27 posts • joined 25 Aug 2011
Review time - don't be complacent just because of limited shell functionality
I have been following this story pretty much since the start. Not much impact on me (well timed vacation?) but our system administrators and engineers (for review and regression of production systems) have been roped in.
With the news that there are other undisclosed remote execution bugs out there there are going to be a *lot* of blackhat (and hopefully whitehat) folks carefully reviewing ALL shell code...
Re: Picking the nit...
I maybe nitpicking here but if you are going to break out the T-34/76 and T-34/85 variants as separate counts then it should also be done for the Sherman 75mm/76mm/17pdr variants for equivalents.
Also with respect to the 8-1 T34 vs. Tiger battle, the Sherman wasn't much better - I have heard 5-1 on various programs and that wasn't on the Steppes.
I take my hat off to those crews in either the T-34 or Sherman - it is one thing to go into battle in something like a Tiger, and another to go in with a 20% chance of not being destroyed.
AnandTech had a review a while ago. From the review, it was pretty impressive all the way round:
They go into the technology pretty deeply.
Update for the Roman Sketch?
Wise: 'Have you got the scrolls?’
Morecambe: ‘No, I always walk like this.’
Re: Using area as a measurement???
Huh? I wasn't saying the glacier was 100 metres deep, I was saying there is a difference when using volume.
So what you are saying is that 10,000 km2 of glacial edge that has gone.
Or maybe not - since you linked the Wikipedia reference:
"Glaciologists consider that trends in mass balance for glaciers are more fundamental than the advance or retreat of the termini of individual glaciers. In the years since 1960, there has been a striking decline in the overall volume of glaciers worldwide. This decline is correlated with global warming. As a glacier thins, due to the loss of mass it will slow down and crevassing will decrease."
So maybe volume would of been useful to mention.
Using area as a measurement???
Notwithstanding any argument about the merits of either study, I find the measurement of loss to be very strange.
"248 glaciers exhibited a retreat, and 18 an advance. The scientists estimate a net loss of glacier area of about 10,000 km2 – that's a 0.2 per cent decrease (+/- 2.5pc), and an average retreat of 2.1 metres annually."
That is an measurement of area, which although might be useful is not the same as a measurement of volume. An area that size 1 metre deep is quite different from a measurement of 100 meters deep. Its the volume after all that is supposed to be getting dumped into the oceans...
And yes I do understand about albedo which is why I said area might be a useful measurement, but not sufficient.
Maybe there is a correction...?
Keep your friends close...
Wait, no Monty Python reference?
After yesterday's Parrot Sketch reference, you didn't take this prime chance for a Holy Grail reference:
"I'm not dead yet!"
Oh, how the mighty have fallen.
Re: Using Iron vapour to read the magentic state *optically*
Unless you are arse technica and label them as a clear patent troll since they 'don't produce anything themselves'.
Re: Better to have him where you can see him
I note the strawman being used in the IRTF chair's argument - saying that removing him would be a loss for the group.
What is being suggested is to remove him as a *co-chair* - just make him a regular member, therefore no loss.
The strawman then continue's: "Co-chairs do not wield more power over the content of the ongoing work than other research group participants."
Ok, so fine, if it doesn't have more power over content then remove him as a co-chair and make him a 'regular' research group participant. I suspect there are unmentioned power's for a co-chair - what are those and how do they impact the group with regard to the concerns being voiced?
Article hands out a whole lot of banking/corporate kool-aid
This article is rubbish. It tries to make a case that the HBOS failure was the 'old fashioned' way - that it 'unlucky'. It makes the insinuation that it was unlucky because if it was really the market, then all banks should of failed equally (and of course others did - using the same technique below). So by giving the impression it was unlucky it removes further examination of the rampant fraud by management.
The only thing traditional thing about this failure was that it used the 'traditional' model of looting a bank by the management. As described by William K. Black ("The Best Way to Rob a Bank is to Own One: How Corporate Executives and Politicians Looted the S&L Industry"), this is the simple recipe with four ingredients:
1. grow like crazy (HBOS - check)
2. by making really, really crappy loans but at a premium yield (yield just means 'interest rate') (HBOS - check)
3. while employing extreme leverage, and (HBOS - check)
4. while setting aside only the most trivial reserves or allowances for the inevitable losses this kind of behavior produces. (HBOS - check)
HBOS had a lot of other fraudulent lending going on (commercial, partnering with companies, buying out construction/builders et al), but the mortgage push was key. It also had a shed load of bad behaviour (Quayside, Farepak). But making poor loans (a feature, not a bug) with poor controls (feature, not bug) by poor risk management (elevated from sales - feature, not bug) while buying back shares (£2b - juicing shares for payouts - feature, not bug) and handing out massive bonus pools (nice bribe - feature, not bug) was all designed to allow management et al to loot.
And don't even mention that management believed they were right - Upton Sinclair nailed that one ("It is difficult to get a man to understand something, when his salary depends upon his not understanding it!").
So the article finishes with:
"That just brings us to the great truth at the heart of the subject of economics. There are no solutions; there are only trade-offs. You can have a robust banking system where it's difficult to get a loan, or you can have easy money and a banking system that periodically goes titsup."
This is straw man choice. Here are some others:
* Don't place folks that run a bank on the Regulator's board (Crosby and FSA);
* Don't expect 'light-touch' regulation to catch fraud or bad behaviour (it should be renamed 'light-fingered' regulation);
* Put the frauds in jail. Prosecute and put them away according to how much they embezzled. It might be 'hard', but so is life;
* Pay bonuses so they vest over a long term (5-10 years). When they whine, point out regular folks contribute to something similar called a 'pension' which they use when they actually retire;
* Pay 30% of fines prosecuting fraud and bad behaviour to any whistleblowers that brought it to light. The US IRS does this. Management cannot bribe everyone, and sooner or later a low-level assistant that does the grunt work for the fraud is going to catch on. Don't whine that this is unfair - the low-level folks are the first to be thrown under the bus when the fraud is discovered.
So five suggestions in 5 minutes. There are more. Maybe there are no 'solutions', but you can certainly corral the problems. But then if you are drinking the corporate kool-aid on government, regulation and the 'markets', you won't see these, or any others.
Re: Vague Goals
Wait, that wouldn't have been George at NSWIT?
Wire brush and...
What, no Dettol involved?
It is nice for the corprorations...
The US fought a war over the concept of 'Taxation without Representation' (Adam Smith accepted that in Wealth of Nations).
Now, with your article, you have 'Representation without Taxation' - so to complete the picture, you must also bar corporations from *any* lobbying or access to law makers - even if they deem such access worthwhile (after all, the taxed electorate didn't get a chance at it).
So either pay full freight for access (access they get now by the way), or stay out. I would gladly allow them to pay no taxes and have them barred from lobbying.
However, they do need to be stung with the exogenous costs they try to avoid now (think pollution), so that the public gets a choice (now) over whether to accept the cost - not later when the corporation has 'disappeared' or 'bankrupt' and the cleanup needs to be done. Taxation is often applied here because this is swept under the rug.
Finally, the concept that lowering productivity lowers wages doesn't seem to have a corollary - that is, higher productivity has not led to higher wages, so you forget that argument as given.
“Rubbish also, your employer also pays, and often more than the employee.”
You are obviously not self-employed, or haven’t had COBRA run out. And check your US tax codes – an old law allows companies to use tax-free dollars to pay for insurance, while if you pay personally it is taxable. One reason it is a mess.
Australian here, living in the US.
As one of my ex-co-workers discovered when his COBRA ran out, then got reinsured, realizing the whole pay-for-services thing skews things:
“I never knew how expensive health care was until I had insurance”
Let’s go through *your* comments one by one:
“As a percentage of salary I pay no more for the best health insurance here in the states than you do for NI.”
Possibly, but note that if you pay personal Vs. via your company, you will pay a higher rates – madness of tax codes.
Next, you may not, but somebody does – the US spends 16% of its GDP on health care, Vs. 8% by countries with higher life expectancy. And you might get better care, but a large number for a highly developed country don’t.
“No hospital is allowed to discharge patients - no matter their financial condition - if doing so would endanger their life.”
And yet, they do:
Now, *you* may not regard the homeless as “patients” and therefore skate on your statement, but others know better.
“No major population area is without a hospital designated as caring for the indigent.”
And yet the Catholic Church in the US is considering not treating non-Catholics because they have to allow their (non-religious) employees birth control choices. And that is just that issue - don't pretend it doesn't occur for the poor.
“Under the recent health care legislation, no insurance company is allowed to terminate coverage because of previous health history or refuse it because of pre-existing conditions.”
Unless a minor pre-existing condition was not disclosed, in which case insurance coverage is terminated, even if the condition does not relate to the current health issue.
And yes, they cannot refuse to grant you insurance for a pre-existing condition – you just have to be able to afford the cost of such. Good luck with that, because:
“Harvard researchers say 62% of all personal bankruptcies in the U.S. in 2007 were caused by health problems—and 78% of those filers had insurance”
Why folks believe that there is no problem because they themselves don’t have a problem is beyond me. They certainly like it when other folks put their lives on their line when they are in danger.
"Apart from that your comment was................ well, rubbish really."
Yes, yes your comment was.
Re: DRM infestation for casual muppets
"I think he meant "no consequences" because the choices you make really do not matter. There are just a couple choices per key, and not hundreds of combos like there were in D2."
I think you are conflating consequences with choices - they are not the same. I am also not sure how you come to the conclusion there are few choices - each skill can have 6 runes, unlocking as you get to 60. The combinations are pretty plentiful - check this for Barbarian @ 30:
Of course, there may be only a couple of 'good' choices per skill, but same can be said of the D2 tree. Whether or not you believe they matter, they do to me - I skip some skills and skill/rune combos (@ 21 so far), so they are not all the same. YMMV.
And I am having fun trying stuff I would never in D2 because I know I can try it out and not regret it 5 levels later. And there *were* some poor choices and combos in D2 - hence builds for serious folks converged.
Again, "no consequences" to me means "you must be punished if you choose poorly, grasshopper".
The comparison to the upcoming WoW changes are amusing. For any serious player there were only one (maybe two) valid builds (with a few left over points sprinkled here and there) per spec, and sometimes class. The only real difference was PvE or PvP play. Woe betide any casual player that deviated from those if they were in a random Heroic - they would usually be picked apart pretty quickly. So in the end, for all the choice you had, it was a false choice where realistically there was little. Folks believe however that having 10 choices, where 8 of them suck, is better than just two non-suck choices. Maybe its some sort of gaming version of laissez faire, where the last thing you need to take into account is fun.
The need for servers sucks big time though. No argument there.
Re: DRM infestation for casual muppets
I agree with the DRM for single player games, but I suspect it will be more of that in the future. Not being able to play it offline (plane flight say) sucks - it would be nice if you could grab an offline token every now and again. Time will tell if it will be successful.
But, ah, the old 'no consequences' line because you can now change builds without re-rolling.
*You* could make a choice not to change builds, but simply take new stuff as it becomes available - like it did in D2 and trees. And make sure you tell folks you didn't 're-spec' because that's important.
As for same builds, I doubt it. In the old days you had to do research into builds because a mistake could screw you down the track - so all builds for folks in the know was the same, and the 'muppets' were left wondering why there character sucked when they had 'different' builds.
I suspect this need to have 'consequences' last for your entire character falls in line with flagellantism. It should be right up their ally to restrain themselves from the sin of 're-spec' by simply ignoring new skills as they open up and sticking with what they choose once they do.
On the other hand, some folks might play it for 'fun' (a mortal sin say some) - and with D3 having more choices than D2 (check the comparison on the web) that is a good thing, at least for me.
My machine is circa July 2009 and has most settings on high, so a two year old gaming machine should be fine.
What kind of rig do you have? Video drivers are the most important - it won't be happy unless they are updated.
Re: API's and copyright
Really? I mean, really?
Every time you write an API (and a single externally callable function call could be an API...) you will need to do a copyright scan so that some numb-nut won't whack you with a copyright infringement. Of course, if you write your own language and license it accordingly, go for it. I am sure it will be popular. But that means the same API in a different language will be OK - unless you want cross-language copyrights as *well*.
Remember, sauce for the goose is sauce for the gander - any API *you* write will be subject to the same copyright infringement rules enforced by somebody else.
And really, "The alternative is chaos."? APIs have been written for the past what 60 years and the only chaos I see is folks running around with their hair on fire shouting "there will be chaos if APIs cannot be copyrighted".
Reader hardware and ebook formats
A lot of stuff already covered above, but I think something has not been mentioned: reader hardware and incompatible ebook formats.
From what I can tell, all these guys - Apple, Amazon and Barnes & Noble (for however long) have their own hardware and lock-in on ebook formats (with DRM). With paper books, I can lend it to anybody that can read a book for crying out loud. With ebooks, I may not be able to lend it at all, and won't be able to cross hardware platforms.
It seems to me that if I buy an ebook with DRM, I am locked into that hardware platform for life - unless I want to repurchase it. So all these guys have a vested interest in getting as many folks on their hardware platform - locked in upgrades for a long time.
To me, if ebooks could be purchased from any retailer and read on any reader (with appropriate permissions etc etc) then a lot of this fuss would die out with better competition for both hardware and pricing for ebooks.
But I see that happening only through customer revolution, not through what any of these guys would do.
Re: Non-zero Y-axis and 'Quite a bit slower'?
But you would agree that 'quite a bit' is an exaggeration? Or maybe not - it might be like the R measure in The Hitchhiker's Guide to the Galaxy - a measure that is relative to only oneself.
Or maybe it was meant to reinforce the non-zero labeling of Y-axis... so that the Statitards can keep their jobs.
Of course, real reviews not only reveal the measure but what is better or worse. You might what to comment on AnandTech's graphs for the same product and tut-tut about how it is for the unwashed masses.
Non-zero Y-axis and 'Quite a bit slower'?
"But Vertex 4 is not faster than Vertex 3 bandwidth-wise; in fact it is quite a bit slower at sequential reading. It appears that OCZ has optimised the thing for random I/O and been unable to get sequential I/O up to Vertex 3 levels, which is a pity."
Look, maybe it's me, but when you graph stuff (looking at second graph here) not from a zero Y-axis you should say so. Especially given the previous graph is from a zero Y-axis. I expect better from The Register.
Also, from your numbers (550 Vs. 535 MB/sec), I would not say that it is 'quite a bit' slower given it is around 3%. Yes slower, but 'quite a bit'?
No, I am no OCZ fanboi, and no, I don't have an SSD (yet) - but I am looking at these products and I appreciate balanced reports.
I visited the Saturn V exhibit at Kennedy Space Center (Cape Canaveral) just after they opened it hmm must of been 13-14 years ago.
You walk in on the business end of the first stage. I was suitably stunned by just how big the engines are - I knew their dimensions as a kid but to see them in real life was something else. Words still fail me.
My GF of the time was very understanding, and let me geek out and drool on myself for a while, and then helped guide me through the rest of the exhibit.
To think they almost let that history go. Any engines they can retrieve to get the word out on what they came up with *50* years ago is good news.
Re: Much as I hate to say it...
That's right! Not using Base64 and 7-bit ASCII is *really* going to stop SPAM, which is the major pain with existing e-mail. Oh, wait.
Re: How's it on 360?
I am in about 3 hours and fine here. I never had a problem with ME1 or ME2 either.
I *did* install all of them on my Xbox 360 hard drive though...
You need to do more research...
Given you are familiar with the genesis of the Internet, you may know who Vint Cerf and/or Bob Kahn are in that area. Anyway, you may be interested to read:
Or simply Google "vint cerf al gore"...
- Product round-up Too 4K-ing expensive? Five full HD laptops for work and play
- Review We have a winner! Fresh Linux Mint 17.1 – hands down the best
- Vid Antarctic ice THICKER than first feared – penguin-bot boffins
- You stupid BRICK! PCs running Avast AV can't handle Windows fixes
- Antique Code Show World of Warcraft then and now: From Orcs and Humans to Warlords of Draenor