The article mentions he was paid by a company in Germany to penetrate their heavily-fortified SQL Server installations. This is when he developed the exploit code. Presumably it's not illegal for a company to pay you to security test its systems.

He also took the steps of communicating the exploit to Microsoft before releasing the code. He even asked their permission before divulging the code, and didn't do so until MS had released a fully corrective patch.

You're right, however, he'd be in jail if it happened today.

I agree, code reviews are the best way to identify shitty code. What if the code is bad, but the bugs aren't really provable? Let me give some examples.

I've seen this happen, especially in old code. The code works, but it's full of 2,000-line God Classes, dangerous half-objects, and doThisThatAndTheOther() void methods. Young developers are happy with it because it works and they continue writing the same kinds of idioms.

Arguing for change in code this bad will require a rewrite, which is hard to justify if you can only find potentially dangerous behavior vs. real bugs. Your only argument comes to, "Yes, the code works, but down the line this catch Exception block could result in unpredictable results." Folks who don't have years of answering to customers when these problems manifest don't see the danger.

Shirley, someone else must have been in this situation before.

Please mod this up. The article says Xerox administers the CalWIN program. Xerox would likely be responsible for at least smoke testing this patch, even though it came from HP.

Since the article isn't very detailed, it's hard to tell who is to blame most, but it seems at least as much blame goes to Xerox. I can think of many scenarios that would make it either companies' fault.

What if Xerox used nonstandard data structures for their CalWIN? It might not be possible for the program creator to imagine every possible scenario. That's why no one slaps an Oracle patch on a production system without first testing it for weeks or months beforehand.

At the very least, I'd expect Xerox to do a phased rollout of the patch to small group of users. If there are problems, many fewer people are affected.

From TFA:

These go to eleven.

For long term heat-proofing your home, air sealing is one of the most cost effective measures. Most energy loss does not occur through windows or doors. Even if the attic is properly insulated, if there are air leaks then hot air is infiltrating into the living area.

Many local utilities will do a blower door/infrared camera test on your home. When I did this, the "aha" moment was seeing that my kitchen walls were reading 100 degrees F. The reason was that the interior walls were open to the attic at the top of the wall, and hot air was circulating inside my walls. This made the kitchen extremely hot in the summer.

I hired a contractor to seal the air leaks as identified by the IR imagery, and the leakage of my house was reduced by 33%. My house now holds a more constant comfortable temperature. The next step was adding insulation, but this should only be done once the air leaks are sealed. Adding insulation to a leaky house does not stop the leaks. My city rebated about 40% of the cost of this work (it cost about $1700 combined).

Un-closed chimneys, dryer vents, and fan vents all leak energy. Try to seal your chimney when not in use, and install one-way dampers on other vents where possible. It makes a huge difference.

I live in a climate where it can reach 100F during the day, but it cools to 60-65 at night. I use a whole house fan at night to cool the interior down very cold, then shut all the windows in the morning. Last summer I went the entire season without needing A/C. I recommend AirScape fans because they are quiet, small, easy to install, and efficient (just a customer).

Don't think that just because your home is new that it is not leaking energy. Our local utility audited the leakiness of many homes and found that the most leaky ones were built in 1999. Before spending five digits to replace windows or upgrade your A/C, get your house energy audited. Otherwise you could be wasting money.

a guided missile is just a disposable drone?

The next big buildout in PCs will come from Television. As screens get larger, it will become easier to just use a TV with a keyboard/mouse instead of a PC.

Businesses will still use PCs. Power users will too. Everyone else will have a TV that functions as a PC, or a PC device that integrates with their television (DVR, streaming content). Most consumers will not want to buy a PC once the television can do everything the PC does.

Everyone else will still use smartphones and occasionally tablets. Dell would be smart to create a cheap, black box PC that is easy to use from the couch on a television display.

Could you not contract with oracle for extended support of their software on Itanium? I have heard of such things happening. It will cost a buttload, but probably cheaper than porting your code.

A big factor for me was the poor conversation. Most of it was "Hey, I'm on my way down such and such road. How's my signal?" That, and most of the regular users fit into the crusty old "git government out of my life!" category. I'd rather read user comments on my newspaper's website than undergo such torture. Ironic they are so in love with a Federally licensed service.

The only reason I renewed my license last year was because I'm often in the back country where phones don't work. Being able to hit a repeater 30 miles away on a walkie talkie is a big advantage when there is no cell service. Unfortunately, many back country repeaters have few listeners.

The board was changed out when Leo Apotheker became CEO last year. It is not the same board as under Fiorina or Hurd.

Are they replacing desktops or servers in this case? HP is not getting out of the server business, just consumer desktops and mobile devices.

FYI, every major computer company confiscates and destroys any legacy competitor machines when taking over a contract. This is to prevent the machines living on and making money in support and repairs for the competitor.

The CEO who bought Palm was fired last year

No, EDS is HP's Enterprise Services arm. They deal with proving and installing software produced by HP Software. HP Software is an entirely separate division, and is alone one of the largest software businesses in the world. Think of products like Server Automation, NNM, Client Automation, and Operations Orchestration.

Sure ES sells to governments and the same as any other integrator like Raytheon or CA. HP Software actually produces the products that get work done in all the major companies of the world

Arguing that tax deductions (tax expenditures) are not subsidies isn't fair. Even if all businesses get subsidies, clearly it's the *amount* of the subsidy that matters. Certainly you wouldn't argue that an industry receiving 10x the tax deductions of another is on equal footing.

Also, you have not considered that fossil fuel producers receive access to government-owned resources (land and minerals) at special rates. These deals cost the nation money and give fossil fuel producers an advantage not available to renewable energy producers.

True, the myth of lower taxes in Texas is false. I moved from Texas to Colorado (generally assumed to be a less conservative place), bought a more expensive house, and make more money, but my overall taxes somehow went down. The services I receive have improved too.