Slashback: Flashmob, Currency, Verification

The first Slashback in a while, with updates and reactions to previous Slashdot stories, including a Flash-mod supercomputing reminder, the upside of microwave-tested currency, CUPS' user-interface foibles, an alternative to MD5 sums, and more. Read on for the details.

Reminder of your scheduled spontaneous appointment. Zero_K writes "As previously posted on Slashdot and the NY Times, the University of San Francisco's, Computer Science department is building a 'flash mob' supercomputer on April 3rd. On their newly updated official web-site (Main Site, ISO's) the team has now posted the ISO image of their custom morphix that will be used to boot all the computers into the cluster, documentation is on the website (under 'downloads') and on the CD (index.html). I personally plan on downloading and testing this ISO tonight. And after the cluster is taken off line, there will be a massive LAN PARTY (Possibly one of the biggest in San Francisco...) On a 10-Gigabit LAN...Oh sweetness ... So if you are in or around the SF Bay Area on April 3rd, be sure to sign up and bring your laptop or desktop to campus and help make history."

Whaddya mean, "no pun intended"? Rudiger writes "After the dust (no pun intended) has settled around the whole Operation Dust Bunny thing, McAfee updates their signature database classifying Dust Bunny as an application. To be more specific: 'This program is detected as a "potentially unwanted application."' They also say 'This is not a virus or trojan.' Should we leave it to the experts this time?"

Would you read Atlas Shrugged on this screen? An anonymous reader writes "The so-called 'electronic paper,' being a high-clarity monochrome display to become a foundation for comfortable and inexpensive 'electronic papers,' has finally shown its face. The new electronic paper, which looks a bit like an iPod, has 10MB memory, keyboard, Memory Stick PRO slot, voice recorder, speaker, and headphones output, and USB2.0 interface."

(We mentioned the device yesterday, but this link provides better images of it.)

Now they're Pragmatic Publishers as well -- much success! AndyHunt writes "As you may have heard, the Pragmatic Programmers have started their own publishing company (see Slashdot reviews here and here). We've just signed our first outside author: Mike Clark, editor of the JUnit FAQ and developer of JUnitPerf and JDepend. He'll be writing the eagerly-anticipated Pragmatic Project Automation book, the third volume in our Jolt Productivity award-winning series."

Exactly how many bits, Ma'am? And in what order, did you say? jlcooke writes "Two months (almost to the day) after getting slashdotted for an innocent post to sci.crypt - the MD5CRK project has launched. The aim is to get the thousands of applications and websites to drop MD5 for SHA-1 or SHA-256 by finding a counter-example of a security requirement in MD5. Press Release is here."

How to take criticism, by example. slashdot_commentator writes "Eric S. Raymond has recently written a wonderful piece explaining to the Linux zealot why it may not be the operating system of choice of all users. (Or what user aspects open source developers need to focus on to further Linux World Domination.) The op-ed specifically focuses on the CUPS printing system. (But it would be a mistake to dismiss it as a screed against CUPS.) The CUPS authors surprisingly acknowledged ESR's points, and he wrote a followup to the article."

Hitting them where it figuratively hurts. Ian Wilson writes with a followup to the Slashdot post earlier this month on "website thieves stealing content and designs from others, taken from silicon.com. Well, now silicon.com is reporting that it has contacted the offending site's advertisers and forced them to stop paying ad revenues - thus effectively crippling the illegal site - after all, no revenue, no reason to the run the site."

Express your appreciation with PizzaPal. Chuck writes "After you guys published the article on $20 bills exploding when microwaved, a co-worker of mine went to put his soup in the microwave and found a $20 bill in it. Too bad it was an older one, but someone around the office must have left it in there after reading your article. The co-worker then took me out to lunch. Thanks, Slashdot!"

McAfee problems...

[lukewarmfusion]

The other day, there was a bitTorrent link in the article, and I realized that I didn't have Bit Torrent installed. So when I went to download it, McAfee told me it was Spyware.

Bit Torrent is spyware?

Yet another reason for me to hate McAfee.

Re:McAfee problems...

[Kenja]

There are two good AV programs for Windows that I know of, F-Prot and Command. Both will run you around 25$ a year and both run very light. I've had to turn them off when playing games, but other then that they dont have any problems.

Re:McAfee problems...

[spacecowboy420]

AVG baby - free for personal use, updated FAST found @ grisoft.com. I liked it so much I bought licenses for the entire company. No slips yet - for over a year.

Re:McAfee problems...

[ryanr]

According to Bram, McAfee is currently flagging anything that uses the NSIS installer, which BT uses for recent builds. It's a false alarm, as noted.

Further, make sure you download the Official client from the Official site. Suprnova has been purposely running a banner ad for a couple of months now for a BT 3.3 client that IS laden with spyware.

Re:McAfee problems...

[Verteiron]

Try Avast Antivirus. The home version is free for personal use and keeps itself more up-to-date than any other AV I've ever used. The scanning engine is light and fast. The pro version for businesses is extremely powerful and flexible and runs $40.

They're also beta-testing a Linux A/V client, they actually FIX BUGS when people post them to their forum, and all-in-all a few of the other A/V companies could learn from them when it comes to ease-of-use, auto-updating, and product support...

E-paper

[Fiz+Ocelot]

I'd love to be able to condence a lot of my books into something like that, but it's still just too small. It should fold out to two sides for one thing since many books are written in a format with that in mind. (at least text books for classes).

If they can do that, make notes using handwriting easy (no recognition required), I'd love that...

But I bet the main opponents to this would be book publishers who charge exhorbiant amounts for "new editions" where hardly anything was changed. oh well.

Wow..

[msimm]

ESR just jumped A LOT of points in my book. I haven't read anything so dead on in the community in ages. But add to that his level of tact and his *gasp* sympathy for the user. Wow. Definitely worth the read.

Re:I'll drop MD5 in a heartbeat...

[clifyt]

Thats strange -- are you feeding it the same data?

I have a few implementations of MD5 that I use for various apps that ALL give the same results. Sometimes you have to make sure that character sets and otherwise are being processed that same way, and it all comes out the same way.

Lets see -- I have the PHP builtin function, a perl implementation (for systems that don't have it built into the OS), a Javascript one and one that was for just plain ASP (not the .NET -- never used it yet. Hell, I use it to pass off authentication between these languages when I can't get away with using the same language through out. All work exactly the same...and I'm not even that great of a programmer...

The Insanity of Blind Autoconfiguration.

[The+Monster]

How exactly can you verify that there's not a Windows print server on a non-local subnet that you want to use?

I thought the same thing, and emailed ESR to that effect on the 11th of this month:

I have been saying for some time that the biggest hurdle for Linux right now
is the difficulty of configuring the system for a non-geek. But I can't go
along with you on this:

> If the preceding rules leave just one choice, so inform the user and go
straight to the form for that queue type.

I spend a fair amount of effort getting character-based tools (Bourne
scripts that run on SCO Open Server, AIX, and occasionally HP-UX and Linux,
to be precise) for non-technical users to work, including the frequently
daunting task of autodetecting configurations to come up with reasonable
defaults. I have learned the hard way that autodetection is never 100%.
Even Microsoft gets this - their 'Wizards' always have a check box or button
for [x] Let me choose/configure/whatever. Just because no Jet Direct is
found on your local subnet via autodetection doesn't mean that you don't
want to configure printing to it. It might be on the other side of a
router.

Should autodetection offer the most likely prospects for what the user
intends? Absolutely. But there must always be a clearly-labelled way to
explore other options. It's easy enough to do...

Which printer do you wish to configure?

Windows Print Shares:
[ ] \\DEXTER\HP HP DeskJet 656c
[ ] \\DEEDEE\EPSON Epson Stylus C84
Unix Print Shares [LPD]:
[ ] pana@192.168.1.200 Panasonic KXP-1100
HP JetDirect:
[ ] 192.168.1.50:9100 HP LaserJet 4L
[ ] 192.168.1.50:9101 Dymo SE-300
[ ] 192.168.1.50:9102 Generic Centronics
OTHER
[ ] I don't see the printer in this list.

[ <- Back ] [ Next -> ] [ Cancel ]

He hasn't replied to my email.

MD5 colision demonstration.

[rixster]

For all those interested in the MD5 signing of a message and how "impossible" it is - take a look at www.cryptool.org and the demonstration under "Individ. Procedures" -> "Attack on the hash value of a signature". You may be (unpleasently) surprised about how easy it is to match two completely different documents to have the same MD5.

Re:Is it just me.....

[jpop32]

Setting up a printer in Linux was one of the first things I did after I figured out how to install it, and surprise surprise all i had to do to get it working was, wait for it, READ THE MANUAL.

And in the Windows, installing a network printer goes like this: Select 'add new printer', click next, check 'network printer', click next, click next, select the printer from the list, click next, click finish, admire the test page printed out on the remote printer. Windows user is done before Linux user read the first page of the manual.

Do you for a second believe that Linux way is better in this respect?

Is it really so much to ask that people learn how to use the tool they choose to use properly? Is it so much to ask that people know how to read?

Joe Q. User (you know, the one Linux needs to win over in order to establish world domination) answers: Yes, and yes. I want to install a printer, not read something. If I wanted to read something, I'd go to the library.