Forgot your password?

Comment: Re:The Canadian Exodus.... (Score 1) 1251

by fnj (#46770149) Attached to: Retired SCOTUS Justice Wants To 'Fix' the Second Amendment

Every single article of the Constitution requires common sense to interpret. Of speech the First Amendment says simply "Congress shall make no law ... abridging the freedom of speech". It doesn't say the President will not executive-order that nobody can say anything mean. It doesn't even say that States can't infringe on the freedom of speech. It doesn't imply that you can threaten people recklessly with impunity. Hardly anyone even claims it implies you can shout "fire" in a crowded theater when you have no reason to believe there is fire.

Do you really want a Constitution 10,000 or 100,000 pages long? One whose Second Amendment alone has to be constantly reviewed and updated because new devastating chemical and biological agents are developed, or something 1000 times more powerful than a nuclear weapon and weighs only one pound is invented?

Comment: Re:The Canadian Exodus.... (Score 1) 1251

by fnj (#46770033) Attached to: Retired SCOTUS Justice Wants To 'Fix' the Second Amendment

Since an "arm" is defined as a "weapon", then you see no limit. The qualifier in "small arms" is there for a reason - because "arms" are unlimited. I don't think you will find much company. Your suggestion that maybe the 2nd Amendment needs to be qualified is well taken, although arguably a guy driving an M1A2 tank with a nuclear demolition charge aboard down the street is not "bearing arms", and a lot of us think it is plain enough that the clear intent is not to allow unlimited weapons in private ownership.

The Constitution is supposed to be interpreted with common sense. If it tried to spell everything out to the nth detail, it would be 100 times its size. It would probably be the size of the tax code or the Affordable Care Act, and nobody who finished reading the 5000th page could possible remember what it said on page 10.

Comment: Re:It's crap (Score 1) 1251

by fnj (#46769765) Attached to: Retired SCOTUS Justice Wants To 'Fix' the Second Amendment

Interesting that you phrase that control in the past tense. A two-bit IED kills you just as dead as a million dollar smart weapon. And you don't measure the victor by who suffers the least casualtes. The victor is the one left standing on scene after the fury ends. The one who, in the end, cares more about the outcome and is willing to endure. As such, the best it can possibly end for the US at this point is a draw. The worst is an outright loss.

So I'll tell you what happens when you pit guys with rifles and IEDs against a standing army and air force. A lot of people on both sides are killed and maimed, but eventually the standing army finds something else to do, or in the domestic case gets fed up and goes home, the indigenous people endure, and their aspirations have not been killed. Remember Vietnam?

If the purpose of the Afghanistan conflict was to punish and run off an evil regime supporting the civilized world's enemies, that was accomplished with stunning effectiveness and economy within a year. That was the time we should have declared victory, left a threat that the same devastatioin would be visited again if such an evil regime ever returned, and left the hellhole alone. The remaining 12 years were just dick-yanking - not the guys on the scene; the morons directing US policy. Leave the hubris of nation building entirely to those whose business it is - those who live there.

Comment: Re:Dear Stevens (Score 1) 1251

by fnj (#46769321) Attached to: Retired SCOTUS Justice Wants To 'Fix' the Second Amendment

Much as I agree with your points a, b, and c, actually your oath to support and defend the Constitution would obligate you to honor this amendment, properly enacted, just like any other part of the Constitution. I don't think the oath restricts you after your term of enlistment ends, though. You fall back on the same love of country and countrymen, and if the Constitution were to be so corrupted, then the regime would become the enemy.

Comment: Re:Bad suggestion (Score 2) 1251

by fnj (#46769097) Attached to: Retired SCOTUS Justice Wants To 'Fix' the Second Amendment

To a European, used to being able to walk down the street without being threatened by guns ...

Baaa. Baaa. Get a clue. You are not free from being threatened by guns. Any terrorist or criminal willing to break the law can acquire a gun and threaten you with it. What you are free from is the opportunity for self defense in broadly equal terms, or being helped by other lawful citizens on the scene.

Comment: Re:It's crap (Score 1) 1251

by fnj (#46768935) Attached to: Retired SCOTUS Justice Wants To 'Fix' the Second Amendment

Oh, terrorists can run the US military out of Iraq and Afghanistan with its tail between its legs, but the US' own more numerous citizens could never hope to do the same? Really?

A 30-03 cartridge in a bolt action rifle, or a 38 special in a revolver, kills you just as dead as an AK-47 whether you are surrounded by artillery, tanks, and airplanes or not. Even if the military is all wearing body armor, I bet their faces and limbs are exposed.

Comment: Re:The Canadian Exodus.... (Score 1) 1251

by fnj (#46768603) Attached to: Retired SCOTUS Justice Wants To 'Fix' the Second Amendment

Do you think there are ANY weapons which should be restricted in terms of private ownership? An M1A2 tank? A 155mm howitzer? How about a nuclear bomb? These are all well within the financial means of billionaires to acquire. I am asking seriously. I consider myself as strong a supporter of gun rights as anyone, but I see the need for SOME limits. Most likely I would draw the line roughly at machine guns - I mean machine guns should be fine, but the above examples should all be limited. Clearly, nuclear, biological, and chemical weapons are way over the line.

Comment: Re:So while all of this was happening (Score 2) 707

Remember, disarming people is to keep the strong in power.

Of course. That's because you CAN'T disarm "people". Only a moron thinks you can. All you can do is disarm the MEEK people. The PREDATORS will find a way to arm themselves. You fools out there, try to think. I know it's hard, but try. The police are not there to protect people. They are there to protect the State. The "protect and serve" is just fascist window dressing.

Comment: Re:de Raadt (Score 1) 279

by bmajik (#46761037) Attached to: OpenBSD Team Cleaning Up OpenSSL

Ok, I actually think you, me, and Theo all agree :)

1) We don't think a specific technical change would have _prevented_ the issue.

2) We all agree that better software engineering practices would have found this bug sooner. Maybe even prevented it from ever getting checked in (e.g. suppose the codebase was using malloc primitives that that static analysis tools could "see across", and that the code was analysis clean. Could this bug have existed?)

Comment: Re:de Raadt (Score 1) 279

by bmajik (#46760367) Attached to: OpenBSD Team Cleaning Up OpenSSL

Who has claimed that using the system allocator, all else being equal, would have prevented heartbleed?

Who has claimed that heartbleed was an allocation bug?

I understand what freelists are and do.

The point here is that rigorous software engineering practices -- including the use of evil allocators or static analyzers that could actually understand they were looking at heap routines -- would have pointed out that the code implicated in heartbleed was unreliable and incorrect.

If you read the link you pointed at, after making a modification to OpenSSL such that coverity could understand that the custom allocator was really just doing memory allocation, Coverity reported 173 additional "use after free" bugs.

There are bugs from years ago showing that openSSL fails with a system allocator.

Don't you suppose that in the process of fixing such bugs, it is likely that correctness issues like this one would have been caught?

Comment: Re:de Raadt (Score 5, Insightful) 279

by bmajik (#46759527) Attached to: OpenBSD Team Cleaning Up OpenSSL

Actually, it is you who are wrong.

Theo's point from the beginning is that a custom allocator was used here, which removed any beneficial effects of both good platform allocators AND "evil" allocator tools.

His response was a specific circumstance of the poor software engineering practices behind openSSL.

Furthermore, at some point, openSSL became behaviorally dependant on its own allocator -- that is, when you tried to use a system allocator, it broke -- because it wasn't handing you back unmodified memory contents you had just freed.

This dependency was known and documented. And not fixed.

IMO, using a custom allocator is a bit like doing your own crypto. "Normal people" shouldn't do it.

If you look at what open SSL is

1) crypto software
2) that is on by default
3) that listens to the public internet
4) that accepts data under the control of attackers ... you should already be squarely in the land of "doing every possible software engineering best practice possible". This is software that needs to be written differently than "normal" software; held to a higher standard, and correct for correctness sake.

I would say that, "taking a hard dependence on my own custom allocator" and not investigating _why_ the platform allocator can no longer be used to give correct behavior is a _worst practice_. And its especially damning given how critical and predisposed to exploitability something like openSSL is.

Yet that is what the openSSL team did. And they knew it. And they didn't care. And it caught up with them.

The point of Theo's remarks is not to say "using a system allocator would have prevented bad code from being exploitable". The point is "having an engineering culture that ran tests using a system allocator and a debugging allocator would have prevented this bad code from staying around as long as it did"

Let people swap the "fast" allocator back in at runtime, if you must. But make damn sure the code is correct enough to pass on "correctness checking" allocators.

Never trust an operating system.