The benefit of a hardware standard is not immediately clear to me...
1.) Normally, software encryption stores the keys in main memory, where they can be stolen by an opportunistic virus, or someone running your system image in a VM.
2.) As I haven't (yet) read the standard, I cannot say this is the case, but it is possible that the disk uses the hash of your password as the key. As such, the key is never visible to the CPU at any time, and can't be compromised by viruses or VMs. Furthermore, such a scheme is more immune to cold-boot attacks where the residual RAM image can be used to recover the key.
Is the interface still five years ahead of Microsoft Windows? It's hard to tell from the screenshots.
I remember seeing features in KDE several years ago that would later show up in Vista.
KDE is one of the few truly innovative projects in the open source realm - they're actually moving forward and trying new things rather than trying to clone existing products. Which is what we need more of in the open source realm.
Right now, I'm in the process of filing appeals and interviewing lawyers because my health insurance provider did not cover our son's birth. If insurance companies are willing to cheat their customers on matters as routine as childbirth, what makes you think they would treat a truly expensive condition any differently? Do you really believe that a for-profit corporation will pay a claim if they think they can get away with denying it?
Your friend would probably not have a prosthesis either way. Except now he can skip the several year litigation cycle and exorbitant legal fees.
All large commercial aircraft come equipped with automatic pilots which can land the plane in an emergency. Taking off again is largely just an exercise in FAA regulations and the proper engineering. (IOW, because there's little demand for the feature, and the FAA doesn't require it, Boeing, et al, have not implemented it.
When programmers are expected to get it right the first time, just like engineers.
I kind of hate to the harbinger of bad news, but ever since Microsoft managed to convince people that software defects were a *normal* part of computer operation, the chances of holding companies accountable for bugs, security breaches, etc... have gotten vanishingly small.
Not for a 50 year project. The NAND flash used in SSDs has a variable lifespan - I'm thinking that it is not rated much beyond 10 or 20 years, if it is rated at all. Most of the NAND flash work has been directed toward increasing the number of useful cycles, not ultimate retention life. Regardless, it's not as if one can buy an SSD knowing the rated life of the chips these days.
Most of the EEPROMs used to store the BIOS code only have a rated data retention lifespan of 10 or 20 years. In 50 years, it would likely not even be able to boot.
But even should your EEPROM remain intact, the other problem is getting that hard drive spindle which has remained stationary for 50 years spinning again.
Having followed class action suits before, the outcome most likely is that the lawyers will get paid exorbitant fees, and the plaintiffs will get discount coupons for their next Windows upgrade.
Discount coupons and vouchers are the way almost all class action suits are resolved. Very seldom do the plaintiffs actually recover monetary damages.
Most VOIP uses UDP, which, *by specification* does not guarantee delivery timeliness, order, or that the packets will even arrive at their destination. It's strictly a fire and forget protocol, and this should have been understood from the outset. While I understand the advantages it brings on well-managed networks, and the value it has for those who can tolerate dropped speech and calls, it should not be thought of telephony, as it is nowhere near as reliable as conventional POTS networks.
Even for VOIP designs which use TCP, or other delivery assurance mechanisms, IP itself does not guarantee a maximum latency. While the network provider may be able to manage latency, and even guarantee it for a given segment of network, there is currently no way to guarantee a maximum latency when travelling outside the provider's network. Furthermore, even if there existed a protocol mechanism which provided definitive latency management, the fact remains that most ISPs do not make latency, or even *bandwidth* guarantees. Building a realtime voice application on such an infrastructure remains risky, at best.
The common customer, who grew up with phone lines, does not understand how IP networks work, nor why a common internet connection is not going to provide them with a 100% reliable connection. Instead, they're going to expect the network to fully support realtime voice, because, "I've got up to 6 Mbs, and this VOIP phone only requires 128kbs connection..."
I don't mean to rip on VOIP, but the technology was designed for networks which can, and do, guarantee max latency and min bandwidth. This excludes the majority of residential broadband and DSL customers. Yet the VOIP companies conveniently forget this in their advertisements. It really isn't the ISP's problem, because they are delivering the service advertised.
As a physicist, this whole thing has been an embarrassing reminder of just how bad physicists are at public relations...
Take heart, your peers in climatology and meteorology haven't been able to convince the US that global warming is real, in spite of the fact that several key politicians picked up the cause.
If being unable to convince people that a black hole *won't* happen is the worst you've done, count your blessings.
We were told we had to obey all lawful orders. We were instructed that we were duty bound to disobey any order which violated the UCMJ. IOW, we didn't have to obey an order to torture someone, because it was against the Army's policy at the time.
Well, that was before the Bush White House.
The way I always thought of it was simply, "Could an officer make a case against me for refusing to obey this order?" In almost every case of torture or improper treatment, the answer would be no. In almost any other case, the answer would be yes. I'm not aware of any officer who would even attempt to justify an order to torture or kill prisoners to his superior. In fact, it just so happens that in the Marines, the case of Lt Col Chessani shows just the opposite. Some of his Marines ended up killing civilians in Haditha, and he's now on trial for it. Had any of his subordinates admitted to ordering the killing of civilians, he most certainly would have had them court-martialled for doing so.
Apparently, the bank has no problem with lending me a substantial sum in his name.
But on a more serious note, I think the problem is that our so much of our society relies on a mere secret combination of name and numbers to prove identity. PKI provides a much more secure means of proving one's identity than merely relying on a (presumably) secret combination of numbers known by one's employer, banker, credit card company, and several government agencies as well.
Is Microsoft Windows right for you? Take this survey to find out:
Am I too dumb to figure out to order Windows when shopping online for a computer?
Am I unable to get into a regular college, and must settle for a technical college instead?
Do I believe everything a Dell rep tells me?
Will I drop out of college if my computer breaks? Do I have no friends or relatives with computers of their own that I might use, or am I religiously opposed to using an internet cafe or the library? Do I even know what a library is?
At first I thought this might be a Microsoft plant, until I realized that even Microsoft is not that dumb. I think what most people are going to take away from this is that if you're stupid, you have to use Windows, and that Ubuntu is the new big thing for the hip pc users.
We don't want drunks behind the wheel. That's why we need to see the source code to the breathalyzer. It could also be that drunk drivers are getting off the hook because the machine malfunctions and indicates a lower BAC than actual. Software bugs work both ways.
I, for one, am not comfortable trusting something like a DUI conviction to a few dollars of electronics. If the device cannot be independently verified to work correctly, then it shouldn't be used for legal matters. A DUI conviction can ruin a person's life, and is not something to be taken lightly.
There's this little thing called the 'full faith and credit' clause in the Constitution. Basically, it says that one state has to honor another state's legal covenants - you know, things like driver's licenses, marriages, etc...
But one of the applications of it is that one state will now honor another state's arrest warrants. If you're wanted for robbery in Illinois, you can't avoid prosecution by merely hopping across the border to Indiana.
So, you combine the effects of the Internet and this bad law, and you get a really bad situation. You, posting to your blog in Illinois, can be arrested during a routine traffic stop and shipped to South Carolina, because someone there read your blog, thought it vulgar, and filed a complaint.
The unfortunate reality in today's world is that from a firm's perspective, it is more advantageous to recognize the problem employees than the outstanding performers.
If your personality test can reliably indicate who the top performers are, then your employees could use this information to negotiate a better salary. OTOH, if the test is only capable of weeding out the personality problems, then you have good grounds for not hiring someone you strongly suspect is a problem candidate. This is even more important when the problem candidate is a minority with a propensity for litigation.
I too, really hate personality tests. But they are useful from an employer's perspective, and serve to put you on notice that your employer is NOT going to be your friend. In a way, a personality test says a lot more about the employer's attitude toward people than you'd ever be able to discern in an interview (the process works both ways, you know).
Linux is the Jesus of the Tech World: "Have you accepted Linux as your personal computer savior?..." Everyone just knows it is the One True Way, and that if everyone adopted it (Jesus, Linux, no difference) that all of our problems would simply disappear.
Christians who have seriously tried evangelization sees remarkable parallels between Linux and Christianity. Yes, we know of the one true way, but convincing others remains quite a challenge:
The forces of ignorance and apathy are strong, especially among teachers and school administrators.
People often are comfortable with their preconceived biases and judgments, and don't want to change their way of thinking or doing things.
How does that matter to me right now?
TNSTAAFL: There's got to be a catch; if it's free, it must not be worth anything.
Yeah, I understand all that eternal life (of the server?!) stuff and all that, but why should I worry about that *now*?
The most successful evangelists of this century were not those who called people to a high and distant summit, but met people right where they were. If Linux is going to be adopted by schools and other non-technical people, it has to meet the challenges of ordinary users:
It has to behave in the same manner as Windows. Merely copying the UI, while cute, won't make up for the fact that the user expects to see a C:\ drive, or expects to save their documents in *Word*.
It has to run their existing software *in the same way* as Windows. Yes, Wine will run *some* Windows applications, but the distros have to wrap it with the functionality to successfully install Windows applications on Linux and be able to start them by double clicking the icon. You and I may have no problem running Windows apps on Linux, but the average user is going to get lost if they have to open a terminal window to do so.
Autorun, executing email attachments, automatic update, proprietary codecs, etc... are all expected by the Windows user. Yes, Flash too.
Whaddya mean I have to type 'make install'? Is this a warmed over version of DOS? My home computer just installs this CD thingy when I put it in the drive... Stupid Windows knock-off.
When you consider that a substantial portion of the FOSS community won't run closed source software on philosophical grounds alone - and that there are distros which cater to this mentality - creating a school-friendly Linux would be to create a distro that no idealist would want to maintain. It has never been a question of capability, and always a questions of philosophy; schools tend to be pragmatic rather than intelligent. As a branch of government, they tend to draw the risk-averse politicians; as an institution, they tend to draw people with a greater interest in educating children than the means by which same is accomplished. That is, the computer is not the reason for their existence, but rather a means of getting a greater job done.
To get Linux into schools, you're going to have to address the school's expectations of an operating system. You might not like the result.
Consumers buy software based on flashy graphics and bullet lists of features, without regard for quality...
Companies insist on paying the lowest wages possible to programmers...
Programmers are rewarded for shipping code, rather than its quality...
You will have buggy, insecure software.
Fast. Cheap. Good. Pick any two.
The market has spoken, and said that they would rather have the familiar and flashy than secure and stable. Microsoft fills this niche. There are other niches, such as the Stable and Secure Computer market, and they're owned by the mainframe and UNIX vendors. But these aren't as visible as the PC market, because they need not advertise as much; their reputation precedes them. But they are just as important, if not moreso, than the consumer market.
Two men hear that a tiger has escaped from the zoo. The first one reties his shoes; the second asks, "Do you really think you can outrun a tiger?" To which the first replies, "I only have to outrun you..."
Dumpster diving went out with the 80's. The chances of someone going through your garbage or electronics recycling so as to steal your identity are between slim and Nicole Ritchie. To be safe, just format it once; if you're really paranoid, use a disk wiping utility or "dd if=/dev/random of=/dev/hda".
Today's identity thieves typically steal your information long before that old hard drive makes it to the recycling facility. So you made a few purchases with your wife's Windows machine. Or perhaps you used a credit card to pay for a restaurant meal. Or maybe your mortgage lender has an identity thief on the inside. Or perhaps your medical records are sold by the overseas employees of the outsourcing firm your doctor used.
Sure, you can shred your hard drive and/or take a blowtorch to it if you'd like. Some people actually enjoy that sort of thing. But don't think you're safe from identity thieves for having done so.
Officials use the information to prevent terrorism, acts of organized crime, and other illegal activity.
Does the DHS have even one documented case of this information preventing said activity? Maybe I'm setting myself up in the wrong way here, but AFAIK, the DHS and TSA combined have never thwarted a terrorist attack or busted the mafia. Perhaps they've used to convict people of violating those administrative rules which no one is allowed to see, but I'm not aware of any evidence which suggests this information actually prevented terrorism or organized crime.
I mean sure, the FBI has busted criminals, but with regular gumshoe detective work.
With journalists like these, who needs a terrorist?
A few years ago a colleague and I were talking over lunch, and I suggested that the next big thing would be an open platform for mobile devices - kind of like the IBM PC in the 80's. By offering a standard platform, consumers would have the same choice which drove the PC revolution.
A few back-of-the-napkin calculations later, and we figured we could bring it to market for about 10 million USD.
We went back to work, never formed a startup. Here, a few years later, Google is bringing the Android to market.
The lesson: good ideas are not that uncommon. Having the drive, vision, and backing of venture capital is. Maybe you have a good idea. But there's no point in hiding it, because chances are that someone else also has the same idea. The worst you could do is to keep it secret while someone else patents it.
If you think it is good, discuss it with others. If they think it is good, document it, (Witnesses!), and discuss it with someone in the industry. Publish - that will protect you from the patent trolls. But don't think that keeping it secret will do you or anyone else any good.
Slashdot Mirror
The benefit of a hardware standard is not immediately clear to me...
1.) Normally, software encryption stores the keys in main memory, where they can be stolen by an opportunistic virus, or someone running your system image in a VM.
2.) As I haven't (yet) read the standard, I cannot say this is the case, but it is possible that the disk uses the hash of your password as the key. As such, the key is never visible to the CPU at any time, and can't be compromised by viruses or VMs. Furthermore, such a scheme is more immune to cold-boot attacks where the residual RAM image can be used to recover the key.
I'd like to know the features in KDE now which aren't (yet) in Vista. You know, what people think of them, if they've used them, etc...
Is the interface still five years ahead of Microsoft Windows? It's hard to tell from the screenshots.
I remember seeing features in KDE several years ago that would later show up in Vista.
KDE is one of the few truly innovative projects in the open source realm - they're actually moving forward and trying new things rather than trying to clone existing products. Which is what we need more of in the open source realm.
if he had bought the insurance?
Right now, I'm in the process of filing appeals and interviewing lawyers because my health insurance provider did not cover our son's birth. If insurance companies are willing to cheat their customers on matters as routine as childbirth, what makes you think they would treat a truly expensive condition any differently? Do you really believe that a for-profit corporation will pay a claim if they think they can get away with denying it?
Your friend would probably not have a prosthesis either way. Except now he can skip the several year litigation cycle and exorbitant legal fees.
All large commercial aircraft come equipped with automatic pilots which can land the plane in an emergency. Taking off again is largely just an exercise in FAA regulations and the proper engineering. (IOW, because there's little demand for the feature, and the FAA doesn't require it, Boeing, et al, have not implemented it.
When programmers are expected to get it right the first time, just like engineers.
I kind of hate to the harbinger of bad news, but ever since Microsoft managed to convince people that software defects were a *normal* part of computer operation, the chances of holding companies accountable for bugs, security breaches, etc... have gotten vanishingly small.
Not for a 50 year project. The NAND flash used in SSDs has a variable lifespan - I'm thinking that it is not rated much beyond 10 or 20 years, if it is rated at all. Most of the NAND flash work has been directed toward increasing the number of useful cycles, not ultimate retention life. Regardless, it's not as if one can buy an SSD knowing the rated life of the chips these days.
Most of the EEPROMs used to store the BIOS code only have a rated data retention lifespan of 10 or 20 years. In 50 years, it would likely not even be able to boot.
But even should your EEPROM remain intact, the other problem is getting that hard drive spindle which has remained stationary for 50 years spinning again.
Having followed class action suits before, the outcome most likely is that the lawyers will get paid exorbitant fees, and the plaintiffs will get discount coupons for their next Windows upgrade.
Discount coupons and vouchers are the way almost all class action suits are resolved. Very seldom do the plaintiffs actually recover monetary damages.
Really. I mean that.
Most VOIP uses UDP, which, *by specification* does not guarantee delivery timeliness, order, or that the packets will even arrive at their destination. It's strictly a fire and forget protocol, and this should have been understood from the outset. While I understand the advantages it brings on well-managed networks, and the value it has for those who can tolerate dropped speech and calls, it should not be thought of telephony, as it is nowhere near as reliable as conventional POTS networks.
Even for VOIP designs which use TCP, or other delivery assurance mechanisms, IP itself does not guarantee a maximum latency. While the network provider may be able to manage latency, and even guarantee it for a given segment of network, there is currently no way to guarantee a maximum latency when travelling outside the provider's network. Furthermore, even if there existed a protocol mechanism which provided definitive latency management, the fact remains that most ISPs do not make latency, or even *bandwidth* guarantees. Building a realtime voice application on such an infrastructure remains risky, at best.
The common customer, who grew up with phone lines, does not understand how IP networks work, nor why a common internet connection is not going to provide them with a 100% reliable connection. Instead, they're going to expect the network to fully support realtime voice, because, "I've got up to 6 Mbs, and this VOIP phone only requires 128kbs connection..."
I don't mean to rip on VOIP, but the technology was designed for networks which can, and do, guarantee max latency and min bandwidth. This excludes the majority of residential broadband and DSL customers. Yet the VOIP companies conveniently forget this in their advertisements. It really isn't the ISP's problem, because they are delivering the service advertised.
As a physicist, this whole thing has been an embarrassing reminder of just how bad physicists are at public relations...
Take heart, your peers in climatology and meteorology haven't been able to convince the US that global warming is real, in spite of the fact that several key politicians picked up the cause.
If being unable to convince people that a black hole *won't* happen is the worst you've done, count your blessings.
We were told we had to obey all lawful orders. We were instructed that we were duty bound to disobey any order which violated the UCMJ. IOW, we didn't have to obey an order to torture someone, because it was against the Army's policy at the time.
Well, that was before the Bush White House.
The way I always thought of it was simply, "Could an officer make a case against me for refusing to obey this order?" In almost every case of torture or improper treatment, the answer would be no. In almost any other case, the answer would be yes. I'm not aware of any officer who would even attempt to justify an order to torture or kill prisoners to his superior. In fact, it just so happens that in the Marines, the case of Lt Col Chessani shows just the opposite. Some of his Marines ended up killing civilians in Haditha, and he's now on trial for it. Had any of his subordinates admitted to ordering the killing of civilians, he most certainly would have had them court-martialled for doing so.
Apparently, the bank has no problem with lending me a substantial sum in his name.
But on a more serious note, I think the problem is that our so much of our society relies on a mere secret combination of name and numbers to prove identity. PKI provides a much more secure means of proving one's identity than merely relying on a (presumably) secret combination of numbers known by one's employer, banker, credit card company, and several government agencies as well.
Is Microsoft Windows right for you? Take this survey to find out:
At first I thought this might be a Microsoft plant, until I realized that even Microsoft is not that dumb. I think what most people are going to take away from this is that if you're stupid, you have to use Windows, and that Ubuntu is the new big thing for the hip pc users.
Not sure if that's intentional commentary on the show, or an ironic spelling mistake.
We don't want drunks behind the wheel. That's why we need to see the source code to the breathalyzer. It could also be that drunk drivers are getting off the hook because the machine malfunctions and indicates a lower BAC than actual. Software bugs work both ways.
I, for one, am not comfortable trusting something like a DUI conviction to a few dollars of electronics. If the device cannot be independently verified to work correctly, then it shouldn't be used for legal matters. A DUI conviction can ruin a person's life, and is not something to be taken lightly.
There's this little thing called the 'full faith and credit' clause in the Constitution. Basically, it says that one state has to honor another state's legal covenants - you know, things like driver's licenses, marriages, etc...
But one of the applications of it is that one state will now honor another state's arrest warrants. If you're wanted for robbery in Illinois, you can't avoid prosecution by merely hopping across the border to Indiana.
So, you combine the effects of the Internet and this bad law, and you get a really bad situation. You, posting to your blog in Illinois, can be arrested during a routine traffic stop and shipped to South Carolina, because someone there read your blog, thought it vulgar, and filed a complaint.
The unfortunate reality in today's world is that from a firm's perspective, it is more advantageous to recognize the problem employees than the outstanding performers.
If your personality test can reliably indicate who the top performers are, then your employees could use this information to negotiate a better salary. OTOH, if the test is only capable of weeding out the personality problems, then you have good grounds for not hiring someone you strongly suspect is a problem candidate. This is even more important when the problem candidate is a minority with a propensity for litigation.
I too, really hate personality tests. But they are useful from an employer's perspective, and serve to put you on notice that your employer is NOT going to be your friend. In a way, a personality test says a lot more about the employer's attitude toward people than you'd ever be able to discern in an interview (the process works both ways, you know).
Linux is the Jesus of the Tech World: "Have you accepted Linux as your personal computer savior?..." Everyone just knows it is the One True Way, and that if everyone adopted it (Jesus, Linux, no difference) that all of our problems would simply disappear.
Christians who have seriously tried evangelization sees remarkable parallels between Linux and Christianity. Yes, we know of the one true way, but convincing others remains quite a challenge:
The most successful evangelists of this century were not those who called people to a high and distant summit, but met people right where they were. If Linux is going to be adopted by schools and other non-technical people, it has to meet the challenges of ordinary users:
When you consider that a substantial portion of the FOSS community won't run closed source software on philosophical grounds alone - and that there are distros which cater to this mentality - creating a school-friendly Linux would be to create a distro that no idealist would want to maintain. It has never been a question of capability, and always a questions of philosophy; schools tend to be pragmatic rather than intelligent. As a branch of government, they tend to draw the risk-averse politicians; as an institution, they tend to draw people with a greater interest in educating children than the means by which same is accomplished. That is, the computer is not the reason for their existence, but rather a means of getting a greater job done.
To get Linux into schools, you're going to have to address the school's expectations of an operating system. You might not like the result.
As long as:
You will have buggy, insecure software.
Fast. Cheap. Good. Pick any two.
The market has spoken, and said that they would rather have the familiar and flashy than secure and stable. Microsoft fills this niche. There are other niches, such as the Stable and Secure Computer market, and they're owned by the mainframe and UNIX vendors. But these aren't as visible as the PC market, because they need not advertise as much; their reputation precedes them. But they are just as important, if not moreso, than the consumer market.
Those companies willing to go to the ends of the Earth for their employees usually find they can pay them a tenth of the salary.
I can't help but wonder how Dell would react if Ireland banned Dell computers. You know, this kind of game works both ways.
Two men hear that a tiger has escaped from the zoo. The first one reties his shoes; the second asks, "Do you really think you can outrun a tiger?" To which the first replies, "I only have to outrun you..."
Dumpster diving went out with the 80's. The chances of someone going through your garbage or electronics recycling so as to steal your identity are between slim and Nicole Ritchie. To be safe, just format it once; if you're really paranoid, use a disk wiping utility or "dd if=/dev/random of=/dev/hda".
Today's identity thieves typically steal your information long before that old hard drive makes it to the recycling facility. So you made a few purchases with your wife's Windows machine. Or perhaps you used a credit card to pay for a restaurant meal. Or maybe your mortgage lender has an identity thief on the inside. Or perhaps your medical records are sold by the overseas employees of the outsourcing firm your doctor used.
Sure, you can shred your hard drive and/or take a blowtorch to it if you'd like. Some people actually enjoy that sort of thing. But don't think you're safe from identity thieves for having done so.
Officials use the information to prevent terrorism, acts of organized crime, and other illegal activity.
Does the DHS have even one documented case of this information preventing said activity? Maybe I'm setting myself up in the wrong way here, but AFAIK, the DHS and TSA combined have never thwarted a terrorist attack or busted the mafia. Perhaps they've used to convict people of violating those administrative rules which no one is allowed to see, but I'm not aware of any evidence which suggests this information actually prevented terrorism or organized crime.
I mean sure, the FBI has busted criminals, but with regular gumshoe detective work.
With journalists like these, who needs a terrorist?
A few years ago a colleague and I were talking over lunch, and I suggested that the next big thing would be an open platform for mobile devices - kind of like the IBM PC in the 80's. By offering a standard platform, consumers would have the same choice which drove the PC revolution.
A few back-of-the-napkin calculations later, and we figured we could bring it to market for about 10 million USD.
We went back to work, never formed a startup. Here, a few years later, Google is bringing the Android to market.
The lesson: good ideas are not that uncommon. Having the drive, vision, and backing of venture capital is. Maybe you have a good idea. But there's no point in hiding it, because chances are that someone else also has the same idea. The worst you could do is to keep it secret while someone else patents it.
If you think it is good, discuss it with others. If they think it is good, document it, (Witnesses!), and discuss it with someone in the industry. Publish - that will protect you from the patent trolls. But don't think that keeping it secret will do you or anyone else any good.
The worst they could do is take it and commercialize it. But they'll never take it from your brain.