But did you read the article. So let's say plea bargain doesn't exist, then you spend years in jails waiting for a trial as opposed to copping a plea and maybe get timed served.
Speedy trials are a constitutional right enshrined in the 6th Amendment; the only reason a person would spend years in jail waiting for trial is if they have explicitly waived their right to a speedy trial, which is either their fault or the fault of their incompetent legal counsel.
Edit: In California, this is 60 days after arraignment for a felony. In the 5th Circuit (i.e,. the South) this can be up to 2 years. Most jurisdictions are between these two.
Or an utterly broken legal system that disproportionally victimises people too poor to hire legal counsel that actually have the resources to present an effective attack on these abuses.
This has been a massive ongoing problem in New York. The state gets away with regularly saying they're ready to proceed, get a court date well into the future, and then ask for more time again when the court date gets closer, and effectively gets most of the time "not counted" for the purpose of the court considering any claims about the lack of a speedy trial.
They grind down defendants without sufficient resources to get anywhere before said defendants find it too gruelling and plead guilty. It's a system so broken that we even get cases like this[1] where someone who "beat it" ended up committing suicide afterwards.
If plea bargain doesn't exist, then everyone gets the same sentence for the same crime, and this sentence needs to be the average between plea- and guilty (otherwise new prisons will be required).
According to the numbers in the article, if everyone had a go in court, the waiting list would only grow and people would be spending their whole lives waiting. Since that's surely more unacceptable than what we have, it presumably wouldn't be tolerated and something else would be done to make it work. Like more courts or quicker/cheaper process.
Actually not. I'm the maintainer of a popular Open Source project that is hosted on Github. If someone stole my credentials, they could replace the current release with a binary containing a Trojan.
Looking at the security history page I see a lot of failed login attempts. Makes me glad I enabled 2-factor-authentication!
It's a great way to distribute Open Source software. (Previously Mattt hosted it on a personal Amazon S3 account which he paid out of his own pocket; now bandwidth is generously paid for by Github)
I don't know about you, but I seldom read through all the source code of the open source/free software I use. Yeah, even when I actually compile it myself.
If someone would slip in rogue code - it's quite likely some to many would actually run it and deploy it. Especially if it's a fast moving piece of software - like being so rapidly developed that distribution packages can't keep up for either time or stability reasons, leading people to compiling/deploying from source themselves.
Many large companies use them as a SaaS dvcs provider for private, closed source repositories. They provide a great tool for an agile workflow at a good price, what more is there to say?
Obviously I have nothing to go on for this, but just guessing, it would seem to make sense that:
- Of all users, only a small subset would have private repos
- Of those users, only a small subset would have private repos that would be of interest to third parties
- Of those users, only a small subset would have a weak enough password to allow brute force
To reverse it, of these accounts that were hacked, I can't see many of them having private repos that would be of interest.
And if so, then this would seem a bit excessive.
I know that's a lot of ifs, but it seems reasonable. I would be interested to see the number of total accounts vs. the number of accounts w/ private repos.
- That private repos are the only thing worth targeting. What if you could inject a trojan into a popular open source project? You could do a lot of damage that way, probably way more than on private repo, because so many people incorporate them in their products. Imagine they hacked the Rails repo, for example. Worse, some repos host binaries, for which a meddling would be harder to detect (a bad idea, but doesn't mean it doesn't happen).
- That the users being attacked are random and not specifically targeted based on who the user is and what the work on. Not sure if that's the case or not, but I see no reason to assume it.
People often reuse user/password combinations. So if attackers can find working combinations here, those are combinations that they can try elsewhere as well.
We work with credit card vendors and to me, it seems like an easy business. You have many companies that want to be PCI compliant and they want to save money and they want reliable service. With credit card processing, it is really quite easy . Charge a credit card, validate, reject, etc. Can you handle all of my transactions? Is your API clean?
The one issue I see:
* Some vendors are slow. E.g. 3-5 second transactions
* Too expensive
* No good PCI compliant user interface. E.g. if I want to embed an iframe into my application. These are kludgy.
Other than that, what a great market to be in. And not just credit card transactions but banking/ach transactions, wire transfers, the whole 9 yards.
Unfortunately, it is not that easy because you are just one part of a larger financial system and have to deal with horribly outdated banks, etc.
I used to work at WePay and a lot of the complex technical work we did was to make sure that the craziness and unreliability of the entities lower in the chain never reached our customers. In a credit card transaction there are multiple parties including the issuing bank, the acquiring bank, the processor, the gateway, the card network, etc. Issuing banks in particular often return bogus error codes, time out, or have provide inconsistent results. I remember Delta SkyMiles rewards cards being particularly problematic.
And with payments there is very little margin for error because you are dealing with people's money. Customers get very upset when you cannot charge their card, and it is not helpful to try to explain that the problem is downstream (for example the issuing bank is returning bogus error codes). The worst is the dreaded "general decline"; which is when an issuing bank declines a CC transaction but doesn't tell you why.
The ACH network is even worse. There is no synchronous way to determine if an ACH transaction was actually successful. NSF errors (not sufficient funds) can come in 3 days after the initial transaction. I hope that Dwolla's planned ACH replacement actually takes off because it would be a huge improvement.
Plus, a lot of people feel that software should be free across the board. Most people are paying for the hardware. So if Canonical wants to sell stuff, they better get involved in the hardware side of things.
I am pissed off. I am a life long linux user and Ubuntu has done great work.
I am really starting to see Ubuntu used for the desktop in various companies.
But nobody gives a shit enough to invest in their technologies. I think edge is a great idea. I will buy (once the phone is available). That is my contribution.
Not everyone thinks Canonical is that virtuous or inspiring. Note that they can do whatever they want, but that doesn't mean the rest of us support them. Some examples.
They have a contributor license agreement, which is unpleasant enough on its own, but it also allows them to take code proprietary. Note that contributors can't take Canonical's code proprietary, so this is an unequal relationship.
They don't have an instinct for free (as in freedom). eg they kept launchpad proprietary for years, landscape still is, ubuntu one server is etc. ie the vibe that comes across is that company advantage takes first priority, and freedom second. In some places this has helped - eg shipping access to proprietary drivers has meant that Ubuntu just works for more users.
While design by the public would never work, it is possible to be more inclusive such as letting anyone subscribe to mailing lists even if everyone can't post.
The Amazon issue and others in the past (eg media player affiliate) was another symptom of Canonical first, everyone else second. Canonical essentially took all the money raised, rather than acting as a clearing house and only taking a finder's fee.
The problem with current cell phones is problems with openness. Unless you have open drivers for all of it, you are the mercy of other providers and it isn't really your phone. Mark Shuttleworth in Reddit AMA "So in this first generation Edge, no, we didn't look for open hardware specifically".
Ubuntu is not Linux, and don't mistake their agenda.
A contributor license agreement is commonplace in several projects including those that are open source. To find an issue with Canonical's use of one would also imply that you take issue with other organisations using the same agreements, such as Owncloud, Diaspora, the Apache Foundation and even the Free Software Foundation.
Secondly, the consumer would rather software with stability and functionality rather than visible source code. The prevalence of users using binary drivers on Linux demonstrates that.
Users seeking a completely FOSS experience are free to use those distros that offer that, however the overall experience will be worse than those which allow the easy installation of binary drivers.
And just because you say Ubuntu isn't GNU/Linux, by definition you are wrong as they fulfil all the requirements of a GNU/Linux distribution.
The amount of misinformation and bias in your post is actually quite intriguing.
> Secondly, the consumer would rather software with stability and functionality rather than visible source code
Err, you are agreeing with one of my points. However this is not good for consumers in the long term since they will be restricted by whatever the producers of binary blobs and closed drivers decide to do. For example if the vendor decides not to support particular architectures, or update with kernel changes then tough luck.
> And just because you say Ubuntu isn't GNU/Linux
I was responding to the OP equating Ubuntu with Linux - ie supporting the Edge is supporting Linux. If for example Canonical said they would make sure the hardware was open/free, or at the very least that any rights Canonical negotiates for binary blobs and drivers would apply equally to the whole Linux community then that would be a good start. Heck many argue that binary blobs are drivers are violations of the GPL.
> The amount of misinformation
I would love to correct factual errors. What are they?
> .. bias in your post ..
I was responding to OPs claims that supporting the Edge is supporting Linux, and implied that we all should do so. Supporting the Edge is supporting Canonical and only indirectly Linux. The reasons I gave are why I don't support Edge, and implicitly what Canonical could do to get my support. Everyone is free to make their own mind up, and hopefully I've provided some reasons from the dissenters.
I am from India, working on our startup - our running costs are USD 500 per month, thats what we are running on. If I was in a regular job, I would surely contribute to your campaign, but I cant afford it.
If I want to download Ubuntu Desktop, you are asking for donations, which I would love to give, but are taking payments through Paypal. You need to setup a payment gateway here in India - use the same systems we use to top up our mobile phones, so we can contribute to you, instead of going through Paypal (because I am not credit worthy, and there are govt rules too).
We might not be able to make big donations, but India has 1 billion people, and I am sure, India has quite a few Ubuntu users, and I am definitely a Happy one.
Privacy is not an issue with Unity's shopping lens, since Amazon cannot identify you apart from anyone else. If you don't want your search queries to leave your computer at all, then don't use a global search box (just like you don't type those queries into Google, either).
"We are not telling Amazon what you are searching for. Your anonymity is preserved because we handle the query on your behalf." --Mark Shuttleworth, http://www.markshuttleworth.com/archives/1182
Once again, "you can opt out" isn't a serious answer. It's a matter of policy to anonymize the data, and Canonical changes policies unilaterally. The feature isn't under the control of users at all, and that is why it's dangerous.
Canonical has made it abundantly clear that their users have no voice in the development of Ubuntu, in fact they've been quite hostile when confronted with their secretive and authoritarian development practices.
This seems undeservingly harsh. They have an opt-out system and that's "over the barrel"? If so, then if they were to hypothetically sell a users' list of most popular apps they ran or something like that, what would they be doing to the user and how would the barrel be used?
>Privacy is a serious question for businesses, and "you can opt out" isn't a serious answer.
It is a serious question for everyone and you provided no explanation other than your opinion as to why "you can opt out" isn't a "serious answer"
yeah, it is understandable to be annoyed when a good idea (even from a decent open-source company)doesn't get enough financial
backing when shitty ideas and products get funding from left and right.
I think you can use both. As Clojure is more dynamic in nature where Scala/Haskell are good compiled static compliments.
Large projects, I would go with Scala/Haskell and for front-end systems, I would use clojure.
Why do it this way? With clojure, you can easily modify data or small pieces of logic. Simply edit the script without the recompile. With the scala/haskell api or library, you probably need something that changes less frequently. That backend system may act as a core piece of your library.
...
And if you don't like that. You can do Python and Java/C# which can give you the same effect.
