In many cases, it probably depends on the workflow that a project uses. You don't get mailling lists on GitHub. Don't laugh at mailing lists--they're important to a lot of projects, including the Linux kernel. Also, Subversion support is still experimental on GitHub. If I had an older, mature project, based around these two things, I'd want to stay on Sourceforge. For example, there are probably lots of libraries dating back to the days when Sourceforge was the best of few choices, and that are nice and stable, get the job done, and require only maintainance. Why fix it if it isn't broke? Infrastructure doesn't have to be cool to be very, very useful.
Sourceforge also provides a means of distributing or completely elliminating download bandwidth needs. http://scipy.org/ is the Web site for important numeric Python stuff (scipy and numpy). But the download links point to Sourceforge. They also use GitHub; for some a mix of services is best.
So, yeah, I'd say Sourceforge is still important to a lot of people. Not all of whom are aware of it.
I don't expect _any_ future president to disband TSA. At least not until the world become a Provably Safe Place (TM), or massive public resistance develops. Any politician skilled enough to be up for the job (or a Senate seat, etc.) is going to see that as accepting a lot of risk. There would certainly be an outcry from those who want the government to protect them from _everything_. If there were another attack afterwards, the politician(s) who were involved in dismantling it would then be toast.
I can't agree with either point. Any knowledge of calculus can help you detect situations where politicians or other people with an agenda (even your boss) are trying to pull the wool over your eyes with something that would otherwise sound plausible. Min/max would be an example, and not only for maximizing profit.
CS, OTOH, I don't regard as useful to the general population, which I can't imagine ever having to, for example, select the most appropriate sort algorithm. Computer *usage* skills are necessary, and by that I don't mean simply teaching the latest Microsoft products. Or if that's deemed the most practical means of preparing students for the "real" world, then also teach, for example, how Excel's stat functions can lead you astray.
Ummm, no. They were smart enough that they could basically package *dirt* and sell it.
The people that *bought* them were stupid. There were even Signs in the Heavens, in the form of the ratings services assigning the same ratings to some of these that they were giving to Treasury instruments. And there were *still* buyers, to the tune of untold trillions of dollars. Never underestimate the power of human greed.
What astounds me is that the people at Moodies and the other ratings orgs aren't facing charges yet. I've not even heard that they've had to testify to Congress. Though they well could have been, and I missed it.
I quoted a Slashdot doc related to moderation earlier in the 'conversation'. But when you get right down to it, who's going to read a bunch of lame doc, dating (mostly) back to 2000, which isn't even *internally* consistent?
Last October I had to tell them that their links re: how to advertise on the site referred to Web sites that didn't exit!
Don't feel badly about the Flamebait mod. I'm looking that the article, as it sits, with 97 comments. Apparently the guy (whoever he was--typical Slashdotters seem to be far more television-oriented than I am) was popular--to the point that everyone with something good (even regarding random maudlin sentimentality as good) to say about the man gets modded up, and anyone else gets modded down. This article, so far, is the single best piece of evidence I've seen yet for how completely broken the moderation system is.
From: http://slashdot.org/moderation.shtml "Concentrate more on promoting than on demoting. The real goal here is to find the juicy good stuff and let others read it. Do not promote personal agendas. Do not let your opinions factor in. Try to be impartial about this. Simply disagreeing with a comment is not a valid reason to mark it down. Likewise, agreeing with a comment is not a valid reason to mark it up. The goal here is to share ideas. To sift through the haystack and find needles. And to keep the children who like to spam Slashdot in check."
A post (modded Insightful) down the thread: "I'd have to say he was actually a great man and a great reporter...from what I know of the man he was a good father and an excellent role model.
R.I.P. Tim, you will be sorely missed, not only on election nights, but on Sunday mornings. And though I'm not a Buffalo Bills fan...in your honor I say...Go Bills..."
Where's the insight in that? Three sentences, all personal opinion, displaying nothing but sentimentality, and one was about expressing support for some random football team in Teh Great Man's 'honor'!
This entire article is *stuffed* with that sort of thing. Slashdot lurches toward mediocrity again. The up side is that now I won't feel guilty when I read without turning off adblock.
If you're a scientist, I rather suspect it involves one of the fuzzy subjects. The ones without math.
"Just by the way, this kind of counter-argument oh yeah? prove it by citing an expert! may work with the Wikipedia crowd, who have almost a fetish about the value of citations (like that makes the logic sounder?? How?) -- but as a scientist myself -- and one who knows fuck all about stuff like molecular absorption spectra, just FYI -- I am totally unimpressed. The argument should proceed by facts which we all know, or can learn from trusted open sources, plus the logic we can all deploy. An argument by appeal to authority is doomed to fail. Because we can't afford to simply trust authority blindly on this one. The data has to be available to all, and the logic has to be something anyone can follow and see is sound."
You seen to have debating society logic down pat, and are ready to to get the standard Slashdot formal definition of 'begging the question' rant on at a moment's notice. Perhaps you should consider that most people cannot deploy formal logic at all. Instead of an appeal to authority, you're appealing to cheap populism.
If you dealt with higher math, or hard sciences, you would know that there are many counter-intuitive things in this universe which simply aren't very accessible to the layman.
The problem is magnified by both the suckage of our edu system, and by people such as yourself, who insist that the people who have been ripped off by that same system (hence don't know that they don't know) should magically be the arbiters of what constitutes valid theory in highly complex subjects.
It's not simplified that most people have no idea of the extent to which they're being played by modern media, who are purely in the business of delivering eyeballs to advertisers, and corporate bonuses. Or did the beating of the war drums in the run-up to Iraq, with zero journalistic integrity in sight, escape your keen 'scientist' eyes? Scientists are supposed to be skilled observers, right? So how did complete media failure slide past you, then, and continue to escape you, to the point where to this day you can still speak of the poor guy in the street somehow being able to magically determine the veracity of sources?
I'm pretty much a liberal, but you're disgusting enough that I can't bring myself to touch the rest of that post. If you're a scientist, it's either a science with very sloppy discipline, or some fuzzy subject where even pandering fools can succeed.
"The problem is, we can only make such a staggeringly huge change in our habits perhaps once in a thousand years. By making that change now, in the direction of reducing CO2 emissions, we give up the ability to make any similarly massive change for a long time. "
I don't know where you got the thousand year reference, but it seems very much too long. Near the beginning of the 19th Century, we had the Industrial Revolution, which changed the world. Only a hundred years later, near the beginning of the 20th century, automobiles became common, which changed the world.
A millennium is a very long time in the history (as opposed to prehistory) of human society. Have a look at some of the characteristics of the year 1000 http://en.wikipedia.org/wiki/1000_A.D. and I think you'll find that there have been *many* changes which you could describe as having, "enormous dislocating economic effects." Which is what I suspect you're mostly worried about.
However, a long-term change in how society produces wealth does not require that there be less wealth. It only requires that different industries and resource groups provide it.
Climate change would also "...greatly strain social and political agreements that keep world peace." That argument works both ways. But what on earth leads you to believe that "world peace" has been kept in the first place? The 20th Century was by far the bloodiest yet. I suspect the 21st will be worse, for several reasons, including yet more strains as squabbles for resources intensify, and very specifically including squabbles over oil.
"I don't want to have to deal with frikkin' malaria, dengue fever, yellow fever and whatnot."
Sadly, that ship has sailed for many people. Maybe the Europeans are a bit more concerned than many Americans because of things like the Tiger Mosquito now found being across southern Europe, and Switzerland.
Residents of Rowenna, in Northern Italy, got to experience a disease I'd never even heard of. Chikungunya, a relative of Dengue Fever paid them a visit last December. Apparently it's normally found around the Indian Ocean.
A quote from the article, "This is the first case of an epidemic of a tropical disease in a developed, European country," said Roberto Bertollini, director of the World Health Organization's Program on Health and the Environment. "Climate change creates conditions that make it easier for this mosquito to survive and it opens the door to diseases that didn't exist here previously. This is a real issue. Now, today. It is not something a crazy environmentalist is warning about."
According to the CDC, it's not usually fatal, but it completely sucks to contract it, and there is no vaccine or preventive drug currently available. http://www.cdc.gov/ncidod/dvbid/Chikungunya/
OTOH, maybe the Europeans are a bit more concerned than many Americans because they seem, on average, to be more rational. Or their educational systems seem to suck less, or ???
Let something like Chikungunya and/or Malaria become endemic here, and I expect some attitudes will change, but we seem to require a high level of hosedness before we can change anything. I wonder if there isn't already enough climate change baked in that this is inevitable.
Yes. A home user has just as much to lose a corporation, *in relative terms*. Completely hosed is completely hosed. The average home/SOHO user is just operating at a greater disadvantage, because few have the resources required to understand the threats, and make good decisions. People who read technical sites of any sort are a minority, in every survey I've seen, and have been for years.
In a post above, I think Tony Hoyle might have been referring to the.swf-based attacks that were being widely used back in January. Hopefully most people here turned off upnp on their router back then. Anyone that didn't should probably read https://www.kb.cert.org/vuls/id/347812 It has links to MS Knowledge Base articles, and lots more info.
Thinking that, "I'm just a home user," is basically what's given us botnets. I see no way that problem can be fixed, but sometimes I have to put my Don Quixote hat on, over my Security Guy hat, and post something.
Simplicity is better than complexity if you're really after security. You could write a small Web server, which did nothing more than respond to HTTP requests, which was provable secure. It's been done. But it's also one more piece of software that has to be maintained. Or use a large Web server, such as Apache. It's been a long while since there was a remote exploit against Apache, when it was simply serving static pages. A DOS attack might still be possible, but that shouldn't accomplish anything but revealing the attack, as long as software running on the systems on the control LAN, which update the data host, don't become wedged if the data host becomes unresponsive. Which you would still want to test for, BTW.
*However*, one of the more powerful ideas in configuring highly secure LANS is that the more-secure LAN is simply never allowed to accept connections from the less-secure LAN. It's also something that's really easy to firewall, your network becomes easier to audit, etc. If you're a security practitioner, it makes your life easier. You still have to worry about the sneaker-net, physical security, etc., but now you're more able to focus your resources on those areas. Once again, simplicity is better than complexity if you're really after security.
I don't know where you got the idea that I thought it was, "sooo impossile to have a perl script or whatever fetch the webpage and cut out the data you care about." It's easy. But pretty much nothing is as easy to extract data from as a CSV file, which you could process with nothing more than awk. That doesn't get you far with automating report generation, populating a database, or whatever else you intend to *do* with the data, but there are endless tools for those jobs--Perl included.
Also, in my experience, people want to mess with Web pages. They're more visual, and people tend to want to 'improve' them, meaning your Perl screen-scraper likely has to change as well. I see a lot less clamor for changing the data format in CSV files.
In the end, use what you need--XML, for all I care. Just *don't allow your less-secure LAN to initiate connections into your more-secure LAN*. That was the root cause of the failure described in TFA. It's one of many reasons the rule is so basic, though obviously not yet widely-enough followed. Ideally, hosts on a secure LAN communicate with *nothing* outside that LAN. You justify and document every[1] step away from that ideal, if for no other reason than that it plays hell with formal trust models, which can be important inputs into designing a thorough audit. I don't see how you justify accepting incoming traffic when there's an easy way to avoid it. In an audit, I'd be busting you for that Web server. Simple as that.
An approach like the one above is likely to make life easier for several internal groups, including office staff. And quite possibly the ultimate users--power consumers.
[1] I mean every, not most. For example, how do you handle time? I favor an NTP server on the secure LAN taking time inputs from the GPS cloud. I've never worked for an organization that had a spare atomic clock lying around, or I'd have used that, and eliminated one more external data flow.
"It would be even better if the control network had a web server"
Probably not. Web servers are complex, and likely targets for attack. And the business people will end up doing endless cut and paste.
A better solution would be to accumulate the data that the businesspeople need on a single system on the control LAN. That system rsync's CSV files onto a system on the business LAN. No connections are initiated from the business LAN into the control LAN, and the data are more useful to MIS people on the business LAN.
"The real issue is why did the primary control system accept a reset..."
That was my first thought, too: a huge separation of privilege flaw. But, from TFA, "...when the updated computer rebooted, it reset the data on the control system, causing safety systems to errantly interpret the lack of data as a drop in water reservoirs that cool the plant's radioactive nuclear fuel rods."
So it's not that the system on the control side accepted a restart command that it shouldn't have. I'm not saying there's no problem--just that this wasn't the failure mode.
But it does make you wonder what else is wrong at this place, doesn't it?
TFA has a link to a Government Accounting Office paper on problems they found with TVA, which operates multiple reactors. Have a look at that thing http://www.gao.gov/new.items/d08526.pdf to see a real mess. It's 62 pages of badness, but just reading page 2, "Results in Brief," will give most people the twitching horrors.
Password issues, bypassed firewalls, unpatched systems, limited logging, limited IDS, configuration management policy problems, physical security and training problems, etc. Apparently TVA has left no stone unturned in their efforts to fail an audit.
Sorry I couldn't get it accepted. As a journalist, I'm a complete lamer. But it's an interesting article, and it may even be around for a bit--I don't know Reuter's policies, vis-a-vis demanding registration to articles more than x weeks old, etc. I never reference the NYT, for instance, as I don't much like their access policies. They could learn a lot from the Europeans.
Anyway, you may want to have a look at the Reuters article. I'm becoming more and more ashamed to admit that I used to work for those guys.
You'd have to factor in the ratio of income from the US site v others (UK, etc.). IMHO, the US site is likely to be more profitable than others. You'd have to plow through an annual report to really know, and factor that in.
The larger flaw, though, is that you're subtracting one minute, when the title states > 1 hour. That implies going on A couple of million US$ in losses, which is significant, as investors don't know the reason, and caution would indicate that it could be recurring, such as the problems SalesForce has had. That hit their stock prices, etc.
The Amazon outage is more complex--TFA indicates that some of their services were unavailable for different amounts of time, etc. What are those service worth? All anyone has is a number--from CNET. Did they do anything like a real analysis, reading quarterly reports, etc? No, by long odds. Amazon does application hosting. What customers were affected, what percentage of the business is involved, and what do CxOs of large clients think?
The odds are actually quite good that many people give a crap. Investors (and CxOs) don't like uncertainty. It wouldn't surprise me to find some Wall Street analyst(s) making calls. Maybe it was an outage on a critical replication server, problem identified, fixed, and will provably never happen again. But maybe not. We'll see.
Interesting link. I still need to find some docs and kick the tires. If you change search terms to include ".NET" you find a fast ramp back in '05, and a corresponding decrease in Java. Then things smooth out a bit, with.NET having a larger share. I don't use either one, and can't comment on relative popularity. But there are probably independent means of confirming, at least in broad strokes, the trends this site displays.
Finding good terms would definitely be important. For instance, if I use 'D', it blows everything away, and I just don't think that D has caught on to that degree...:) C also shows a 'ramp and stabilize higher' in the latter part of '06. No idea what might cause that, so unless someone has an explanation, I suspect it's an artifact.
There's always going to be a need for things like algorithm research, so I'm not convinced that what you refer to as the "how" should be left behind. I don't doubt that it's happening at many schools. I just don't think it's a good idea. CS should be CS--a primarily mathematical pursuit. Programs which teach other things, which I freely grant are just as valuable, should have other names.
There's certainly a lot of "what" going on right now, if I have your meaning right. Witness the seemingly endless creation of frameworks, and even nested frameworks. If I really have your meanings right, I'd have to say that mistakes are being made in lowering the CS bar, while simultaneously failing to teach exactly what is involved in creating and using good frameworks, libraries, and other pragmatic programmer's toolbox items.
I'm not saying that there shouldn't be commonality. If I were to formally describe Kerberos, for instance, I'd want a programmer to be able to implement it, not depend upon being able to do calls into a lib, which may not exist. I'd want that programmer to be able to know how to sanely construct that lib, if it didn't exist.
I've seen a couple of recent grads who could do neither of these things. One of them didn't really seem to know much about Big-O notation, so there were basic communication problems. That was scary enough that I'm glad I don't have to work with them as a day-to-day thing. Neither seemed particularly interested in learning, either; they apparently saw themselves as some sort of 9 to 5 meat IDE-driver, and would do nothing but increase my workload.
I certainly don't agree with everything in the GP. I could completely get my rant on, about portions of that post. But I don't entirely disagree with it, either, and I don't think it should have been modded flamebait.
Me, and a few people I know, who contribute to OS/free software, are a lot closer to pissed off than "amused." That obviously isn't you, as you're making a fallacious either/or argument. Do you seriously think that countries who were involved sent some Magical Rep, with instructions resembling, "Look, either support OOXML, or go to the next meeting while you're in Europe anyway, and support cleaner energy. Or maybe lower food prices. Whatever." I hate to break it to you, but Homer Simpson is a character in a cartoon, not an intellectual role model.
Until you get some sort of grip on logical thought, please stay focused on maintaining your pseudo-intellectual, aloof, amused Slashdot 'tude. Intensely irritating though you are, I'd far rather you were karma-whoring here, than contributing logic bugs to OS/free software that I might have to burn my time fixing.
I like KDE a lot. There are points that bother me, but they're often offset with things that I truly appreciate.
Take tabs. In Konqueror, I've added icons to move tabs left and right. But the icons consist of an empty page. Why no arrows? It's a quibble--their positions never change, so I know which is which. But it wouldn't surprise me learn that the KDE team gets feedback that this is confusing for new users. That would be a valid point, at one level, but I don't think of things that way.
A simple UI can often only do simple things. A more complex UI, done at all correctly, allows you to do more. A UI isn't new forever. I'll gladly trade a steeper learning curve for more power all along the long tail of actual usage. I certainly don't think KDE 3.5 ever reached a point of too much complexity. I've added a couple of things to the Actions sub-menu I get when I right-click a file in Konqueror, for example. If that isn't enough, Konqueror's Tools menu lets me open a terminal at that location. Perhaps Gnome would as well. I don't know, as Gnome drove me away a long time ago, as they drained away configurability.
Back to Konq Web browser--I love having a button to clear the location window. Most browsers will accept a URL of several thousand chars. Apache would accept around 4K before it spit up an error message, last time I checked. URLs certainly aren't getting shorter. It's a lot easier to hit a button than do a complete delete from within the location window. If I want to move up some sites hierarchy, it's nice to select the bit I need to keep, hit the clear button, then middle-click the bit I want back in. I keep wondering why I've not seen that in Firefox. You can arrive at the same thing by opening and closing tabs, but a clear button is more elegant.
Another thing that's nicer in Konq is a longer list of right-click options on selected text--search Webster, etc. I extended that too, on earlier versions. Now everything I need is available from the default dialog box. Maybe I could do that in Firefox. A Google search is an option, after all. But configuring Firefox simply isn't as easy as Konqueror. Nor does it start as fast, etc. I tend to use Firefox only for those sites which simply won't work correctly in Konq--a shrinking list.
OK, back to tabs. Konsole is always running on my KDE machines. Anyone that hasn't used it--give it a try. Look through the menus. I'd like to be able to configure the toolbars though, the way I can in other KDE apps. I'd have added those blank-paper icons mentioned above to move tabs left and right. It was probably possible to hold the middle mouse button and drag a session tab well before I decided there must be a way to reorder tabs, and found it. OTOH, it's nice to keep session tabs at the bottom. That's far more likely to be where your prompt is, if you're a very active Konsole user, which I am.
Some things just make more sense from the command line. Getting details on a process is often easier than finding it in top, much less launching KDE System Guard and switching to the process table view. Though I do like, and often use, System Guard. Being able to save worksheets is sweet.
If I want to see whether a program has an executable stack, 'eu-readelf -l PROGNAME | fgrep STACK' and look at the second to last column. RW Good, RWX Not So Good. Example: $ eu-readelf -l/bin/ls | fgrep STACK
GNU_STACK 0x000000 0x00000000 0x00000000 0x000000 0x000000 RW 0x4 $ Package management from the command line, via yum and an occasional rpm command, is generally faster and easier than the couple of GUIs I've tried. I rarely use any GUI system config tools, actually. I do use a couple of GTK apps, such as Wireshark (packet sniffer), pretty regularly.
Like most of us, I use whatever works best for me. I wish KDE had fixed a few things in 3.5. Assuming that they haven't fixed them, and it's just not in the Fedora packages.:). For business reasons, I generally need to be on either Fedora, Red Hat, or a Red Hat clone.
Do I like KDE? Oh, yeah. 3.5, anyway. The above is just the tip of the iceberg. I like it a lot. I hope 4.x doesn't drive me away.
Slashdot Mirror
You are one brave individual. I would find the prospect of debugging Rush Limbaugh daunting.
In many cases, it probably depends on the workflow that a project uses. You don't get mailling lists on GitHub. Don't laugh at mailing lists--they're important to a lot of projects, including the Linux kernel. Also, Subversion support is still experimental on GitHub. If I had an older, mature project, based around these two things, I'd want to stay on Sourceforge. For example, there are probably lots of libraries dating back to the days when Sourceforge was the best of few choices, and that are nice and stable, get the job done, and require only maintainance. Why fix it if it isn't broke? Infrastructure doesn't have to be cool to be very, very useful.
Sourceforge also provides a means of distributing or completely elliminating download bandwidth needs. http://scipy.org/ is the Web site for important numeric Python stuff (scipy and numpy). But the download links point to Sourceforge. They also use GitHub; for some a mix of services is best.
So, yeah, I'd say Sourceforge is still important to a lot of people. Not all of whom are aware of it.
I don't expect _any_ future president to disband TSA. At least not until the world become a Provably Safe Place (TM), or massive public resistance develops. Any politician skilled enough to be up for the job (or a Senate seat, etc.) is going to see that as accepting a lot of risk. There would certainly be an outcry from those who want the government to protect them from _everything_. If there were another attack afterwards, the politician(s) who were involved in dismantling it would then be toast.
Evidence for progress seems a bit thin. Even a very senior Cardinal has said that the Catholic Church is 200 years behind the times.
http://www.bbc.co.uk/news/world-europe-19453974
I can't agree with either point. Any knowledge of calculus can help you detect situations where politicians or other people with an agenda (even your boss) are trying to pull the wool over your eyes with something that would otherwise sound plausible. Min/max would be an example, and not only for maximizing profit.
CS, OTOH, I don't regard as useful to the general population, which I can't imagine ever having to, for example, select the most appropriate sort algorithm. Computer *usage* skills are necessary, and by that I don't mean simply teaching the latest Microsoft products. Or if that's deemed the most practical means of preparing students for the "real" world, then also teach, for example, how Excel's stat functions can lead you astray.
Ummm, no. They were smart enough that they could basically package *dirt* and sell it.
The people that *bought* them were stupid. There were even Signs in the Heavens, in the form of the ratings services assigning the same ratings to some of these that they were giving to Treasury instruments. And there were *still* buyers, to the tune of untold trillions of dollars. Never underestimate the power of human greed.
What astounds me is that the people at Moodies and the other ratings orgs aren't facing charges yet. I've not even heard that they've had to testify to Congress. Though they well could have been, and I missed it.
I quoted a Slashdot doc related to moderation earlier in the 'conversation'. But when you get right down to it, who's going to read a bunch of lame doc, dating (mostly) back to 2000, which isn't even *internally* consistent?
Last October I had to tell them that their links re: how to advertise on the site referred to Web sites that didn't exit!
-----
"http://slashdot.org/faq/advertising.shtml#ad100 has a link to:
http://slashdot.org/advertising.shtml
click it, and I get:
"An error occurred while loading http://slashdot.org/advertising.shtml:
Could not connect to host www.osdn.com."
Should www.osdn.com point to www.newsforge.com? That's where a traceroute ends up.
-----
I like doc to actually mean something, too. But the people that run this place simply aren't competent.
Don't feel badly about the Flamebait mod. I'm looking that the article, as it sits, with 97 comments. Apparently the guy (whoever he was--typical Slashdotters seem to be far more television-oriented than I am) was popular--to the point that everyone with something good (even regarding random maudlin sentimentality as good) to say about the man gets modded up, and anyone else gets modded down. This article, so far, is the single best piece of evidence I've seen yet for how completely broken the moderation system is.
From:
http://slashdot.org/moderation.shtml
"Concentrate more on promoting than on demoting. The real goal here is to find the juicy good stuff and let others read it. Do not promote personal agendas. Do not let your opinions factor in. Try to be impartial about this. Simply disagreeing with a comment is not a valid reason to mark it down. Likewise, agreeing with a comment is not a valid reason to mark it up. The goal here is to share ideas. To sift through the haystack and find needles. And to keep the children who like to spam Slashdot in check."
A post (modded Insightful) down the thread:
"I'd have to say he was actually a great man and a great reporter...from what I know of the man he was a good father and an excellent role model.
R.I.P. Tim, you will be sorely missed, not only on election nights, but on Sunday mornings. And though I'm not a Buffalo Bills fan...in your honor I say...Go Bills..."
Where's the insight in that? Three sentences, all personal opinion, displaying nothing but sentimentality, and one was about expressing support for some random football team in Teh Great Man's 'honor'!
This entire article is *stuffed* with that sort of thing. Slashdot lurches toward mediocrity again. The up side is that now I won't feel guilty when I read without turning off adblock.
If you're a scientist, I rather suspect it involves one of the fuzzy subjects. The ones without math.
"Just by the way, this kind of counter-argument oh yeah? prove it by citing an expert! may work with the Wikipedia crowd, who have almost a fetish about the value of citations (like that makes the logic sounder?? How?) -- but as a scientist myself -- and one who knows fuck all about stuff like molecular absorption spectra, just FYI -- I am totally unimpressed. The argument should proceed by facts which we all know, or can learn from trusted open sources, plus the logic we can all deploy. An argument by appeal to authority is doomed to fail. Because we can't afford to simply trust authority blindly on this one. The data has to be available to all, and the logic has to be something anyone can follow and see is sound."
You seen to have debating society logic down pat, and are ready to to get the standard Slashdot formal definition of 'begging the question' rant on at a moment's notice. Perhaps you should consider that most people cannot deploy formal logic at all. Instead of an appeal to authority, you're appealing to cheap populism.
If you dealt with higher math, or hard sciences, you would know that there are many counter-intuitive things in this universe which simply aren't very accessible to the layman.
The problem is magnified by both the suckage of our edu system, and by people such as yourself, who insist that the people who have been ripped off by that same system (hence don't know that they don't know) should magically be the arbiters of what constitutes valid theory in highly complex subjects.
It's not simplified that most people have no idea of the extent to which they're being played by modern media, who are purely in the business of delivering eyeballs to advertisers, and corporate bonuses. Or did the beating of the war drums in the run-up to Iraq, with zero journalistic integrity in sight, escape your keen 'scientist' eyes? Scientists are supposed to be skilled observers, right? So how did complete media failure slide past you, then, and continue to escape you, to the point where to this day you can still speak of the poor guy in the street somehow being able to magically determine the veracity of sources?
I'm pretty much a liberal, but you're disgusting enough that I can't bring myself to touch the rest of that post. If you're a scientist, it's either a science with very sloppy discipline, or some fuzzy subject where even pandering fools can succeed.
"The problem is, we can only make such a staggeringly huge change in our habits perhaps once in a thousand years. By making that change now, in the direction of reducing CO2 emissions, we give up the ability to make any similarly massive change for a long time. "
I don't know where you got the thousand year reference, but it seems very much too long. Near the beginning of the 19th Century, we had the Industrial Revolution, which changed the world. Only a hundred years later, near the beginning of the 20th century, automobiles became common, which changed the world.
A millennium is a very long time in the history (as opposed to prehistory) of human society.
Have a look at some of the characteristics of the year 1000 http://en.wikipedia.org/wiki/1000_A.D. and I think you'll find that there have been *many* changes which you could describe as having, "enormous dislocating economic effects." Which is what I suspect you're mostly worried about.
However, a long-term change in how society produces wealth does not require that there be less wealth. It only requires that different industries and resource groups provide it.
Climate change would also "...greatly strain social and political agreements that keep world peace." That argument works both ways. But what on earth leads you to believe that "world peace" has been kept in the first place? The 20th Century was by far the bloodiest yet. I suspect the 21st will be worse, for several reasons, including yet more strains as squabbles for resources intensify, and very specifically including squabbles over oil.
...then you are murdered.
"I don't want to have to deal with frikkin' malaria, dengue fever, yellow fever and whatnot."
Sadly, that ship has sailed for many people. Maybe the Europeans are a bit more concerned than many Americans because of things like the Tiger Mosquito now found being across southern Europe, and Switzerland.
Residents of Rowenna, in Northern Italy, got to experience a disease I'd never even heard of. Chikungunya, a relative of Dengue Fever paid them a visit last December. Apparently it's normally found around the Indian Ocean.
http://www.iht.com/articles/2007/12/21/healthscience/virus.php
A quote from the article, "This is the first case of an epidemic of a tropical disease in a developed, European country," said Roberto Bertollini, director of the World Health Organization's Program on Health and the Environment. "Climate change creates conditions that make it easier for this mosquito to survive and it opens the door to diseases that didn't exist here previously. This is a real issue. Now, today. It is not something a crazy environmentalist is warning about."
According to the CDC, it's not usually fatal, but it completely sucks to contract it, and there is no vaccine or preventive drug currently available.
http://www.cdc.gov/ncidod/dvbid/Chikungunya/
OTOH, maybe the Europeans are a bit more concerned than many Americans because they seem, on average, to be more rational. Or their educational systems seem to suck less, or ???
Let something like Chikungunya and/or Malaria become endemic here, and I expect some attitudes will change, but we seem to require a high level of hosedness before we can change anything. I wonder if there isn't already enough climate change baked in that this is inevitable.
"Does that make it inappropriate for home users?"
.swf-based attacks that were being widely used back in January. Hopefully most people here turned off upnp on their router back then. Anyone that didn't should probably read https://www.kb.cert.org/vuls/id/347812
Yes. A home user has just as much to lose a corporation, *in relative terms*. Completely hosed is completely hosed. The average home/SOHO user is just operating at a greater disadvantage, because few have the resources required to understand the threats, and make good decisions. People who read technical sites of any sort are a minority, in every survey I've seen, and have been for years.
In a post above, I think Tony Hoyle might have been referring to the
It has links to MS Knowledge Base articles, and lots more info.
Thinking that, "I'm just a home user," is basically what's given us botnets. I see no way that problem can be fixed, but sometimes I have to put my Don Quixote hat on, over my Security Guy hat, and post something.
Simplicity is better than complexity if you're really after security. You could write a small Web server, which did nothing more than respond to HTTP requests, which was provable secure. It's been done. But it's also one more piece of software that has to be maintained. Or use a large Web server, such as Apache. It's been a long while since there was a remote exploit against Apache, when it was simply serving static pages. A DOS attack might still be possible, but that shouldn't accomplish anything but revealing the attack, as long as software running on the systems on the control LAN, which update the data host, don't become wedged if the data host becomes unresponsive. Which you would still want to test for, BTW.
*However*, one of the more powerful ideas in configuring highly secure LANS is that the more-secure LAN is simply never allowed to accept connections from the less-secure LAN. It's also something that's really easy to firewall, your network becomes easier to audit, etc. If you're a security practitioner, it makes your life easier. You still have to worry about the sneaker-net, physical security, etc., but now you're more able to focus your resources on those areas. Once again, simplicity is better than complexity if you're really after security.
I don't know where you got the idea that I thought it was, "sooo impossile to have a perl script or whatever fetch the webpage and cut out the data you care about." It's easy. But pretty much nothing is as easy to extract data from as a CSV file, which you could process with nothing more than awk. That doesn't get you far with automating report generation, populating a database, or whatever else you intend to *do* with the data, but there are endless tools for those jobs--Perl included.
Also, in my experience, people want to mess with Web pages. They're more visual, and people tend to want to 'improve' them, meaning your Perl screen-scraper likely has to change as well. I see a lot less clamor for changing the data format in CSV files.
In the end, use what you need--XML, for all I care. Just *don't allow your less-secure LAN to initiate connections into your more-secure LAN*. That was the root cause of the failure described in TFA. It's one of many reasons the rule is so basic, though obviously not yet widely-enough followed. Ideally, hosts on a secure LAN communicate with *nothing* outside that LAN. You justify and document every[1] step away from that ideal, if for no other reason than that it plays hell with formal trust models, which can be important inputs into designing a thorough audit. I don't see how you justify accepting incoming traffic when there's an easy way to avoid it. In an audit, I'd be busting you for that Web server. Simple as that.
An approach like the one above is likely to make life easier for several internal groups, including office staff. And quite possibly the ultimate users--power consumers.
[1] I mean every, not most. For example, how do you handle time? I favor an NTP server on the secure LAN taking time inputs from the GPS cloud. I've never worked for an organization that had a spare atomic clock lying around, or I'd have used that, and eliminated one more external data flow.
"It would be even better if the control network had a web server"
Probably not. Web servers are complex, and likely targets for attack. And the business people will end up doing endless cut and paste.
A better solution would be to accumulate the data that the businesspeople need on a single system on the control LAN. That system rsync's CSV files onto a system on the business LAN. No connections are initiated from the business LAN into the control LAN, and the data are more useful to MIS people on the business LAN.
"The real issue is why did the primary control system accept a reset..."
That was my first thought, too: a huge separation of privilege flaw. But, from TFA, "...when the updated computer rebooted, it reset the data on the control system, causing safety systems to errantly interpret the lack of data as a drop in water reservoirs that cool the plant's radioactive nuclear fuel rods."
So it's not that the system on the control side accepted a restart command that it shouldn't have. I'm not saying there's no problem--just that this wasn't the failure mode.
But it does make you wonder what else is wrong at this place, doesn't it?
TFA has a link to a Government Accounting Office paper on problems they found with TVA, which operates multiple reactors. Have a look at that thing http://www.gao.gov/new.items/d08526.pdf
to see a real mess. It's 62 pages of badness, but just reading page 2, "Results in Brief," will give most people the twitching horrors.
Password issues, bypassed firewalls, unpatched systems, limited logging, limited IDS, configuration management policy problems, physical security and training problems, etc. Apparently TVA has left no stone unturned in their efforts to fail an audit.
I submitted an article yesterday (still pending, but you can imagine it's future). It was based around a Reuters article which points out that there are several legal actions pending now. The article is at:
http://www.reuters.com/article/marketsNews/idUSN0540220820080605?pageNumber=2&virtualBrandChannel=0
Sorry I couldn't get it accepted. As a journalist, I'm a complete lamer. But it's an interesting article, and it may even be around for a bit--I don't know Reuter's policies, vis-a-vis demanding registration to articles more than x weeks old, etc. I never reference the NYT, for instance, as I don't much like their access policies. They could learn a lot from the Europeans.
Anyway, you may want to have a look at the Reuters article. I'm becoming more and more ashamed to admit that I used to work for those guys.
That reasoning doesn't really work for me.
You'd have to factor in the ratio of income from the
US site v others (UK, etc.). IMHO, the US site is likely to be more profitable than others. You'd have to plow through an annual report to really know, and factor that in.
The larger flaw, though, is that you're subtracting one minute, when the title states > 1 hour. That implies going on A couple of million US$ in losses, which is significant, as investors don't know the reason, and caution would indicate that it could be recurring, such as the problems SalesForce has had. That hit their stock prices, etc.
The Amazon outage is more complex--TFA indicates that some of their services were unavailable for different amounts of time, etc. What are those service worth? All anyone has is a number--from CNET. Did they do anything like a real analysis, reading quarterly reports, etc? No, by long odds. Amazon does application hosting. What customers were affected, what percentage of the business is involved, and what do CxOs of large clients think?
The odds are actually quite good that many people give a crap. Investors (and CxOs) don't like uncertainty. It wouldn't surprise me to find some Wall Street analyst(s) making calls. Maybe it was an outage on a critical replication server, problem identified, fixed, and will provably never happen again. But maybe not. We'll see.
Interesting link. I still need to find some docs and kick the tires. If you change search terms to include ".NET" you find a fast ramp back in '05, and a corresponding decrease in Java. Then things smooth out a bit, with .NET having a larger share. I don't use either one, and can't comment on relative popularity. But there are probably independent means of confirming, at least in broad strokes, the trends this site displays.
:) C also shows a 'ramp and stabilize higher' in the latter part of '06. No idea what might cause that, so unless someone has an explanation, I suspect it's an artifact.
Finding good terms would definitely be important. For instance, if I use 'D', it blows everything away, and I just don't think that D has caught on to that degree...
Again, interesting link. Thanks.
There's always going to be a need for things like algorithm research, so I'm not convinced that what you refer to as the "how" should be left behind. I don't doubt that it's happening at many schools. I just don't think it's a good idea. CS should be CS--a primarily mathematical pursuit. Programs which teach other things, which I freely grant are just as valuable, should have other names.
There's certainly a lot of "what" going on right now, if I have your meaning right. Witness the seemingly endless creation of frameworks, and even nested frameworks. If I really have your meanings right, I'd have to say that mistakes are being made in lowering the CS bar, while simultaneously failing to teach exactly what is involved in creating and using good frameworks, libraries, and other pragmatic programmer's toolbox items.
I'm not saying that there shouldn't be commonality. If I were to formally describe Kerberos, for instance, I'd want a programmer to be able to implement it, not depend upon being able to do calls into a lib, which may not exist. I'd want that programmer to be able to know how to sanely construct that lib, if it didn't exist.
I've seen a couple of recent grads who could do neither of these things. One of them didn't really seem to know much about Big-O notation, so there were basic communication problems. That was scary enough that I'm glad I don't have to work with them as a day-to-day thing. Neither seemed particularly interested in learning, either; they apparently saw themselves as some sort of 9 to 5 meat IDE-driver, and would do nothing but increase my workload.
I certainly don't agree with everything in the GP. I could completely get my rant on, about portions of that post. But I don't entirely disagree with it, either, and I don't think it should have been modded flamebait.
Oh, man. I haven't heard that in *forever*. Somebody mod parent funny.
Actually, they have bash at #35. One spot above PowerShell. While awk is at #20.
Those three assignments tell me all I need to know about their methodology.
Glad you're "amused."
Me, and a few people I know, who contribute to OS/free software, are a lot closer to pissed off than "amused." That obviously isn't you, as you're making a fallacious either/or argument. Do you seriously think that countries who were involved sent some Magical Rep, with instructions resembling, "Look, either support OOXML, or go to the next meeting while you're in Europe anyway, and support cleaner energy. Or maybe lower food prices. Whatever." I hate to break it to you, but Homer Simpson is a character in a cartoon, not an intellectual role model.
Until you get some sort of grip on logical thought, please stay focused on maintaining your pseudo-intellectual, aloof, amused Slashdot 'tude. Intensely irritating though you are, I'd far rather you were karma-whoring here, than contributing logic bugs to OS/free software that I might have to burn my time fixing.
I like KDE a lot. There are points that bother me, but they're often offset with things that I truly appreciate.
/bin/ls | fgrep STACK
:). For business reasons, I generally need to be on either Fedora, Red Hat, or a Red Hat clone.
Take tabs. In Konqueror, I've added icons to move tabs left and right. But the icons consist of an empty page. Why no arrows? It's a quibble--their positions never change, so I know which is which. But it wouldn't surprise me learn that the KDE team gets feedback that this is confusing for new users. That would be a valid point, at one level, but I don't think of things that way.
A simple UI can often only do simple things. A more complex UI, done at all correctly, allows you to do more. A UI isn't new forever. I'll gladly trade a steeper learning curve for more power all along the long tail of actual usage. I certainly don't think KDE 3.5 ever reached a point of too much complexity. I've added a couple of things to the Actions sub-menu I get when I right-click a file in Konqueror, for example. If that isn't enough, Konqueror's Tools menu lets me open a terminal at that location. Perhaps Gnome would as well. I don't know, as Gnome drove me away a long time ago, as they drained away configurability.
Back to Konq Web browser--I love having a button to clear the location window. Most browsers will accept a URL of several thousand chars. Apache would accept around 4K before it spit up an error message, last time I checked. URLs certainly aren't getting shorter. It's a lot easier to hit a button than do a complete delete from within the location window. If I want to move up some sites hierarchy, it's nice to select the bit I need to keep, hit the clear button, then middle-click the bit I want back in. I keep wondering why I've not seen that in Firefox. You can arrive at the same thing by opening and closing tabs, but a clear button is more elegant.
Another thing that's nicer in Konq is a longer list of right-click options on selected text--search Webster, etc. I extended that too, on earlier versions. Now everything I need is available from the default dialog box. Maybe I could do that in Firefox. A Google search is an option, after all. But configuring Firefox simply isn't as easy as Konqueror. Nor does it start as fast, etc. I tend to use Firefox only for those sites which simply won't work correctly in Konq--a shrinking list.
OK, back to tabs. Konsole is always running on my KDE machines. Anyone that hasn't used it--give it a try. Look through the menus. I'd like to be able to configure the toolbars though, the way I can in other KDE apps. I'd have added those blank-paper icons mentioned above to move tabs left and right. It was probably possible to hold the middle mouse button and drag a session tab well before I decided there must be a way to reorder tabs, and found it. OTOH, it's nice to keep session tabs at the bottom. That's far more likely to be where your prompt is, if you're a very active Konsole user, which I am.
Some things just make more sense from the command line. Getting details on a process is often easier than finding it in top, much less launching KDE System Guard and switching to the process table view. Though I do like, and often use, System Guard. Being able to save worksheets is sweet.
If I want to see whether a program has an executable stack, 'eu-readelf -l PROGNAME | fgrep STACK' and look at the second to last column. RW Good, RWX Not So Good. Example:
$ eu-readelf -l
GNU_STACK 0x000000 0x00000000 0x00000000 0x000000 0x000000 RW 0x4
$
Package management from the command line, via yum and an occasional rpm command, is generally faster and easier than the couple of GUIs I've tried. I rarely use any GUI system config tools, actually. I do use a couple of GTK apps, such as Wireshark (packet sniffer), pretty regularly.
Like most of us, I use whatever works best for me. I wish KDE had fixed a few things in 3.5. Assuming that they haven't fixed them, and it's just not in the Fedora packages.
Do I like KDE? Oh, yeah. 3.5, anyway. The above is just the tip of the iceberg. I like it a lot. I hope 4.x doesn't drive me away.
"Real men watch sports, and that's it. Or a skin flick if it's Friday night."
Actually, real men watch whatever they like.