One such thing is a soon-to-be-released (but available from svn) open source library called flashticle.
One of the more interesting features of flashticle is the integration it has with TurboGears: flashticle.turbogateway. This lets you very simply develop Flash Remoting services using Python.
So that's 117 lines of Python...and a library. And it doesn't say how big the library is.
The Java version of the BirthdayOrganizer backend, which I won't even bother linking to, is well... ginormous. 246 lines of XML configuration sludge in 5 files, 29 lines of SQL schema in 1 file, and 3004 lines of Java code in 45 files.
Could any of these 3004 lines be considered/implemented as library files? How many lines of Java would it take then?
The PHP version of the pizzaService backend (pizzaService.php) is 138 lines of code, is one big security flaw (doesn't escape SQL properly, big surprise), is MySQL specific, and it doesn't include the DB schema and can't create any tables for you.
And this begs the question: who wrote it? It is possible to write secure PHP, as much as it's possible to write insecure python.
You can take yer apples and pears, and compare them up yer own arse.
The White House's website uses what's known as a web bug to anonymously keep track of who's visiting and when. A web bug is essentially a tiny graphic image -- a dot, really -- that's virtually invisible. In this case, the bug is pulled from a server maintained by the contractor, WebTrends, and lets the traffic analytic company know that another person has visited a specific page on the site.
Whilst WebTrends say they're not aggregating the data across multiple sites, but we only have their word for it.
The article isn't very clear though whether it's talking about cookies/webbugs from the Whitehouse's site or the NSA's site. Nothing like a journalist to confuse you more.
if *you* are said traveller, handing over all this information won't help you. So you go to Singapore, fly back, and suddenly Singapore has a SARS outbreak. You won't need the CDC to phone you - it'll be all over the news.
The information will be used so that they can track the disease's spread across the country. It's not Patient Zero (that's P0 for the USA, not P0 for the disease) they'll be helping...given the speed of bureaucracy they'll never reach P0 before symptoms set in.
Being able to examine an outbreak - and trace it back to a P0 - will allow them to work back up the tree via P1, P2, P3...and predict further outbreaks based on their behaviour.
The UK Data Protection Act gives people certain rights - this from the UK DTI site (emphasis mine):
The Act gives certain rights to individuals (called Data Subjects). It allows them to:
find out what information a Data Controller holds about them;
find out why the Data Controller holds the information (the purpose of the processing);
have any inaccuracies corrected or erased;
know who has access to their personal information and to whom the Data Controller may disclose their personal information;
and (with certain key exceptions)
object to the processing of their personal data where the processing is likely to cause damage or distress, or is for the purposes of direct marketing.
I'm glad I'm in the UK, but these rights are pretty fundamental for data protection. If the USA doesn't have them, it's a real shame.
oh - and you're not allowed to charge a fee for correcting inaccurate information. sounds like a recipe for blackmail and extortion.
Further, it should be understood that most audio mastering engineers will severely filter out any frequencies below 25 Hz as a matter of habit from the old mastering vinyl days
This is because - on vinyl - the lateral deflection of the groove is proportional to frequency (as well as amplitude). So for the same volume, low frequencies cause a groove to take considerably more space on the disk than high frequencies.
This is addressed by attenuating low frequencies (and boosting high) before recording, and reversing this on playback. This is known as RIAA equalization because the RIAA equalization curve became the standard for recording and playback on vinyl.
the whole point of a rootkit is that it wriggles so deep into the system that it can hide from 'show hidden files and folders', as well as hiding entries from regedit.
do you really believe that a regular 'hidden' folder would be undetectable by AV scanners?
I believe we need new...transparent, public, principled, and freed from the traditions of hierarchy...far more powerful, with deep and rich new interconnections and properties...we can build a new...realm
That's right, Prof Nelson's on his way to save the world and create a new utopia for rebel humanists everywhere!
We've long recognised that different computer systems need different levels of security and stability: real-time systems running Boeing auto-pilots don't need firewalls (at least, I assume they're not networked!) but do need high reliability and stability. Headlines like Nuclear power station brought down by Slammer worm shouldn't happen - and when it does someone needs to take responsibility.
However, the cost of developing a super-stable system is massive; whilst absolving all risk (as most EULAs do) is akin to passing the buck, liability for flaws needs to be allocated reasonably.
independent software vendors may choose not to target the Linux desktop
From TFA:
Some big names in the computer industry are pledging to make the development of desktop applications for the Linux operating system much easier than it has been.
I'm all for a good set of standards; installation already varies across apts, rpms, and make installs. The article raises the issue of a standard desktop installation method, question is, will we see yet another install method?
How will this impact server systems and installation methods (apt/rpm) for non-desktop systems? What about software that operates desktop framework components and what you'd typically consider 'server' stuff...will there be two installation methods, one for the desktop and another for the service?
Cross-desktop compatibility...
I'm sure everyone here knows of KDE and Gnome as the two most popular desktops - so will these standards just be targeted at these? Or just one of these? What about the (near infinite) variety of other windowing systems - the only common thread is X-Windows (and not always that...what's about Sun's JDS Java Desktop System?)
Packaging Photoshop for linux will always be difficult because of this variety - Adobe can only support so many variations. The only way this will work is if they standardise on a single desktop system, killing off the others.
TFA talks about 'the first specification for Linux desktop software' and 'It plans to give compliant applications a "Linux Standard Base Desktop" certification mark.'. This does indeed suggest the death knell is sounding for variety on the linux desktop.
In other news, we learn that script kiddies don't actually write software.
What's with the "commercially available" business? From TFA:
The version of the rootkit detected by F-Secure is called Golden Hacker Defender. It is a commercial product that can be bought for around 500, according to the security firm.
So you can buy it, so what - you can buy cocaine on street corners, does that make it 'commercially available'? Or are they simply heralding Rootkit 101 as the latest product to hit the v-scene? What's next, Virus Writers Monthly?
Come on, malware's been for sale for donkeys years, someone packaging something up and calling it a product doesn't change the nature of the beast.
How much of modern telecommunication is based on outdated, outmoded pricing models?
UK competition authorities say mobile phone providers' roaming charges (where you use your phone abroad) are unnecessarily high.
Using your mobile's GPRS to access the web costs around £1.00 per MB...trust me - I speak from painful experience - it doesn't take long for that pound a meg to mount up!
Using Directory Enquiries used to be free, then there was a nominal charge, so the UK introduced competition and now you pay upwards of 50p (and they often give you the wrong number)...so much for competition.
Wireless Internet - HOW MUCH?! £10 an hour (yes, really!) is ridiculous, when you can get wired broadband for £15 a month and stick a £40 wireless router on in.
Is it just the UK? Are we getting royally screwed by the communications industry? Is VoIP going to be another royal shafting? Answers on a postcard...
The Electronic Product Code (EPC) was created by the Auto-ID Center as an eventual successor to the bar code...EPC tags were designed to identify each item manufactured, as opposed to just the manufacturer and class of products, as bar codes do today.
FOSS software, e.g. linux, has been hindered in its ability to adequately compete for the desktop environment because it's illegal to market distros with fully functional digital media playback facilities.
In the case of MP3, it cannot be distributed under the GPL. MP3 may be an ISO standard, but it's still protected by patents (see http://www.mp3licensing.com/>).
The licencing fee for MP3 playing software is US $0.75 per unit or a one time payment of US $50,0000 - $ 60,000. The fee for an encoder is $2.50 - $5.00 per unit.
Microsoft do have a licencing program for WMA, and I'm sure they'd love the thought of selling it to *nix.
Slashdot Mirror
You'd love to be in this when the power fails...
from TFA
So that's 117 lines of Python...and a library. And it doesn't say how big the library is.
Could any of these 3004 lines be considered/implemented as library files? How many lines of Java would it take then?
And this begs the question: who wrote it? It is possible to write secure PHP, as much as it's possible to write insecure python.
You can take yer apples and pears, and compare them up yer own arse.
This take on the story from Wired states:
Whilst WebTrends say they're not aggregating the data across multiple sites, but we only have their word for it.
The article isn't very clear though whether it's talking about cookies/webbugs from the Whitehouse's site or the NSA's site. Nothing like a journalist to confuse you more.
if *you* are said traveller, handing over all this information won't help you. So you go to Singapore, fly back, and suddenly Singapore has a SARS outbreak. You won't need the CDC to phone you - it'll be all over the news.
The information will be used so that they can track the disease's spread across the country. It's not Patient Zero (that's P0 for the USA, not P0 for the disease) they'll be helping...given the speed of bureaucracy they'll never reach P0 before symptoms set in.
Being able to examine an outbreak - and trace it back to a P0 - will allow them to work back up the tree via P1, P2, P3...and predict further outbreaks based on their behaviour.
it's a rotating ad - if it worked for you, they're not serving you the offending ad.
(incidentally, i'm on FF1.5b2).
the offending ad is a tourism ad for "St Petersburg Clearwater"
Wired includes an advert through JavaScript. In this case, the script inserts malformed html, which cause FF to render incorrectly.
SOLUTION: turn off JavaScript, or fire up IE.
It's free! They removed the shareware fee a while ago. And it's good :)
The UK Data Protection Act gives people certain rights - this from the UK DTI site (emphasis mine):
I'm glad I'm in the UK, but these rights are pretty fundamental for data protection. If the USA doesn't have them, it's a real shame.
oh - and you're not allowed to charge a fee for correcting inaccurate information. sounds like a recipe for blackmail and extortion.
Egress...isn't that a female eagle?
(ok, Pratchett came up with that one first :)
This is because - on vinyl - the lateral deflection of the groove is proportional to frequency (as well as amplitude). So for the same volume, low frequencies cause a groove to take considerably more space on the disk than high frequencies.
This is addressed by attenuating low frequencies (and boosting high) before recording, and reversing this on playback. This is known as RIAA equalization because the RIAA equalization curve became the standard for recording and playback on vinyl.
not gonna work.
the whole point of a rootkit is that it wriggles so deep into the system that it can hide from 'show hidden files and folders', as well as hiding entries from regedit.
do you really believe that a regular 'hidden' folder would be undetectable by AV scanners?
We've long recognised that different computer systems need different levels of security and stability: real-time systems running Boeing auto-pilots don't need firewalls (at least, I assume they're not networked!) but do need high reliability and stability. Headlines like Nuclear power station brought down by Slammer worm shouldn't happen - and when it does someone needs to take responsibility.
However, the cost of developing a super-stable system is massive; whilst absolving all risk (as most EULAs do) is akin to passing the buck, liability for flaws needs to be allocated reasonably.
From TFA:
I'm all for a good set of standards; installation already varies across apts, rpms, and make installs. The article raises the issue of a standard desktop installation method, question is, will we see yet another install method?
How will this impact server systems and installation methods (apt/rpm) for non-desktop systems? What about software that operates desktop framework components and what you'd typically consider 'server' stuff...will there be two installation methods, one for the desktop and another for the service?
Cross-desktop compatibility...
I'm sure everyone here knows of KDE and Gnome as the two most popular desktops - so will these standards just be targeted at these? Or just one of these? What about the (near infinite) variety of other windowing systems - the only common thread is X-Windows (and not always that...what's about Sun's JDS Java Desktop System?)
Packaging Photoshop for linux will always be difficult because of this variety - Adobe can only support so many variations. The only way this will work is if they standardise on a single desktop system, killing off the others.
TFA talks about 'the first specification for Linux desktop software' and 'It plans to give compliant applications a "Linux Standard Base Desktop" certification mark.'. This does indeed suggest the death knell is sounding for variety on the linux desktop.
In other news, we learn that script kiddies don't actually write software.
What's with the "commercially available" business? From TFA:So you can buy it, so what - you can buy cocaine on street corners, does that make it 'commercially available'? Or are they simply heralding Rootkit 101 as the latest product to hit the v-scene? What's next, Virus Writers Monthly?
Come on, malware's been for sale for donkeys years, someone packaging something up and calling it a product doesn't change the nature of the beast.
How much of modern telecommunication is based on outdated, outmoded pricing models?
Is it just the UK? Are we getting royally screwed by the communications industry? Is VoIP going to be another royal shafting? Answers on a postcard...
http://www.rfidjournal.com/faq/23/102 [RFID Journal] says that:
In the case of MP3, it cannot be distributed under the GPL. MP3 may be an ISO standard, but it's still protected by patents (see http://www.mp3licensing.com/>).
The licencing fee for MP3 playing software is US $0.75 per unit or a one time payment of US $50,0000 - $ 60,000. The fee for an encoder is $2.50 - $5.00 per unit.
Microsoft do have a licencing program for WMA, and I'm sure they'd love the thought of selling it to *nix.