In addition to disabling Java support, Safari's 'Open "safe" files after downloading' must also be disabled to prevent websites from automatically loading a Java WebStart application via a JNLP file.
Instead, look at fairsoftware.net (hey, if I invented it, I can brag about it). You won't earn immediate cash, instead you'll be getting equity into whatever fun software project you find. Or start your own and get more geeks to join you, also for revenue share, not upfront cash.
This is very, very cool.
Do you have any plans to support existing legal entities using FairSoftware? This would provide us with a low-friction approach to collaboration, allowing trust and more permanent relationships to form organically between independent contractors and our organization.
Also, do you have any thoughts on models where external billing is required, such as the iPhone App Store? Serving as a publisher could be one option here (and would be a fairly significant advantage given the difficulties individuals often have dealing with the app store). That's something I'd definitely be interested in collaborating on.
Lastly, a related project -- have you seen One-click Organizations? The information was here, but the the webhost has gone kaput today, so here's the Google Cache version
Commenting to remove accidental redundant moderation. It's right next to "Insightful".
Sorry!
Since I'm here -- I've always though that the "hardware is cheap, programmers are expensive" position presented a false dichotomy: a choice between achieving passable performance through good design, versus optimizing for developer efficiency. Efficient use of resources and ease of development are not mutually exclusive.
Modern mobile devices have fast CPUs yet very limited RAM. And no swap.
They have faster CPUs than they used to. The CPUs are still not "fast".
I spent the last week implementing, profiling, and improving up disk-backed image caching with a front-end LRU memory cache for the iPhone, and experimenting with offloading batch image processing off to a OpenGL FBO. Doing image interpolation while scaling is so expensive on the iPhone's relatively fast CPU that it's absolutely necessary for me to cache thumbnails.
The cache implementations themselves had to be highly optimized in order to pull images off disk fast enough to run inside of a tight animation loop, while also supporting a background thread rendering of not-yet-cached thumbnail images and saving to the disk cache.
I can't even fathom writing this in Python. Any spare CPU I have, I put to good use -- there's absolutely none available to spend on a slow interpreter, even for non "performance critical" parts. If there's a non-performance critical code path, then I can always use any available CPU time to do more background work and achieve better perceived UI performance.
Banks were pushed. Banks were even sued to extend home ownership to those who, frankly, can't handle it.
According to the docket in your linked article, the banks were sued for the following reason:
Plaintiffs alleged that the Defendant-bank rejected loan applications of minority applicants while approving loan applications filed by white applicants with similar financial characteristics and credit histories.
Your position appears to be that plaintiffs lied -- that in fact loan applications were denied purely based on the financial and credit characteristics of the applicants. Is there any evidence to support and/or disprove this position? I've read your links but I have not been able to find statistics that provide any confirmation of the claim that "Obama Sued Citibank Under CRA to Force it to Make Bad Loans"
Without evidence that the banks were (or were not) denying loan applications based on ethnic origin, I don't see how I -- or anyone else -- can reasonably assess whether lawsuits like this one had a significant impact on the current banking crises.
I have found The Color of Money, a series of articles on lender's avoidance of middle-income black neighborhoods. The article series won the author, Bill Dedman, the Pulitzer Prize[1]. I'll be adding the articles to my reading queue -- my expectation is that the truth behind these loans is quite a bit more complex than has been presented here.
Thirdly, I don't think the cost of media is the biggest factor by a long way. They've probably also factored in cost of a contract with Iron Mountain, cost of robotic tape library, licensing costs for TSM (or similar) and a proportion of the wages involved in paying someone to swap the tapes out and hand them over to Iron Mountain every day.
Indeed -- the cost is in offsite storage and archival. I've previously used Amazon S3. They charge.15 cents per gigabyte-month for redundant online storage, and if you want redundancy against bit flip failures on their end, you can also employ something like reed-solomon error correction on uploaded data.
When I set up uploading of (encrypted) backup archives, the total overhead was approximately $102/month in data transfer costs (1 terabyte amortized over a month) and $307/month in data storage (2 terabytes/month), with minimal month over month growth. This is a yearly cost of $4908, or $2.39 per gigabyte per year.
Getting to Social Security, you tell me ONE THING wrong with making sure people have something when they retire.
I'll worry about myself - I can invest my money better than the government can - but why should I help you retire?
Individual success and failure are not isolated in an economic system.
Social services (such as social security) are based on a simple equation:
if (cost_of_services <= (cost_of_social_ill)) {
provide_services();
}
That's the justification for providing insurance against poverty, even given the inefficiencies and abuses inherent in providing it. As you (theoretically) derive economic benefit from providing these social services, it should not be considered altruism.
Whats the state of navigation for linux in car systems? It'd be fun to homebrew one, but without decent navigation it's not a whole lot of use.
I'm sure i should have some BSOD joke in here too, but i haven't had my coffee yet
Navigation is a hard problem, primarily due to a lack of data. There are free sources (as in public domain) of street line data for many countries, however you need topological network data to accurately route a car -- street intersections, one-way streets, weighting of streets according to real-world local conditions, etc.
The US Census releases the TIGER data, and OpenStreetMaps builds on that (and other) data with a public domain wiki-style site, but neither sources have sufficient topological data to route autos.
There are two primary providers of topological map data -- you'll see their logos at the bottom of most maps, including Google Maps: NavTeq and TeleAtlas. For a brief introduction to the scale of the problem, I'd actually recommend watching TeleAtlas's marketing video on their production process
I'd love to see furtherance of open topographical data -- data about the communities around us is useful for more than just routing automobiles. One very interesting development is Google StreetView. In taking these photographs, Google has removed the need to actually drive the routes to gather, correct, or refine data -- they can collect the photographs en-masse, allowing more specialized analysis to be done offline -- anyone, anywhere, can determine whether a street is one-way, where the freeway on-ramp is, etc.
I should also mention that OpenStreetMaps uses a share-alike creative-commons license. The definition of an "aggregate work" of data is very fluid -- I can not use OSM data, since I can't combine it with data available under different licensing -- even publicly available municipal data that simply can't be re-licensed CC Share-Alike.
However, I can't afford Oracle (and Oracle Spatial). Where I to lash my business to the Good Ship Oracle, I'd be signing up for years of heavy licensing fees as our requirements grow.
PostgreSQL (and PostGIS) seem like a worthwhile investment. They're improving at a rapid pace -- but not sacrificing correctness for features. The features they lack we're still able to work-around, with the anticipation that the up-front cost of missing features constitutes an investment in the product that will be paid off as the features are added, for considerably less than the cost of licensing Oracle Spatial. (That, and contributing what we can to the projects)
Of course, your mileage may vary -- For the problems we're trying to solve, I see PostgreSQL as a good investment at most scales.
I'm unfamiliar with MySQL's partitioning -- is it radically different from postgresql's partitioning?
Yes, it is radically different. MySQL has partitioning, PostgreSQL does not.
I'm using inheritance to implement table partitioning with a rather large (50+ gig) PostgreSQL/PostGIS database. Constraint exclusion allows the query planner to use CHECK constraints to avoid even looking at tables where conditions contradict the constraints.
That's not partitioning, that's an ugly hack that will save you some I/O.
Reading the MySQL documentation, it sounds like PostgreSQL might benefit from higher-level DDL for partitioning (rather than specification of triggers and inherited tables), but it looks like PostgreSQL's actual functionality is a strict superset of MySQL's.
PostgreSQL requires the use of constraints and triggers to provide data partitioning across the tables, but that method allows the use of any type of partitioning that can be expressed in PL/PGSQL, whereas MySQL defines a specific set of supported partition types.
I'm unfamiliar with MySQL's partitioning -- is it radically different from postgresql's partitioning?
I'm using inheritance to implement table partitioning with a rather large (50+ gig) PostgreSQL/PostGIS database. Constraint exclusion allows the query planner to use CHECK constraints to avoid even looking at tables where conditions contradict the constraints.
As I understand it, you should look at variables in functional programming languages like Erlang more like those in a mathematical formula; such programs can be proven correct a lot easier, and since variables are effectively immutable
All of this is based on the premise that Erlang is a functional language. It's not purely-functional, and I just don't see the point of doing it half-assedly.
Of course Erlang is not purely functional. If it was, the only thing it could do is warm up your CPUs, and even that is technically a side-effect. A compiler could optimize away your whole purely-functional application and not produce any output.
I'm also not really sure what you mean be "half-assedly" in reference to purely-functional -- a full system that supports no side-effects wouldn't actually be useful for anything.
To your earlier point, Erlang doesn't support unbinding variables outside of the interactive shell. I think that you've misunderstood the meaning of an unbound variable, or I've misunderstood what you mean by "they're not immutable -- they can be unbound".
To me it looks kind of like a Rails clone with jQuery built in.
Personally I'm not seeing the need...
According to the FAQ, it's about as far from a Rails clone as you can get and still be on the web:
The SproutCore framework is completely JavaScript based. We have also created some build tools that will take care of efficiently packaging your HTML, JS, and CSS for delivery over the web that are based on ruby. However, Ruby is not required for you to use SproutCore except during development.
What about vulnerabilities in onboard IPMI cards? Our new servers have ARM-based cards running Linux. The built-in HTTP server is vulnerable to a widely-known buffer overflow:
landonf@ahost:~> telnet XXX.XXX.XXX.XXX 80
Trying XXX.XXX.XXX.XXX...
Connected to XXX.XXX.XXX.XXX.
Escape character is '^]'.
GET/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/ HTTP/1.0
Connection closed by foreign host.
landonf@timor:~> telnet XXX.XXX.XXX.XXX 80
Trying XXX.XXX.XXX.XXX...
telnet: connect to address XXX.XXX.XXX.XXX: Connection refused
Seems like a recipe for compromised data centers, to me. Re-imaging a machine won't touch the IPMI card.
The poster's response didn't seem ridiculous to me. He was simply pointing out the undue complexity of the destination site.
Moreover, he's right. Wikipedia -- as an independent third party dedicated to neutral point-of-view articles -- is likely to provide useful information about the show, as compared to an entity with a vested interest.
CVE-2007-5232: When Java applet caching is enabled, allows remote attackers to violate the security model for an applet's outbound connections. Released October 5th, 2007, unpatched until December 13th, 2007.
Apple is not operating at 100% all of the time. In the case of these Java updates, some potentially serious issues sat unpatched for a good long while.
No, it's really not.
see LLVM and LLVM-GCC. Several corporations are contributing to LLVM -- including Apple First a point: I'm a huge fan of LLVM and everything that it stands for. I think it's a wonderful project, and the goal of having high-performance, portable bytecode is excellent.
Now an out: If you just misunderstood the topic, and were only talking about forking, and not re-implementation, then this reply is somewhat moot.
I'm going to take that out. My point here is that the fork has occurred at the GPLv2 point. If the GPLv3 is considered too onerous, it is entirely possible that the GPLv3 code could never be merged.
I'm also not going to argue that the compiler front-end isn't complex and difficult to replace -- of course it is. I don't personally think there's much value in a re-implementation. That said, I do believe that LLVM provides a potential migration path away from the GPL, if corporations with sufficient resources deemed such a migration to be worthwhile.
It's kind of amusing to look at the history of FOSS, and a recurring theme has been that developers think that just because they have developed a complex piece of software over a long period of time (gcc comes to mind) that it's not open to being reimplimented in the future. If GPL3 becomes a thorn in would-be commercial users, there will be money available to replace it with something that's not so obnoxious.
This is occurring -- see LLVM and LLVM-GCC. Several corporations are contributing to LLVM -- including Apple
The open source iPhone development tools currently use LLVM with the GCC front-end. In this case, the gcc driver is used to interface with LLVM, and output LLVM byte-code. LLVM handles the assembly/linking of this byte code as a native executable. The GCC driver simply provides a fully GCC-compatible front-end -- it can (and has been) forked from GPLv2 licensed gcc, and in theory, could be maintained in perpetuity as a fork -- or potentially replaced outright.
I'm personally willing to pay a significant premium ($1.99 vs $0.00) to watch a show free of all advertising, whenever I choose to watch it. Over the air (or via cable) is really not an alternative -- even with a PVR, I have to haul out a remote and fast-forward/skip through commercials.
I don't really care if NBC sticks with iTunes, but I want the option to *pay them money* for: - Commercial-less television. - On-demand, anytime access.
However, NBC wasn't happy with $1.99 -- it sounds like they wanted to restrict my fair-use access with more draconian DRM, and introduce variable pricing. Perhaps that variable pricing would have been in my favor -- but I'm pretty sure it would have been tied to time-limited DRM. Either way, I don't see an obvious alternative.
Imagine how valuable a smart phone is as a malware target: it's carried on your persons, has access to your home and office, it's always always on, has direct internet connectivity, a decent camera, sensitive microphone, and a great deal of your personal information.
Given the value of this target, why on earth are people installing random binaries on their iPhone when they have absolutely no way of ascertaining whether they can trust the original provider of said binaries?
Writing malware is not particularly difficult when you have a good SDK. The iPhone is, for most purposes, a fully functional and familiar UNIX environment, and the APIs necessary to build a SpyPhone are not a secret. Given the lack of insight the average user will have into the operating system on a handheld device, they'd likely never know of an infection.
While I *very much doubt* we'll ever see a mass malware infection, users need to be careful about what they put on their phone, who made the binaries, and how they verify the source. Even one compromised iPhone would be very valuable to a nefarious malfeasant.
People have a hard enough time piloting an automobile as is, but they're positively terrible at it when you add a phone to the mix.
As someone who has been sent to the ER room after being hit by an inattentive driver, I think it's bloody ridiculous to claim that these laws have anything to do with ticket revenue.
Slashdot Mirror
No patch is currently available -- a fully patched 10.5.7 system remains vulnerable. See also http://landonf.bikemonkey.org/code/macosx/CVE-2008-5353.20090519.html
In addition to disabling Java support, Safari's 'Open "safe" files after downloading' must also be disabled to prevent websites from automatically loading a Java WebStart application via a JNLP file.
I've also posted a demonstration of the vulnerability at http://landonf.bikemonkey.org/code/macosx/CVE-2008-5353.20090519.html
1. Nobody calls it "Frisco."
Tell that to Hardee's
"Hardee's is a restaurant chain, located mostly in the Midwest United States and Southeast regions." Ah yes, the good ol' midwest.
Instead, look at fairsoftware.net (hey, if I invented it, I can brag about it). You won't earn immediate cash, instead you'll be getting equity into whatever fun software project you find. Or start your own and get more geeks to join you, also for revenue share, not upfront cash.
This is very, very cool.
Do you have any plans to support existing legal entities using FairSoftware? This would provide us with a low-friction approach to collaboration, allowing trust and more permanent relationships to form organically between independent contractors and our organization.
Also, do you have any thoughts on models where external billing is required, such as the iPhone App Store? Serving as a publisher could be one option here (and would be a fairly significant advantage given the difficulties individuals often have dealing with the app store). That's something I'd definitely be interested in collaborating on.
Lastly, a related project -- have you seen One-click Organizations? The information was here, but the the webhost has gone kaput today, so here's the Google Cache version
Commenting to remove accidental redundant moderation. It's right next to "Insightful".
Sorry!
Since I'm here -- I've always though that the "hardware is cheap, programmers are expensive" position presented a false dichotomy: a choice between achieving passable performance through good design, versus optimizing for developer efficiency. Efficient use of resources and ease of development are not mutually exclusive.
Modern mobile devices have fast CPUs yet very limited RAM. And no swap.
They have faster CPUs than they used to. The CPUs are still not "fast".
I spent the last week implementing, profiling, and improving up disk-backed image caching with a front-end LRU memory cache for the iPhone, and experimenting with offloading batch image processing off to a OpenGL FBO. Doing image interpolation while scaling is so expensive on the iPhone's relatively fast CPU that it's absolutely necessary for me to cache thumbnails.
The cache implementations themselves had to be highly optimized in order to pull images off disk fast enough to run inside of a tight animation loop, while also supporting a background thread rendering of not-yet-cached thumbnail images and saving to the disk cache.
I can't even fathom writing this in Python. Any spare CPU I have, I put to good use -- there's absolutely none available to spend on a slow interpreter, even for non "performance critical" parts. If there's a non-performance critical code path, then I can always use any available CPU time to do more background work and achieve better perceived UI performance.
Banks were pushed. Banks were even sued to extend home ownership to those who, frankly, can't handle it.
According to the docket in your linked article, the banks were sued for the following reason:
Plaintiffs alleged that the Defendant-bank rejected loan applications of minority applicants while approving loan applications filed by white applicants with similar financial characteristics and credit histories.
Your position appears to be that plaintiffs lied -- that in fact loan applications were denied purely based on the financial and credit characteristics of the applicants. Is there any evidence to support and/or disprove this position? I've read your links but I have not been able to find statistics that provide any confirmation of the claim that "Obama Sued Citibank Under CRA to Force it to Make Bad Loans"
Without evidence that the banks were (or were not) denying loan applications based on ethnic origin, I don't see how I -- or anyone else -- can reasonably assess whether lawsuits like this one had a significant impact on the current banking crises.
I have found The Color of Money, a series of articles on lender's avoidance of middle-income black neighborhoods. The article series won the author, Bill Dedman, the Pulitzer Prize[1]. I'll be adding the articles to my reading queue -- my expectation is that the truth behind these loans is quite a bit more complex than has been presented here.
[1] Bill Dedman's MSNBC bio
Thirdly, I don't think the cost of media is the biggest factor by a long way. They've probably also factored in cost of a contract with Iron Mountain, cost of robotic tape library, licensing costs for TSM (or similar) and a proportion of the wages involved in paying someone to swap the tapes out and hand them over to Iron Mountain every day.
Indeed -- the cost is in offsite storage and archival. I've previously used Amazon S3. They charge .15 cents per gigabyte-month for redundant online storage, and if you want redundancy against bit flip failures on their end, you can also employ something like reed-solomon error correction on uploaded data.
When I set up uploading of (encrypted) backup archives, the total overhead was approximately $102/month in data transfer costs (1 terabyte amortized over a month) and $307/month in data storage (2 terabytes/month), with minimal month over month growth. This is a yearly cost of $4908, or $2.39 per gigabyte per year.
[Citation Needed]
Getting to Social Security, you tell me ONE THING wrong with making sure people have something when they retire. I'll worry about myself - I can invest my money better than the government can - but why should I help you retire?
Individual success and failure are not isolated in an economic system.
Social services (such as social security) are based on a simple equation:
if (cost_of_services <= (cost_of_social_ill)) { provide_services(); }
That's the justification for providing insurance against poverty, even given the inefficiencies and abuses inherent in providing it. As you (theoretically) derive economic benefit from providing these social services, it should not be considered altruism.
Whats the state of navigation for linux in car systems? It'd be fun to homebrew one, but without decent navigation it's not a whole lot of use.
I'm sure i should have some BSOD joke in here too, but i haven't had my coffee yet
Navigation is a hard problem, primarily due to a lack of data. There are free sources (as in public domain) of street line data for many countries, however you need topological network data to accurately route a car -- street intersections, one-way streets, weighting of streets according to real-world local conditions, etc.
The US Census releases the TIGER data, and OpenStreetMaps builds on that (and other) data with a public domain wiki-style site, but neither sources have sufficient topological data to route autos.
There are two primary providers of topological map data -- you'll see their logos at the bottom of most maps, including Google Maps: NavTeq and TeleAtlas. For a brief introduction to the scale of the problem, I'd actually recommend watching TeleAtlas's marketing video on their production process
I'd love to see furtherance of open topographical data -- data about the communities around us is useful for more than just routing automobiles. One very interesting development is Google StreetView. In taking these photographs, Google has removed the need to actually drive the routes to gather, correct, or refine data -- they can collect the photographs en-masse, allowing more specialized analysis to be done offline -- anyone, anywhere, can determine whether a street is one-way, where the freeway on-ramp is, etc.
I should also mention that OpenStreetMaps uses a share-alike creative-commons license. The definition of an "aggregate work" of data is very fluid -- I can not use OSM data, since I can't combine it with data available under different licensing -- even publicly available municipal data that simply can't be re-licensed CC Share-Alike.
Stuff like that is why, as much as I love Postgres, it isn't replacing Oracle any time soon. Not when things like partitioning are called for.
There are a number features in Oracle Spatial I'd love to have, such as support for topology, and geographic raster image data
However, I can't afford Oracle (and Oracle Spatial). Where I to lash my business to the Good Ship Oracle, I'd be signing up for years of heavy licensing fees as our requirements grow.
PostgreSQL (and PostGIS) seem like a worthwhile investment. They're improving at a rapid pace -- but not sacrificing correctness for features. The features they lack we're still able to work-around, with the anticipation that the up-front cost of missing features constitutes an investment in the product that will be paid off as the features are added, for considerably less than the cost of licensing Oracle Spatial. (That, and contributing what we can to the projects)
Of course, your mileage may vary -- For the problems we're trying to solve, I see PostgreSQL as a good investment at most scales.
I'm unfamiliar with MySQL's partitioning -- is it radically different from postgresql's partitioning?
Yes, it is radically different. MySQL has partitioning, PostgreSQL does not.
I'm using inheritance to implement table partitioning with a rather large (50+ gig) PostgreSQL/PostGIS database. Constraint exclusion allows the query planner to use CHECK constraints to avoid even looking at tables where conditions contradict the constraints.
That's not partitioning, that's an ugly hack that will save you some I/O.
Reading the MySQL documentation, it sounds like PostgreSQL might benefit from higher-level DDL for partitioning (rather than specification of triggers and inherited tables), but it looks like PostgreSQL's actual functionality is a strict superset of MySQL's.
PostgreSQL requires the use of constraints and triggers to provide data partitioning across the tables, but that method allows the use of any type of partitioning that can be expressed in PL/PGSQL, whereas MySQL defines a specific set of supported partition types.
Anything I'm missing?
I'm unfamiliar with MySQL's partitioning -- is it radically different from postgresql's partitioning?
I'm using inheritance to implement table partitioning with a rather large (50+ gig) PostgreSQL/PostGIS database. Constraint exclusion allows the query planner to use CHECK constraints to avoid even looking at tables where conditions contradict the constraints.
As I understand it, you should look at variables in functional programming languages like Erlang more like those in a mathematical formula; such programs can be proven correct a lot easier, and since variables are effectively immutable
All of this is based on the premise that Erlang is a functional language. It's not purely-functional, and I just don't see the point of doing it half-assedly.
Of course Erlang is not purely functional. If it was, the only thing it could do is warm up your CPUs, and even that is technically a side-effect. A compiler could optimize away your whole purely-functional application and not produce any output.
I'm also not really sure what you mean be "half-assedly" in reference to purely-functional -- a full system that supports no side-effects wouldn't actually be useful for anything.
To your earlier point, Erlang doesn't support unbinding variables outside of the interactive shell. I think that you've misunderstood the meaning of an unbound variable, or I've misunderstood what you mean by "they're not immutable -- they can be unbound".
Personally I'm not seeing the need...
According to the FAQ, it's about as far from a Rails clone as you can get and still be on the web:
The SproutCore framework is completely JavaScript based. We have also created some build tools that will take care of efficiently packaging your HTML, JS, and CSS for delivery over the web that are based on ruby. However, Ruby is not required for you to use SproutCore except during development.
http://www.sproutcore.com/about/
What about vulnerabilities in onboard IPMI cards? Our new servers have ARM-based cards running Linux. The built-in HTTP server is vulnerable to a widely-known buffer overflow:
landonf@ahost:~> telnet XXX.XXX.XXX.XXX 80Trying XXX.XXX.XXX.XXX...
Connected to XXX.XXX.XXX.XXX.
Escape character is '^]'.
GET
Connection closed by foreign host.
landonf@timor:~> telnet XXX.XXX.XXX.XXX 80
Trying XXX.XXX.XXX.XXX...
telnet: connect to address XXX.XXX.XXX.XXX: Connection refused
Seems like a recipe for compromised data centers, to me. Re-imaging a machine won't touch the IPMI card.
The poster's response didn't seem ridiculous to me. He was simply pointing out the undue complexity of the destination site.
Moreover, he's right. Wikipedia -- as an independent third party dedicated to neutral point-of-view articles -- is likely to provide useful information about the show, as compared to an entity with a vested interest.
Prior to buying CUPS outright, Apple licensed CUPS under a non-GPL distribution license. See CUPS License Exceptions.
Well, yes and no. Apple *is* very good with many security issues, but here are a few counter-examples off the top of my head:
Apple is not operating at 100% all of the time. In the case of these Java updates, some potentially serious issues sat unpatched for a good long while.
This is occurring
No, it's really not. see LLVM and LLVM-GCC. Several corporations are contributing to LLVM -- including Apple First a point: I'm a huge fan of LLVM and everything that it stands for. I think it's a wonderful project, and the goal of having high-performance, portable bytecode is excellent.Now an out: If you just misunderstood the topic, and were only talking about forking, and not re-implementation, then this reply is somewhat moot.
I'm going to take that out. My point here is that the fork has occurred at the GPLv2 point. If the GPLv3 is considered too onerous, it is entirely possible that the GPLv3 code could never be merged.
I'm also not going to argue that the compiler front-end isn't complex and difficult to replace -- of course it is. I don't personally think there's much value in a re-implementation. That said, I do believe that LLVM provides a potential migration path away from the GPL, if corporations with sufficient resources deemed such a migration to be worthwhile.
This is occurring -- see LLVM and LLVM-GCC. Several corporations are contributing to LLVM -- including Apple
The open source iPhone development tools currently use LLVM with the GCC front-end. In this case, the gcc driver is used to interface with LLVM, and output LLVM byte-code. LLVM handles the assembly/linking of this byte code as a native executable. The GCC driver simply provides a fully GCC-compatible front-end -- it can (and has been) forked from GPLv2 licensed gcc, and in theory, could be maintained in perpetuity as a fork -- or potentially replaced outright.
I'm personally willing to pay a significant premium ($1.99 vs $0.00) to watch a show free of all advertising, whenever I choose to watch it. Over the air (or via cable) is really not an alternative -- even with a PVR, I have to haul out a remote and fast-forward/skip through commercials.
I don't really care if NBC sticks with iTunes, but I want the option to *pay them money* for:
- Commercial-less television.
- On-demand, anytime access.
However, NBC wasn't happy with $1.99 -- it sounds like they wanted to restrict my fair-use access with more draconian DRM, and introduce variable pricing. Perhaps that variable pricing would have been in my favor -- but I'm pretty sure it would have been tied to time-limited DRM. Either way, I don't see an obvious alternative.
Imagine how valuable a smart phone is as a malware target: it's carried on your persons, has access to your home and office, it's always always on, has direct internet connectivity, a decent camera, sensitive microphone, and a great deal of your personal information.
Given the value of this target, why on earth are people installing random binaries on their iPhone when they have absolutely no way of ascertaining whether they can trust the original provider of said binaries?
Writing malware is not particularly difficult when you have a good SDK. The iPhone is, for most purposes, a fully functional and familiar UNIX environment, and the APIs necessary to build a SpyPhone are not a secret. Given the lack of insight the average user will have into the operating system on a handheld device, they'd likely never know of an infection.
While I *very much doubt* we'll ever see a mass malware infection, users need to be careful about what they put on their phone, who made the binaries, and how they verify the source. Even one compromised iPhone would be very valuable to a nefarious malfeasant.
People have a hard enough time piloting an automobile as is, but they're positively terrible at it when you add a phone to the mix.
As someone who has been sent to the ER room after being hit by an inattentive driver, I think it's bloody ridiculous to claim that these laws have anything to do with ticket revenue.