Then don't smoke a joint. The standard sized joints that NIDA hands out for research are 0.7 grams. The amount needed to get this anti-inflammatory effect is roughly .02 grams, in other words 1 / 35th of a joint. There are also two different ways that you can get the same health benefits without any psychoactive side effects. First, you can get high-CBD weed. CBD is a non-psychoactive cannabinoid that basically cancels out the effects of THC. Second, if you juice raw cannabis it is basically non-psychoactive, because without heating or drying it the THCA never gets decarboxylated into THC. Here are a couple articles about this:
"The standard sized joints that NIDA hands out for research are 0.7 grams."
Really? That seems like a lot. I was a sporadic recreational smoker about 15 years ago, we bought marihuana one gram at a time and that gram would last us a weekend. Maybe the difference is in THC content; I bought in the Netherlands where quality is generally high and THC concentrations relatively high in higher-end varieties, from what I understand (I don't have experience with foreign varieties to compare it with). Then again, our usage customs are different from elsewhere in the world, too; we rolled joints out of tobacco and only sprinkled on some marihuana. When I told that to Americans they'd look at me as if I was crazy.
I think the spirit of your idea of a per transaction tax on financial products is a good one. I would balance the increase in government revenue with a reduction in tax on capital gains held more than 5 years as Cuban suggests.
So keep an eye on treasury bonds on monday morning. Rate goes up, people still believe the US is safe, regardless of S&P. Rate goes down, market sentiment mirrors S&P's rating, and that's very very bad.
Netscape 6 is (or was) the oft quoted example of why not to do this. All that old code may seem old and boring, but it has a huge amount of knowledge, wisdoms, learnings, fixed mistakes, performance improvements, great ideas, deleted bad ideas and security fixes built into it.
When you throw out your code you're throwing out all that knowledge on the assumption that you can build it all back with improvements.
Evolving an application from a known good state to a known better state is usually the best approach unless your codebase is small or your app has no traction.
Rewriting your app from the ground up is like getting divorced and dating a new girlfriend. The first few months are a lot of fun until you figure out how much you lost.
Without Netscape 6, we wouldn't have had Phoenix/Firebird/Firefox, and probably wouldn't have IE7, IE8, IE9 and KHTML/Webkit would have come about very differently and all these would have had much less competition.
Netscape 6, or at least the mere fact that it existed and worked well enough and the fact that it was the first browser ever that did standards well and focused on not much else other than standards, made it the most important browser ever created.
Netscape 6 was the most revolutionary browser project ever created and had the development effort behind Netscape 6 not been done, we would possibly have had a much worse very IE-only web today.
Never mind that beyond all that, Netscape 4 was terrible and deserved to be thrown out.
> Netscape 6 was the most revolutionary browser project ever created
I dont disagree with the general sentiment of your comment. But as someone who attempted to use Netscape 6 at various stages of its development, I fear that statement might be stretching facts a little bit.
You could also "cat /usr/local/wordpress/wp-config.php" and see the plaintext mysql username/password and inject malicious data into the DB, create/drop tables or databases depending on access level.
Problem is that then you can't auto install themes, auto update wordpress - and the script causing this vulnerability requires a writable cache directory under the wordpress root.
Yes, turning off the ability to execute arbitrary code on your server through your web browser will, indeed, turn off the ability to execute arbitrary code on your server through your web browser. I think that is a misfeature: if executing arbitrary code on your server could potentially do damage to your business (hint: yes), you should be SSHing into a terminal to do it. That combo will be 500,000x more effective at securing your box than the best efforts of Wordpress, PHP, and the fifteen year-old designer who coded your lightbox plugin after Googling "How to find file name in PHP".
See also my comments last week about the (lack of) wisdom in embedding a ruby shell in a web application.
Turning off the ability to execute arbirary code on your server through your webserver will also stop WordPress from being able to get security updates out to the millions of sites using it.
While I much prefer going through SHH to manage my sites, there are likely 10x as many WP sites run by people who can only FTP. There isn't really an ideal solution in this situation (apart from education) so I think allowing easy updates by having weaker security may be best. Maybe there is a better solution that still works for FTP. If so, file a ticket.
The WordPress Codex is a wiki and it looks like the docs on security could do with some improvements - sign up and help out.
You're confusing the issue. This isn't about SSH versus FTP: it's about whether or not the Apache user running your website can also write to the filesystem inside of your document root. The Wordpress update feature is actually able to use FTP as the means of updating the site.
That's true; I was oversimplifying the issue. Most shared hosting web hosts run PHP files with the same user that you FTP with. If WP can't update itself in these cases then the user cannot write files via FTP. If a user connects via SSH then chances are they are comfortable changing directory permissions to do an update.
Sam, you've certainly made an enemy out of every member of the Perl community with this sarcastic and incomplete post.
Once you've gotten through OReilly's beginner Perl books and "Programming Perl", if you truly want to learn how to scale Perl in the enterprise, read Damian Conway's Object Oriented Perl. Once you can write solid consistent OO Perl, read "Apache modules with Perl and C".
No, we are not all like that. Fortunately. The author states:
"A bunch of new people started at work and we use a lot of Perl in our department. So I put together some information about Perl and I thought it might be worth sharing so here it is."
The intro is okay, but it did not help Perl community at all. Besides, the article itself has some poor code. For example, if one wants returning nothing, return "" is a very bad idea, since to catch it in as array would make an one-element array which is true.
"Originally [the bandit problem was] considered by Allied scientists in World War II, it proved so intractable that it was proposed the problem be dropped over Germany so that German scientists could also waste their time on it."
