Yeah, the bug that was mentioned wasn't that kind. I was making more of a general comment.
To reply to another flamebait post below this, let me clarify. I worked in an IRC channel helping PHP programmers for several years. We would have people come in every day asking about crap like phpBB or phpnuke, even when we explicitly said that we can't help people with code they downloaded from other site, since none of us are familiar with every piece of PHP code ever written. I'm not saying that responding that way to the bug reports is good, I'm not saying it's helpful, and I'm not saying that it can't be or shouldn't be improved. I'm just saying that I understand.
But you simply cannot claim it is PHP's fault that someone has the power to run exec($_GET['shell_command']). Would you prefer that PHP parses everything that is submitted?
They tried. It was called magic_quotes_gpc. We all remember how well that worked.
I don't really want to make excuses for poor responses to bug reports, but I can at least understand it a little. If you watch the bug list on a frequent basis, you can see why someone would get frustrated by the number of "phpBB doesn't work on my server. Fix it." bugs that get reported.
The default value for register_globals was changed to off in PHP 4.2. The option will be completely removed in PHP 6.
I think the biggest problem PHP has is that it became popular too quickly. If it hadn't become used so widely back around 4.0.x, a lot of problems that were identified years ago, but couldn't be fixed because of backwards compatibility breaks, would not be problems now. Things like register_globals probably would have been completely dumped in 4.3 or 5.0, instead of needing to leave it deprecated for about 5 years. Essentially, PHP 4 and PHP 5 are different languages, with PHP 6 changing even more. I have no problem writing off the days of register_globals as a nightmare that is best forgotten, but the language is vastly improved now over what it used to be.
If it's so buggy and insecure, why do so many large (and small, like the one I work for) companies have sites that use PHP and don't have problems with PHP-caused bugs or security holes? The existence of crap written by a 12-year-old like phpBB and phpnuke does not prove that the language is buggy or insecure. Idiots will write bad code in whatever language you put in front of them.
there are several theories (evolution, creation, intellegent design)
As has been repeated many, many times, creationism/intelligent design is not a scientific theory. You could conceivably find evidence that contradicts evolution, forcing the abandonment or revision of the theory. Creation/intelligent design is not falsifiable, nor can it be used to make any predictions about what will happen in the real world, and that's why it isn't science.
What exactly is "the Church"? Not all Christians are Catholics. Several Christian denominations exist primarily because they didn't want to have to do what the Catholic Church told them to do.
It's right there in the book, beginning with "B'reshit": in the beginning, God created the heaven and the earth. Six days later he took a nap.
It's actually pretty easy to conclude that Creation according B'reshit didn't happen in six days, and it's almost universally accepted at least in Conservative (and I would guess Reform) Judaism. The important point to remember is that the sun wasn't created until the fourth day. Before that, it's fairly difficult to measure time in days. Because of that, most modern commentary explains that the word "day" does not mean a standard 24-hour day, but an imprecise "age". The phrase I've seen in the commentary is something like "To God, a million years is but a day."
Sure, if the parents knew that their daughter was going to be sexually assaulted by a stranger, they probably would have done something to stop it. But if anyone should be blamed for the crime, maybe it should be the guy that committed it?
Just a wild guess, but "its business model depends on it" might be supposed to mean that the cost of trying to verify every user's information, assuming it's even possible, would be so high that they would quickly go broke.
They Want to Take Away the Power to Publish...under the guise of protecting children
To play a bit of devil's advocate, how do you know that legislators that support this bill don't honestly believe that sites like MySpace allow thousands of rapists and child molesters to commit crimes every day? Maybe such legislators aren't corrupt and power hungry (I made a funny), but just ignorant? It's possible to have good intentions even while being stupid and/or wrong.
I don't think any of us (okay, there's always a few) have a problem with a ratings system for games. Personally, I wouldn't mind if the existing ratings system had a bit of legal authority behind it. I think most people's problem with this bill is that it gets the FTC involved in the process, which can very easily result in whoever is in power at the time, through their ability to appoint the bosses at the FTC, determining what is considered appropriate material for games. If the law somehow made the ratings system work independently from the government, so that the system is consistent and reasonable instead of subject to the moral whim of the party in power, you'd probably see less objection.
Personally, I'd like to see some kind of legal authority behind the rating systems for games, movies, etc. In my admittedly limited experience, the ratings boards seem to do a pretty good job with it. I'm sure there have been mistakes, but you can't reasonably expect perfection in everything. The major problem I see with putting legal authority behind the ratings is that the federal government would insist on either doing the ratings themselves (such as the FTC, as in the bill being discussed) or interfering with the ratings board so much that the government might as well be making the decisions themselves. I think a law that says "Those people know what they're doing, so listen to them" would work pretty well. Maybe it'll happen in some parallel universe or something.
Anyone else find it interesting that this is coming up just before an election
Is our country really that screwed up that 20+ months is considered "just before" an election that occurs every four years? I bet we could do a lot of great stuff if our government didn't spend at least 2 out of every 8 years doing nothing but advertising themselves.
As for this bill, I think it falls under the category of "good idea in theory, but in no way realistically enforceable". Library computers definitely have better uses than 13-year-olds posting "omg she lik rly sed tht?!?!!???!", but trying to ban all social networking sites from all libraries would be a nightmare. I think a better law would be one that allows (not requires) individual libraries to set their own acceptable use policies.
I'm a registered Republic
I know there's a joke in there somewhere, but it's too early in the morning for me to see it.
As you've noticed on EFNet, it allows people to launch disruption attacks, such as channel flooding, without the risk of getting caught and punished. Because of the large number of attacks from Tor users and the relatively small number of well-behaved Tor users, many IRC networks and channels ban Tor nodes. As far as they're concerned, keeping all of the non-Tor users is worth losing the few Tor users that aren't wrecking the network or channel. I certainly won't fault people that might use Tor to try to get around oppressive governments, but in my personal experience, a lot of people that espouse the virtues of Tor are of the tinfoil-hat variety.
Yeah, the bug that was mentioned wasn't that kind. I was making more of a general comment.
To reply to another flamebait post below this, let me clarify. I worked in an IRC channel helping PHP programmers for several years. We would have people come in every day asking about crap like phpBB or phpnuke, even when we explicitly said that we can't help people with code they downloaded from other site, since none of us are familiar with every piece of PHP code ever written. I'm not saying that responding that way to the bug reports is good, I'm not saying it's helpful, and I'm not saying that it can't be or shouldn't be improved. I'm just saying that I understand.
If you can do step 9, aren't steps 1-8 kinda pointless?
Sorry, couldn't resist this early in the morning.
I don't really want to make excuses for poor responses to bug reports, but I can at least understand it a little. If you watch the bug list on a frequent basis, you can see why someone would get frustrated by the number of "phpBB doesn't work on my server. Fix it." bugs that get reported.
The default value for register_globals was changed to off in PHP 4.2. The option will be completely removed in PHP 6.
I think the biggest problem PHP has is that it became popular too quickly. If it hadn't become used so widely back around 4.0.x, a lot of problems that were identified years ago, but couldn't be fixed because of backwards compatibility breaks, would not be problems now. Things like register_globals probably would have been completely dumped in 4.3 or 5.0, instead of needing to leave it deprecated for about 5 years. Essentially, PHP 4 and PHP 5 are different languages, with PHP 6 changing even more. I have no problem writing off the days of register_globals as a nightmare that is best forgotten, but the language is vastly improved now over what it used to be.
If it's so buggy and insecure, why do so many large (and small, like the one I work for) companies have sites that use PHP and don't have problems with PHP-caused bugs or security holes? The existence of crap written by a 12-year-old like phpBB and phpnuke does not prove that the language is buggy or insecure. Idiots will write bad code in whatever language you put in front of them.
What exactly is "the Church"? Not all Christians are Catholics. Several Christian denominations exist primarily because they didn't want to have to do what the Catholic Church told them to do.
Just a wild guess, but "its business model depends on it" might be supposed to mean that the cost of trying to verify every user's information, assuming it's even possible, would be so high that they would quickly go broke.
I don't think any of us (okay, there's always a few) have a problem with a ratings system for games. Personally, I wouldn't mind if the existing ratings system had a bit of legal authority behind it. I think most people's problem with this bill is that it gets the FTC involved in the process, which can very easily result in whoever is in power at the time, through their ability to appoint the bosses at the FTC, determining what is considered appropriate material for games. If the law somehow made the ratings system work independently from the government, so that the system is consistent and reasonable instead of subject to the moral whim of the party in power, you'd probably see less objection.
Personally, I'd like to see some kind of legal authority behind the rating systems for games, movies, etc. In my admittedly limited experience, the ratings boards seem to do a pretty good job with it. I'm sure there have been mistakes, but you can't reasonably expect perfection in everything. The major problem I see with putting legal authority behind the ratings is that the federal government would insist on either doing the ratings themselves (such as the FTC, as in the bill being discussed) or interfering with the ratings board so much that the government might as well be making the decisions themselves. I think a law that says "Those people know what they're doing, so listen to them" would work pretty well. Maybe it'll happen in some parallel universe or something.
Never attribute to malice that which can be adequately explained by stupidity.
Good thing to remember when talking about politicians.
Why not just nuke it from orbit? That is the only way to be sure.
I'm vaguely disturbed by the fact that the domain name for his site is in the same gosomename.com format as most colleges' athletics websites.
As for this bill, I think it falls under the category of "good idea in theory, but in no way realistically enforceable". Library computers definitely have better uses than 13-year-olds posting "omg she lik rly sed tht?!?!!???!", but trying to ban all social networking sites from all libraries would be a nightmare. I think a better law would be one that allows (not requires) individual libraries to set their own acceptable use policies.
I know there's a joke in there somewhere, but it's too early in the morning for me to see it.
As you've noticed on EFNet, it allows people to launch disruption attacks, such as channel flooding, without the risk of getting caught and punished. Because of the large number of attacks from Tor users and the relatively small number of well-behaved Tor users, many IRC networks and channels ban Tor nodes. As far as they're concerned, keeping all of the non-Tor users is worth losing the few Tor users that aren't wrecking the network or channel. I certainly won't fault people that might use Tor to try to get around oppressive governments, but in my personal experience, a lot of people that espouse the virtues of Tor are of the tinfoil-hat variety.