Slashdot Mirror

Here's a couple of examples of networks that exhibit a scale-free topology.

1. WikiWiki.

   This shows that Wiki sites are characterized by the Pareto distribution (a.k.a. power law distribution).

2. RPM dependency graphs.

   Out of curiousity, I wrote a quick script to compute the distribution of the number of links in the RPM dependency graph. It does seem to follow the Pareto distribution.

3. Slashdot

   Although I have no easy way of verifying this, my gut feeling is that the network of Slashdot users is also scale-free, if we define the notion of a link between two users as follows. User bobdc is linked to user bugbear, if bobdc has replied to any of bugbear's post (or submissions) at least once.

   This definition allows us to introduce the notion of a CmdrTaco number, similar to the Kevin Bacon number. Specifically, user Joe Schmoe has the CmdrTaco number of 1, if CmdrTaco has replied to any of Joe's comments. If Joe responded to wuliao's post, then wuliao has the CmdrTaco number of no greater than 2, and so on.

Pareto distributions are pretty common. For example, the number of downloads on SourceForge follows the Pareto distribution.

This page provides a fairly comprehensive list of further reading on the subject.

I meant here.

If my gut feeling is true, the TCPA enabled apps will probably detect prior-to-TCPA mobo's as *off*.

Yes, of course. From the FAQ:

Once the machine is in this state, Fritz can certify it to third parties: for example, he will do an authentication protocol with Disney to prove that his machine is a suitable recipient of `Snow White'. This will mean certifying that the PC is currently running an authorised application program - MediaPlayer, DisneyPlayer, whatever. The Disney server then sends encrypted data, with a key that Fritz will use to unseal it.

If you have no Fritz on your Mobo you can't certify with Disney. (Remember that Fritz needs to authenticate with Disney using a secret key buried somewhere deep down in the silicon)

It's the best book on the topic available.

Actually, I beg to differ. Security Engineering by Dr Ross Anderson is IMHO a far more rigorous treatment of this subject. Details are here. It's even just as easy to read as Schneiers book...Of course, Bruce is a far better at self marketting.

I am looking forward to getting Schneiers new Practical Cryptography book though (here).

You clearly don't understand the use of word "trusted" here. read this. If you want to make it short, start from question #24.

So long as the user selects which code will be trusted, it has great potential for good.

We already have code signing and confirmation before installs. The problem is that users trust the WRONG programs. Either this will increase the number of "are you sure you want this" (not removing the problem of people making mistakes). Or, more likely, the selection of which code to trust will be relegated to BIOS/MS/etc... that would also be bad...

TCPA is a platform for trusted computing whereas Palladium is a software by MS that sits on top of TCPA.
More here

Actually, the story of C and C++ goes as follows:

Before C there was B, before B there was 'BCPL'...
sometime after B, 'A' was being developed at UWaterloo (early 70s)(per my father's memory)

BCPL was/is a fairly simple language without types... it was designed in '66 by Martin Richards, and implemented in spring '67 by people at MIT

B and C, and C++ were all real languages that came out of Bell Labs..

It was always wondered whether the next language in the series would be called 'P' or 'D'

~Keithel

"There should be no-more BCPL derivatives!"

In fact there is at least one more. Martin Richards - who BTW designed BCPL (as a derivative of Christopher Strachey's CPL language, which I believe was never really implemented, being something of a crossbreed between LISP and Algol) - has written "MCPL, a typeless language with features taken from BCPL, C, ML and Prolog."

MCPL itself is actually written in BCPL.

-Lasse

You aren't supposed to trust the hardware or software - this system is not being created to protect the user from anything. The intent is to protect developers (of software or media) from the users.

See Ross Anderson's TCPA/Palladium FAQ if you really want to know what's going on.

So, is there a problem? Yes, there is. You can't modify the kernel. If you try, it will not be trusted by the TCPA chip and so no application running on that kernel can gain access to any feature, media or application that requires TCPA. Certifying a Linux kernel (or any other OS) as TCPA-compliant is expensive and you would need to do it for every modification of the kernel. What value is the GPL if you can't use the source to create your own kernel?

Ross Anderson's TCPA / Palladium FAQ has a more detailed discussion (excerpt from section 18):

[TCPA hardware is referred to as the "Fritz chip" in the FAQ]

TCPA will undermine the General Public License (GPL), under which many free and open source software products are distributed. The GPL is designed to prevent the fruits of communal voluntary labour being hijacked by private companies for profit. Anyone can use and modify software distributed under this licence, but if you distribute a modified copy, you must make it available to the world, together with the source code so that other people can make subsequent modifications of their own.

At least two companies have started work on a TCPA-enhanced version of GNU/linux. This will involve tidying up the code and removing a number of features. To get a certificate from the TCPA corsortium, the sponsor will then have to submit the pruned code to an evaluation lab, together with a mass of documentation showing why various known attacks on the code don't work. (The evaluation is at level E3 - expensive enough to keep out the free software community, yet lax enough for most commercial software vendors to have a chance to get their lousy code through.) Although the modified program will be covered by the GPL, and the source code will be free to everyone, it will not make full use of the TCPA features unless you have a certificate for it that is specific to the Fritz chip on your own machine. That is what will cost you money (if not at first, then eventually).

You will still be free to make modifications to the modified code, but you won't be able to get a certificate that gets you into the TCPA system. Something similar happens with the linux supplied by Sony for the Playstation 2; the console's copy protection mechanisms prevent you from running an altered binary, and from using a number of the hardware features. Even if a philanthropist does a not-for-profit secure GNU/linux, the resulting product would not really be a GPL version of a TCPA operating system, but a proprietary operating system that the philanthropist could give away free. (There is still the question of who would pay for the user certificates.)

People believed that the GPL made it impossible for a company to come along and steal code that was the result of community effort. This helped make people willing to give up their spare time to write free software for the communal benefit. But TCPA changes that. Once the majority of PCs on the market are TCPA-enabled, the GPL won't work as intended. The benefit for Microsoft is not that this will destroy free software directly. The point is this: once people realise that even GPL'led software can be hijacked for commercial purposes, idealistic young programmers will be much less motivated to write free software.

I lead the security group at the laboratory, where I hold a faculty post as Reader in Security Engineering.

I don't think Andersson is, as you suggest, biased against TCPA / Palladium and certainly not "heavily biased" (see Bill Arbaugh's comment below). His analysis does however point out very serious consequences of the TCPA / Palladium infrastructure. The consequences are what they are, Anderson just made a very good job in formulating them.

He is far from alone in his view on TCPA / Palladium. In fact, Bill Arbaugh, one of the inventors of TCPA (US patent 6,185,678 here), has second thoughts. His comment on Anderson begins:

We are all aware of the criticisms that the TCPA has received. Ross Anderson did a good job of explaining the problems in an abstract fashion, but I felt that there were some things left out (Privacy concerns).

By the way, trustedcomputing.org does not allow the general public to view the member list anymore. You can however see one list of 170+ member companies in Lucky Green's presentation below (links from http://www.cypherpunks.to/:

The slides from Lucky Green's DEFCON X talk, Trusted Computing Platform Alliance: The mother(board) of all Big Brothers, are now available in the following formats:

• PowerPoint (309k)
• PDF (511k)

Other resources with much information are:

• http://www.notcpa.org/
• http://cryptome.org/

You mean I'll finally be able to trust. . . my computer to reject spam, viruses, spyware, do what I tell it to, not do what I don't tell it to and not worry about it "phoning home" to my software and "content" suppliers without my express permission?

Wrong on all accounts, unfortunately. TCPA / Palladium is not a solution to those problems, and in some cases is exactly the opposite to what you would like. Read the FAQ, to see why.

Read it here: http://www.cl.cam.ac.uk/%7Erja14/tcpa-faq.html

The two last sections are worth repeating here:

24. So why is this called `Trusted Computing'? I don't see why I should trust it at all!

It's almost an in-joke. In the US Department of Defense, a `trusted system or component' is defined as `one which can break the security policy'. This might seem counter-intuitive at first, but just stop to think about it. The mail guard or firewall that stands between a Secret and a Top Secret system can - if it fails - break the security policy that mail should only ever flow from Secret to Top Secret, but never in the other direction. It is therefore trusted to enforce the information flow policy.

Or take a civilian example: suppose you trust your doctor to keep your medical records private. This means that he has access to your records, so he could leak them to the press if he were careless or malicious. You don't trust me to keep your medical records, because I don't have them; regardless of whether I like you or hate you, I can't do anything to affect your policy that your medical records should be confidential. Your doctor can, though; and the fact that he is in a position to harm you is really what is meant (at a system level) when you say that you trust him. You may have a warm feeling about him, or you may just have to trust him because he is the only doctor on the island where you live; no matter, the DoD definition strips away these fuzzy, emotional aspects of `trust' (that can confuse people).

Remember during the late 1990s, as people debated government control over cryptography, Al Gore proposed a `Trusted Third Party' - a service that would keep a copy of your decryption key safe, just in case you (or the FBI, or the NSA) ever needed it. The name was derided as the sort of marketing exercise that saw the Russian colony of East Germany called a `Democratic Republic'. But it really does chime with DoD thinking. A Trusted Third Party is a third party that can break your security policy.

25. So a `Trusted Computer' is one that can break my security?

Now you've got it.

Read it here: http://www.cl.cam.ac.uk/%7Erja14/tcpa-faq.html

The two last sections are worth repeating here:

24. So why is this called `Trusted Computing'? I don't see why I should trust it at all!

It's almost an in-joke. In the US Department of Defense, a `trusted system or component' is defined as `one which can break the security policy'. This might seem counter-intuitive at first, but just stop to think about it. The mail guard or firewall that stands between a Secret and a Top Secret system can - if it fails - break the security policy that mail should only ever flow from Secret to Top Secret, but never in the other direction. It is therefore trusted to enforce the information flow policy.

Or take a civilian example: suppose you trust your doctor to keep your medical records private. This means that he has access to your records, so he could leak them to the press if he were careless or malicious. You don't trust me to keep your medical records, because I don't have them; regardless of whether I like you or hate you, I can't do anything to affect your policy that your medical records should be confidential. Your doctor can, though; and the fact that he is in a position to harm you is really what is meant (at a system level) when you say that you trust him. You may have a warm feeling about him, or you may just have to trust him because he is the only doctor on the island where you live; no matter, the DoD definition strips away these fuzzy, emotional aspects of `trust' (that can confuse people).

Remember during the late 1990s, as people debated government control over cryptography, Al Gore proposed a `Trusted Third Party' - a service that would keep a copy of your decryption key safe, just in case you (or the FBI, or the NSA) ever needed it. The name was derided as the sort of marketing exercise that saw the Russian colony of East Germany called a `Democratic Republic'. But it really does chime with DoD thinking. A Trusted Third Party is a third party that can break your security policy.

25. So a `Trusted Computer' is one that can break my security?

Now you've got it.

MS have clearly hired proper cryptographers.

They certainly have, check out the names here for example. Gollmann, Leyland, Needham and Petitcolas are all pretty well known in crypto circles. Which asks the question: how can MS employ such bright people and still churn out insecure crap?

Although 2048 doesn't sound much more than 576, these are of course powers of two we are talking about. I fear the people attacking it aren't quite imagining what these kind of numbers mean.

Don't forget that there are sub-exponential algorithms for solving RSA/DH - so adding a bit of key doesn't double the time to solve. 2048 is still currently impossible though!

"May the A4s be with you!"

Sorry. :-) (Here's some info on A4, just to make this post a bit more informative!)

When I run my QR decomposition "benchmark", IBM's virtual machine always comes out about 20% faster than Sun's. It would still be a lot slower than C++ or Fortran, but the gap should be smaller. On top of that, IBM's license does not require you to accept a license which says the VM may install any software on your machine and that you automatically accept the license of that new software. See http://hal.trinhall.cam.ac.uk/~nrs27/java_eula.htm l for all the fun.

The revolution has been betrayed.

Linus, once a father of the new way, has now sold himself to the most hated enemy: Propietary Software and fascist control systems.

Properly tuned and filtered signals from photomultipliers can now reproduce what is on your CRT merely by catching a ray of light emitted from your room.

Time to either move underground, and/or line your walls and windows with aluminum foil =)

Optical Time-Domain Eavesdropping Risks of CRT Displays

Already done, at least in part. Take a look at the UTF-8 and Unicode FAQ for Unix/Linux

I've seen make work just fine with UTF-8 and other character encodings. You can build gcc with "--enable-c-mbchar" to turn on MBCS support. The kernel would need little or no modification to work properly - take a look at the "How do I have to modify my software?" and "What is UTF-8?" entries in the FAQ mentioned above:

Any Unix-style kernel can do fine with soft conversion and needs only very minor modifications to fully support UTF-8.

UTF-8 was originally called UTF-FSS (for "UCS transformation format, file system safe") UTF-8 was originally called UTF-FSS (for "UCS transformation format, file system safe")

Already done, at least in part. Take a look at the UTF-8 and Unicode FAQ for Unix/Linux

I've seen make work just fine with UTF-8 and other character encodings. You can build gcc with "--enable-c-mbchar" to turn on MBCS support. The kernel would need little or no modification to work properly - take a look at the "How do I have to modify my software?" and "What is UTF-8?" entries in the FAQ mentioned above:

Any Unix-style kernel can do fine with soft conversion and needs only very minor modifications to fully support UTF-8.

UTF-8 was originally called UTF-FSS (for "UCS transformation format, file system safe") UTF-8 was originally called UTF-FSS (for "UCS transformation format, file system safe")

Already done, at least in part. Take a look at the UTF-8 and Unicode FAQ for Unix/Linux

I've seen make work just fine with UTF-8 and other character encodings. You can build gcc with "--enable-c-mbchar" to turn on MBCS support. The kernel would need little or no modification to work properly - take a look at the "How do I have to modify my software?" and "What is UTF-8?" entries in the FAQ mentioned above:

Any Unix-style kernel can do fine with soft conversion and needs only very minor modifications to fully support UTF-8.

UTF-8 was originally called UTF-FSS (for "UCS transformation format, file system safe") UTF-8 was originally called UTF-FSS (for "UCS transformation format, file system safe")

It's exactly the same as if Microsoft changed the Windows license to say you could not run any GPL programs under the Windows operating system. Imagine the screaming that would take place if they tried that.

Microsoft are busy working on just this and it's much worse than you would imagine. See the TCPA/Palladium FAQ.

Translations: German, Spanish, Italian, Dutch, Chinese, Norwegian, Swedish, Finnish, Hebrew and French

I also got a free PS/2 out of them when I signed up :)

Mouse, keyboard or this?

Are there better solutions than turning into an attack dog, ala the RIAA and the MPAA?

This is essentially the argument for DRM. You want to be able to provide electronic information but in a way that it cannot be duplicated at will. Both Intel and Microsoft are working hard on making this possible and within a few years better solutions will exist than exist now.

So the short answer to your question is "sort of, but in practice not for another 2 years or so". I'm sure other posters will address the sort of solutions. If you want to know what's coming Palladium FAQ.

The more important issue as an academic press is where you are going to stand on the right to read. Academia depends on a relatively free flow of information that is inexpensive. By its very nature what you are asking to do is be able to control the downstream flow of information.

You may find that when the technology is available it is rejected by the academic community. You'll then have to decide if you are primarily a commercial agency providing digital content like Disney or Time Warner; or primarily an academic agency which supports freedom of information exchange even at the cost of lost sales.

Anyway I suggest the following essay on the moral issues. the right to read.

Anything by Iain M Banks, as long as it's got the M (Iain Banks is the same guy writing contemporary fiction - good, but not as good. Creator of the oft-mentioned Culture. Check out his ship names for an idea of the tone - dark, sometimes funny, often disturbing, always clever.

Liquid Audio's days are numbered [...] The board voted unanimously in favor of a $57 million stockholder cash payout. They would rather sell the company, but if there is no buyer then they would probably have to liquidate the company.

Sure, but will it play on your Trusty Palladium PC?

absolutely not.
But working for *Palladium* is evil.

This is so hot a topic, every nerd should be aware of it.
see this link.
the FAQ is here
also see this post

Other points:-

• Knoppix to take home. Can't overwrite the parents' precious files!
• Don't waste time installing. Just dd the file set to the students' disks beforehand.
• Have the same distro on all student machines.
• Be very familiar with the distro youself.
• Introduce a scripting language.
  • Ruby for the older students. FOX or Tk windows available.
  • Squeak Smalltalk for the younger ones.
• Be very visual. Kids need to see things quickly.
• Games, and more Games. It's supposed to fun.

In the beginning there was 'B', then came from it 'C'. Followed by C++, which is technically 'D'(stemming from the ++ operator).

How quickly history is forgotten.

Once upon a time (but by no means 'in the beginning'), on a continent so far away that the people spoke a language known as 'English', the sages of the City of Cambridge held colloquy with the sages of the City of London, and agreed upon a great programme and quest to create the ultimate programming language, which they named 'CPL', for 'Combined Programming Language'. And having named it, they argued and disputed for many bitter months about the nature of this language, and nothing was made which worked.

Then arose Richards of Cambridge, crying 'a plague on both your houses. I shall go off on my own and write a language which works, and I shall call it Basic Combined Programming Language, or BCPL for short. And this language shall run on a Virtual Machine, so that programmes[1] written in it shall be portable to all manner of hardware architectures.'

But this language went forth even to the land of the Merkins, for whom long words are unduly difficult, and so they had to make the name shorter. And because they (those primitive heathen) were not subtle enough to understand the value of portability, they also stripped out the virtual machine and made the compiler compile down to the bare metal.

And that was B, oh best beloved, but as you can see it wasn't the beginning.

[1]Richards also knew how to spell.

In the beginning there was 'B', then came from it 'C'. Followed by C++, which is technically 'D'(stemming from the ++ operator).

How quickly history is forgotten.

Once upon a time (but by no means 'in the beginning'), on a continent so far away that the people spoke a language known as 'English', the sages of the City of Cambridge held colloquy with the sages of the City of London, and agreed upon a great programme and quest to create the ultimate programming language, which they named 'CPL', for 'Combined Programming Language'. And having named it, they argued and disputed for many bitter months about the nature of this language, and nothing was made which worked.

Then arose Richards of Cambridge, crying 'a plague on both your houses. I shall go off on my own and write a language which works, and I shall call it Basic Combined Programming Language, or BCPL for short. And this language shall run on a Virtual Machine, so that programmes[1] written in it shall be portable to all manner of hardware architectures.'

But this language went forth even to the land of the Merkins, for whom long words are unduly difficult, and so they had to make the name shorter. And because they (those primitive heathen) were not subtle enough to understand the value of portability, they also stripped out the virtual machine and made the compiler compile down to the bare metal.

And that was B, oh best beloved, but as you can see it wasn't the beginning.

[1]Richards also knew how to spell.

But if I get a small PDA-gadget with lots of stuff, and has completely different text-entry UIs (speech recognition, dasher with some pointing device), then I'll consider it.

String theory has been the predominant contender....whereas strings are fine for describing matter, they do not explain the space in which they wiggle.

Of course, that's why we have Super String Theory and now M-Theory

String theory a predominant contender? Where have she been all these years?

I wanted to compare her 'forked' String Theory but I yet to find more papers from her...hmm...

Shouldn't that be 'trustworthy' and not 'trusted'?

See section 24 of Ross Anderson's Palladium FAQ.

is that they aren't made with techies in mind. If you think about, they are only "business tools" for executives. No self-respecting techie can use it to compile code, manage a network, or download the latest source.

The ideal PDA for a techie would have the following features:

-A command line with an easy to use text input system. Screw those on screen keyboards, give us a projected KB or better yet Dasher with headmounted eye tracking. The best format for data for a true techie is plain old text.
-A context sensitive command line. If you use a command with lots of output, the screen uses all of it, but if the command only displays a line or two, the output is formatted to fit at the top of the screen whil all screen controls are beneath. If you have large volumes of out put, you can split the screen up and shift between the two screens with a simple screen control.
-Remote compiler options. Imagine being able to code on the PDA and then submit the code for remote compilation on another machine on your network running a compiler daemon. Then the result is shuttled back to your PDA for testing.
-Network management tools. Being able to remotely administer your big machines with the PDA would be VERY useful. Combine that with eye tracking and you would be able to do real work while you're stuck in that boring meeting.
-A monocular eye display. That way you wouldn't be married to the tiny screen on the PDA for everything. You could use this and get a full rez 800x600 screen!
-A camera/sensor mounted to the other side of the visor so that images could be superimposed in real time over your virtual display. This would be used to "see" wireless network signals as they move through the air. Allowing for better configuration of wireless devices.
-Bluetooth for shortrange communication between you and other techie's PDAs.

Think about it... the PDAs of today don't have any of these abilities. They are too focused on business, instead of what eeally counts: computing for computing's sake.

1. Text-entry interfaces: I really don't want to use handwriting. My handwriting is terrible, so text-entry by handwriting on the screen is out. I could use a keyboard. Keyboards are ok, but not small ones, and I can bring around a big keyboard, so that's out too. It needs something different. I would like to have speech recognition that works well, so that I can talk to it. In addition, for noisy or for quiet places, it needs another interface, something like Dasher and the ability to chose between them with one click.
2. Decent bandwidth. That pretty much means UMTS, and while the city where I'm sitting is covered, it isn't open to the public yet.
3. Really tough units. I really don't want to say "sorry guys, I can go climbing today, because I can't afford the risk of breaking my PDA". I don't want the gadgets I have to control what I can do, then I'll rather do without.
4. I want everything to be in it. Phone, Ogg-player, etc. Yeah, I'm aware of the "if one thing breaks"-argument, but it is nice to have a single gadget rather than many different.

Meanwhile, I think I'll go for Siemens ME45 mobile phone. It should be pretty rough, it has a simple calendar that I can syncronize with KOrganizer. I'll use that until PDAs get good enough.

According to the article, the simputer sometimes crashes if left idle for a while... I mean, c'mon, guys...

Either way -- they should check out dasher for text input... much better than the methods described. There was a slashdot story about it a while back...

So Newton's own copy is still in Trinity Library, and I'm sure there are plenty of other copies around. What's all the fuss about?

"MS software can't trust you" (TCPA / Palladium Frequently Asked Questions).

Perhaps this FAQ has been covered, but if not, please post it for discussion (with credit to poster e.a.kendrick for submission). I am about half way through reading it and it is a chilling analysis of, and speculation on the potential uses/abuses of TCPA/Palladium and related issues.

• BMI Declare that all their future music CDs will be copy protected
• While EMI Germany do likewise, they also insult the complainant. (I'm informed it is even harsher than the translation)
• And soon you won't be able to return the CD if it doesn't work (UK)
• And beware of innovations (this article, beat you to it slashdot - nyah nyah!), as they may be slipping DRM in the back door
• Web radio was getting very popular, everyone was getting in on the act. Not any more. Only the big radio stations still broadcast.
• Microsoft joined the party with their "Trusted Computing" initiative, meaning *you* can trust MS software, Which in reality is a DRM thing (MS software can't trust you)
• Oh, and extending copyright. Courts admit that it can't be extended indefinately, but how long is a piece of string?

• Reuters sued for linking to a URL
• They haven't been the first to be sued for deeplinking. Check out This particularly fine example.
• How a single sniper is more dangerous than all the world's hackers combined

• Getting sued for silence
• Thanks to the CBDTPA, nearly everything *must* embed DRM. This includes cockpit voice recorders, digital speed cameras, hearing aids, and big mouth billy bass
• Even phoning a friend can breach copyright, 2 musicians copyright 100,000 phone numbers (dial tones).

• A review of the technologies shows that it is futile to protect CDs, (based on the assumption that new devices will more likely circumvent protection rather than enforce it)
• Richard Stallman (Free Software advocate) jumps in with a cautionary tale
• And a felt tip pen can bypass some protections

What about using DASHER. I am yet to see the project bear real fruit-it works- but it needs to be scaleable as an overlay and support a greater character set. Its still slow- only 20-35 WPM -but better than scribble pads....

Slashdot has already covered Dasher but here comes another application. It would be the perfect replacement for that proprietary and poor handwriting recognition. It's notably faster too.

If Microsoft makes a serious effort to make Windows easy to use, they could theoretically win the TCO fight, or at least beat the penguins.

The alternative is that Microsoft will try to raise the TCO for open source, by buying laws that criminalize open-source development, by turning the personal computer into a locked box that dispenses pay-per-view content to consumers, and by threatening "intellectual property" lawsuits against companies and individual developers.

Of course, that's just a paranoid theory. I mean, if things like that were happening in real life, people would do more than just whine about it on Slashdot, right?

You'll note that the FAQ (#6) says that its actually a defensive move for Intel but I agree that MS is doing the same with Palladium.

While considering a suitable reply to this thread, I stumbled across this and this

Fun

While considering a suitable reply to this thread, I stumbled across this and this

Fun

23. But isn't PC security a good thing?

The question is: security for whom? You might prefer not to have to worry about viruses, but neither TCPA nor Palladium will fix that: viruses exploit the way software applications (such as Microsoft Office and Outlook) use scripting. You might get annoyed by spam, but that won't get fixed either. (Microsoft implies that it will be fixed, by filtering out all unsigned messages - but the spammers will just buy TCPA PCs. You'd be better off using your existing mail client to filter out mail from people you don't know and putting it in a folder you scan briefly once a day.) You might be worried about privacy, but neither TCPA nor Palladium will fix that; almost all privacy violations result from the abuse of authorised access, often obtained by coercing consent. The medical insurance company that requires you to consent to your data being shared with your employer and with anyone else they can sell it to, isn't going to stop just because their PCs are now officially `secure'. On the contrary, they are likely to sell it even more widely, because computers are now `trusted'.

Economists have noted that when a manufacturer makes a `green' product available, it often increases pollution, as people buy green rather than buying less; we may see a security equivalent of this `social choice trap', as it's called. In addition, by entrenching and expanding monopolies, TCPA will increase the incentives to price discriminate and thus to harvest personal data for profiling.

The most charitable view of TCPA is put forward by a Microsoft researcher: there are some applications in which you want to constrain the user's actions. For example, you want to stop people fiddling with the odometer on a car before they sell it. Similarly, if you want to do DRM on a PC then you need to treat the user as the enemy.

Seen in these terms, TCPA and Palladium do not so much provide security for the user as for the PC vendor, the software supplier, and the content industry. They do not add value for the user, but destroy it. They constrain what you can do with your PC in order to enable application and service vendors to extract more money from you. This is the classic definition of an exploitative cartel - an industry agreement that changes the terms of trade so as to diminish consumer surplus.

No doubt Palladium will be bundled with new features so that the package as a whole appears to add value in the short term, but the long-term economic, social and legal implications require serious thought.

24. So why is this called `Trusted Computing'? I don't see why I should trust it at all!

It's almost an in-joke. In the US Department of Defense, a `trusted system or component' is defined as `one which can break the security policy'. This might seem counter-intuitive at first, but just stop to think about it. The mail guard or firewall that stands between a Secret and a Top Secret system can - if it fails - break the security policy that mail should only ever flow from Secret to Top Secret, but never in the other direction. It is therefore trusted to enforce the information flow policy.

Or take a civilian example: suppose you trust your doctor to keep your medical records private. This means that he has access to your records, so he could leak them to the press if he were careless or malicious. You don't trust me to keep your medical records, because I don't have them; regardless of whether I like you or hate you, I can't do anything to affect your policy that your medical records should be confidential. Your doctor can, though; and the fact that he is in a position to harm you is really what is meant (at a system level) when you say that you trust him. You may have a warm feeling about him, or you may just have to trust him because he is the only doctor on the island where you live; no matter, the DoD definition strips away these fuzzy, emotional aspects of `trust' (that can confuse people).

Remember during the late 1990s, as people debated government control over cryptography, Al Gore proposed a `Trusted Third Party' - a service that would keep a copy of your decryption key safe, just in case you (or the FBI, or the NSA) ever needed it. The name was derided as the sort of marketing exercise that saw the Russian colony of East Germany called a `Democratic Republic'. But it really does chime with DoD thinking. A Trusted Third Party is a third party that can break your security policy.

25. So a `Trusted Computer' is one that can break my security?

Now you've got it.

While this is true, remember that the UK does not have an elected head of state (that's the Queen), and the Prime Minister is not directly elected (he is in fact asked to do the job by the Queen - although she invariably asks the leader of the largest party).

In theory one party can (and have several times in the past) get a large number of votes and a small proportion of seats in the House of Commons - however, MPs are elected in local constituencies (and do a lot of work on local issues or as representatives of constituents) and this "link" is seen as extremely important.

This can also happen in an "instant runoff" system. If one party gets exactly 50%+1 1st-preference votes in 100% of the seats, it will get 100% of the seats. The main complaint with "simple majority" voting against instant runoff is that it allows "tactical voting". However, from the sounds of it in countries where this happens the "voting cards" simply move the tactical voting powers away from the voters and to the politicians - surely not very democratic.

It's also unfair to assume that campaign strategies would be the same if the system were different. If the President of the US were elected on simple majority of a single vote by every US Citizen then campaigning in marginal states would not happen and instead there would have been a lot more effort to get the vote out from disaffected or lazy voters in "safe" states (why vote if the guy you want to win will get through easily anyway?).

The student elections in my university are run on instant runoff/STV, with the additional requirement that "Re-Open Nominations" (RON) runs as an additional candidate. This is even worse because where you put RON in your preference ordering (and if you rank other candidates) becomes an even bigger tactical voting tool. They also count the votes "by hand" (moving piles of ballot papers when preferences are reallocated) which is SO prone to error that I wouldn't be surprised if the wrong person won the presidency last year (the margin was only around 100 votes). If you didn't trust machine-counting last time, it will only get worse if you make the system more complicated because the manual alternative is probably worse.

If you want more specific, in-depth information about Nethack (including some spoilers about dungeon depth, as you asked) then go to List of Nethack Spoilers which contains A LOT of information about Nethack. The other great thing about Nethack is that it's open-source, which should automatically get it kudos with most of the people here. :p