Re: @ken Hagan
Ian: I wasn't expressing any moral position over the use of these techniques. I was merely responding to the OP's assertion that it was surprising how few people remembered who won WW2 and how.
8168 publicly visible posts • joined 14 Jun 2007
"It is really surprising that no one seems to remember how much of a beat down we gave the Japanese after their actions in '41."
Er, sorry? Are you referring to the war in the Pacific, which saw Curtis LeMay invent carpet bombing and firestorms, and the A-bomb attacks on Japan, against a nation that had basically said to the entire world "We don't care how many of you we kill coz we aren't ever going to be brought to book over it.", only find itself *so* badly broken that *unconditional* surrender to that same world seemed like the better option?
Nah. You couldn't *possibly* be referring to that, coz *everyone* knows about that. You must be referring to some other beat down.
You need to look at the history, then. MS implemented the JVM on Windows (not Sun) until they fell out with Sun, at which point Sun started offering their JVM on Windows. The falling out was over incompatibilities between Microsoft's JVM and Sun's. Any such incompatibilities would, of course, reduce Java's "write-once, run-anywhere" property, so incompatibilities were a bad thing if you were Sun and a good thing if you were Microsoft.
It was, of course, pure co-incidence that Microsoft's own VM-based, garbage-collected, object-oriented language with C/C++ syntax happened to be released so soon after the big bust-up with Sun over Java. Oh hang on, no it wasn't, it was a direct consequence of MS hiring Hejlsberg to create a replacement.
I'm right behind you on the shameful lack of security in current implementations of the JVM. To do that to a virtual ISA that was invented specifically to be provably safe and correct strikes me as a particularly cruel slap in the face to its original designers. However...
...I'm old enough to remember when Javascript was *habitually* disabled by anyone with a clue because every implementation was shot full of holes. There's no reason why the effort now being invested in either C# or this rather silly Javascript-front-end couldn't have been put into engineering a JVM that was actually safe for client-side use. Then you'd have a shiny new statically-typed, object oriented language with several billion existing lines of code and squillions of programmers who knew how to use it.
But no. Apparently we have to invent our *own* wheels. Even in the unlikely event that Microsoft have "round" in mind, this is still the wrong answer.
Really? In a world where most business PC use is performed by someone sitting at a desk, there is no compelling argument to pay *more* for a system with a smaller screen and RSI-inducing keyboard.
So, what you are really asserting is that the days of the desk job are numbered and our children and grandchildren will work standing up, or wandering about putting in face-time with colleagues. That would probably be very good for the population's general health, but I don't see it as a productivity boost.
My own guess? In the future, the cost of a PC will cease to matter. Everyone who wants a portable device will have one. Every location that would benefit from a larger-but-fixed device will have one. Ergo, sales of "desktop" PCs will fall to about 50% and portables will rise to about 50% and there they will stick.
Since a username and password combination does fit on a stick, you most certainly *can* leave an entire cloud on the train.
But actually, since they refuse to discuss how they intend to control access, I don't think they can be using "secure" to mean "secure against intrusion". I'm assuming that they mean "secure against disc failures, accidental deletion or total failure of backup policy".
Surely the wider significance of this letter is that it would not have been written unless advertisers truly believe that the direction of the default "opt" (opt-in versus opt-out) is hugely significant.
So, next time some weasel trots out the line "We're only screwing people /by default/. They can opt out if they want.", they haven't got a leg to stand on.
And there, in fact, you have identified a principle that has been applied to far more fields of knowledge than Alice and Bob have ever been involved with, and which has gone largely unchallenged for a good deal longer than 40 years.
Can we have Brontosaurus back?
Can we redefine the electron to be positive?
"they'll be making the owner aware first and giving them a period of time (days/weeks) to fix it"
But the scenario raised by the OP was "false positives". In this case, the software that needs to be fixed would be Nominet's scanner and consequently it wouldn't matter how long *you* were given to fix it.
"Can't they just apply all these security features to the existing domains?"
Indeed. The most disturbing aspect of this proposal is the implication that DNSSEC might be something you have to pay extra for in the UK. Do Nominet intend to drag their feet over signing the existing second level domains?
I'd think I'd want something *better* than LibreOffice. It's a fine product on its own terms but I find that about 50% of PPT files and a similar proportion of DOC files with complex (*) page layouts get horribly garbled or refuse to open. Having said that, there are two mitigating factors.
Firstly, the same is true for Microsoft's own converter trying to make their "X" formats readable to Office 2003. I don't know if accurate file format documentation exists within MS, or indeed if the various versions of Office over the years have been sufficiently consistent in their interpretation to make such documentation possible, but the evidence suggests that it isn't.
Secondly, "complex" in this context means some hideous abuse of floating text boxes and manual formatting, rather than the far simpler (and more reliable) use of styles and sections. <smug class="git"> I never have trouble with moving my own documents between packages. </smug>
It's not terribly obvious what their sampling method was. They claim that their headline stats are based not on emails sent but on emails actually making it through corporate defenses, which implies either that they've installed monitoring software that counts malicious emails without actually blocking them (thanks!) or they are trawling through post-mortems.
If you only count successful attacks, EXEs will score well because however rare they might be they will have a near 100% success rate when they *do* get through.
Interesting to note that PIFs (remember them?) were still in the top 5 last year. Less interesting to note that ZIP is the number one malware extension by a long way. Clearly they didn't count "URL in the email text" as a vector, although it is probably even more common (and probably more effective) than ZIPs.
"I've never come across anything - in 15 years of using Windows professionally - that absolutely had to run as a full administrator, usually it's a single registry key, file, or the like."
When I was in the market for children's (under-10s) games a few years ago, I found that just about every one insisted on Admin rights either because it needed to tonk all over my display settings or because it needed to hand-grease my CD-ROM's spindle to support some amazingly clever "anti-backup" mechanism.
I dare say that a few weeks spent playing with shims, registry keys, Process Explorer and the like would have yielded solutions in most cases. I'm prepared to bet that most of the general public just granted admin rights to their toddler's account and bought the software again when the disc got scratched beyond recovery.
Designing apps to avoid admin access SHOULD have been part of the Windows landscape for the last 20 years. (The security model dates from about '92.) Microsoft were still shipping violations about 10 years ago. The games market may be OK now (haven't looked) but certainly wasn't 10 years ago. If you've been fine for 15 years, you've been working in a fairly restricted portion of the marketplace.
"and really people relying upon this kind of legacy software should totally understand their software by now and know how to install it properly."
Is this the general public we're talking about? The same people whose existence made Microsoft hesitate for so many years to remove AutoRun?
Too bad about those downvotes, but it does point to a significant failing in *every* OS.
Even if the facilities are there, only techies know they even exist on their own system, hardly anyone knows they exist on the "rival" system as well, and almost no-one understands them well enough to actually use them.
The BIG unsolved problem in computer interfaces is presenting existing capabilities in a language that normal people can understand.
Forget "touch" or "waving body parts at the screen" -- the next leap forward in UI design will be *words*. In particular, words that are sufficiently simple to understand but also sufficiently rich to convey the concepts needed.
Most, if not all, of the mass extinction events in Earth's history are correlated with significant changes in ocean circulation driven by continental drift. In particular, really hot periods seem to be associated with having an open water channel around the equator. Right now there is the little thing called Africa in the way. The only significant threat to Africa in the short term is the likelihood that it will rift (North-South) at some point in the next few million years.
To return to the whack-a-mole analogy, we may have several reasons to fear a mass exinction is coming (habitat loss, pollution, ...) but actually I don't think that climate change is one of them. I just wish the so-called environmentalist movement would stop crying wolf over climate (and let the climatologists learn their subject without mass media coverage of every publication) and concentrate on the major ecological problems that seem both beyond dispute and within our ability to fix (like habitat loss and pollution).
"Don’t trust us? Erm, we have root. You do trust us with your data already."
I don't personally build my systems from source, but I take considerable comfort from knowing that quite a few people do. It would be Quite Hard for Mr Shuttleworth to abuse his "root privileges" and put something dodgy in the OS without being noticed. In contrast, we have no source code for how he processes the search data and deals with Amazon, so it would be Quite Easy to abuse that. (That's the opportunity.)
Then there's the fact that "a hard drive" generally contains vast amounts of worthless noise and whereas "my search expressions" are actually designed (by me) to be as rich an indicator as possible of what I want. It's the difference between searching my bookshelf and reading my personal letters. (That's the motive.)
I always assume that a deleted post is the initial reaction of someone who eventually calms down enough to write one of the later posts. If that is the case here, we may assume that someone needed a *lot* of calming down.
I can' t say I blame them. If "unlimited" is just a word, then so are "honest", "crooked", "criminal", "guilty" and "sacked".
I wonder if this guy's tax returns are "just numbers".
If it is compiled, how do they know the original language? Is this the same group of researchers who speculated a while back about some new, "secret" language used by malware authors, which turned out to be C (but with unfamiliar compiler options so that the researchers were flummoxed by the generated code).?
It does look like at least one side (and possibly both) is engaged in creative accounting. As far as Joe Public is concerned, the figure of interest is how much the scheme costs *in total* to generate electricity over there and deliver it over here. If that figure is too large, that particular green scheme is uneconomic and shouldn't be allowed to go ahead at the expense of better alternatives.
I'm sure we can all draw up proposals for low-cost energy if we aren't obliged to include all the costs. In particular, if you don't include the costs of building the station and clearing up afterwards, I think a pretty phenomenal case can be made for nuclear, coz the actual fuel is pretty cheap.
" You seem to think that the way to restrict the numbers is to make sure that only the rich can afford to go to university."
I feel I have to butt in here and say that didn't get that sentiment from the OP. On the contrary, they seemed to be bemoaning the fact that we had gone from 10 to 50 and *as a consequence* had to ditch the previous system.
'Remind me again what is meant by "paying their own fair share"?'
It's living in a society where there are things like police and doctors, and where the people around you were able to do some of these things and consequently haven't turned out frothing at the mouth like the extras in Mad Max.
If you want to live in a shit-hole with no public services, there are other countries you could emigrate to.
I think the problem is that most people harbour a niggling belief that someone else is paying less tax than they ought, and that consequently the general rate of taxation has had to be raised to make up the difference.
This isn't helped by the complexity of tax law, which makes it possible to avoid lots of tax quite legally IF you can afford to pay for professional advice. Companies typically can and the man on the street typically can't.
If the tricks being used are all legal, I'd have thought that the US Congress (who made the laws in question) were just about the only people in the US who had no right to complain about it.
I feel much the same way when I hear "Call me Dave" wringing his hands over tax avoidance in the UK. FFS, Dave! If you can't be arsed to use the power we've given you, step aside for someone who can.
Perhaps we are talking at cross purposes. If you are issuing FMAs at carefully chosen moments to manipulate the least significant bits of your floating point values, you are writing the very small proportion of numerical programming that is capable of delivering exact results. I'm well aware that this can be done if you have assembly-level control over the rounding of your primitive operations. You are also probably writing a support library for the use of someone who will not have to care about these things.
However, the vast majority of numerical algorithms deliver results whose imprecision depends on the input data and is considerably greater than the machine precision. If one of *these* algorithms gives qualitatively different results when you switch hardware or let your high-level language compiler optimise a little, the cause is almost certainly an ill-conditioned problem rather than the hardware or the compiler.
The authors of such code still have *some* sanity expectations from the underlying arithmetic, but typically don't have specific requirements on the accuracy of operations. Rather, it is stuff like "(a+b)/2 should not be outside the range [a,b]" or "if a>b then I can divide by a-b without getting a divide by zero exception". There were some arithmetics in the 50s and 60s that failed at this level but IEEE took some care to eliminate them.
If your algorithm depends *that* sensitively on rounding errors then you need a new algorithm. (Or more likely, you need to stop altogether because you are trying to claim a level of precision that simply isn't present in your input data.) Of course, that also means that Intel shouldn't be claiming that single-rounding is important.
"The point of the court case is not to stop the movement of the images entirely but to prevent them becoming a trade-able commodity and more specifically to set a precedent for future attempts to publish similar photographs."
Quite. If the original photographer had not broken local laws to obtain the images in the first place then he (I will assume it was a bloke) wouldn't have minded putting his name on every copy and *he* could now be the one chasing loads of foreign publications through the courts for, er, "royalties".
I think if he were alive, someone else would be dead.
My understanding of the Apple "brand" is that the user experience makes up for the expense and the lock-in. If they start shipping the same crud as the rest of the tech business, they'll have to start charging the same prices and offer the same hack-a-bility.
If you read the article, the complaint is not that Google dominate search. That wouldn't be an offence, merely the reward for producing a decent product. The complaint is that, having acquired dominance in the domain of general search, they are using that as a lever to push their way into more specialised search.
That's "using one monopoly to acquire another", which is illegal in both the EU and US (as well as other places I don't doubt).
It is illegal because (as the US learned at the end of the 19th century) if you don't make this illegal then it is straight-forward for the monopoly holder to bypass the rigours of the free-market and start delivering over-priced shit to everyone. That's not good for society as a whole and therefore society as a whole has decided to make it against society-as-a-whole's laws. Tough tit if you are disappointed by that, but society-as-a-whole has no obligation to make life easy for you, even if you are a talented monopolist.
Yes. I'm assuming that it is EP 1040406 (mentioned in the linked German report) and I cannot see how the patent goes beyond the insanely obvious idea of drawing a keyboard on a touch screen and letting it post keystrokes to applications through the standard OS pathway.
The patent seems to make much of the fact that the virtual keyboard plugs into the same interfaces as a real one, but for me that would be a basic functional requirement (as well as being MIND-NUMBINGLY obvious).
"Climate deniers almost certainly also believe the CIA shot Kennedy and poisoned Marilyn Munroe: they're people who will ALWAYS believe dumb-ass conspiracy theories before dull, peer-reviewed research."
I suspect that the number of people you'd describe as "climate deniers" vastly exceeds the number of people who believe the CIA did either of these things. Therefore, it is numerically impossible for most of the first group to also belong to the second and third groups.
You may consider this post to be a form of peer review.
I'll let you have: Large-scale electricity generation is always more efficient than small-scale electricity generation.
I won't let you ignore the fact that a conventional car doesn't convert petrol to locomotive force via electricity.
Back on the first hand, I will let you respond by noting that an electric car could (in principle) be running off carbon-free electricity, and it is CO2 we are trying to reduce rather than mere energy consumption.
Er, no. The article absolutely *does* state that the motive for the complaint is that Google is being used (however unwittingly) to traffic women.
"The National Association of Attorneys General (pdf) says sites that use Google’s ad network “show the tell-tale signs of trafficked victims” and are not mere ‘online dating’ sites which are permitted by current Google Adwords policies."
As you say, if you press them, they may or may not be able to prove this case, but it *is* their case.
Not only that, but the new figure is post-IPO and so some of the "losses" (on wealth that never was) have been crystallised, resulting in a far more accurate estimate.
Basically the story here is that Forbes over-valued this guy by 8 billion or so (so the previous estimate was about 50% too high) and have now been forced to admit it. But hey, what's a 50% error between friends? We still trust everything Forbes says, right?
"Say I met you down the pub one night and proceeded to rubbish your choice of clothes, drinks, football team and girlfriend. What then?"
Then I would kill you, your family, your pets and cover your vegetable patch with salt, that nothing should spawn from your seed for a thousand centuries!!!
Or I might buy you a drink and ask what's got your goat.
"to the extent that Catholic Irish and Republicans did not make their voices publicly heard against the terrorist tendencies of some of their countrymen *does* imply apathetic collaboration, support, or at least sympathy."
Or maybe they just don't like being knee-capped.
Some folks don't, you know.
I don't care how "sympathetic" Muslims are when responding to surveys. In my book, if they don't do it, it is irrational to assume that they have a strong belief in it. Maybe they do. Maybe they don't.
Those "large-scale" protests against the Iraq war and various govt. cock-ups have never involved more than a percent or two of the population. You would be unwise to assume that the only people who care are the ones who turn up, but guessing the strength of feeling in that remaining 99% of the population is always going to be a bit tricky.
The bottom line is: YOU DO NOT KNOW what the majority of Muslims think. You are never likely to. Stop pretending that a violent minority of *any* group are representative of the whole.
Oh, and any Middle East "street" protests back in 2001 would have fallen foul of the local police state, since even if the local dictator had been sympathetic to the terrorists, they wouldn't have been stupid enough to organise a demo of support. (And without his blessing, no demo would happen.)