Another point: There is trust. There is a lack of any degree of trust whatsoever (the neutral point.) And then there is distrust--that is, not only do you *not* trust another human, but you specifically assume they are up to no good.
Automatically distrusting strangers is not reasonable and is anti-social. While it is naive to automatically trust a fellow human being, it is far worse to automatically distrust them.
Then, human beings who are worthy of trust never get the chance to prove their worth. Caution is fine, distrust is antisocial.
Locking your front door at night has nothing to do with distrust. Locking your front door at night is simple caution.
Now look--with my vocabulary, my sentence structure, and my diction, I find it interesting that you automatically take that same stance of superiority I mentioned in my first post--like your antisocial behaviour is somehow superior, that you'll profit more from it than by assuming the neutral stance until you have specific evidence to the contrary.
You're wrong, and the sad part is that you'll never know it, nor be convinced otherwise.
It is not reasonable to assume that every other human on the planet is out to get you. That's that paranoia I was talking about. Let me spell it out for you: You're not that important.
Sorry, looks like you're typically incapable of understanding the English language or even attempting to understand the perspective of someone you're conversing with.
Who says that the term "don't really matter" excludes "matters somewhat"?
Making reasonable effort to keep a password secret isn't anti-social, but giving it up to a lying scum who happens to be particularly good at preying on the trust of their neighbours isn't so stupid and evil as Slashdot geeks like to think it is.
Yes, let's do get things into perspective here. How is an automatic stance of distrust of a fellow human *not* anti-social?
...there is an underlying reason why people are predisposed to trust other people. I wonder if anyone's done any studies on whether such a predisposition is somehow an evolutionary strategy? Perhaps overall it's good for society to be cooperating instead of distrustful and angst-ridden?
Maybe *gasp* Stallman was right after all?
Protection from cheaters (con men) is fine and dandy, but perhaps the structures that require that level of protection are the problem, and not the people who are unnaturally forced to conform to security standards they don't want to?
I get such a kick out of all these Slashdot geeks sitting back, smug that their anti-social, paranoid behaviour makes them less of a target for con-men trying to "score big," while completely ignoring the corrolary: A lack of cooperation or trust in general means you don't get to reap the benefits of normal socialization.
I'm not sure which person is more sad: The one who trustingly gives away meaningless "passwords" to systems that are flawed and poorly designed anyway, or the ones who think they are somehow superior for being paranoid nutjobs about things that Don't Really Matter.
Many of you seem to think your systems are the target of every smooth-talking "social engineer" out there--get over yourselves. Nobody is interested in getting access to your porn-ridden home directories.
Kevin Mitnick's book was an interesting read, but he wasn't describing social engineering, he was describing a con artist whose prize wasn't money, but the thrill of lying convincingly to otherwise normal people. This is an asset? What the hell man? Here's an analogy that pops into mind: I can walk up to someone and sucker-punch them in the gut. Even the most seasoned martial-artists can be taken in by a sucker-punch. So what?! Should we all wander around in an extreme state of combat readiness? Should I be crowing about my own superiority just because I can sucker-punch a Ninjitsu nth-degree blackbelt god?
Once it's posted, it's public information. Sites that try to prevent others from caching their pages are living in an unrealistic dreamworld that doesn't include ISP proxies, browser caches, and multiple hops through routers.
In other words, they're morons. Just cache the data privately and ignore what you think the rest of the world thinks about it.
This was already thought of, as I've read it before, either in one of my SF books from my collections, or in one of the pulps--Asimov's SF or Analog or somesuch.
The idea was to implant these nanomachines into the brain to effectively make it immortal. I don't recall whether they worked proactively or just waited for the normal brain tissue to die, or whether the implant happened at birth or in old age.
And it's precisely that attitude that'll keep the Qmail exploit from being released until it's been thoroughly abused, used, and recycled.
After all, if I had a Qmail exploit, I'd be pretty smug about the fact that some paltry sum of money just Isn't Worth the knowledge that I got one over on all the people who think tiny cash rewards equal actual security. If he's so sure of Qmail, let him put his house up for the reward.
Youth these days! You give them an inch, they spam all over you.
Re:Location still matters, even with the Internet.
on
Salon Asks for Help
·
· Score: 2, Insightful
Uh.. that's because you're spread out over multiple locations, not because "location matters". You're comparing your own business, with spread-out employees, and a company that centralized in a horribly overpriced city.
The point was that they should've rented something out in a remote location instead of frittering away their money on an overinflated standard of living. You don't think they money they'd save by doing this would make up for the extra paperwork? Get real.
Please distribute the stories db when you go down?
on
Salon Asks for Help
·
· Score: 1
If Salong does kick the bucket, I (and I'm sure many others) would love to provide mirrors of the old Salons stories archives to a worldwide audience. Aside from basically making the Salon stories immortal by that favourite Linus trick--letting the rest of the Internet be your backup--it could prove to be a useful research tool.
Doesn't the windows key just bring up the start menu? What's the matter with control-escape? Easy.. and simpler than getting screwed in a deathmatch when you're right in the middle of five people, you realize what's going on and in your spinning, crazy, equilibrium-like death-throes your finger accidentally hits the Windows key and your whole game freezes while Windows gets paged back in and you die ignobly, making your team lose the flag, lose the round, and the $250 lan party prize that you drove for 20 miles to win, carried 100 lbs of computer gear up two flights of stairs, spent an hour setting up and making sure everyone was patched up to the latest revision of the games you're playing, updated their video drivers and GOD DAMN some punk seems to have run off with a slice of your FRIGGIN PIZZA..
As for your SMTP remailer, that's still insecure. If you ever implemented a mixmaster remailer you'd know this.
Let's say the police one day come knocking at your door. Let's say they've been monitoring your "secret" smtp server for a while and have recorded every byte of (encrypted) data along with precise timestamps that's ever gone through your server. The encrypted data itself might be meaningless--but consider what happens when they raid you and your friends' computers. Now they have data they can correlate.
And how do you know what will stand up in court? Are you a lawyer? Do you have case law experience? If they're monitoring the channel, they have your IP address. What makes you think you'll be "lost in the noise" of all the other transfers and the various control data passed back and forth? Sure it's not a guarantee of what you're transferring, but even if you do directory listings--that can (surprisingly) narrow things down to the point where it becomes obvious what you are downloading: especially if you do it by hand.
After all, in that case even just the timing of the control data can be a dead giveaway.
You're handing off tonnes of information for an attacker to base conclusions on, and your idea of encrypting such communications isn't as realistic as you think.
Two good books for you to read through are "Applied Cryptography" by Bruce Schneier, and "Cryptonomicon", by Neal Stephenson. The latter is dead boring until the end, but it does go through the motions with almost clinical attention to the concept of information warfare.
It tells you what the contents of the data is because you were talking about web-traffic. If it's real web-traffic, encryption buys you nothing: the attacker gets a copy of all the files and can correlate how much data you download to the most likely places you're currentyl visiting. It doesn't matter that your browser has keep-alive. The spikes themselves are the important parts--timing is everything.
If you're interesting in finding out why simple encryption is basically meaningless in applications like you describe (and I'm not talking about SSH sessions here--I never said anything about SSH--I'm talking about the situation you originally outlined) then take a look at the implementation of the cypherpunk remailers.
The more advanced ones send out junk data at regular intervals and then once this pattern is established, they can replace the junk data with real encrypted data provided the actual traffic patterns remain the same.
But your scenario--encrypted web traffic--was pretty nebulous to begin with. Perhaps if you were a bit more detailed, we could avoid further (apparent) misunderstanding.
I don't think the keyboard itself should have anything to do with key repeat rates. That's the job of whatever software is getting input from the keyboard.:-) IMHO.
The reason that keyboards haven't changed much is because they don't need it. If something is (almost) as good as it's going to get, why jerk around and try to make it better?
So what do I think is the best keyboard I've used and wouldn't bother trying to improve it? I've used everything from a VIC-20, TRS-80 keyboard, to those old IBM electronic typewriters, to a Fujitsu 4725 PS/2.
The Fujitsu cost me $70(CDN) and I swear it's the best keyboard I could've purchased. Not because it's the good ol' QWERTY layout with a nice big backslash right below the backspace (where it DAMN WELL belongs,) and not because it's the same layout that everyone's been using for decades (and is most comfortable with and thus fastest with,) and not because it's so indestructible it'd probably work well as a bludgeoning weapon in case I were ever attacked in my room:
No, not for all that. What makes this keyboard better than any other I've so far used is that this Fujitsu has *perfect* key action. It's clicky--but soft enough that it just *begs* you to type as fast as you can. It can take all the pounding you can dish out, and the tactile and soft audible feedback make it a real pleasure to work with.
All others pale by comparison and the amount of comfort and human convenience is mind-boggling. There's even room to put in tiny little fridges!
There is nothing better (that I've seen) than what these guys can do for you. A computer desk with air conditioning; a power swivel--for the whole desk just to track the sun (no sun-glare for you); specially-designed ambient lighting; ultimately adjustable seats! What more need be said? This Ask Slashdot is answered.
Linear Algebra, transformations, mechanics, the physics of rigid bodies are all great and very enjoyable when put into the context of computer software.
Something else that seems to capture my imagination (at least) is the physics of raytracing--materials, specularity, translucency, refractive indices, caustics, radiosity. It's all great stuff to learn in conjunction with OpenGL and DirextX. But what's state-of-the-art? What's the most advanced technique? Teach them some cutting-edge stuff pulled directly out of recently published papers.
Other things that are tremendously interesting are media compression types--wavelets, fourier transforms, etc.
That's not true--they can tell roughly what the size of files you're looking at, and if you're browsing, which files were triggered-downloaded--for example images embedded in web pages.
All this information makes it trivial to find out which pages you downloaded, when, and how long you visited.
The only thing it doesn't do so well is listen in on data you send. But consider--if they're listening to the tcp channel to the remote site then they can listen to outgoing tcp connectivity as well.--and correlate what information came in, and what information went back out.
You think a single encrypted channel buys you any privacy? Get real.
You're clueless. Nobody ever said they were a right. EVERYbody remembers that the original promises that the bandwidth providers made were "unlimited" and now the providers are reneging on those same promises.
They're lowering access speeds without informing their customers and without proportional drops in the monthly costs, and they're implementing hard caps and enforcing them (often without actually informing their customers of the new policies) with bandwidth police departments.
Tell you what, you zombie consumer sheep: Come back when you know what you're talking about, and everyone who knows exactly what the truth is won't laugh at your pathetic self behind your stupid-ass back.
You don't know what the hell you're talking about. They don't purchase bandwidth in units from their "upstream". They often *are* the upstream. Do you know what that means? People pay *them* for access to their backbone, and they have peering arrangements with other backbones. Traffic internal to their own networks doesn't cost them a fucking penny.
Christ you people. The cable companies are fucking raping you with bandwidth caps and poorer and poorer service--because they are a monopoly and can get away with it--and all you can think of is how much you have to pay for commercial bandwidth at colo centres.
(sarcasm) After all, if you have to pay $x for your commercial connectivity, that's the base cost for all bandwidth, isn't it?(/sarcasm)
...that the same wing was damaged slightly during take-off. Bob MacDonald is the host of Quirks and Quarks, and weekly CBC radio show. Since then I haven't heard much about it. Was it just pure speculation?
Since when do they have the right to "potential revenue streams" exclusive of our right to do whatever we want with the signals coming into our living room over the airwaves? And I suppose the fact that we're "not supposed" to watch foreign signals is enough reason to deprive us of the freedom to do so too, because it deprives local companies of revenues..?
And so applying your logic further--wouldn't it make sense to illegalize Walmarts because it destroys "potential revenue streams" of the local markets and businesses?
Fuck off with your b/s, you're just as clueless as your corporate master, consumer zombie sheep.
...especially the Well World series, which includes the following books:
Midnight at the Well of Souls (the best) Exiles at the Well of Souls Quest for the Well of Souls The Return of Nathan Brazil Twilight at the Well of Souls
There are newer ones, but the above are the original and best. The newer well-world series is kind of a sub-series and includes:
Echoes of the Well of Souls Shadow of the Well of Souls Gods of the Well of Souls
Another series, "The Changewinds" series is damn good and includes:
When the Changewinds Blow Riders of the Winds War of the Maelstrom
The next series that I enjoyed tremendously was the "Four Lords of the Diamond" series:
Lilith: A Snake in the Grass Cerberus: A Wolf in the Fold Charon: A Dragon at the Gate Medusa: A Tiger by the Tail
Another series I thought was very promising but that I wasn't able to find the other three four was the "Rings of the Master":
Lords of the Middle Dark Pirates of the Thunder Warriors of the Storm Masks of the Martyrs
--and those are the best ones that I read. A pile of others exist, too. Most of his novels have a kind of bittersweet happy ending, so in that light it's refreshing from the post-war, depressing evil big brother pulp. They're positive at the endings, which is *so* nice.
Slashdot Mirror
Another point: There is trust. There is a lack of any degree of trust whatsoever (the neutral point.) And then there is distrust--that is, not only do you *not* trust another human, but you specifically assume they are up to no good.
Automatically distrusting strangers is not reasonable and is anti-social. While it is naive to automatically trust a fellow human being, it is far worse to automatically distrust them.
Then, human beings who are worthy of trust never get the chance to prove their worth. Caution is fine, distrust is antisocial.
Locking your front door at night has nothing to do with distrust. Locking your front door at night is simple caution.
Now look--with my vocabulary, my sentence structure, and my diction, I find it interesting that you automatically take that same stance of superiority I mentioned in my first post--like your antisocial behaviour is somehow superior, that you'll profit more from it than by assuming the neutral stance until you have specific evidence to the contrary.
You're wrong, and the sad part is that you'll never know it, nor be convinced otherwise.
It is not reasonable to assume that every other human on the planet is out to get you. That's that paranoia I was talking about. Let me spell it out for you: You're not that important.
Sorry, looks like you're typically incapable of understanding the English language or even attempting to understand the perspective of someone you're conversing with.
Who says that the term "don't really matter" excludes "matters somewhat"?
Making reasonable effort to keep a password secret isn't anti-social, but giving it up to a lying scum who happens to be particularly good at preying on the trust of their neighbours isn't so stupid and evil as Slashdot geeks like to think it is.
Yes, let's do get things into perspective here. How is an automatic stance of distrust of a fellow human *not* anti-social?
...there is an underlying reason why people are predisposed to trust other people. I wonder if anyone's done any studies on whether such a predisposition is somehow an evolutionary strategy? Perhaps overall it's good for society to be cooperating instead of distrustful and angst-ridden?
Maybe *gasp* Stallman was right after all?
Protection from cheaters (con men) is fine and dandy, but perhaps the structures that require that level of protection are the problem, and not the people who are unnaturally forced to conform to security standards they don't want to?
I get such a kick out of all these Slashdot geeks sitting back, smug that their anti-social, paranoid behaviour makes them less of a target for con-men trying to "score big," while completely ignoring the corrolary: A lack of cooperation or trust in general means you don't get to reap the benefits of normal socialization.
I'm not sure which person is more sad: The one who trustingly gives away meaningless "passwords" to systems that are flawed and poorly designed anyway, or the ones who think they are somehow superior for being paranoid nutjobs about things that Don't Really Matter.
Many of you seem to think your systems are the target of every smooth-talking "social engineer" out there--get over yourselves. Nobody is interested in getting access to your porn-ridden home directories.
Kevin Mitnick's book was an interesting read, but he wasn't describing social engineering, he was describing a con artist whose prize wasn't money, but the thrill of lying convincingly to otherwise normal people. This is an asset? What the hell man? Here's an analogy that pops into mind: I can walk up to someone and sucker-punch them in the gut. Even the most seasoned martial-artists can be taken in by a sucker-punch. So what?! Should we all wander around in an extreme state of combat readiness? Should I be crowing about my own superiority just because I can sucker-punch a Ninjitsu nth-degree blackbelt god?
I call bullshit. Bull-effin-shit.
Once it's posted, it's public information. Sites that try to prevent others from caching their pages are living in an unrealistic dreamworld that doesn't include ISP proxies, browser caches, and multiple hops through routers.
In other words, they're morons. Just cache the data privately and ignore what you think the rest of the world thinks about it.
This was already thought of, as I've read it before, either in one of my SF books from my collections, or in one of the pulps--Asimov's SF or Analog or somesuch.
The idea was to implant these nanomachines into the brain to effectively make it immortal. I don't recall whether they worked proactively or just waited for the normal brain tissue to die, or whether the implant happened at birth or in old age.
Anyway, it's an old idea.
Just check out the capabilities. It might be the kind of thing you're after.
And it's precisely that attitude that'll keep the Qmail exploit from being released until it's been thoroughly abused, used, and recycled.
After all, if I had a Qmail exploit, I'd be pretty smug about the fact that some paltry sum of money just Isn't Worth the knowledge that I got one over on all the people who think tiny cash rewards equal actual security. If he's so sure of Qmail, let him put his house up for the reward.
Sheesh.
Youth these days! You give them an inch, they spam all over you.
Uh.. that's because you're spread out over multiple locations, not because "location matters". You're comparing your own business, with spread-out employees, and a company that centralized in a horribly overpriced city.
The point was that they should've rented something out in a remote location instead of frittering away their money on an overinflated standard of living. You don't think they money they'd save by doing this would make up for the extra paperwork? Get real.
If Salong does kick the bucket, I (and I'm sure many others) would love to provide mirrors of the old Salons stories archives to a worldwide audience. Aside from basically making the Salon stories immortal by that favourite Linus trick--letting the rest of the Internet be your backup--it could prove to be a useful research tool.
Who needs tabbed browsing in the browser when PWM can force netscape to be a tabbed browser?
Why all the eye candy? PWM--the lightweight, lightning-fast, capable Window manager.
Choose functionality over glitz--leave the glitz up to applets which, coincidentally, PWM also supports extensively.
PWM PWM PWM! Yea!
Doesn't the windows key just bring up the start menu? What's the matter with control-escape? Easy.. and simpler than getting screwed in a deathmatch when you're right in the middle of five people, you realize what's going on and in your spinning, crazy, equilibrium-like death-throes your finger accidentally hits the Windows key and your whole game freezes while Windows gets paged back in and you die ignobly, making your team lose the flag, lose the round, and the $250 lan party prize that you drove for 20 miles to win, carried 100 lbs of computer gear up two flights of stairs, spent an hour setting up and making sure everyone was patched up to the latest revision of the games you're playing, updated their video drivers and GOD DAMN some punk seems to have run off with a slice of your FRIGGIN PIZZA..
*pant pant*
My Windows keys are popped off every time.
As for your SMTP remailer, that's still insecure. If you ever implemented a mixmaster remailer you'd know this.
Let's say the police one day come knocking at your door. Let's say they've been monitoring your "secret" smtp server for a while and have recorded every byte of (encrypted) data along with precise timestamps that's ever gone through your server. The encrypted data itself might be meaningless--but consider what happens when they raid you and your friends' computers. Now they have data they can correlate.
And how do you know what will stand up in court? Are you a lawyer? Do you have case law experience? If they're monitoring the channel, they have your IP address. What makes you think you'll be "lost in the noise" of all the other transfers and the various control data passed back and forth? Sure it's not a guarantee of what you're transferring, but even if you do directory listings--that can (surprisingly) narrow things down to the point where it becomes obvious what you are downloading: especially if you do it by hand.
After all, in that case even just the timing of the control data can be a dead giveaway.
You're handing off tonnes of information for an attacker to base conclusions on, and your idea of encrypting such communications isn't as realistic as you think.
Two good books for you to read through are "Applied Cryptography" by Bruce Schneier, and "Cryptonomicon", by Neal Stephenson. The latter is dead boring until the end, but it does go through the motions with almost clinical attention to the concept of information warfare.
It tells you what the contents of the data is because you were talking about web-traffic. If it's real web-traffic, encryption buys you nothing: the attacker gets a copy of all the files and can correlate how much data you download to the most likely places you're currentyl visiting. It doesn't matter that your browser has keep-alive. The spikes themselves are the important parts--timing is everything.
If you're interesting in finding out why simple encryption is basically meaningless in applications like you describe (and I'm not talking about SSH sessions here--I never said anything about SSH--I'm talking about the situation you originally outlined) then take a look at the implementation of the cypherpunk remailers.
The more advanced ones send out junk data at regular intervals and then once this pattern is established, they can replace the junk data with real encrypted data provided the actual traffic patterns remain the same.
But your scenario--encrypted web traffic--was pretty nebulous to begin with. Perhaps if you were a bit more detailed, we could avoid further (apparent) misunderstanding.
I don't think the keyboard itself should have anything to do with key repeat rates. That's the job of whatever software is getting input from the keyboard. :-) IMHO.
The reason that keyboards haven't changed much is because they don't need it. If something is (almost) as good as it's going to get, why jerk around and try to make it better?
So what do I think is the best keyboard I've used and wouldn't bother trying to improve it? I've used everything from a VIC-20, TRS-80 keyboard, to those old IBM electronic typewriters, to a Fujitsu 4725 PS/2.
The Fujitsu cost me $70(CDN) and I swear it's the best keyboard I could've purchased. Not because it's the good ol' QWERTY layout with a nice big backslash right below the backspace (where it DAMN WELL belongs,) and not because it's the same layout that everyone's been using for decades (and is most comfortable with and thus fastest with,) and not because it's so indestructible it'd probably work well as a bludgeoning weapon in case I were ever attacked in my room:
No, not for all that. What makes this keyboard better than any other I've so far used is that this Fujitsu has *perfect* key action. It's clicky--but soft enough that it just *begs* you to type as fast as you can. It can take all the pounding you can dish out, and the tactile and soft audible feedback make it a real pleasure to work with.
Thank you Fujitsu, for making REAL keyboards!
A Poetic Desk!
PoeticTech Desks
All others pale by comparison and the amount of comfort and human convenience is mind-boggling. There's even room to put in tiny little fridges!
There is nothing better (that I've seen) than what these guys can do for you. A computer desk with air conditioning; a power swivel--for the whole desk just to track the sun (no sun-glare for you); specially-designed ambient lighting; ultimately adjustable seats! What more need be said? This Ask Slashdot is answered.
Linear Algebra, transformations, mechanics, the physics of rigid bodies are all great and very enjoyable when put into the context of computer software.
:)
Something else that seems to capture my imagination (at least) is the physics of raytracing--materials, specularity, translucency, refractive indices, caustics, radiosity. It's all great stuff to learn in conjunction with OpenGL and DirextX. But what's state-of-the-art? What's the most advanced technique? Teach them some cutting-edge stuff pulled directly out of recently published papers.
Other things that are tremendously interesting are media compression types--wavelets, fourier transforms, etc.
Well I think so anyway.
200% every what? Month? Year? Decade?
Come on you guys. Why are you posting here at all?
That's not true--they can tell roughly what the size of files you're looking at, and if you're browsing, which files were triggered-downloaded--for example images embedded in web pages.
All this information makes it trivial to find out which pages you downloaded, when, and how long you visited.
The only thing it doesn't do so well is listen in on data you send. But consider--if they're listening to the tcp channel to the remote site then they can listen to outgoing tcp connectivity as well.--and correlate what information came in, and what information went back out.
You think a single encrypted channel buys you any privacy? Get real.
You're clueless. Nobody ever said they were a right. EVERYbody remembers that the original promises that the bandwidth providers made were "unlimited" and now the providers are reneging on those same promises.
They're lowering access speeds without informing their customers and without proportional drops in the monthly costs, and they're implementing hard caps and enforcing them (often without actually informing their customers of the new policies) with bandwidth police departments.
Tell you what, you zombie consumer sheep: Come back when you know what you're talking about, and everyone who knows exactly what the truth is won't laugh at your pathetic self behind your stupid-ass back.
You don't know what the hell you're talking about. They don't purchase bandwidth in units from their "upstream". They often *are* the upstream. Do you know what that means? People pay *them* for access to their backbone, and they have peering arrangements with other backbones. Traffic internal to their own networks doesn't cost them a fucking penny.
Christ you people. The cable companies are fucking raping you with bandwidth caps and poorer and poorer service--because they are a monopoly and can get away with it--and all you can think of is how much you have to pay for commercial bandwidth at colo centres.
(sarcasm) After all, if you have to pay $x for your commercial connectivity, that's the base cost for all bandwidth, isn't it?(/sarcasm)
...that the same wing was damaged slightly during take-off. Bob MacDonald is the host of Quirks and Quarks, and weekly CBC radio show. Since then I haven't heard much about it. Was it just pure speculation?
Since when do they have the right to "potential revenue streams" exclusive of our right to do whatever we want with the signals coming into our living room over the airwaves? And I suppose the fact that we're "not supposed" to watch foreign signals is enough reason to deprive us of the freedom to do so too, because it deprives local companies of revenues..?
And so applying your logic further--wouldn't it make sense to illegalize Walmarts because it destroys "potential revenue streams" of the local markets and businesses?
Fuck off with your b/s, you're just as clueless as your corporate master, consumer zombie sheep.
...especially the Well World series, which includes the following books:
Midnight at the Well of Souls (the best)
Exiles at the Well of Souls
Quest for the Well of Souls
The Return of Nathan Brazil
Twilight at the Well of Souls
There are newer ones, but the above are the original and best. The newer well-world series is kind of a sub-series and includes:
Echoes of the Well of Souls
Shadow of the Well of Souls
Gods of the Well of Souls
Another series, "The Changewinds" series is damn good and includes:
When the Changewinds Blow
Riders of the Winds
War of the Maelstrom
The next series that I enjoyed tremendously was the "Four Lords of the Diamond" series:
Lilith: A Snake in the Grass
Cerberus: A Wolf in the Fold
Charon: A Dragon at the Gate
Medusa: A Tiger by the Tail
Another series I thought was very promising but that I wasn't able to find the other three four was the "Rings of the Master":
Lords of the Middle Dark
Pirates of the Thunder
Warriors of the Storm
Masks of the Martyrs
--and those are the best ones that I read. A pile of others exist, too. Most of his novels have a kind of bittersweet happy ending, so in that light it's refreshing from the post-war, depressing evil big brother pulp. They're positive at the endings, which is *so* nice.