors since the user is always looking at the output they aren't thinking about the structure of the input, they just bash things arround (holding down the space bar or enter key for example or dragging boxes around with no idea if their position is text-relative or page-relative)
So I don't think this will solve anything, even if MS implements ODF and even if the UK government gets it's employees to start using it as their main format for storing files (good luck) I would expect loading a document from office into libreoffice to still have similar results to today. The input (text typed, pictures included, user-specified values in spreadsheet cells) will probablly carry across fine but in some cases it will result in noticably different output (different and possiblly unreadable layout for word processed documents, different rounding of results for spreadsheets). Especially for large badly structure docuements.
Even discounting the spoofing possibilities your proposal would mean that anyone who uses baidu from outside china will find themselves cut off from github. I expect that isn't what github wants.
The whole internet standards process works based on "asking nicely". You can tell people they shouldn't use an option or even that by using that option they will be non-compliant with the latest version of the standard but you can't really stop them from using it if they decide that compatibility with old clients outweighs security.
dunno whereabout in europe you live but here in the UK it's still fairly common to see traditional doors/frames with only a single point lock and with the door hung so it opens inwards. A well-aimed kick, a handheld battering ram or a correctly placed crowbar will more than likely break the lock from the frame on such a door.
and trying really hard to do it wrong.
Putting everything internal on one network is the lazy option. Seggregating stuff onto VLANS is extra work and cost and is only generally done by places large enough to have an IT department.
And the thorny issue is that this license is not compatible with the GPL. That's why projects have to modify the GPL to make a specific exception for it.
Exactly and in most cases the exception says "openssl". Does a slightly patched version from a distro still count as "openssl"? Does a forked and renamed version with substantial changes still count as "openssl"?
AIUI people (and retailers) take them seriously enough that game developers typically choose an ESRB rating and then tailor the content of their game to hit it (this tailoring can happen in either direction). In particular they try very hard to avoid the AO rating as many retailers refuse to stock games that have it.
Which ESRB rating they try to hit depends on the audiance they have in mind.
There was a big blowup with GTA san andreas about a minigame that was disabled but not removed causing the ESRB to re-rate the game as AO with a subsequent replacement of most stock in the retail channel and a class-action lawsuit (though the number of members of the class who actually claimed anything was pretty small)
Theres also a thorny license issue, some projects released under the GPL make a exception for openssl and it's not always clear whether that would apply to forks of openssl.
Maybe
With ssh the original project had moved to a propietary license so linux distros that only accepted free software had to go with a fork or stick with a very outdated version. With openssl the original project is still alive. So the developers of linux distros will have to have a big argument over whether the reduced security exposure outweighs the reduced feature set.
because the larger an epidemic grows the more expensive it is to deal with and the greater the chance of an infected person escaping and starting an outbreak elsewhere. The ebola epidemic got big enough to suck badly for the three main countries involved and there were a few minor outbreaks in other countries but fortunately the outbreak was contained in time to avoid any signficant outbreaks in the rest of the world.
2K had rail, dunno about the original.
If the shit hits the fan at a domain registrar there is a good chance your domain will remain active but with no way to reconfigure it until things are straightened out. If the shit hits the fan at a hosting provider there is a good chance your server will disappear.
So putting both at the same place seems stupid to me.
My question is how could OpenSSL still have had this potential backdoor? Why was this not removed at first opportunity?
The trouble with removing old/weak modes is that you break interoperability with systems that only support those modes. Implementations that were limited to export modes only didn't disappear the instant the export restrictions were lifted. In some cases old versions of software stick around for many years because there is some problem that blocks upgrading.
So someone has to make the difficult call as to when the risk posed by supporting the old/weak modes outweighs the interoperability issues that will be caused by removing support for them. Inevitablly making changes is harder than doing nothing so said calls tend to err on the side of "too late" rather than "too early".
Furthermore SSL/TLS is supposed to protect against downgrade attacks. So removing support for old modes doesn't seem as urgent as it otherwise would be. Recently however we are finding that the protection against downgrade attacks is not as good as it should be.
The thing is with a petrol/diesel/lpg/etc powered car you can drive until the tank is nearly empty. Then at a conviniant location along the route stop, fill the fuel tank, go to the toilet, stretch grab a snack etc and be back on the road quickly. Especially if you have more than one person in the car and so can share the burden of driving this allows travelling for long periods with minimal stopped time.
With an electric car so far you can't do that. You have to go out of your way to find a charging station (which are far less common than petrol stations) and then wait a considerable time for your vehicle to charge (how long depends on the particular station but even tesla superchargers which are few and far between apparently take 40 minuites to bring the car to 80% charge)