Jane's Intelligence Review Lauds Slashdot Readers as Cyberterrorism Experts

Last week the editors of the internationally respected magazine, Jane's Intelligence Review, asked Slashdot readers to preview an article on Cyberterrorism they had planned to run. But so many of you said (rightfully) that the article was lame, and so many of you had intelligent things to say on the subject, that the Jane's editors decided to trash the original piece and write a whole new one based entirely on your comments! And, in an unprecedented act of generosity, Jane's is going to *pay* those of you whose words make it into the final story, which is being written by Deputy Editor Johan J Ingles-le Nobel. Please click on the "Read More" link below to get the whole scoop directly from Jane's - including info on how to collect your money if you are one of the folks Jane's decides to quote.

Open source meets open source

What happens when you throw together open source intelligence (intelligence from non-classified sources) and the online open source movement? Jane's Intelligence Review (JIR), a leading specialist security analysis did just this, and the results were an eye-opener for all parties concerned. Writes Johan J Ingles-le Nobel, JIR Deputy Editor:

When you're confronted with a prospective article about cyberterrorism, as a journalist you know this is a massive emerging topic and that it will make a great story. After all, you've got to be both blind and deaf to have missed the unprecedented emergence of this thing known as the Internet, and that the day will come when, like anything else, it comes to be seen as a tool in the armoury of those that seek to harm and terrorise. Yet the very nature and vocabulary of the subject precludes a thorough understanding unless you're a programmer in the first place. Buffer overflows, denial of service, CGI, 128 bit encryption - such words are all anathma to the layman, yet crucial to a good article on the issue.

"JIR's choice at this point, upon receiving the article, was tough. It's great to get copy from someone you know to be very good on terrorism on this subject, but upon reading the article left me with more questions than answers - and questions that only qualified people could answer properly. I'm not referring to shallow 'such and so defaced a website' type of answers, but thoughtful responses metered with specialist knowledge. So what better way to find answers than to go online, to seek out expertise on the subject?

Unfortunately, finding good information online is not nearly as easy as it should be. Thankfully, months earlier I'd noticed a link to Slashdot posted on a web-hosting service owned by a friend of mine, and having followed the link, bookmarked it a long time ago. Thus, upon receiving the article and personally researching cyberterrorism to find out a bit more on the subject and having been alerted to the fact that a) Linux is the best 'programmer's' o/s environment, b) many webservers use Linux and c) you're looking at expertise in both these areas for sensible answers, there was really no choice but to ask the guys that actually do this stuff for advice.

In retrospect, I'm delighted that I did. 250+ comments and 35 emails from psychologists to network analysts, and from Sun engineers to Cambridge Dons later, The responses have been insightful and knowledgable, with many excellent points made. I've even had a lot of 'thank-you' type letters from computer security professionals for trying this approach. Of course, when you ask for feedback you get feedback - and since roughly 99% of the posters slammed the article, even saying things like 'we'd expect better from Jane's', I've informed the author that we're not going to run with it. Instead I'm going to cull your comments together and make a better, sharper feature out of it - I'll be getting in touch with several of you for more specific details or for more clarification. The article will thus go into December issue (published middle of November), I'll arrange to have it put onto the free section of the Jane's Intelligence Review website (yes, you do all get to see it, of course), and if you find your comments included, contact me at johan.ingles@janes.co.uk for payment at our usual lineage rates (yes, of course you get paid - after all, we are gentlemen).

In summary: wherever you may be and whatever you may do, a big 'thanks, guys' comes your way from just south of London, England.

Johan J Ingles-le Nobel,
Johan.ingles@janes.co.uk,
Jane's Intelligence Review.

um...

[j+a+w+a+d]

For those of you who don't know me, I also work under the name "Anonymous Coward". For all those constructive posts I submitted for the Jane's article, I'm willing to accept the money (that's rightfully mine, of course). :)

Re:um...

alright...you win. funniest thing i've read all morning.

time for bed.

Re:um...

[ToastyKen]

Hmm.. your echelon keyword dump seems more relevant than ever....

Very classy

[twit]

A classy response from what seems like a rather classy guy. Plaudits to Jane's.

--

Re:Very classy

Ditto. In fact I accused them of planning to do exactly what they have done, and called the article "flamebait", toward the end of my own post. Heh heh...

Bravo for Jane's! What we have here is a win-win situation for everybody, including the general public. The upcoming article (or series) will probably have an impact on national policy.

I love it when the good guys win.

Respect

[Lord+Kano]

Jane's has just gained LOTS of respect from me. This is the responsible thing to do. Instead of allowing some "Journalist" write about what he *thinks* about computer security they are going with people who KNOW what they're talking about.

How many of us have taken part in "Crack this Machine" contests? Granted most of us didn't win, but we all had good ideas about security that needed to be tested.

LK

Re:Respect

Are we sure that we want to help these people? Remember, the pricipal audience of Jane's are the people that will use violence to surpress civillian populace. Better to try and keep them in the dark as long as possible.

Re:Respect

[Zachary+Kessin]

I don't know that those are the pricipal audience of Jane's. They may read it. I take the general rule that the free expression of ideas is on the whole *BAD* for thugs and petty tyrents.

YMMV.

Re:Respect

[EmersonPi]

One of the things about the open exchange of ideas (be they source code or less structured dialog such as conversation) is that it is free to all.

I think it is best that everyone have access to these ideas, rather than a select few, or even just those who will use it for good ends. It seems that the widest possible spread of ideas is the best policy. There are bad side effects of such policies (i.e. those who use these ideas to oppress others), but I think the good effects (i.e. everyone who is interested knowing as much as possible) far outweigh the bad.

Suggesting that they should be kept in the dark also suggests that if they aren't told, they won't figure it out. I imagine that if they (I'm talking about the sort of people who have the resources to actually suppress people AND use computers as a part of that) are really interested in knowing these things, they probably already know it (how did you learn these things. Now ask yourself if you really believe that the aforementioned (really determined) people would be unable to learn (or have people learn for them) in the same ways that you did).

One parting thought: Regardless of how much information about computer security third world dictators (or anyone for that matter) possess, there will always be ways to hack into their systems. There may come a time when social engineering is easier (or when significantly different hacks become easier), but there will ALWAYS be a way around any barrier that is put up. I very much doubt that there really is such a thing as an impervious computer system (just ones that are hellishly tough to crack).

Re:Respect

[remande]

Consider Jane's guides to be similar to SANTA/SATAN. Both are publicly available. Both contain expertise usable to attack somebody. Because of this, both are actually more useful to defenders than attackers.

In the world of online security, it is better to have a publicly known weakness then to hide the weakness. If the weakness is hidden, then the Bad Guys share it among themselves and we don't know. If the weakness is known, we can post the moral equivalent of guards until somebody fixes the weakness.

Something like this should end up on sysadmins' desks pronto: they are our first defense against cyberterrorism. Fortunately, we here at Slashdot heard about it before publishing, and that means that a lot of sysadmins will know about this and be ready for it.

For anyone working at Jane's, I suggest that this article be target marketed to sysadmins. This would be a service to those people who keep our systems secure. This also would also increase circulation: rather than being targeted at a centralized military market, this is targeted at a decentralized computer security market. Unlike other forms of attack, this one cannot be defended by the military: cyberterrorism is best fought by a networked militia of private citizens and organizations.

Re:Respect

[trelyle]

Are we sure that we want to help these people? Remember, the pricipal audience of Jane's are the people that will use violence to surpress civillian populace. Better to try and keep them in the dark as long as possible.


What a concept. Has anyone seen the recent TBS showing of Animal Farm? Anyone notice how eloquent and civil the pigs were? Especially when explaining something ;something oppressive and deadly like military intelligence. Let's all be thankful that Microsoft marketing does not operate using these tones, or we would be looking at blue screens of death forever.

Sheesh

[Shanoyu]

It was bad, I hope you didn't have to pay him a Kill Fee (a percentage of what the aurthor would normally have been paid, if the article is 'killed', usually very hard to get.)

It's kind of odd that you're looking to slashdot for this sort of thing about cyber terrorism, I mean theres really not that much of a story behind it and quite frankly I don't see how theres a story here at all, it's like the "cyberwar" between Pakistan and India, it has an effect but it's negligable if one side does anything.


-[ World domination - rains.net ]-

Re:Sheesh

[J.+Pierpont]

>quite frankly I don't see how theres a story here
>at all, it's like the "cyberwar" between Pakistan
>and India, it has an effect but it's negligable if
>one side does anything.

I dunno. What if the Indians or the Pakistani knocked out the central banking infrastructure of the other country? Or disrupted central communications? A cyberwar could be quite effective.

-awc

Re:Sheesh

[Shanoyu]

It just wouldn't happen that way. The bank networks are closed off, and even if they weren't contengencies are far too easy to have for such a thing. As for disrupting communications, they have two choices, 1) blow up radio tower, thing that broadcasts to satilletes, etc. 2) break into the building and hax0r it.

I'll just go for 1, it's cruder but alot more effective. 2) could just be fixed with a simple contengency but it's far too surgical. To knock down the network you have to knock out the maintainers, otherwise you'll have a rather negligable effect, if Pakistan shut down India's banking network it would hurt them just as much as it hurt India simply because of how close they are geographically, even if they don't trade with each other, there are middle men in 3rd party countries to the conflict that would be hurt causing a ripple down effect of damage. As for bringing down communications there are just so many sources of it that although it would be possible to damage, the damage would need to be physical, not via the 'net.

Basically knocking down communications or banking infastructure wouldnt' be done over the internet.


-[ World domination - rains.net ]-

Re:Sheesh

[J.+Pierpont]

It wouldn't necessarily be over the internet, but a cyber war could be conducted nonetheness. eh. whatever.

-...

Re:sdfgs

[aqua]

Oh, that should definitely be cited in the article. "The difficulty with intrusion detection is the prospect of compromise to those components of the system necessary to detect the intrusion to begin with," said I.L. Milne, an expert at Purdue University's research center. Added one Slashdot reader on the topic, "First post."

Community Editing/Writing.

[Thomas+Charron]

Well, this is an interesting use of the Slashdot Community. We've taken a small step from a 'Feedback' community to actually generating stories. This could actually lead to something interesting..

Perhaps a section of slashdot for proposed stories to be discussed, with actual stories being a summary of comments, etc..

"From the Community, FOR the community"

Re:Community Editing/Writing.

[jeffcuscutis]

$5 says Jon Katz will have an article on Community Editing/Writing within 2 weeks.

--jeff

Re:Community Editing/Writing.

[Soggy_Man]

So will there be a second enter in the Jargon Dictionary for the Slashdot Effect?

Slashdot Effect: 1. Massive rise in Website hits after being linked to WWW.Slashdot.org. 2. Poorly written Technical Article ripped to shreds and completly revised as knowledgeable Slashdot readers provide comments to corrects errors in orginal.

Re:Community Editing/Writing.

Ah, but the dear Mr. Katz already brought up this sort of free information exchange in the "history" of the 21st century article.

Re:Community Editing/Writing.

[Thomas+Charron]

HeHe.. I think that already applies.. ;-P

AC $$$$

I would propose that any fees owed to the AC's of slashdot be donated to the FSF

Re:AC $$$$

[_egg]

Screw that! Send ALL the money to the FSF. The authors didn't expect to get paid for their comments and contributed their knowledge in the interest of open discussion. If that makes money, then feed it back into the process that created it in the first place, which is free software.

Maybe it could be earmarked specifically for security software...

Re:AC $$$$

[HeghmoH]

So you only deserve to make money from your actions if you expected to make money from these actions?

I hope I speak for a lot of people when I say "What the smurf!?!?"

I don't see how this follows. If anything, these people deserve more money, because they contributed altruistically. When one expects to be paid for a job, one generally puts into it only enough to be sufficient to be paid, unless this person also really likes the job. But when a person does a job not expecting money, he does it from the heart. The results are generally better. Which one more deserves to be paid?

Re:AC $$$$

[warpeightbot]

I would propose that any fees owed to the AC's of slashdot be donated to the FSF.

Good idea, only strike "FSF" and insert "OSF".

Hmm, we may have to put this to a vote....

Re:AC $$$$

[dufke]

Amen!

At least you speak for me.
-

Re:AC $$$$

[kannen]

First let me preface this by saying that I didn't respond to the original Jane's article, basically because I didn't feel I had anything of worth to supply. Here, however, I think I can be of help. Hate to mention this kiddies, but this is not a democratic institution either. The users cannot vote on what to do with the funds because those comments are still primarily owned by those that submitted them. However, /. might want to claim that since it was a post in a /. forum, /. owns all copyrights on said comments. Either way, its not a democratic issue. I think we're also overlooking how intrinsically cool this is for those who end up being quoted -> beyond the possibility of remuneration is the extra bonus of being used as a source for international intelligence by Jane's, the premier (non-government) name in the intelligence industry. That just rocks.

Re:AC $$$$

To quote the little green message that appears on the bottom of every slashdot page generated, "All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-99 Andover.Net."

Since there is no way for the rightful owners to claim the money, donating the money to charity seems to be the best option.

Re:AC $$$$

I WANT MY $2!

Re:AC $$$$

[Communomancer]

To quote the fine print on the bottom of your slashdot page:

Comments are owned by the Poster

Re:AC $$$$

[axolotl]

FSF then. My vote is cast.

axolotl

Re:AC $$$$

[jsm2]

hrmmm ... call me "crazy crazy black helicopters guy", but you can send my cash to the FSF if I get any. The idea of passing my real name and address to a bunch of known spooks who will then put me on a list of "people who take an unhealthy interest in computer security" does not appeal. Maybe it's paranoid, but I had a cousin in the 1980s who died in a car crash. Funny thing was, all his workmates died within the next six months, in similar accidents. Defence computing can be bad voodoo.

jsm

(Oh yeh, and it wasn't my cousin. Relationships have changed to protect traceable information)

Re:AC $$$$

To quote the little green message that appears on the bottom of every slashdot page generated, "All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-99 Andover.Net."

Which not only allows you to retain ownership of what you post, but protects them when PEZ(TM) comes by to see who's been diluting their trademark :)

Re:AC $$$$

[dufke]

Hehe... and I though I was paranoid. Try a little less X-Files. ;-) But seriously, I guess I'm less concerned since I live in a country (Sweden) where the military has relatively little power.

...on a list of "people who take an unhealthy interest in computer security"...

Somehow I think this list would be rather long - if they got everybody who is actually interested in security like the /. contributors. And I doubt military orgs will go for a hap-hazard list - they may not be known for their great morals, but at least they are proffesional...

-

Conclusive Proof

That people OTHER than script kiddies hang out on Slashdot?

AC Script Kiddie Wannabe (just kidding)

How will this work?

[Chalst]

I am interested to see how they will actually get this article written. Will it be a survey-style article organised by topic (eg. section of the availabe technologies, subsection crypotography discussing the balance of powers between white hats and black hats)?

It might not be a bad idea to put together a web resource of of the quality information available on electronic terrorism and countermeasures.

Well done, Jane's - will we see more of the same?

[Mr.+Slippery]

Makes me proud to be a /.er.

I didn't post on the cyberterrorism thread because by the time I got there all my points had already been made. Several times. B-> But congratulations to those who will be quoted in Jane's.

It will be interesting to see if this starts a trend. But on the other hand, they used to say "Go not to the USENET for counsel, for they will say both no, and yes, and `That's already answered in the FAQ, and..." (Or something like that.) And that was pre-AOL, pre-spam, pre-The-September-That-Never-Ended.

But, on the gripping hand (wow, Tolkein and Niven/Pournelle refs in the same post!), /.'s moderation would seem to help the best, most informative posts bubble to the top in such a discussion.

It would be interesting to set up a consulting organization along these lines. Or maybe even use the existing /. infrastructure.

Open source journalism

[tolldog]

I think that this is great. Having been a long time reader of /. I have begun to realize the depth and insight of the other readers/posters.

We are journalists, in a strange twisted way. We report what we know to educate others. Doing it in this sort of fashion, I beleive, is an amazing idea and concept.

I am begining to think that having this be open sourced is even more important than having open source software. Software completes tasks, but it does not shape and form our views on a subject. I t is about time that a place takes recognition of the importance of the community effort. People can not pull the wool over the eyes of many, not without a fight.

May the open source movement migrate into and improve all things.

Slashdot Press, Inc.

[interiot]

This could start a new trend... write articles based completely off responses to an "Ask Slashdot". Hire an editor to put the whole thing together and give part of the profits to the people with the best comments.

Of course, every piece produced would have to have the obligatory yea linux, down with microsoft, anything but open source sucks comments somewhere.

Re:Slashdot Press, Inc.

Would this signal the birth of Open Source Journalism, then? :)

Re:Slashdot Press, Inc.

"Cashdot", anyone?

Great...

[Rabbins]

Just inflate the egos here even more!

Look how far Slashdot has come

[jalewis]

I think this is a great commentary on how influencial Slashdot is becoming in mainstream media. It has evolved from nerd hang out to the place to see what is on the cutting edge. Something that created the dreaded Slashdot effect produced an article that was written by hundreds of people. The ultimate in bringing ideas together.

The future will only bring more of this type of group editing to the forefront of the media. I look forward to being part of it.

Kudos to Jane's for having the balls to do this and congrats to the REAL experts gettting some recognition.

jas

Re:Look how far Slashdot has come

[Chilli]

It has evolved from nerd hang out to the place to see what is on the cutting edge.

The nerds are the cutting edge - at least on the net.

Chilli

Can you say 'cred'?

[Mija+Cat]

This is an OUTSTANDING feat! Not only did Slashdot get recognition in a (fairly) respected mag, the freely-given replies were judged *better* than those of a professional, paid writer.

If you contributed (I regret I did not) then slap yourself on the back and treat yourself to a beer. Hell of a good job, humans.

A plea

[PD]

Dear Janes,

Now that Slashdot has helped you out, do you suppose you could talk to Electronic Arts and get them to release Janes' Fighter's Anthology and Janes' Israeli Air Force for Linux?

Sincerely,

Patrick Draper - a big fan

Re:A plea

[Evangelion]

While you're at it, Jane's WWII Fighters. And Jane's Longbow, and.....

Re:A plea

[RGreen]

Chances are slim. EA is a cutthroat company when it comes to only releasing for mass-market platforms. Those SKUs that have been released for Linux have done so because the original programmers personally wanted to and had done so for their own entertainment. It's hard to justify the risk/returns for 30+ person teams in 2-year development of an original title without a *lot* of commitment from corporate.

Worthy as it is, the Linux market will have to hit 10% or more of all gaming platforms before it even gets a sniff. Heck, PC sales are 30% of all games sales and Linux is a fraction of that. We regularly get Playstation titles selling x10 what the PC SKU does.

Darn those confounded consumers!

- Robin Green, Bullfrog Productions Ltd, UK.

Re:A plea

I used to work there (I worked on a Jane's title, even!), and can tell you that there's no way in hell EA will even consider Linux for a very, very long time. EA isn't into trying new things, as witnessed by the endless series of "$sportname $yearname" titles they've spewed out for countless years. The "newest" thing they're doing is "Michelle Kwan's Figure Skating", and that's a universal joke to the rest of the company.
Feh.
>

Oooops.... missed out the first time around

[nitehorse]

Well, who knows... worth a shot to give my own $.02 about it. However, I seriously do commend the Jane's editor for deciding to do this- using replies from a whole community and putting it into a magazine. Good idea; I personally was thinking of doing the same with the article yesterday about ethical/moral repercussions of euthanizing disabled infants. There was plenty of good discussion and if I was the editor of any magazine (HINT HINT) I would place all of the 2-level comments (or 3, if you're pressed for space) in an article of my mag. Just personal taste though. There was a lot of good discussion yesterday...

About CT, though- the main problem is that the general public at large uses Windows, and by it's nature Windows is insecure. For example, (and I konw that this was cited in the original, after reading the comments) Back Orifice. Yes, most of us here wouldn't touch it (at least, I doubt that most of you would) but the idea behind BO (and BO2K) is that it was written using STANDARD API's in Windows. Under UNIX, without any kind of user access, it is (AFAIK) exremely difficult to have a program installed in user-space (the BOserver) and through that program, remotely control the system without having any user access. If you can dupe the user into running any kind of trojan or the server itself (come on, imagination- if an email came from "techsupport@microsoft.com" with a heading "Security update for " and an attachment (the BOserver), how many clueless windows users would download and run it without thinking?

The idea that it was implemented with standard API's and from user space (giving the remote user even more control than the local user has) scares me. Good thing I don't run Windows... lots of lamers at school use BO for fun. But imagine MS's plan in full execution- WinNT or Win2000 (whatever they're calling it now) on EVERY DESKTOP IN EVERY ORGANIZATION. There are ways of remotely executing code, you know. And this tool (BO2K) is one of the reasons that governments worldwide don't use Windows. Period.

Re:Oooops.... missed out the first time around

[drewpt]

Not to defend Microsoft.

I've never run BO so forgive me if I'm wrong, but this is what I understand.

Someone executes BO on a Windows machine (either a user who downloaded it, or someone who has had access to the machine). Very similar to PC Anywhere.

When you're using Windows 95/98, you are the administrator. You have complete access to the machine, much like root has on a UNIX box.

Why can't this same exact thing happen on a UNIX box running under 'root'?

Another point...

For the most part only more "computer literate" people use Linux. As it grows in popularity, someday, it too will have the idiotic user that receives email from "techsupport@linux.com" telling them to run the Security Update.

Believe me, there are idiots using Linux today. I worked at a large company where an idiot who always logged on as root, delete his harddrive 3 times by mistake. You'd think he'd use 'rm -i *' after the second time.

Re:Oooops.... missed out the first time around

[LetterRip]

"... if an email came from "techsupport@microsoft.com" with a heading "Security update for " and an attachment (the BOserver), how many clueless windows users would download and run it without thinking? " This sentence makes an excellent case for having public crypto installed on every OS by default.

Then attachments like these would be far more trust worthy and naieve users wouldn't be nearly as likely to get burned.

just a thought...

LetterRip

Group Authoring

[Saraphale]

Kudos to Jane's. It's not only good that they asked for comments, and are taking note of what they received, but also that they're offering to reward those whose contributions are being published. Has anyone published an article in this way before? It's the first of its kind that I've encountered. I wonder what threshold Johan J Ingles-le Nobel had his preferences set to, or whether the comments were summarised for him.

Several points about the method come to mind. Firstly, how are they intending to honour payment to people who made particular points or comments, when their points may be rephrased (and hence made unrecognisable, even if the point is still understandable) for editorial reasons, or when several people may have made the same point?

Hmm, I remember articles a while back about how to properly distribute books, essays and monologues electronically, and still receive payment for them. It's a shame this method can't be used more frequently - it relies too much on simple honesty.

Can an article still have coherency, and a clear point, when the person collating all the points may not have as much expertise in the subject area as those that submitted the information? It's not easy to create a coherent article if the subject isn't your own, even if you have a series of excellent references. I'm not knocking the people at Jane's, I just see it as a difficult task to form the mass of /. comments into a single article that would fit in magazine format.

Good effort.

S.

Re:Group Authoring

[revnight]

well, i know that he read at least some of the responses directly off the site, as he replied to a couple (that i saw.)

along with that, his threshold was set to at least '1' (some of the posts he responded to were score '1' at the time.

my guess is that his threshold was set to '0,'...i doubt anyone told 'im about the moderation system. :)

Good, it's about time...

[Otto]

Too bad I was out of town when that article appeared, otherwise, I'd have thrown my $1.95 in (inflation is a bitch)..

Still, after having read the original article now, and all the comments, I'm glad someone is at least doing it right.

We read all these articles (usually by big name news sources) that get posted to /. , and the majority of them have a lot of errors, misinformation, FUD, etc.. While we can easily tear them apart here in comments, those comments are not read by the majority of the mass public who read these articles and do not read /. Therefore, they don't have the whole truth of the story, and their thinking is biased based on the crap the news media puts out.

The best thing about /. IMO, is the simple fact that you get one of the largest collection of intelligent people on the planet coming together to give you the truth behind the headlines. Sure, you get some crap thrown in there because of the open nature of it, but that's a small price to pay, isn't it? If I want to know the truth behind the latest news, I simply check /. and turn on the moderation. Even if it's not the whole truth, it sure is a bunch of interesting informed opinions.

Truly the future of journalism. :-)


---

Re:Good, it's about time...

[SolidGold]

I don't think that the articles on slashdot are the be all and end all though. I find most slashdotters are extremely biased towards open source etc.

For example, I always read at moderation level 2 just to cut down on how much there is to read. I find that about 90 percent of the comments have a very distinct slant. I attribute this to the fact that most slashdot readers have that slant and consequently most good comments are slanted.

On top of that, the moderators are also biased towards the prevailing slashdot outlook, and that means that the scarce moderation points are more likely to be spent on comments supporting the general slashdot opinion.

In short, I think that slashdot does a great job of providing the slashdot position on a subject, but does not give a complete picture of most subjects.

Re:Good, it's about time...

[acaben]

/. is an impressive forum, where some of the neatest, coolest people I know hang out and discuss all kinds of ideas relevant to Linux and technology in general. It's a nerd's paradise for me, and I'm glad to see that Jane's (and others in the mass media, I hope) are realising what a tremendous resource the /. community is.

However, I want to respond to one particular part of Otto's post. He says:

The best thing about /. IMO, is the simple fact that you get one of the largest collection of intelligent people on the planet coming together to give you the truth behind the headlines.

While we certainly have some amazing, wonderfully talented and creative people in the /. community, I don't think we can consider ourselves "one of the largest collection of intelligent people on the planet." This egotistical view feels good, I'm sure, but I think we equate our knowledge of computers, the net, and linux too often to that of intelligence.

I'm not egalitarian by nature, but I'm rooting against /. becoming a place for the "techno-snobs" to hang out, to the exclusion of others. With such a great community of users, we should be reaching out and using our resources to teach others about our passions.

The article in Jane is certainly a good starting point for how /. can reach out past the confines of all of us Technically Elites and help the general population (or, at least another subset) learn about issues that matter to us. Let's keep using our speciality to contribute to projects like this.

Re:Good, it's about time...

[Wah]

I agree that /. may not be the most objective site around, but the content creation model they have created (blatantly stolen from Usenet) is exceptional at organizing mass opinions. The moderation system (while it shows some of it's won bias) also helps to filter out the crap. The /. model is a good one to copy for anyone thinking about being a major news source in the 21st century. I mean what's more fun a)reading some comm. major's opinion, or b) reading said opinion and then discussing (bashing) it with 100,000 interested people. Pretty simple decision, besides as this article shows much of the content produced through this "open" "community" style is of much higher quality than the tripe that has to be finished on a deadline. Anecdotal evidence indeed.

Re:Good, it's about time...

[Nass]

... In fact, for me, a large part of the attraction of asking the site for comments was the fact that here you have 100,000 people moderating themselves, which cuts out the dross. Of course it's not perfect, but if you compare it with the open-source intelligence collection model, a crucial step in which is expert review, the similarities are there for all to see.

Johan J Ingles-le Nobel
Jane's Intelligence Review

Re:Good, it's about time...

[Otto]

While we certainly have some amazing, wonderfully talented and creative people in the /. community, I don't think we can consider ourselves "one of the largest collection of intelligent people on the planet."

Of course /. is "one of the largest collection of intelligent people on the planet." It just a matter of defining your terms correctly, and using correct English.

First, Slashdot has a large number of intelligent people. Not the brightest people on the planet (some are), but they are intelligent. Intelligence != genius here.

Second, /. has a subscriber base of what now? 300,000? 400,000? The majority of these are probably one time signups or throwaway accounts, so I'd say maybe 15% - 25% actually participate in the forums (these are rough numbers I just made up).

So, figure 25% of 400k, and that's 100,000 people. Even if the majority of those are idiots (stupid first post people), that's still ~50,000 bright people. Even allowing for the fact that I totally made up these numbers should give around ~(10k - 20k)... :-)

That's a whole lotta smart folks.

This egotistical view feels good, I'm sure, but I think we equate our knowledge of computers, the net, and linux too often to that of intelligence.

No, I equate intelligence to the ability to learn new things, to adapt to new situations.

To tie one own shoes.

I'm not saying this forum doesn't know a lot about the 'net, about computers, about Linux. They do. But a human being knows more than one thing. When was the last time you met a person who could do ONE thing and ONE thing alone? Well.. an intelligent person then. I know several managers who can't even do that one thing.

The point is that people who participate in /. aren't usually one-shot people. They're usually computer people by and large, general technologists, and then, well.. we all have our hobbies.


---

OK, now what about the payment ?

[rkt]

If I'm not wrong the magazine intends to pay those whos comment have been included in the final article. I'd be intrested to know how this kind of a task can be done without risking privacy of the users.


I don't mind malda giving out the actual email addresses, however I hope malda knows what comes next.


However, yes, I am very delighted to know something like this happened, and hope that the magazine also sends some contribution to malda for the website ;-)



rkt

Re:OK, now what about the payment ?

[methuseleh]

How can it be an privacy risk? He said (paraphrased): "Contact us, and we'll pay you what you're due." If you don't want to risk your privacy, don't respond. Simple, no?

--

Re:OK, now what about the payment ?

[BitPoet]

If this kind of thing becomes more common, why not have an "If for some reason a journalist decides to give me money, please send it to the following charity" field in the user preferences?

BitPoet

Re:OK, now what about the payment ?

[/dev/niall]

How can it be an privacy risk? He said (paraphrased): "Contact us, and we'll pay you what you're due." If you don't want to risk your privacy, don't respond. Simple, no?

For starters:

"All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster"

On the bottom of every slashdot page. Shouldn't THEY be contacting the authors BEFORE running with their comments?

Re:OK, now what about the payment ?

[methuseleh]

First, copyright infringement != privacy risk. By posting your comments in a public forum, you've made those comments public, not private.

Second, anyone who posted to the original article should have known that their comments could show up in the Jane's article. That was, after all, the whole idea of soliciting comments from slashdot. As the gentleman from Jane's states in the original slashdot article:

When we publish the article (17 November), if you'd like to be contactable on this issue use your real email address and we'll attribute your comments, otherwise use 'anonymous coward' .

If you didn't want to "risk your privacy" then you should've posted as AC.

--

Re:OK, now what about the payment ?

[/dev/niall]

First, copyright infringement != privacy risk. By posting your comments in a public forum, you've made those comments public, not private.

I beg to differ. Well, I'm not begging, I'm just differing. It's not a copyright issue in my mind. According to Slashdot, I *own* my comments. These people are taking something (information) belonging to me without my permission and using it to generate profit for themselves. How is this not a violation of my privacy again?

For the record, they're not taking anything of mine. I've long since given up commenting on security articles, theories, opinions, etc. because I'm afraid someone's going to open up a can of OpenBSD and slap me silly.

Second, anyone who posted to the original article should have known that their comments could show up in the Jane's article. That was, after all, the whole idea of soliciting comments from slashdot. As the gentleman from Jane's states in the original slashdot article:
[stuff deleteed]
If you didn't want to "risk your privacy" then you should've posted as AC.

Again, not a personal issue since I didn't offer anything worth stealing. But there's my point - taking something belonging to someone else without asking them FIRST is stealing. Putting a disclaimer on their post to the contrary is BS... you can't get away with crap like that under other circumstances.

"Oh, and by the way, regardless of the fact that you own [something], we may take it and use it for profit without asking you first. Inf act, not only are we not going to ask you, we're not going to even tell you! figure it out for yourself!Thanks!"

Is it a big deal in this case? Realistically - No. Morally - Yes. It is indeed a violation of privacy, and trust.

Re:OK, now what about the payment ?

[NMerriam]

i don't understand at all what you're talking about. You seriously are not making any logical sense.

The original article said "post here and we may print your comments". But you're saying that someone would somehow be surprised or upset by the idea that their comment would be published!? if you don't want to be published, don't follow the instructions for something that says "to possibly be published, do this..."! This is not a major theological or philosophical debate, if you can read plain english you clearly understand the implications of a simple "if...then" statement.

And even aside from the issue of everything being quite explicit, publishing someone's comments in no way "violates their privacy" if they were offered to a public forum! Public posts are not "private" -- this doesn't seem to be a complex idea. i'm not sure where the disconnect is...

Re:OK, now what about the payment ?

[/dev/niall]

don't understand at all what you're talking about. You seriously are not making any logical sense.

I'll make it REAL simple this time:

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-99 Andover.Net.

This is NOT a public discussion forum. Each and every post is owned by the poster.

Yes, I understand in reality this is not important. I am making a point. Regardless of what someone says to you before they do it, it is WRONG to take something belonging to someone else without explicity asking them for it.

if you can read plain english you clearly understand the implications of a simple "if...then" statement.

I'm pleased that someone else stooped to making snide comments before I did. It's unusual that I'm not the first to do so in a discussion. ;)

My bottom line: Don't take my shit. If it's not mine, don't tell me it is. There's the disconnect, not complex at all.

Re:OK, now what about the payment ?

[WNight]

You may own the copyright on your posts, but quoting someone's statement of opinion is almost always considered fair use. Especially if people are told before hand that all posts in a specific area are going to be used for such a thing.

In fact, your posting in such a forum is implicit agreement to the this.

And in the case that there might be two conflicting notices, such as, if /. said "We're using this one discussion verbatim in print, to illustrate ... post if you agree to these terms." and the bottom of the page said "you own your own message." the first, largest, and most prominent message would take precedence, especially because you only see it BEFORE seeing the secondary message.


I don't understand though how you can equate copyright violation with privacy violation.

You may *feel* violated in an undefined way if you feel that someone stole something from you, but if nobody knowns anything about you, it's unlikely that your privacy was violated.

Your privacy might be violated if /. posted your ip and usage logs. But, I don't a contract with /. that forbid them to do this.


Bottom line. I understand you could be feeling violated, and this feeling I can understand. But, you aren't going to get sympathy by stating this in an impercise manner. We're geeks, and we're anal. We expect that if you say something, you should know what it means.

Re:OK, now what about the payment ?

[/dev/niall]

Bottom line. I understand you could be feeling violated, and this feeling I can understand. But, you aren't going to get sympathy by stating this in an impercise manner. We're geeks, and we're anal. We expect that if you say something, you should know what it means.

Being a geek does not mean being anal. Get over yourself.

I don't even remember how this started so I'm going to shut my cakehole right after my final attempt to bring understanding to you anal folks:

All private message boards (which this certainly is, I don't see them syndicating or transferring these disscussions elsewhere) usually have a disclaimer stating that they may use comments for anything they want... customer testimonials etc. This site explicitly does the opposite, stating on every page of the site that "comments are owned by the poster".

How can I state this any more precisely? It's obvious - Comments are owned by the poster. Comments are owned by the poster. You can't renege on a clause that's on every page of your site, no matter what crap a third party puts in their post. Can you understand that?

Re:OK, now what about the payment ?

[WNight]

I can understand you, but you are wrong.

If you rely on a right to be granted, that right can be taken away. If the only claim you have to copyright on your own messages is /.'s saying that you own them, then they can supercede that with a message.

But, that doesn't matter. Not one bit.

Quoting someone is fair use. You can copyright your message that I'm replying to, but I can quote you from it for purposes or illustrating a point. And it's legal.

You can't change that. Doesn't matter how you feel about it. I could even legally quote you saying "And don't you dare quote this, I own it!"

Re:OK, now what about the payment ?

[NMerriam]

he's completely right that you're being either obtuse or just inaccurate with your words -- privacy is NOT AT STAKE here.

This is NOT A PRIVATE FORUM. I don't know what access method you use to get onto slashdot, but most of us simply use the internet and require no membership or proof of identity to participate. if you are paying dues or have a login in order to see posts, you're doing something wrong.

Slashdot is privately owned, but it is about as public a forum as any that could be concieved. Any person can post here, and person can read posts here. No exceptions that i know of.

if you strip naked in a 7-11 you can be charged with public indecency, because although 7-11 is a privately owned place, it is open to the public! if you strip naked in your local clubhouse, you cannot be charged with public indecency because you are not in a public place, you are in a private place where non-members cannot go.

Slashdot is open to the public, your remarks here are copyrighted by you but are still available to the public, and if a news organization uses them the very LAST thing you could ever charge them with is violation of privacy.

Slashdot

[GoofyBoy]

>Thankfully, months earlier I'd noticed a link to Slashdot
....
>having been alerted to the fact that a) Linux is the best 'programmer's' o/s environment, b) many webservers use Linux and c) you're looking at expertise in both these areas for sensible answers, there was really no choice but to ask the guys that actually do this stuff for advice.

Really? I like slashdot not because of Linux and webservers but because of;
1. Low noise to signal
2. Get my Karma up to boost my ego.
3. To vote for "Hemos/JarJar Sux".

Oh, and thank you for asking for my/our opinion.

If they use my comments,

[Hobbex]

(which is unlikely),

then "Cited as computer security expert by Jane's Intelligence Review" is going right on my resume. That has got to impress some perspective employers...

-
/. is like a steer's horns, a point here, a point there and a lot of bull in between.

Re:If they use my comments,

[platypus]

How about showing your slashdot karma points in your resume, now that we are "approved"? ;)

Re:If they use my comments,

As long as you run it through a spell check first. :-) AC #65265

Re:If they use my comments,

[Hobbex]

Naw, I can't spell. Wouldn't want to make a false impression.

I bet I'm the only programmer who bugs his code cause he can't spell "while" :-)

-
/. is like a steer's horns, a point here, a point there and a lot of bull in between.

Re:If they use my comments,

[pest]

Nope, thats me as well. And i thought i was the only illiterate programer.

Re:If they use my comments,

[Hobbex]

There is good reason for the expression "However dumb you are, there is always someone stupider."

Is "stupider" a word? :-)))

-
/. is like a steer's horns, a point here, a point there and a lot of bull in between.

Re:If they use my comments,

[pixelite]

i believe the correct term is more stupid...

---
if you can't figure out how to email me, tough.
---

Re:If they use my comments,

[Hobbex]

Is it "kidding more" or "kiddinger"?

-
/. is like a steer's horns, a point here, a point there and a lot of bull in between.

payment?

[mindchild]

Although it's right of her to offer money for compensation, my (personal) opinion is that we shouldn't accept it. We contribute to slashdot cause that's what we do, not because we get paid. I think we should apply this to this situation and happily thank jane for the offer, but smile and say no thanks.

If this becomes a regular thing, which I'm all for, and as some are suggestiong, this does bring up a different issue. That can be addressed later though.

Re:payment?

[Zachary+Kessin]

Why should we say no thanks. We are providing something of Value to Jane's. And they offered to pay us a few bucks for doing it. If they asked you or me to write a whole article then we would want to get paid. Hell if you want you can give any money they send you to a local charity. (I'm sure there are more than a few who could use the cash).

Re:payment?

[Michel]

We contribute to slashdot cause that's what we do, not because we get paid. I think we should apply this to this situation and happily thank jane for the offer, but smile and say no thanks.

I don't see why we should do that. Sure, being paid shouldn't be the primary reason for posting to slashdot. But if you're posting anyway, and someone decides s/he wants to pay you for it, why not accept it?

It's just like writing open source code. You do that because you want to, not because someone's paying you. (Or even if you DO, hey great job) But if you're writing code for an open source project and someone wants to pay you for it, why stop them? Programmers have to eat as well...

Hey, Linus himself is being paid to write linux code, should he refuse it?

What about other articles?

[Capt+Dan]

Kudos to Jane's. But what about other slashdot articles? I think that in order to get a complete veiw for their article Jane's should check out the slashdot archives as well. There are a number of interesting points brought up in archived posts that were not mentioned in the "Jane's needs you help" posts from two days ago. They may have been outside Jane's questions, but they are still valid.

A quick slashdot search for cyberterrorism yields:

FIDNET, Cyberwarfare, and Reality

CIA Considering Cyberwarfare


Pentagon Cyber Wars

Hackers Against LoU Cyberwarfare


They need a nice big picture. For example, interesting information on what is going on in the hacker community could come from the "Hackers Against LoU" article.

And wasn't there an article somewhere about the US Military running a massive test crack against themselves last summer? If I remember correctly, one of their teams managed to get into the systems of a Navy Destroyer?
"You want to kiss the sky? Better learn how to kneel." - U2
"It was like trying to herd cats..." - Robert A. Heinlein

Re:What about other articles?

[Paul_Taylor]

The destroyer problem they had was because the boats are using WinNT for command & control. They were having lots of problems with them blue screening, and stopping dead in the water. Not a good thing to have happen in a battle, that.

Re:What about other articles?

[GooberToo]

Personally, any ship with its main purpose being war should not be run with an OS that is a primary target for viruses. Just imagine the problems that they would of had with their BIOS wiped out. Furthermore, these could knock out their backup and triary systems too.
I do understand that this is probably a minor risk, however, when you add all of the risks together, I doubt that you're ever going to have more than 95% uptime. The last thing they need is more room for exposure.

Also, at one point in time, wasn't NT thrown out from just about everything else in the Navy except for clerical office work? If I recall, it was because it wasn't stable and failed to perform as promised.

Re:What about other articles?

[Nass]

Darn, is that true? If so, have you got any references/links that I can follow up please? Johan J Ingles-le Nobel Jane's Intelligence Review

Re:What about other articles?

[Awel]

Yes. The article was on /. in July of last year.
I`ve found the original story in the GCN archives. Interestingly, it`s only a month after the Navy first started the move from Unix to NT..

Re:What about other articles?

[Awel]

I`ve found something else out too. One of the Navy`s programmers said that the problem was that the Navy needed to upgrade their own software, not that NT itself was unstable.

What really scares me is the report of the enquiry into the fault, where they talk about training people to work around the glitch rather than trying to solve it. Here`s a quote:

SMCS managers are now aware of the problem of entering zero into database fields and are trained to bypass a bad data field and change the value if such a problem were to occur again, Sweigard said.

"Now that we know what can happen, we've realized how to bring the system back quickly," Petty Officer 1st Class Phillip Cramer said. "All we have to do is change the zero to any number, and everything comes right back up."

That is scary.

Re:What about other articles?

[PigleT]

Indeed. And what we all know is that they should put a trigger in the database so that that field automatically gets changed to -17 when a 0 happens... ;)

Different idea: did you know that in Ingres, you can declare a field to be 'not null' and go right ahead and insert a NULL into it? Causes no end of fun with Access, ODBC and key fields etc...

Lesseee.. that was the US navy, wasn't it? ... :)

Slashdot profits.

[afniv]

New poll, who makes the most money from Slashdot.

I'm glad /. is now profitable. I would hate to think I waste my time on /.. Now, if I could only earn money from reading /.. Maybe some some day, /.'ed will mean "get windfall of cash". Nah.

Seriously, I would like to echo everyone elses support for Jane's approach. I think this article will be very informative and demonstrate the type of knowledge /. can distribute/share.

~afniv
"Man könnte froh sein, wenn die Luft so rein wäre wie das Bier"

Re:sdfgs

[ToastyKen]

Now THAT is the funniest thing I've read all morning. :)

Oh really...

[squeakphd]

For all we know, this is just a plot to get the names/addresses of people the military would consider cyber-terrorist threats so they know whose phone to tap, etc.

Re:Oh really...

And they would get all the wrong people...! Stomped.

Parallel between journalism and the web?

[IIH]

In the early days of the web, there were fewer sites and finding information on the web was straightforward. Your favourite bookmarks covered what you wanted, and search engines covered the rest quickly. Now, there are a lot more sites, and a lower signal/noise ratio with a lot of irrelevent content. There are vast lists of sites covering similar topics, and search engines can't keep up. Result? People are switching to portals, or using more particular search engines.

Journalism it seems has to go down a smiliar path. Speed matters for a story, but accuracy and research count highly. Previously, you had journalists who were experts in their own field, and you had a breathing space to do research before the story went to the printing press. In this day and age, with news sites on line, stories break at "internet speed". Hence, reasearch needs to be as quick. Also, with the amount of new developments it's impossible to keep up to date with everything. Result? do an "Ask slashdot" for info, and you'll get a very quick response from several people that know what they are talking about, several revelent links to the subject matter, and a general view of how the topic is viewed on the ground.

It's an excellent method and a lot better than reissuing the same myths that seem to propagate. I think Janes should be commended on a big step in the right direction.
--

A colloquy ensued,...

[markhb]

in which perhaps the most salient point was made by an individual styling himself The Glorious MEEPT, who said simply, "MEEPT!"

Re:A colloquy ensued,...

[Athos]

Where is MEEPT these days?

--

Re:A colloquy ensued,...

[wilkinsm]

I miss MEEPT too, that's why I came up with "the slashdot group."

We need a better term

[grappler]

This might sound like a nitpick, but when it's a public collaboration producing an article or report, let's call it something other than "open source".

"Open source" grates on me when it is used like that - it implies a "source" that is more accessible than the final product. This makes perfect sense in software, where there is human-readable source and then there are machine-readable instructions. Opening the source lets people see the inner workings and change them around.

What we have here is a great new way of putting minds together to make an accurate, insightful document. In this case though, it is more about the new ease with which outside opinions can be solicited and incorporated than with the "open" nature of it. After all, anyone that sees the final product also sees the "source" - they are one and the same.

--
grappler

Re:We need a better term

[SolidGold]

when it's a public collaboration producing an article or report

I just wanted to point out that like any open source project this one wasn't entirely the product of slashdot. Most open source projects start out with the vision of one person who gets something working and then gives it to the public to improve.

Similarly, the original article however poor it was, is what generated enough discussion to produce the final improved article.

Re:We need a better term

[Drake42]

That's not entirely true. The real source of a story is all of the disparate comments, opinions, quotes and references that get culled down and polished to make the final story.

Since all of this material is available to be read on /. you could say that the source of this article is open. The article itself will probably only be a fifth of the size of all source material, plus the article will have a great deal of polish that the source will lack.

Additionally, Open Source is a term that people are coming to understand. It could and should be applied to other areas, as long as the term is used accurately. In this case I think it is.


"Spoon!!!" -The Tick

Drake42

Re:We need a better term

[Mars+Saxman]

Actually, if I recall correctly, they had the term first, and we stole it. "Open source", in intelligence-security-spy-whatever circles, refers to publicly available information sources like newspapers and television stations.

So if they want to use their version of the term to describe this article, who are we to argue? :-)

-Mars

Cathedral scaffolding needed first

[twilight30]

Mr Ingles,

I think doing the article this way is asking for excessive digression -- at this stage. Take a look at the comments posted already. The best way (in my opinion--feel free to disregard this) to approach this is to **first** provide an editorial structure, or scaffolding, if you will, of topics in this area you want to consider. Then ask Slashdotters their opinions on the subject areas. If you don't provide at least **some** editorial guidance your job will be made a hell of a lot harder.

Just my devalued two cents' Canadian
twilight


(yah, I know my sig's screwed up!)

The morons at Ziff Davis should be reading this.

They often quote us Anonymous Cowards in their articles, usually picking the most offensive ones and making it seem like Anonymous Cowards are representative of everyone here. As if what WE say means anything!

Define irony

[scottm]

What an ironic post. Anyways, one of the reasons I love slashdot is that there is (fairly) good signal to noise... There are a lot of very intelligent people (experts, even) reading /. and weighing in with their opinions. Why do you read it?

to vivify..

[RoLlEr_CoAsTeR]

Well, this is an interesting use of the Slashdot Community. We've taken a small step from a 'Feedback' community to actually generating stories. This could actually lead to something interesting..

So, they're writing an article about cyberterrorism using the /. community as source. Next thing you know (and this was actually my first thought, upon seeing the JIR article post), "someone" (person, corporation, organization, etc.) will come in and do a psychological study of how the /. community works....
(and of how close I get to being kicked out at times, I'll imagine. :-)

But seriously, that would be interesting; for /. to become so influential that they decided to analyze and model us, and to encourage more groups to share as we do (except for some of the crankier posts, which I'll admit I've made some of myself... sorry!)

just my penny for the day

Re:to vivify..

Next thing you know [...] someone [...] will come in and do a psychological study of how the /. community works...."

already in progress. . . .

Wow!

[Enoch+Root]

Wow! This is wonderful, wonderful news. I was already amazed at Jane's request of Slashdot users to contribute their opinions on the original article, but this?

Clearly, Jane is top of their field for a good reason. They know how to innovate and pick up their source from new, yet very pertinent origins.

I sincerely hope that other companies follow this trend. Slashdot is a watering hole for many experts on various subjects, and that, and not prestige or visibility is what determines the validity of an opinion!

How many can claim to pay for good information, even if it comes from someone posting as "Anonymous Coward" on a public bulletin board?

I applaud this, and hope we see more of it in the future.

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

Please read more carefully.

[Xar]

The article will thus go into December issue (published middle of November), I'll arrange to have it put onto the free section of the Jane's Intelligence Review website (yes, you do all get to see it, of course), and if you find your comments included, contact me at johan.ingles@janes.co.uk for payment at our usual lineage rates (yes, of course you get paid - after all, we are gentlemen).

Note the line: if you find your comments included, contact me at ...

No one is going to be giving out anyone's email address. It is up to you to claim responsiblity for your comments, should you find them in use.

I hope no one abuses Jane's generocity; they are acting in a very responsible and classy manner, as far as I'm concerned.

--Xar

Re:Please read more carefully.

[WNight]

Yes, they are. They don't have to pay for the right to quote you. After all, to the extent that a person owns copyright on their speach, quotes are almost always covered under fair use.

They're doing it because they can afford to be 'fair'. After all, if they're not running the one article, and are getting a good article in its place, they can afford to pay the people who wrote it. Especially because having 100k+ geeks on your side is a lot better than the alternative. Especially after they've helped you write an article on cyberwar. :)


But yes, it is nice of them. We see so many article, on /. and in regular news, about companies going the other way, and ripping people off at all oportunities. It's nice to see that not everyone is like that.

Kudos

[Hermetic]

Jane's has always been the definitve source of military intelligence for the layman. Now that CyberTerrorism is approaching reality, Jane's will have to maintain their stanards in a new field.

I am personally delighted that Jane's refused to contribute to the general FUD campaign that the mainstream media. It is refreshing to be able to find a publication that is willing to go to the source (pun intended) tp get it's information.

I can only hope the Znet, Dvorak, CNN and [insert FUD factory here] take notice and try to make a new trend.

Re:Kudos

[Anonymous+Freak]

Not only is Janes used by the layman, but it is almost required reading for people in the know. When I was in the Air Force, we used Janes books more than our own intelligence reports. (4 years, not intelligence service.) I know a professor of mine who was in the CIA for 20+ years, and he swore by their Defence Review (among other publications.)

Somebody Should tell CNN

[El+Puerco+Loco]

someone should notify the major news services about this, it sounds like something they would pick up. Not that Slashdot needs the publicity, but it's a cool story that demonstrates the value of open discussion about these kind of things.

^. .^

Newspaper - editors + 50k reporters = /.

[Wah]

It tool all of one visit to get me hooked. Great content, funny crackpots, expert opinion, hey look Ma, it's "New Media"!

It's right to say, No!

Slashdotters should not except any money from Jane's. If Jane's wants to be generous and express their gratitude, the money should go to the Free Software Foundation. Why? Because what you have witnessed by your contributions, is the model that FSF has developed for OpenBooks. We'll never see free open books if people are gonna worry about getting paid or not for their contributions. And, don't Jane's readers have to pay to read Jane's. Jane's should be free, too! for everyone!

Re:sdfgs

[jfernie]

And to get paid for that! Is there an acronym for lauging-so-hard-it-hurts?

Infinite Loop Warning!

[turg]

Well, it's great to see Slashdot used as a resource this way, but this could skew the whole continuum.

Slashdot consists mainly of references to news stories and commentary upon those stories. If people start writing news stories based on the commentary found on Slashdot, the whole world of journalism could implode.
-
<SIG>
"I am not trying to prove that I am right... I am only trying to find out whether." -Bertolt Brecht

Now this is cool...

[smoondog]

I think this could be a very cool way to get points accross and to explore new subjects. Although I think it is pretty commendable that many of the users answered so well. Usually, there are so many flames (ala M$ vs Linux debates) that the readers tend to just turn it all off.

Perhaps the /. guys could learn something from all this.

-- Moondog

Payment expected?

I hope the denizens of Slashdot don't take this as a signal that whenever they're quoted in the mainstream press they deserve compensation.

--B

Actually...

[Darksky]

..the reason they gave up on the old article is that some CyberTerrorists cracked their box and deleted it!
hehe.. Seriously though, a VERY classy move by Jane's.

Clarification

[nitehorse]

I'm sorry that I wasn't any clearer; what I had meant was (and you are correct; the original BO only *did* work on Win9x) WindowsNT. NT implements a different "security" model than Win9x; it supposedly grants each user their own user space similar to the way that users are limited on a *nix system. BUT, if a regular user under NT (read: non-Administrator/root) executes the BOserver (which makes the machine vulnerable), then the system is totally vulnerable over the Net or the local network. Under Linux, at least, I believe it would be extremely difficult to create a program which manipulated the user permissions so easily. And true- it will be that way in the future with linux, but it is generally regarded bad security practice to stay logged in as 'root'.... I don't.

So the point I was trying to make is that by standard API's a remote user can have administrator status while the local one can't, under NT (which is rated C2 network secure! Remember? Oh, wait- that was NT3.51, and it was disconnected from a network.......) And you are absolutely right, that under Win9x the user is given admin access. More bad security. Tsk tsk tsk on M$... but ah well, not my problem. The thing is, normal Joe Linux User (if using the system, not administering it; i.e., logged in as 'joe' and not 'root') would not be able to cripple the entire system or open it up to remote vulnerability by simply downloading/executing the security update.

Re:Clarification

I'd tend to install a security update as root...

Re:Clarification

But do you update your system with software attached to an e-mail from root@linux.org? I don't. I don't even update my system unless something brakes (or some serious security alert).

If it ain't broken, don't fix it.

call me paranoid, but

nsa to janes: we need to track these astute people, but they all use pseudonyms!

janes: lets offer them money and find out where they live...

Possible deception: identify "experts"

[salsa]

Too me offering to pay contributers seems almost too nice. Has anyone considered the possibility that this has been a ploy to identify potential
cyberterrorist.

1) Appeal to there need to "set the record straight."

2) Offer some money to expert contributers, but require personal info to "deliver" it.

3) Compile list and submit to CIA, FBI, and cyberterrorism headhunters. (There has got to be some out there, and who better to know them than Jane's)

Re:selling out to the man

[Sylvia]

i dislike and i resent your expression here which is basically an insensitive hate crime ... just when /. was looking so good too ...

Factual Content, It's Their Style

[ronmon]

When I was in the USAF Security Command (way back, only one 4 year hitch) we had shelves full of books to help familiarize us with foreign aircraft. Nobody ever opened any of the "official" government pulp. We always reached for Jane's All The World's Aricraft. This is a class act on their part and has consistently been thier style through the years. Hats off. RonMon

Re:Expert Opinion

(offtopic)
somebody prove the usefullness of Perl to me, and write a script to translate this shit :-)

Slashdot needs a publicist

Now that slashdot is going to be a publicly-traded stock and the commercial side of the community is being managed, slashdot may really benefit from a real publicist. In the corporate world, there are these PR hacks that run around trying to get their clients to be used as sources for articles so it promotes the client as a significant figure in that industry. Since slashdot is an amalgamation of specialists throughout all branches of the IT world, a PR specialist could easily replicate this JANE article phenomena on a regular basis. Heck, it would be a much more credible source to see in articles than always seeing Jupiter Communications quoted on everything under the sun! sjohnson||AT||smart.net (remove the ||AT|| for electronic correspondence)

They should send AC lineage to /.

[Evil+Poot+Cat]

If they're going to pay lineage, then why not help fund /. with the Anonymous Coward rates?

_______________________________

Re:They should send AC lineage to /.

[daviddennis]

Check out the andover.net public offering prospectus.

/. doesn't need the money anymore. :-)

D

----

One small problem for Jane's....

[Evil+Poot+Cat]

"...if you find your comments included, contact me {snip} for payment at our usual lineage rates..."

This probably means they'll get /. 'ed a new way: 50 people who posted X idea, looking to get paid. :) They should directly attribute quotes/info to specific posters. (AC's get paid to /. :)

____________________

Charity

[MindStalker]

Hey, I wonder if we could get Rob to get Jane's to donate all the AC and unclaimed post to a charity.
As well as encourage any claimers who don't need to money to throw it into the pot. Would be a great thing to do. Definate opportunity for a slashdot poll!!!

Re:Charity

[Etyenne]

Great idea ! Although I have'nt contributed to that particuliar discussion (thus, this is not my business), may I humbly suggest the FSF as the receiving "charity" ?

(fairly) respected?

[Don+Negro]

Jane's is about as authoritative as it comes.

Don Negro

QNX for the Military

[Mike+Cornall]

Linux is my O/S, and the O/S I'm pushing to become dominant in homes and businesses.

However, for military hardware (e.g. battleships), I suggest that a microkernel imbedded O/S, such as QNX or VxWorks, would be the proper solution.

The beauty of a microkernel O/S is that it is made up of small modules, each of which can be independently verified to work perfectly.

Now, Linux offers similarly high levels of security, and reliability, through Open Source, and the intense review of thousands of developers. The military, on the other hand, will most certainly want to keep their source to themselves (wisely or not), and will want to do their own reviews.

The other advantage of a microkernel imbedded O/S, for military applications, is that it's better suited to real-time guaranteed-response systems, whereas a more monolithic O/S such as Linux may offer better peak performance, as is generally required by a PC user.

Re:QNX for the Military

[Kintanon]

Linux is my O/S, and the O/S I'm pushing to become dominant in homes and businesses.

However, for military hardware (e.g. battleships), I suggest that a microkernel imbedded O/S, such as QNX or VxWorks, would be the proper solution.

The beauty of a microkernel O/S is that it is made up of small modules, each of which can be independently verified to work perfectly.

Now, Linux offers similarly high levels of security, and reliability, through Open Source, and the intense review of thousands of developers. The military, on the other hand, will most certainly want to keep their source to themselves (wisely or not), and will want to do their own reviews.

The other advantage of a microkernel imbedded O/S, for military applications, is that it's better suited to real-time guaranteed-response systems, whereas a more monolithic O/S such as Linux may offer better peak performance, as is generally required by a PC user.


I'm the resident Geek for a manufacturing plant and here if we have down time we lose money out the yang. We use QNX on our ciritical production systems such as packing equipment and mailing systems. It is extremely stable and very easy to work with once you learn it. It's enough like Unix/Linux to make the transition pretty painless. I would definately second this recommendation for military usage, though since that part of our system isn't connected to the 'outside' I can't say anything for its security.

Kintanon

Re:QNX for the Military

[WNight]

For my money, exactly right.

Use verifiable (or, as verifiable as software EVER gets) micro OSes for the important stuff.

Use WinNT, etc, boxes for generating non-critical reports based on the output from the real systems.

Re:QNX for the Military

[GooberToo]

I completely agree. QNX would be my first choice for them. In no way, shape, or form, should they be using something like NT for anything that could fail and cause the loss of life. QNX is used from powerplants to stop lights. It's proven to work in high risk environments. NT hasn't proven to work. It REALLY angers me to see my tax money completley wasted without a thought like this. Especially, by the military's own admission, had NT been forced though the normal qualification channels, it would have never passed.

Cringely

[TAiNiUM]

Good ol Bob Cringely has a few thoughts about the whole Jane's event:

"Maybe this was in the minds of the folks at Jane's, the British publisher of defense information, who this week threw their cyber terrorism research at the nerds who read Slashdot, hoping for some inexpensive proofreading to keep Jane's from making their own big mistakes. This is an interesting idea but ultimately flawed, I think. The only way to write the news is to write the news. You have to do it the best that you can then take the heat, because the censorship of the nerderati is still censorship. That's why newspapers make corrections."

Obviously he wasn't aware that Jane decided to publish the /. posts when he wrote this article, and I'm just dying to hear what he has to say about it.

Censorship? Nobody told Jane's they *couldn't* post that crap, we simply informed them of it being such a bad idea :)


http://www.pbs.org/cringely/pulpit/pulpit1999100 7.html

Incentive for more thoughtful posts?

This could be good for /. as a whole. Perhaps people will think a bit more and make a bit less noise if they know that there is an opportunity for their thoughts/posts to be bought!

Re:The morons at Ziff Davis should be reading this

You want the Ziff-heads to read it? Just shove a copy of it up Bill G's butt.

The poor author...

[Evro]

"Hi Jim? This is Tom, over at Janes. That article you wrote on cyberterrorism? ... Yeah, that one. Listen, we decided that it sucked so we're not going to run it after all. ...Well, in its place we're going to compile some articles from Slashdot. ... Slashdot, you know, the website? ... well the comments were much better than the article... Jim?"

Maybe this is a sign that Slashdot is what journalism will be like in the future.

Jane's

People of Jane's are mythomaniac, guns loving, Tom Clancy reading lunatics.

And now we know where they get all the "facts" they publish for the various paranoid sociopaths that read them : any anonymous "source" on the internet is entitled to be taken more seriously than their own "research"

Intelligence my *ss.

Payment from Jane's

[Bolero]

Please excuse the contents of this article and don't mistake it for pure flamebait (although it is a bit of one).

*begin rant *

The attitude expressed by the Slashdot community is now at an all time high hypocrisy level.

Usually /. readers are always pushing for the ideas of freedom in software and in the press. (Look at how many people use and appreciate Babelfish and NYT Online). And these same people gripe when they have to pay for either software or news.

Now with this Jane's article, these same readers are all about "GIMME THE MONEY!!!" It seems to me that they have totally forgotten about their roots in the open source community, and especially about the roots of Slashdot in Open Source. CmdrTaco and the rest of the /. admins have given us a great forum to express our ideas and knowledge concerning Linux/OpenSource/Anti-Microsoft, and they have given it to us for free.

Now when Jane's is offering to pay, everybody forgets about the altruism of this community and are only looking out for themselves..

If the readers of Slashdot were more concerned about the OpenSource Community than their own pocketbooks, they would either refuse to be paid for their contributions or ask that it be donated to a OpenSource/FreeSoftware committee/foundation/company/group.

I am not a true hacker by any means, and I probably don't get paid anywhere near what a good programmer gets paid (I am a lowly word processor), but I would ask that my share of money go to some group that needs it more than I.

*end rant*

I implore all /.ers that have money coming to them..... please don't ask for it. Or, ask for it to go to (as another poster said) FSF or some other foundation. Let's show the Jane's people what Open Source is really about.

Re:Payment from Jane's

[jflynn]

You know, if someone donates the money to a charity I'll think very well of them. I agree with you that much.

Open source isn't about free beer though. It's about open access to the source for verification and modification. Freedom to innovate, as Microsoft would say. Nothing in the GPL prohibits charging for software, though obviously it makes it more difficult.

This confusion, that money is evil, and charging for software (or writing) a sin, is damaging. Hiding software bugs, leveraging protocols for monetary gain, those are evil, not money paid for honest work.

People have to live you know. I've been selling software for nearly 20 years. If you expect me to start giving it away to corporations and flipping hamburgers for a living soon, please think again.

Someday, when everyone's basic needs are all automatically supplied by self-repairing machines, you can rant against paying for value. Until then open source needs to remain a *gift* economy - things are freely given as and when the giver desires, not on demand.

Re:Payment from Jane's

[blowdart]

Well the first thing I thought when I saw money was oh Children in Need is around that publication date, and in the unlikely event of any of my flu addled ravings making it, I want my money to go to there.

For those of you that don't know what it is, it's an annual UK charity event, taking up a whole evening on BBC1, and raises an awful lot of money for children in the UK and in the 3rd world. So please think about donating there.

I wonder if we could get Janes to double the cash donated ...

Jane's didn't have a choice

It seems that some of you are surprised by Jane's reaction. The only thing this proves is the lack of knowledge of most on what Jane's represents. Let's face the facts : Jane's publishes other magazines than Intelligence review and their customers are, by definition, decision makers. (Jane's actually does more than publishing). Jane's can't allow themselves to publish anything that doesn't hold up because they would loose their reputation on it. Jane's could have run the story as is, but they would have lost of their prestige since: 1) Some readers, of jir, are versed in the matter. 2) A reader who would use this information as is only to find out that it was "wrong" wouldn't be happy about it (as indeed in those circles comptetion is ferocious). In any case, Jane's doesn't have a choice when it comes to tarnishing it's reputation, they make a living out of conveying the "right" information. Anything else isn't on the menu. Therefore there's no surprise here. Furthermore, as someone has already noted on the previous discussion, this very much looks like a sales pitch to get funding ... echelon anyone?

Re:Jane's didn't have a choice

[mrBoB]

Finally someone with a good comment/explanation about Janes choice. I read the (killed) article and it reminded me of articles written in lesser publications (fill in name) with perhaps a little more insight. Considering their target market (excuse the alliteration) they need to be providing relevant technical information. Personally, I think Janes needs to be preaching to the Gov't "Take your .gov and .mil stuff off the net." I'm tired of hearing that such and such group cracked the CIA or DoD or whatever. If they _must_ have an "Internet Presence," let it be only a small (486+Linux+apache) with a page that says welcome and maybe a little history. But then what would we have to read from Excite or Yahoo!. not that I have anything against Yahoo! but... :) BTW, ever notice how Yahoo! has 20 "articles" written by different people that have the same content, the exact same word and paragraphs but in different order? Is it just me?

Don't let me tangent.
Bob

"Cyberterrorism" isn't terrorism

Am I the only one who is tired of hearing the absurd term "cyberterrorism" bandied about? Doesn't it seem a bit preposterous to call a completely non-violent act "terrorism"? Let's get our terms straight, people: terrorism involves killing or causing great bodily harm to other people for political purposes. Getting unauthorized access to somebodies computer, or messing up their data, doesn't come close to that description or degree of harm. The term is "cyberterrorism" is sheer propaganda intended to stampede people into giving up ever more of their privacy and rights.

Re:"Cyberterrorism" isn't terrorism

[kannen]

I spent a couple minutes typing a few words into Merriam Webster's Online Dictionary According to our fair Webster's, terrorism is a means of using violence "to intimidate a population or government into granting their demands."

Because so much vital information is now stored in the networks of this world's computers, we would be silly or naive to consider attacks against these networks as something other than terrorism when such attacks are made by an organized movement with non-monetary motives (then its just plain criminal). Consider the ramifications of cracking the NYSE computers (economic ruin?)... Or perhaps networks associated with power utilities (chaos?).

The claim has been made that "cyberterrorism" is non-violent, but is that true? Although Webster's says violence is "an exertion of physical force so as to injure or abuse." Nothing on the internet is physical, so I think we have to consider the general intent of this word instead. In the cyber realm, I propose "violence" can only mean "an act intended to injure or abuse."

Perhaps I'm making an unnecessarily big deal about this, but terror can occur in many forms in a world which has so many levels to it. Fear is all that is necessary.

Re:"Cyberterrorism" isn't terrorism

Let's get our terms straight, people: terrorism involves killing or causing great bodily harm to other people for political purposes.

It does? Hmm. Where did you get that definition from? "The Golden Book of Politics?" There's a few problems with that definition:

(1) If someone desides to make a political statement by blowing up an empty gov't building at 3AM, isn't that "terrorism?" (Let's make believe that the security guard stepped out for a smoke and isn't hurt). Probably. No one was hurt or killed.

(2) I don't see a distinction between your definition of "terrorism" and war. Is there one?

Re:"Cyberterrorism" isn't terrorism

Wow. Dictionaries. The problem with 'cyberterrorism' isn't etymology, it's that these attacks don't scare anyone. Power at my house goes out 7 times a year, not counting this january :-), doesn't scare me a bit. If it were terrorists, I'd never know. Lots of people responded to the jane's article with good technical know-how, and it's good info for them, but there is sort of an issue of just what this 'cyberterrorism' stuff is.

What?!?

[Nathaniel]

Better to try and keep them in the dark as long as possible.

So you're suggesting some sort of Security through meta-obscurity?

No No No No No No No No No!

> "Instead I'm going to cull your comments together and make a better, sharper feature out of it "

If you don't understand the subject, don't write about it.

While the posts on /. were good at pointing out the flaws in the presented article, they are NOT enough to write a complete article with.

Better would be to get someone else (who is better qualified) to write the article. Have them read the original and the comments to get some ideas, and then post the new article for further review.

hey...how bout opening janes to /. readers ?

[Zurk]

Rather than getting paid it would be a helluva lot better if slashdot readers had a private username/password to the janes site to read the articles there. Some nice stuff goes on in Janes...and its a lot better than getting 10 bucks off them.

Lock that user down!!!

Offtopic, but I *have* to ...

Why spend your valuable time rebuilding machines that idiot keeps trashing. When this kind of thing happens more than once to me (call me paranoid) I start to think it is intentional.

I don't see why any user has root access to even his own machine. Lock that badboy down with access to only his own /usr/bin, mail and file directories!

Re:Lock that user down!!!

[WNight]

Quite right actually.

Well, maybe not about it being intentional...

But, people of the future don't NEED the ability to select all the files on the computer and drag them into the trash. And very few would want that.

What needs to happen, on a typical user's PC, is that they run in user space. And if they try to delete everything on the HD, everything goes, except the system and needed programs.

This could even be the recommended way for newbies to clean their system. ("Back data files up onto a disk or another computer, then select all the files on the HD and hit the delete key. Answer yes. Now run the installation programs for just the software you want to have.")

Important tasks could be suid to admin. If the user needs to format the HD, then they run the specific format program which does it. If they managed to install a virus, it would be unable to format the drive.


Sounds like a good idea to me.

And you don't tell the users that there's a super-user account that they don't get access to, you just tell them that it's got 'protection' against viruses and accidental deletions.

The truth is out there... Trust no one.

*sigh*
I guess all we'll have left after the X-files is Art Bell...

Freedom Fighting

[mikera]

Exactly comrade! What they call cyber-terrorism is in fact our glorious battle for freedom!

Let us embrace information warfare as our greatest tool to overthrow the crypto-fascist power structures that even now are throttling the planet with their software patents and mass-media mind control.

And at the end of our heroic revolution may we awake to a world governed by true democracy:

OPEN GOVERNMENT

All world policy shall be openly decided in a global peer-review process. The ultimate open source project shall be humanity itself!

Let there be no leaders but those who stand out by the wisdom of their arguments. Let there be freedom of speech, information and take-away pizza. Let no person claim software as their own, only that they may be recognised as a true guru and showered with admiration, gifts and exotic lifestyles in proportion to the soundness of their code.

The war has begun, brothers and sisters, log in and conquer!

Great! But....

[Rolan]

I think it's great that they are doing this, and they should be commended for it. But I couldn't help but notices that the artilce that was determined 'lame' here is still linked from the front page of their site....

Re:sdfgs

[Rational]

LSHIH.

No problem.

different kind of media

[Stalke]

This seems like the first time something like this has happened to the crowd here. We've always read the articles that have been pointed to which were written with the intent of making a profit for the publisher, not necessarily with makeing sure that the facts were right. Jane's is a different kind of publisher. Its in their best interest and actually their intent to get things right the first time and not post FUD.

A Problem though, even though this first encounter was a good one, how long will it be before certain members become experts and become inevitably become distant from the online community while still maintaining their expert status with the outside world. How can we make sure that this doesn't happen?

Re: Open (public) Collaboration

Just my .05

-- Ender, Duke of URL

Difference between opinions and facts

[harmonica]

I see your point but I think the original poster was talking about finding failures in the news stories that are discussed, not about topics like licenses where there is no 'right' and 'wrong', just opinions. If a linked news story contains flaws, they're usually found fast and get named by the slashdot community, that's the positive thing. Reading both the news stories and the comments, one can learn a lot.

I posted anonymous!

[Barbarian]

Damn, I posted a very long piece anonymously, because I was too lazy to log in.

Re:Expert Opinion

I fear ZdNet is overcome with envy and resentment of /. 's success that it has turned to espionage by means of juvenile displays in order to break up the integrity. Of course, their first choice was to hack into the system with the assistance of AntiOnline; however, they failed miserably, and was instructed by JP to utilize his most successful tactic yet.


Sorry, couldn't help taking a jab at them for obvious reasons...

Flow of Info...

Ok, let me add up what I've learned on Slashdot in recent weeks and see if I can get this straight:

• When the President wants info on cyber terrorism, he goes to the CIA.
• When the CIA needs info to give the president, they go to the NSA.
• When the NSA needs info to give the CIA, they go to Janes.
• And when Janes needs info, they go to Slashdot.

So anybody that makes it into the article is a presidential advisor.

=-)

Re:Well done, Jane's - will we see more of the sam

"What's so funny about peace, love, and understanding?" was written by Elvis Costello. Nick Lowe was the producer.

Logs

[Robert+S+Gormley]

Web Server Logfiles and Cookies.

Simple.

Or more accurately

[Robert+S+Gormley]

How many people took part in a "Crack This Machine" contest and didn't use it as an excuse to DoS the machine into death throes, which is what 99% of script kiddies did - thinking somehow it'll help them get r00t. a la irc, where splitting off a server can be quite advatnageous

Re:Or more accurately

[Lord+Kano]

DoS attacks just slow the machine down so it takes longer to portscan, check for weak passwords, and cgi exploits. Most unproductive.

LK

Re:Or more accurately

[Robert+S+Gormley]

Precisely :)

I just imagine teen script kiddies getting a hardon at being able to pump 100mbps+ of ICMP at a machine and somehow equating it with anything of value :)

The Slashdot Group

[wilkinsm]

* TV ad mode ON *

About to make your next corporate strategic decision?

Want to get ahead of your compeitors?

Looking to improve your corporate image?

Look no further. Call on:

* Insert slashing sound *
-- THE SLASHDOT GROUP --

We can help make your next decision a snap. We are free source finanical group ready to help you make those hard decisions. Our expert team of anaylsts are online 24 hours a day, and are up to date on all the lastest technologies and trends.

Your business in trouble? Don't wait! Call the

* Insert slashing sound *
-- THE SLASHDOT GROUP --

(OSF/FSF equal opportunity member. Some restrictions apply, Batteries not included. Price does not include plates title or tax. Some restrictions apply, see your local geek for details)

* TV ad mode OFF *

Why?

[Robert+S+Gormley]

Who are you to decide that the money should go to the FSF? What if I want my money?

So much for 'freedom'.

Government != Clueful

[kuro5hin]

And this tool (BO2K) is one of the reasons that governments worldwide don't use Windows. Period.

I worked (as a contractor) for DARPA for a while... That's the US Defense Advanced Research Projects Agency, yes, those guys who invented the internet. Guess what they standardized on? M$. We were constantly fighting with them because their (idiotic) MIS guy was a total borg. Nothing but NT, IIS, and ASP shall grace DARPA's network. And these are the guys who are supposed to know what they're doing.

So I don't know about worldwide governments, but here in the good ol' U S of A, we're still a pack of idiots.

There have been encouraging signs from certain US Gov't agencies recently however. Maybe the times are changing. But it's still, currently, rare to see a government office with anything but wintel boxen, as far as the eye can see.

----
We all take pink lemonade for granted.

Slashdot Bias

[BugMaster+ChuckyD]

Janes is a very well respected publisher, and their decision to use Slashdot as an "open source" on this topic is a great endorsement of the benefits of the Slashdot model. I think a little self back slapping on the /. community is in order here, there have been many examples of the negative side of /. (mass flaming to authors who were less than complementary to linux)

Anyone who reads /. on a regular basis is well aware of the bias here toward linux and OSS. However in the spirit of self congratulation and ego-boosting that this news brings [disclaimer: I did not contribute to the thread in question] I will point out there are quite a few intelligent and often well informed posters here. The bias on the part of moderators does not completely drown out the non-Slashdot-centric views.

I my self have been often moderated up and Im no OSS-zealot by any means! Im certainly not against it but I use a proprietary OS as my main OS (BeOS) and I don't beleive that OSS, despite its important contributions, will take over the world and have said so more than once in this forum. Ive even got a permanent score 2 rating, which I suppose is in part due to realtively frequent
+ve moderation.

The fact that the bias here is an open one, and that it does not completely drown out dissenting opinion (at least in many topics) shows that Janes was right in very carefully using this forum as a source for a topic that maybe /. is in fact uniquely qualified to have opinions on.

HOWTO: Community Editing/Writing

[kspett]

Two nights ago (or maybe it was last night, all that caffeine blurs lines between distinct time periods) I was reading the responses to Microsoft's "Linux Myths" publication. I read the top scoring comments and found that almost all of them were based on undeniably cold, hard information. Where backing information became ambiguous, such as our "anecdotal stories" about NT's uptime, slashdot writers comprimised, even when they knew they were right, in order to keep the overall validity of their arguments strong and impenetrable. I thought to myself, "Nearly everything Microsoft claimed in their paper has been proved false or invalid by very scientific observations, and the more opinionated statements Microsoft made has been responded to intelligently. I could take this statement from this comment, and this paragraph from this one and create an entire rebuttal report by compiling snippets of these comments.". Such a "compiled" (if I may use the term in a non-technical sense (; ) paper would certaintly be considered "Community Written" and would basically take one person's additional effort to construct. If a number of these compilations could be produced, we could put the "Slashdot Community Publication Repository" online.
Few issues:
Who would do the compiling? Would lots of people make them, and then moderators (possibly those with highest scores on comments?) would vote on them? Would the moderators themselves do that? Would the slashdot admins compile them? Would each comment's outline contain an identifier for each specific point he or she makes (Slashdot HTML tags?) and then would those clearly defined points be voted on?
Lack of sources. (Not to be confused with source code.) For a formal report to be compiled, saying things like "NT only gets C2 classification when not connected to a network." require specific proofs. Where did this information come from? All that stuff needs to have links to its original source whether it be AP Newswire, a Bugtraq report, or just a few steps of math to show what 99.9% annual uptime is. Even saying that 2 GB has been the swap file size limit should have a link to a man page somewhere (so it can be immediatly victimized by The Slashdot Effect).
Time. This compiling will take time. (Until AI Beowulf clusters of a thousand Linux boxes do it for us.) Will we care about this issue by the time we have a publication. Should we vote on which issues to pubish?
Rob's Ego. Should we let him bask in his own creation's glory? Should we have him keep a skull on his desk like Shakespeare did to remind him he is only mortal? Should he be required to take psychoactive medications? Should he, like the Pope (Pontifex Maximus (; ), be required to bequeeth all his worldly possessions to his orginization to keep him humble? (Dibs on server.)
Also, no doubt this change would effect our beloved Slashdot. I can see a few possible effects:
Reduction of stupid unneccassary, unintelligent comments due to motivations to have part of his comment cited in Compilation. I'm capitalizing it now... exiting!.(i.e., the writer would know that "Micr0$oft Sucks!" wouldn't be considered for publication.).
Community recognition. If we had such Compilations with citations and such, notable media would start refering to Slashdot Compilations for information and viewpoints on topics. (More often then they are now, even.) Slashdot's notoriety would grow, and so would its user base.
Slashdot Compilation Archives cds could be sold to accomodate the larger user base and traffic. We would need Rob to make his taxes public so we could make sure he isn't spending the Compilation Archives cds on his well-known crack habit.

In closing, I believe Community Writing could really enhance Slashdot as a whole. LOTS of places would have discussions forums, and Slashdot still would be. People would still debate, flame, respond, email and DoS each other based on their posted opinions. But Slashdot being the first to actually produce such valuable publications based on the knowledge base of its user would be a very first. [It is really too damn late and I have too damn much to do for school, etc. so I have not grammar/spell/content checked this. Deal with it.]


Kspett

Re:HOWTO: Community Editing/Writing

[bil]

Good idea, I'd suggest that when a suitable article is posted on /. the comments are compiled by a specified person who will hack them together into an article (preferably somebody with writing/editing experiance). The response article should then be posted back on /. for a peer review, allowing mistakes to be corrected (if the compiler is a writer then some sort of technical review to ensure reliabilty would be useful) and any corrections or suggestions added in (this process of rewrite-review-rewrite should be repeated as often as is thought necesary). When the majority response is good then the article could be issued (under some sort of open license of course :) as a kind of "official response from the /. community" and preferably sent out to as many news sites as it can.

This process should ensure responses are well written, factually accurate, well referenced (by man pages etc), and represent some sort of majority view of the community. If all of this was done under internet time a response could be compiled, reviewed and sent out within 2-3 days at most, fast enough to still be a newsworthy item.

Any profits made should go to the FSF (or maybe the Linus Torvald Fund for research into a cure for RSI, worth a vote I think :)

bil

Ahh, but consider the alternative

[babbage]

Isn't all media biased? Really? The press trumpets itself as this impartial, outside observer of events, never having an opinion, never pushing an agenda, always standing in the middle of things, equally considering both sides of each issue.

But is that really the case? Do you accept that self-assessment? For one thing, who ever said that each issue has only two sides? Who came up with that? Seems a little simplistic to me.

I for one don't buy it. Every little thing you say and do betrays bias, even if subconsciously. You mention this and not that -- why not? You cite this source but not that one -- how come? You talk a lot about this but seldom about that -- why?

Bias-free media is a myth.

Think about where your news comes from. All of the major news & media outlets in the western world are owned by about half a dozen conglomerates. They each run advertisements for their own products, and by so doing try to mold you to their veiw of how the world should be. ("Television shows are a tool to get people to watch more ads than the would ordinarily.") It might not be an explicit plan to manipulate things -- there may not be men in black suits & skinny ties saying who can say what about whatever -- but the people that find their way on screen or into print have demonstrated a willingness to play by the rules of their superiors. And in that way, the tone of the media is molded to the interests of those controlling the top of the pyramid.

That is what I love about Slashdot. There is no central control, or not much anyhow, and anyone from ESR to AC can speak their mind about anything. Is it perfect? No. Is it biased? Yes. But it's democratic -- we control it, not Rupert Murdoch, not General Electric. You and me. We control it. And the bias is not concealed -- we love Linux, we love open source, we want it to spread far and wide. First we had open source software, and it was great. Now, what is this? Open source news media? Hey alright, sounds good to me. We don't cringe from these things.

In my mind, this is the more honest and egalitarian model for the news media to follow. I love it. My only wish is that it wasn't so confined to technical matters -- or rather that there was, say, a kindred site with an emphasis on general news, international affiars, politics, the economy, whatever. As it happens, there is only one Slashdot, and it's all about nerddom. So be it.

May it blaze a shining trail for others to follow.

Slashdot the Distributed.Net of News?

[i22y]

Slashdot's such a great place for news because the best minds in the world (programmers, of course) get together and add their two cents to not only answer a simple question, but also to provoke thought and further questions...and also answers. The world is becoming like a Beowulf cluser, where each little part can add their two cents, and when you have 500,000 people adding $0.02, you end up with around $10k (just from a few pennies from a few people). It's a great step in the world of journalism, and I think this trend should continue in all fields of news. There are people out there who know anything and everything about something as obscure as....child psychology, and these people could culminate in a Slashdot-type forum to come up with a lot better answers about Columbine than CNN can give us (Props to Salon.com for their great piece!). Just a thought.... but IMHO this is a very positive turn for us "want-to-be" journalists who stare in frustration at their monitors, reading all the FUD on major news sites.

Open Discourse?

[Chuck+Chunder]

How about that?
The Great Chunder Page - Alcohol Induced Fun!

OpenTerror.org anyone?

Yeah, now we have open journalism, using the ideas of open source to cover cyber terror. That's cute. But that's nothing compared to ...

(sound of drums, marching boots)

OpenTerror.org !

Bringing the power of open source to the terrorist community! Bringing back the power to the masses!

Learn exciting things, by looking at GPL'd bomb plans. Discuss plane hi-jacking with other experts in OpenTerror forums. Bring your own ideas in and take part in one of our projects, or start your own! Join a OTUG [Open Terror Users Group] near you, or simply point your browser to:

OpenTerror.org

Who do you want to kill today?

(drums off)

How's that for an OpenSource IPO?

Re:OpenTerror.org anyone?

OpenTerror.org Who do you want to kill today? (drums off) How's that for an OpenSource IPO?

It's very umm... unorthodox. Usually companies do it in the opposite order -- first make an IPO, then "terrorize" everyone around.

;-)

Re:OpenTerror.org anyone?

[slykens]

I realize your comments are made completely in jest, however, as far something like hijacking an airplane, an open discussion forum would provide all kinds of ideas to the people responsible for the security of our air system, if they only took the time to pay attention.

True, it would give ideas to those who are less than stable, but if the information is in the open they will be forced to secure against it. Much like when an exploit is released.

sl

Look @ BYTE.com (was: HOWTO Community Writing)

[hvoss]

I don't know if anyone has looked at some of the articles on the (new) byte.com site. In recent weeks I read a few of them. Each and every one of them was based on readers comments and feedback. If they can do it, why can't we. But then again. If they do it, why don't we join them (or better yet, let them join us). As for structuring such editing. Maybe volunteers could send some kind of "Specialist in Topic X" list. When a suitable article comes along authors/editors can be chosen from these topic lists.
Hans Voss
---
When you give a man fire he's warm for a day.

I have this weird feeling.

[AftanGustur]

This "Community Journalism" is going to be the next big thing.


Just remember that it all started here on /.

--
Why pay for drugs when you can get Linux for free ?

Re:I have this weird feeling.

[pudge]

# This "Community Journalism" is going to be the next big thing.
# Just remember that it all started here on /.

Nonsense. This kind of thing has been going on about as long as journalism has been going on. What is unique about this, aside from the fact that you can slap two bytes in front of it so IBM can brand it as "e-journalism"?

Two points: Altruism and anonymity.

[CRConrad]

HeghmoH writes: "If anything, these people deserve more money, because they contributed altruistically."

Yeah, sure, in a way...

But if they are so altruistic, it's not *too* far-fetched to think that they might want to donate the money to charity, too, is it? IOW, to turn your argument around: Did they only do it "from the heart" as long as there were no monetary earnings in the picture -- but as soon as such a possibility emerges, they *do* want to get paid? What the heck kind of "altruism" is that?!?

The other point is that since these guys (probably very few, if any, gals) posted as Anonymous Cowards, they probably *wanted* to be exactly that -- Anonymous! Someone suggested using Web logs (and cookies, not that I'm sure how that would work) to track them down; and while that might be technically feasible, I wonder whether most ACs would think it was worth it. If /. is prepared to break their anonymity for this, for what else would they then be prepared to break it in the future? I'm fairly sure that if I had elected to post as an AC in stead of getting my own user ID, then I wouldn't want my anonymity to be broken so easily.

Especially since this probably isn't a fortune we're talking about, here. First of all, mr Ingles-le Nobel or somebody will have to edit all the comments into a coherent whole, and that person will then probably stand as the main auhor from Janes' point of view. You could perhaps even say that any payment to /.ers has to come out of the author's own pocket. Second, I don't think the fee as a whole is all that big -- the original piece they submitted was what, a few pages in a print magazine? What's the going rate for that; more than hundreds, but definitely less than tens of thousands of pounds; perhaps a thousand or so?

I would guess that for each quote -- a line or two apiece, perhaps a short paragraph, out of x pages? -- an appropriate remuneration, calculated as a corresponding percentage of the compiling author's reward (minus something for him alone, for the compiling and editing!) would come down to a few quid, perhaps a tenner or two. And I know that if I had contributed an anonymous comment out of the sheer goodness of my heart, then I would CERTAINLY rank the altruistic buzz of having the money donated to charity in my name (eh... non-name? :-) much higher than having my anonymity broken, just to receive such a comparatively paltry amount.


Christian R. Conrad
MY opinions, not my employer's - Hedengren, Finland.

Re:Two points: Altruism and anonymity.

[HeghmoH]

Ah, but you see, the post I was responding to advocated not just sending the money for the anonymous cowards to the FSF, but sending all of the money, even for those posts made non-anonymously, to the FSF.

I agree that the anonymous money really shouldn't be paid out. Even if it should, it can't. If slashdot's anonymous posting system is halfway not stupid, there will be no way to trace them back, and no way to prove who posted the comment.

However, for those who posted anonymously, give them their money! Even if their money should go to charity, it is their choice whether to do so or not! If you disagree, I point you to the bottom of every slashdot page, where it reads, among other things, "Comments are owned by the Poster."

Thus, Jane's cannot use these comments without the poster's permission, because the poster holds copyright.

I object not at all to the giving of this money to charity, but I object strenuously to the decision to do so being made by anyone but the authors of the comments.

Community writing:A Real Good Thing.

[renoX]

To summarise the way Slashdot function:
1) someone gives a pointer on an 'interesting' facts
2) /. readers comments the news, discuss. There are very knowledgeable post, insightful post and totally shitty posts.
3) thanks to the moderation system, you can have a really good S/N ratio, if you're in a hurry or not too interested by the topic you can just choose your moderation level so as to keep just a few post.

Jane's will use the comment of Slashdot readers to modify/re-create an article on the subject, an interesting move...

I remenber that one time, there was a series of post about XWindows, what's wrong with it, should it be fixed or replaced by Berlin or something else... While it was an interesting topic, the sheer number of interesting post was too much to read even with the moderation system... And I hope that someday someone will have the guts to make a compilation on the topic.

IMHO community writing or summarisation of particularly interesting topics is what could take Slashdot to a new level, being even more interesting.

I wonder what will happen: an interesting topic show up, lots of interesting posts happens, a courageous man make a summary of the good points and post it on Slashdot on a new topic, so lots of posts be posted again ... etc, etc.
A nice recursive loop, which may generate a reference FAQ on this particular topic.

Not new type of publishing, only the $$$

The community publishing aspect is not new. The $$$ aspect is! The howtos are community published. Bruce Eckel has been doing this for a while with his books (Thinking in C++, Think in Java). He puts the early version up and people send in changes. After publication, he puts the book online.

Currently there are early versions of the second editions of both books online. He has a form for comments on these.

P.S. Please send my check to: .... ;)

Injured software engineer wins against Mattel!

Uh, how about a /. poll then

[otis+wildflower]

?

New references...

[Stephan+Schulz]

Just wait for the first AFP or CNN message or congressional testimony reading "...according to /., an high-profile electronic think tank composed of leading members of the geek community"...