Forgot your password?
typodupeerror
Canada

Justification For Canadian Copyright Reform Revealed 96

Posted by Unknown Lamer
from the sanity-is-forbidden dept.
An anonymous reader writes "Michael Geist has used the Canadian freedom of information act to obtain a secret ministerial document on Canadian copyright reform that provides the government position on virtually every controversial issue from last year's Bill C-32. The government has no good explanation for its DMCA approach and calls provisions requiring the destruction of course materials part of an 'essential balance.' On the U.S. piracy watch list, it says 'Canada does not recognize the validity of the Special 301 process and considers it to be flawed. The Report does not employ a clear methodology in its country ranking, as it relies on industry allegations rather than empirical evidence and analysis.'"
Sci-Fi

William Shatner On Star Trek Vs. Star Wars 511

Posted by samzenpus
from the phaser-versus-saber dept.
tekgoblin writes "Star Trek Vs Star Wars has always been a hot topic of debate in the nerd world, I honestly don't think there is any comparison between the two. William Shatner voices his opinion on the matter as well and he says they are completely different too. I just don't understand where people get that Star Trek and Star Wars are similar in any way. Lets see what Shatner had to say on the matter."
Programming

C++0x Finally Becomes a Standard 398

Posted by Unknown Lamer
from the c++-ain't-what-it-used-to-be dept.
Samfer writes "On Friday August 12th 2011, the results for the final ISO ballot on C++0x came in, and the ISO C++ Standards Committee were unanimous in favor of approving the new C++0x (for now unofficially known as C++11) object-oriented programming language standard which is intended to replace the existing C++ standard. The new standard is to offer new and improved features such as lambda functions, concurrent programming functionality, direct data field initialization, and an improved standard library to name but a few." Although I haven't heavily used C++ in years, it is nice to see a decade long effort finally come to fruition. Especially nice is the support for type inference which should save quite a few people from RSI and make refactoring code a bit less obnoxious.
NASA

Atlantis Lands, Ending the Shuttle Era 256

Posted by CmdrTaco
from the we'll-miss-you dept.
Early this morning Atlantis landed at KSC in Florida. I've been following the trip intently ever since my trip to Florida to see the launch of the very last Shuttle. This really is the end of an era. Thanks go out to the thousands of NASA employees who made this happen, many of whom have been laid off. A number of them emailed me directly showing me pictures and sharing stories. I wish you all the best. As for America, here's hoping that we return to space soon.
Media

Sony Announces End For MiniDisc Walkman 191

Posted by timothy
from the bloom-is-off-the-rose dept.
Beloved of concert tapers for their small size, shock resistance, and long battery life, MiniDisc recorders never much caught on with the general public. I remember playing with one in the early '90s — before high-quality solid state stereo recorders were affordable — and looking forward to the day that I would have one of my own. Playback-only decks were available, but understandably (in retrospect) never became big sellers; when MiniDisc was introduced, CDs were still a recent comer, and 8-track was fresh in the mind. Music fans were probably tired of replacing their vinyl and cassettes with the Next Big Thing. Still, with its cheap media and decent portable recorders, MiniDisc struck a chord for some uses, and stuck around better than the Digital Compact Cassette. Now, 19 years after the introduction of the MiniDisc format, Sony has announced that it will stop shipping its MiniDisc Walkman products in September, though it will continue to produce blank media.
Displays

Computer De-Evolution: Awesome Features We've Lost 662

Posted by samzenpus
from the way-of-the-dodo dept.
jfruhlinger writes "If you listened to tech marketing departments, you'd believe that advances in computers have been a nonstop march upwards. But is that really true? What about all the great features early hackers had in the '70s and '80s that are now hard to find or lost forever, like clicky keyboards and customizable screen height? This article looks at much beloved features that lost the evolutionary war."

Comment: Re:241450 pages (Score 1) 310

by HiredMan (#36232246) Attached to: My current printer has printed ...

My LaserJet 4M (+ I THINK) died a couple of months ago after 10+ years of service. I actually stared at the phone-net to ethernet adapter for a few seconds trying to figure out what it was. Man, was that a blast from the past.

*SIGH* I think I'll go shake my fist at some teenagers and fall asleep in front on Matlock now.

=tkk

Comment: Re:Welp (Score 2) 306

by HiredMan (#36038914) Attached to: Sony Running Unpatched Servers With No Firewall

If you're relying on testing to protect your data, you're doing it wrong -- PCI outlines best practices to protect your data, scanning is only one part of the larger picture.

But they don't encourage the larger picture is my point. Their testing methodology encourages checklist thinking so you pass a limited test at 100% and you get your certification. Because you don't get any real protection from the certification - because they will retroactively deny your compliance after the fact - it becomes a necessary evil to be complied with not an active process. You're encouraged to think completely inside the box to get PCI certs but not rewarded in any way for taking a comprehensive security approach.

They will certify your computers as PCI compliant when they share domains with the unsecured network. Because you don't get any protection from PCI compliance and the testing is expensive the scope narrowed to computers themselves. Ignore the fact that I can steal credentials from the unsecured domain and then try them out on the secured PCI certified domain - to get the whole network certified is way too expensive so only do the minimum. And yes, I do know people who do exactly this kind of pen testing for PCI certified companies and that's exactly how you go about it. Your don't target the 5% PCI certified part of the network you look at the other 95% and work from there.

I've never heard that "no PCI certified system has ever been breached" and I'm pretty skeptical since I know a few ways to get data out our PCI compliant systems. However, If they found that you violated PCI standards, then you weren't really PCI compliant, were you?

They seem much more interested in maintaining the appearance of unbreakable security than actually creating a system than helps users the right thing. There is never 100% security, but rather than really help people achieve really good security they make you jump through hoops that encourage limited security scope examinations and then deny you any protection if you get breached. Their money would be much better spent on having a decent security over view of the entire network but instead they spend their money on a certification audit and then do a (worthless) internal "assessment" of the risks from the rest of the network.

It's like an ISO 9000 certification of a shitty product - they've certified that you have excellent management practices but your product is still shitty.

And back to something vaguely on topic I bet it was something like this at Sony. Their (criminally stupidly) unpatched public facing services probably didn't have any data they were worried about but they were connected to servers that did. If a simple network intrusion into an insignificant system yields a single login into a more important server that's all it takes. Major breaches are usually a chain of smaller security problems that get exploited in series until it actually adds up to something huge.

Comment: Re:Welp (Score 3, Insightful) 306

by HiredMan (#36036682) Attached to: Sony Running Unpatched Servers With No Firewall

definitely shows that PCI is bullshit ;)

PCI certification is joke. It's in the best interests of all involved to severely limit the scope of the "certification" - due to cost, time, intrusiveness etc.- so only certain areas get tested. You can have your "certified" PCI system hooked up on a network to a botnet but insist that only your PCI computer get "certified". It's like going to doctor and telling him your arm hurts but he can only examine your arm. When it turns out to be a heart attack and you die the doctor only gets to say "His arm was fine when I checked it."

They like to brag that "no PCI certified system has ever been breached" but that's because when you're breached they forensically figure where you violated PCI and retro-actively revoke your certification. It's worse than bullshit it's an expensive fig leaf of security theater.

Cellphones

White iPhone 4 Coming Today 195

Posted by samzenpus
from the black-tulip dept.
An anonymous reader writes "Initially, the white iPhone 4 will be available in 28 countries including the US, UK, Australia, China, Japan, and Italy. It will be available for a suggested retail price of $199 (US) for the 16GB model and $299 (US) for the 32GB model with a new two year agreement through the Apple Store, AT&T and Verizon Wireless stores (as rumored earlier) and select Apple Authorized Resellers."

Comment: Re:Just let the USPS die already (Score 1) 152

by HiredMan (#35900898) Attached to: Ruling Confirms Postal Service Discriminated Against GameFly

If that doesn't amount to the US tax payers subsidizing a failed business model, I don't know what does.

I don't think it sounds like that at all - I think it sounds like a schizophrenic "business" model. The USPS supplies mail to virtually everyone - that's their mandate. They maintain post offices in tiny places you wouldn't even consider towns and charge an extremely reasonable fee to move mail regardless of distance or address. They are an organ of the US government that has decided that almost all citizens should access to mail communications and I agree. What's crazy is to believe that they can do both things - run at cost and and fulfill the mandate to provide access for all.

The idea that the government should be run "like a business" when it is trying to do unbusinesslike things is the failed idea. The public good doesn't have a profit motive that can be measured in dollars and cents and therefore running like a business misses the point completely.

=hiredman

Movies

Blade Runner Sequels and Prequels Happening 334

Posted by CmdrTaco
from the he-was-a-replicant-people dept.
bowman9991 writes "The iconic science fiction film Blade Runner, based on Philip K. Dick's book and directed by Ridley Scott, will be followed up with sequels and prequels soon. Alcon Entertainment is in final discussions to secure film, TV and franchise rights. They are in the early stages of sorting out how to proceed and were not sure if Ridley Scott would be involved."

How many hardware guys does it take to change a light bulb? "Well the diagnostics say it's fine buddy, so it's a software problem."

Working...