Maybe they're being proactive about the ones they get the most complaints about, hence the biggest ones.
Yes, that's why I mentioned Adobe Flash, Adobe Reader, and Java JRE and wondered why they're not mentioned. Do you pay any attention at all to how malware infections actually occur? I'm sure #1 is and always will be social engineering, but those three applications have to be in the top 5 based on the number of in-the-wild exploits.
Since all software has bugs, you can always find something, so if you go by complaint count, you're going to be sorting by user base, so all you're really doing is finding a roundabout way to list software companies by size. And you get to slag on them and call it a service to your customers. And it's probably 100% legal and righteous.
One would think that MS would be inclined to post security bulletins for the most severe and most widespread issues. As you say, there are bugs in all software, but informing users about those which are the most severe and the most likely to affect them makes then most sense. Nobody cares if Firefox 2.0 has a security vulnerability because nobody uses it and so nobody exploits it. Nobody is going to write an exploit today for a vulnerability which closed over six months ago on a piece of software which is several versions out of date on software which automatically updates itself. It's ludicrous to spend the time warn people about it, and since MS does have a potential conflict of interest by listing 3rd party software, it makes even less sense to only issue security warnings on software they are in direct competition with because that will only serve to call into question MS's impartiality.
Until the competitors start to pay Microsoft to stop doing it.
That will not happen. Read the article. MS is using CVD (aka responsible disclosure) while issuing these reports. Why would a vendor pay to get MS to stop issuing alerts based on cooperative vulnerability disclosures?
I noticed that. I also noticed they didn't list the vendors I'd call the major offenders: Adobe (Flash, Reader) and Java. I find it a little unlikely none of those products has no open vulnerabilities. However, it says they're only doing responsible disclosure (CVD) and I would as easily believe that Adobe and Oracle are still unwilling to talk about security problems as much as MS just wants to smear Google and Mozilla (sorry, Opera, nobody really sees you as a threat).
CNC machines are a wholly different bag of worms. CNC systems are not exposed to the Internet and are generally on their own VLAN (that's if they require network at all). I'm sure a hundred people can respond about CNC machines picking up viruses or workers getting caught browsing porn on CNC systems, but everyone here knows that is absolutely due to improper management of the network. Poor software development, poor project management, poor systems engineering, poor site management, poor IT infrastructure, poor security and so on are all to blame in such cases well before 'ZOMG MS IS DROPPING XP SUPPORT'. A CNC machine could just as easily run DOS if not for the fact that developers for Windows are cheaper and the hardware demands the newer OS.
When the tools for new Siemens and National Instruments hardware are only available for newer operating systems and the older hardware is no longer available for purchase, we will see XP as CNC platform fade away.
So you don't just want the US to change how they label their measurements, you want them to completely change their infrastructure? Should they change to left-hand drive and 220V A/C power while they're at it, too?
so that's your argument? "what would the aliens think?"
SI is a planetary standard. the only (ONLY) arbitrary measure in it is the actual length of the metre, because at some point someone had to choose something.
That's not even remotely true. Standard temperature and pressure? Arbitrary. Base 10 numeric system? Arbitrary. Using the freezing and boiling temperatures of water (at STP, no less) to determine degrees of temperature? Arbitrary. Duration of a second? Arbitrary.
That said, most people typically use two very common Imperial style measurements. How about 360 degrees in a circle, or 24 hours in a day, 60 minutes in an hour, and 60 seconds in a minute? Arbitrary, and the value of that was chosen precisely for the same reasons that the Imperial standard has seemingly strange values. Decimal fractional notation has only been popular relatively recently. Prior to it's adoption people worked with vulgar fractions when dividing. Just like today, people hate vulgar fractions, so choosing numbers that are easily divisible is nice. 360 is divisible by 2, 3, 4, 5, 6, 8, 9, 10, 12, 15, 18, 20, 24, 30, 36, 40, 45, 60, 72, 90, 120, and 180. Nobody works with radians because working with pi is a pain in the ass outside of a calculator. Think about how easy it is to divide up time in your head. You sleep 8 hours, that's exactly a third of the day. Quarter of an hour? Half an hour? Calculating these figures are trivial because we work with them every day and they're nice whole numbers. How often do you work with an *eighth* of an hour? You don't because seven and a half minutes is an awkward amount of time. Just because people today fail to see the logic behind the system choices in Imperial today doesn't mean they're not still there.
Actually, I think Apple is an awful corporation that produces overpriced goods whose quality has an excessively short lifespan. I've never seen an Apple product survive a year out of warranty without problems. Apple also encourages cultural elitism and people use their products to justify arrogance. As much as Gates departure has seriously improved Microsoft, Jobs departing Apple again would be even better. The only possible better event would be Larry Ellison getting out of Oracle.
However, I work for a public school district. I'm exposed to a frustrating number of parents with no sense of responsibility and an overdeveloped sense of entitlement. Additionally, I live in the United States, which has an excessive number of selfish and petty civil court cases. Tort reform is needed, but considering how much that would aid asshole corporations in running roughshod over suddenly powerless citizens, I am not exactly willing to fight for it at the moment.
So, neglectful parents are suing Apple because they can't be fucked with to watch what their children are doing?
No, conscientious parents are suing Apple for preying on children. And they found out about Apple preying on their children by watching what their children were doing.
It's far more likely they're suing because they got the bill and saw how much virtual currency their child purchased, and rather than blaming their child for doing something stupid, or blaming themselves for not actually watching their child, they resort to court action. Because if it's one thing courts are good for, it's fixing problems in ways that make everyone happy.
NAT is a solution to address depletion in the same manner than increasing the debt cap is a solution to the US national deficit.
NAT, to a networking professional, is an abomination. It functions literally by breaking TCP/IP and lying to network neighbors. It functions by breaking the rules networks are designed and intended to play by, and overuse of NAT prevents any intelligence in routing and networking. Imagine if mailing addresses were limited in the same manner. Everything is a PO Box. Now imagine several layers of PO Boxes have to be traversed for anything to be delivered.
Moving to IPv6 is the right way to fix this. It's not easy, but it's the right way to do it.
I'm not signing up but I'm boycotting. Of course, it's more of a de facto boycott, because I don't really own any SCEA products or things that use SCEA products. The closest thing I've come to owning an SCEA product is watching an LP of God of War and going with a friend of mine to buy a Ratchet and Clank game... used. I suppose I still have Playstation games for my PS1... but that is no longer functional.
While it was certainly fraudulent and thus illegal, there is an old adage saying if a deal seems too good to be true, it probably is. Caveat emptor. I would be a lot more sympathetic if they were selling these fraudulent devices at the same price as the real thing.
I'll agree with Woz if he's talking about collegiate schooling. However, in grade school, particularly in primary grade school, school is about knowledge almost exclusively (well, and social interaction). Testing at this level (and any level) is primarily designed to determine if the teaching methods employed were successful. If one person fails a test, that student failed to learn the material. If every student fails a test, then either the teacher failed to teach the material or failed to write a realistic test.
In the end, how you test has to be related to what you're teaching and what your goals for the course are. Are people just supposed to learn something by-wrote knowledge and comprehension? Some classes are all that. In other classes, testing is partly comprehension based and partly analysis and evaluation based. In those classes you learn the material, comprehend the topics, and then generate your own information from that.
The real caveat to what Woz is talking about is that he's focusing on technology based education. So when he generalizes, he's still generalizing about a fairly specific topic.
I'm curious what your example case is. What data structure? What are you trying to do with it?
I'm primarily a system administrator, and in the past few years I have seen nothing from Microsoft which hasn't shown a drastic increase in the amount they're listening to their customers. They've been fixing several obviously broken products and providing a lot of tools which make my job easier. The departure of Gates has been one of the best things for the company. It's slow in some areas, yes, but Microsoft is a massive company so anything they do is slow and lumbering.
Honestly, in this case the patent problem is wholly beside the point. You could choose Mono and carry an extremely low risk of patent litigation (this kit is produced by Novell which has a good relationship with Microsoft including patent detente) or choose Java... which is currently the topic of ongoing patent litigation between Google and Oracle.
First, it is mono. Beside any technical argument. There are a lot of people who do not like mono, because it is an incarnation of evil (alias MS). I am not saying that it is, but many people feel that way.
Yeah, but look at your alternatives. You can use Mono, aka.NET, aka Microsoft. Or you can use Java, aka Sun, aka Oracle, aka plaintiff in litigation against Google over Java in Android.
Spoken like someone that doesn't know what anarchy is.
Well, he doesn't know what Nazism is, either, so I'm not surprised. He probably doesn't understand why the Bolshevik Communists and Nazis hated each other so much, too.
Yes, yes, we're all very impressed it was Apple doing something original in 1984 by copying Xerox and Doug Engelbart, and then later did something original in 2000 by copying Unix.
Everybody copies the ideas of others. Even when they're original, they're mostly copies. When you get copied, you know you had a good idea! Imitation is the highest form of success. James Watt? Copied Newcomen. Ford? Copied Portsmouth Block Mills. Progress is a series of incremental improvements to established, well-understood methods and technologies. Revolutions come when people combine those established, well-understood ideas in ways never thought of before. Know why? Because completely new ideas that change the world are hard. They take time and more effort than one man can do. Apple's best idea was combining cheap components into a functional computer and then marketing it to schools as a loss-leader at a time when personal computing in the western world was a new market with high demand. And that's an idea about as original an idea as money itself.
They're not Nazis. They're anarchist bullies. Nazis are authoritarian, totalitarian, nationalistic, socially corpratist fanatics interested in eugenics. In other words, exactly not anarchists. SCEA has a lot more in common with Nazism than Anonymous does.
Slashdot Mirror
Does any body here remember when the Internet didn't suck the life out of you, and exhaust your will to see tomorrow?
Well, SlashDot was founded in 1997 and Fark in 1999, so... no.
Maybe they're being proactive about the ones they get the most complaints about, hence the biggest ones.
Yes, that's why I mentioned Adobe Flash, Adobe Reader, and Java JRE and wondered why they're not mentioned. Do you pay any attention at all to how malware infections actually occur? I'm sure #1 is and always will be social engineering, but those three applications have to be in the top 5 based on the number of in-the-wild exploits.
Since all software has bugs, you can always find something, so if you go by complaint count, you're going to be sorting by user base, so all you're really doing is finding a roundabout way to list software companies by size. And you get to slag on them and call it a service to your customers. And it's probably 100% legal and righteous.
One would think that MS would be inclined to post security bulletins for the most severe and most widespread issues. As you say, there are bugs in all software, but informing users about those which are the most severe and the most likely to affect them makes then most sense. Nobody cares if Firefox 2.0 has a security vulnerability because nobody uses it and so nobody exploits it. Nobody is going to write an exploit today for a vulnerability which closed over six months ago on a piece of software which is several versions out of date on software which automatically updates itself. It's ludicrous to spend the time warn people about it, and since MS does have a potential conflict of interest by listing 3rd party software, it makes even less sense to only issue security warnings on software they are in direct competition with because that will only serve to call into question MS's impartiality.
Until the competitors start to pay Microsoft to stop doing it.
That will not happen. Read the article. MS is using CVD (aka responsible disclosure) while issuing these reports. Why would a vendor pay to get MS to stop issuing alerts based on cooperative vulnerability disclosures?
Why would someone who doesn't keep their auto-update software up-to-date read MSVR?
OK, I just looked at the vulnerabilities:
http://www.microsoft.com/technet/security/advisory/msvr11-001.mspx
Affects: Google Chrome version 6.0.472.55 and earlier
http://www.microsoft.com/technet/security/advisory/msvr11-002.mspx
Affects: Google Chrome version 8.0.552.210 and earlier, Opera version 10.62 and earlier
WTF? Google Chrome stable is v10, and Opera stable is v11.10.
I noticed that. I also noticed they didn't list the vendors I'd call the major offenders: Adobe (Flash, Reader) and Java. I find it a little unlikely none of those products has no open vulnerabilities. However, it says they're only doing responsible disclosure (CVD) and I would as easily believe that Adobe and Oracle are still unwilling to talk about security problems as much as MS just wants to smear Google and Mozilla (sorry, Opera, nobody really sees you as a threat).
CNC machines are a wholly different bag of worms. CNC systems are not exposed to the Internet and are generally on their own VLAN (that's if they require network at all). I'm sure a hundred people can respond about CNC machines picking up viruses or workers getting caught browsing porn on CNC systems, but everyone here knows that is absolutely due to improper management of the network. Poor software development, poor project management, poor systems engineering, poor site management, poor IT infrastructure, poor security and so on are all to blame in such cases well before 'ZOMG MS IS DROPPING XP SUPPORT'. A CNC machine could just as easily run DOS if not for the fact that developers for Windows are cheaper and the hardware demands the newer OS.
When the tools for new Siemens and National Instruments hardware are only available for newer operating systems and the older hardware is no longer available for purchase, we will see XP as CNC platform fade away.
So you don't just want the US to change how they label their measurements, you want them to completely change their infrastructure? Should they change to left-hand drive and 220V A/C power while they're at it, too?
so that's your argument? "what would the aliens think?"
SI is a planetary standard. the only (ONLY) arbitrary measure in it is the actual length of the metre, because at some point someone had to choose something.
That's not even remotely true. Standard temperature and pressure? Arbitrary. Base 10 numeric system? Arbitrary. Using the freezing and boiling temperatures of water (at STP, no less) to determine degrees of temperature? Arbitrary. Duration of a second? Arbitrary.
That said, most people typically use two very common Imperial style measurements. How about 360 degrees in a circle, or 24 hours in a day, 60 minutes in an hour, and 60 seconds in a minute? Arbitrary, and the value of that was chosen precisely for the same reasons that the Imperial standard has seemingly strange values. Decimal fractional notation has only been popular relatively recently. Prior to it's adoption people worked with vulgar fractions when dividing. Just like today, people hate vulgar fractions, so choosing numbers that are easily divisible is nice. 360 is divisible by 2, 3, 4, 5, 6, 8, 9, 10, 12, 15, 18, 20, 24, 30, 36, 40, 45, 60, 72, 90, 120, and 180. Nobody works with radians because working with pi is a pain in the ass outside of a calculator. Think about how easy it is to divide up time in your head. You sleep 8 hours, that's exactly a third of the day. Quarter of an hour? Half an hour? Calculating these figures are trivial because we work with them every day and they're nice whole numbers. How often do you work with an *eighth* of an hour? You don't because seven and a half minutes is an awkward amount of time. Just because people today fail to see the logic behind the system choices in Imperial today doesn't mean they're not still there.
That rushing sound you're hearing isn't the winds of April. It's the sound of the joke that just passed over your head.
Hint: Genes have been patented.
Yes, but his neighbor doesn't have rosebushes anymore, either, and he'd like to stay out of court!
Actually, I think Apple is an awful corporation that produces overpriced goods whose quality has an excessively short lifespan. I've never seen an Apple product survive a year out of warranty without problems. Apple also encourages cultural elitism and people use their products to justify arrogance. As much as Gates departure has seriously improved Microsoft, Jobs departing Apple again would be even better. The only possible better event would be Larry Ellison getting out of Oracle.
However, I work for a public school district. I'm exposed to a frustrating number of parents with no sense of responsibility and an overdeveloped sense of entitlement. Additionally, I live in the United States, which has an excessive number of selfish and petty civil court cases. Tort reform is needed, but considering how much that would aid asshole corporations in running roughshod over suddenly powerless citizens, I am not exactly willing to fight for it at the moment.
No, conscientious parents are suing Apple for preying on children. And they found out about Apple preying on their children by watching what their children were doing.
It's far more likely they're suing because they got the bill and saw how much virtual currency their child purchased, and rather than blaming their child for doing something stupid, or blaming themselves for not actually watching their child, they resort to court action. Because if it's one thing courts are good for, it's fixing problems in ways that make everyone happy.
You think there are rumblings about monopolistic practices now, imagine if the owned the whole music industry.
Yes, because the RIAA totally isn't a cartel already.
The most readily available way for Google to get what they want would be to buy enough Congressmen to bust up Copyright.
NAT is a solution to address depletion in the same manner than increasing the debt cap is a solution to the US national deficit.
NAT, to a networking professional, is an abomination. It functions literally by breaking TCP/IP and lying to network neighbors. It functions by breaking the rules networks are designed and intended to play by, and overuse of NAT prevents any intelligence in routing and networking. Imagine if mailing addresses were limited in the same manner. Everything is a PO Box. Now imagine several layers of PO Boxes have to be traversed for anything to be delivered.
Moving to IPv6 is the right way to fix this. It's not easy, but it's the right way to do it.
That just means they'll go to Google, type 'google.com' in the search box, and then type in 'Adele'.
I'm not signing up but I'm boycotting. Of course, it's more of a de facto boycott, because I don't really own any SCEA products or things that use SCEA products. The closest thing I've come to owning an SCEA product is watching an LP of God of War and going with a friend of mine to buy a Ratchet and Clank game... used. I suppose I still have Playstation games for my PS1... but that is no longer functional.
While it was certainly fraudulent and thus illegal, there is an old adage saying if a deal seems too good to be true, it probably is. Caveat emptor. I would be a lot more sympathetic if they were selling these fraudulent devices at the same price as the real thing.
I'll agree with Woz if he's talking about collegiate schooling. However, in grade school, particularly in primary grade school, school is about knowledge almost exclusively (well, and social interaction). Testing at this level (and any level) is primarily designed to determine if the teaching methods employed were successful. If one person fails a test, that student failed to learn the material. If every student fails a test, then either the teacher failed to teach the material or failed to write a realistic test.
In the end, how you test has to be related to what you're teaching and what your goals for the course are. Are people just supposed to learn something by-wrote knowledge and comprehension? Some classes are all that. In other classes, testing is partly comprehension based and partly analysis and evaluation based. In those classes you learn the material, comprehend the topics, and then generate your own information from that.
The real caveat to what Woz is talking about is that he's focusing on technology based education. So when he generalizes, he's still generalizing about a fairly specific topic.
Oh, he writes Perl, then.
I'm curious what your example case is. What data structure? What are you trying to do with it?
I'm primarily a system administrator, and in the past few years I have seen nothing from Microsoft which hasn't shown a drastic increase in the amount they're listening to their customers. They've been fixing several obviously broken products and providing a lot of tools which make my job easier. The departure of Gates has been one of the best things for the company. It's slow in some areas, yes, but Microsoft is a massive company so anything they do is slow and lumbering.
Honestly, in this case the patent problem is wholly beside the point. You could choose Mono and carry an extremely low risk of patent litigation (this kit is produced by Novell which has a good relationship with Microsoft including patent detente) or choose Java... which is currently the topic of ongoing patent litigation between Google and Oracle.
Gee, which of these two is really less appealing?
Yeah, but look at your alternatives. You can use Mono, aka .NET, aka Microsoft. Or you can use Java, aka Sun, aka Oracle, aka plaintiff in litigation against Google over Java in Android.
Giant douche or turd sandwich?
Well, he doesn't know what Nazism is, either, so I'm not surprised. He probably doesn't understand why the Bolshevik Communists and Nazis hated each other so much, too.
Yes, yes, we're all very impressed it was Apple doing something original in 1984 by copying Xerox and Doug Engelbart, and then later did something original in 2000 by copying Unix.
Everybody copies the ideas of others. Even when they're original, they're mostly copies. When you get copied, you know you had a good idea! Imitation is the highest form of success. James Watt? Copied Newcomen. Ford? Copied Portsmouth Block Mills. Progress is a series of incremental improvements to established, well-understood methods and technologies. Revolutions come when people combine those established, well-understood ideas in ways never thought of before. Know why? Because completely new ideas that change the world are hard. They take time and more effort than one man can do. Apple's best idea was combining cheap components into a functional computer and then marketing it to schools as a loss-leader at a time when personal computing in the western world was a new market with high demand. And that's an idea about as original an idea as money itself.
They're not Nazis. They're anarchist bullies. Nazis are authoritarian, totalitarian, nationalistic, socially corpratist fanatics interested in eugenics. In other words, exactly not anarchists. SCEA has a lot more in common with Nazism than Anonymous does.