Forgot your password?

Comment: Re:perception (Score 1) 312

Actually, the total tax burden for the working and middle classes in the USA is not that different from much of Europe. If you deduct the amount that the US citizen pays for health insurance from the amount that the EU citizen pays in taxes (while receiving socialised medical coverage), it's often quite a lot more. Part of the reason that the US has what appears from the outside to be an irrational distrust of government is that they get such poor value for money from their taxes. This leads to a nasty feedback loop (population expects the government to be incompetent, so it's hard to get competent people to want to work for the government, so the government becomes more incompetent, so the population expects...).

Comment: Re:Like "Anansi boys" better than "American Gods" (Score 1) 34

by TheRaven64 (#46744917) Attached to: Neil Gaiman Confirms Movie Talks For Sandman, American Gods
I enjoyed both, but I cringe at the thought of a movie version of either. If you have a description-heavy novel that's about 100 pages long, you can just about cram it into a movie. Anything longer, and you have to be quite aggressive about the cutting. Both Anansi Boys and American Gods have splits that would let them work quite well as a miniseries, but I can't imagine them as films without so much abridgement that they may as well be different stories. I've also not read Sandman, so I can't comment on that.

Comment: Re:I need electricity. I need it for my dreams. (Score 2) 214

Is it to do with wanting to reduce emissions? I'd have thought it was a much more pragmatic requirement. Fossil fuel extraction costs are going to keep increasing. The costs of alternatives are going to keep decreasing. At some point, they will cross over and at this point the value of stocks in a fossil fuels will suddenly drop. Currently, they are quite high and probably will be for quite a few more years (although increased difficulty in extraction is going to make expensive accidents more common, which won't help). Harvard expects endowments to last a period measured in hundreds of years. Now is probably a good time to start selling off the shares in fossil fuel companies, while there are still people who want to buy them at a high price.

Comment: Re:This is how America ceases to be great (Score 2, Insightful) 133

I was thinking about this the other day. The core problem is not lobbying, because it's perfectly sensible that people with an interest in a particular topic would want to talk to their elected representatives about it. The problem is unequal access to lobbying, and that comes from the massive wealth inequality in the USA and the fact that lobbying is expensive. Perhaps a better solution would be for each member of the electorate to have allocated a certain amount of their representatives' time.

For example, each member of the House of Representatives is responsible for approximately 500,000 people. Assume that they spend on average two hours a day talking to their constituents and the rest is spent in committees, or on holidays (since we're talking about an average). That's 2628000 seconds per year, or around 5 seconds per constituent per year (10 seconds per term). If you want to have a five minute conversation with a representative, then you must find 60 people all willing to give you their time allocations. Or 300 all willing to give you 20% of their allocation. If you want to have an hour-long meeting, then that's 720 people who must give up all of their allowance, or 3600 who must give up 20% (or any breakdown).

Comment: Re:Not malicious but not honest? (Score 2) 444

by TheRaven64 (#46723881) Attached to: Heartbleed Coder: Bug In OpenSSL Was an Honest Mistake
I'm not sure what testing OpenSSL does, but most protocol tests include a fuzzing component, and if the fuzzer didn't generate heartbeat packets with an invalid length then it's not doing a good job. This sort of code is routinely run by people outside the OpenSSL team to look for vulnerabilities, so I'd hope that they'd do it themselves. Generally, any field that contains a length is used in guided fuzzing, because it's easy to get wrong.

Comment: Re:Doesn't seem to be on purpose (Score 5, Interesting) 444

by TheRaven64 (#46723849) Attached to: Heartbleed Coder: Bug In OpenSSL Was an Honest Mistake
The date that it was added to the OpenSSL codebase is very close to the time when the leaked NSA documents claim that they had a 'major breakthrough' in decrypting SSL. I would imagine that they are not responsible for introducing it, but do have people doing very careful code review and fuzzing on all changes to common crypto libraries, so I wouldn't be surprised if they'd known about it (and been exploiting it) since it was originally released.

Comment: Re:He's sorry now ... (Score 1) 444

by TheRaven64 (#46723829) Attached to: Heartbleed Coder: Bug In OpenSSL Was an Honest Mistake

It always amuses me when GPL'd software contains a clickthrough insisting that you press an "Agree" button, when the licence specifically says that no such agreement is necessary.

In fact, by placing the requirement that someone agrees to the license before using a derived work of the GPL'd software, they are violating the GPL...

Comment: Re:Sue FSF, relicense all GNU software ... (Score 1) 444

by TheRaven64 (#46723813) Attached to: Heartbleed Coder: Bug In OpenSSL Was an Honest Mistake
The FSF requires copyright assignment for all of their projects, so they do have some quite valuable assets. They provide the original author with a license to sublicense their contributed code under whatever license they choose, but they are the only ones that can relicense the whole. For example, if someone else managed to gain control of the GNU assets then they could legally relicense GCC under an MIT license, allowing its code to be used anywhere.

Comment: Re:Not malicious but not honest? (Score 4, Insightful) 444

by TheRaven64 (#46723311) Attached to: Heartbleed Coder: Bug In OpenSSL Was an Honest Mistake
The point is not that a general malloc() would catch it, but that there are security-focussed malloc() implementations that will. Even valgrind will - it knows that malloc() has special properties and so will object if you derive a valid pointer to the wrong allocation by running off the end of another one. You don't need to use the security-focussed malloc() in deployment (unless you're really paranoid), you just need to support testing with it. Running this code with a malloc() that did aggressive bounds checking would have caught it immediately. That's something a continuous integration system and a test suite ought to have caught.

Comment: Re:I've worked with many Russians... (Score 3, Insightful) 132

Japanese products were initially low quality too. There have been a few interesting books on the subject of the change. In particular, several Japanese companies focussed very heavily on quality control processes for about a decade, which allowed them to dramatically improve their quality. Over the same time, the Japanese people who had been responsible for copying the designs became sufficiently familiar with them that they were able to initially improve them and then produce better ones.

The main factor stopping Russia or China going through the same transition is institutionalised corruption. It's hard to implement good quality control if you can't trust the people doing the inspections not to take bribes...

Comment: Re:Viva La XP! (Score 1) 641

by TheRaven64 (#46694205) Attached to: Meet the Diehards Who Refuse To Move On From Windows XP
XP was unfortunate to come out just before computers became fast enough for the vast majority of users. A 1GHz CPU and a reasonable amount of RAM is enough for a huge proportion of computer users. Before that, you'd buy a computer and it would be too slow, but it would be the fastest that you can afford (or that existed) and you'd upgrade when you could afford a replacement, because there'd be something faster out a few months later. By the early 2000s, the new computer wasn't perceptibly faster than the old one, so there was an increasingly small incentive to switch.

Comment: Re:Different views on a free market (Score 1) 223

by TheRaven64 (#46685327) Attached to: Why There Are So Few ISP Start-Ups In the U.S.
Most likely yes. Well, you could operate them over short distances on unlicensed bands, but to operate a mobile carrier (in most of the world) you need to buy a license for some spectrum. In the US, these didn't come with strings attached, so you ended up with some CDMA carriers and some GSM carriers, with no interoperability. In most of Europe, they came with a requirement to deploy GSM. Similar conditions were applied for 3G frequencies. In the UK, companies had to request regulator approval to repurpose their existing frequencies to new technologies. This was mostly granted (as long as it was for industry standard protocols). I don't know what LTE coverage is like, but I've not had a problem with getting an HPSA in any parts of the UK that I've tried, so I believe that it works and I know that any phone I buy will work with any carrier. Especially now, when spending over £100 on a smartphone is fairly common, knowing that doing so doesn't lock you in to a specific carrier is valuable.

Comment: Re:Ah, Crony-Capitalism! (Score 1) 223

by TheRaven64 (#46685221) Attached to: Why There Are So Few ISP Start-Ups In the U.S.

I'd have listed TalkTalk as the third large ISP, since they're the company that does the most LLU work. They install their own equipment at exchanges and only use BT for backhaul. There are quite a few smaller LLU operators, but BT dragged its heels to delay LLU rollout until they'd largely cemented their monopoly.

The problem with the split of BT retail and wholesale units is that there's no requirement for BT retail to make a profit. The wholesale part has to sell to BT retail at the same price that they sell to everyone else, but the retail division is able to operate at a loss and be bailed out by the rest of the company...

Comment: Re:Where do you draw the line? (Score 1) 645

by TheRaven64 (#46685033) Attached to: Should Microsoft Be Required To Extend Support For Windows XP?
Bullshit. They shipped Classic support right up until the last PowerPC release (10.5, 10 years after the first Rhapsody releases), years after pretty much every Mac user was running OS X-only applications. Try talking to some people who work at Apple or worked at Transitive some time about the dropping of Rosetta. Apple tried to rush a license agreement through when IBM announced that they'd buy Transitive, but were too late.

"Only the hypocrite is really rotten to the core." -- Hannah Arendt.