The problem is, under copyright law (US at least), your post is automatically copyrighted by you, and I'm not allowed to redistribute it without your permission.
You may implicitly grant the right for redistribution. Posting on a public forum like/. is such a situation, because of the clear purpose of the forum. Sending a letter to the editor of a newspaper also implicitly allows them to reprint it (and they often add other clauses, like the right to shorten/edit letters - by sending in your letter you implicitly agree to that).
So this post of mine comes with the implicit license towards/. to store it and publish it to their visitors. However I do not think posting here implies the right of other people to copy this comment and post it on another website, for example.
Oh and of course by being the author I am the copyright holder unless specifically stated otherwise through contract or whatever means.
But of course, for many people programming is a hobby. I also program for a hobby now and then - and Linux is a natural choice, it's a great hobby platform. And one of its strengths I think is a total lack of central planning, other than maybe the groups that develop and set technical standards.
A hobbyist doesn't care whether other people use their software. I have put some stuff out there, just with the idea maybe it's useful for someone. If not, well I can use it and I had my fun building it.
Linux is getting big, with lots of commercial support. RedHat is one of the oldest I think and there are so many more.
And then there are so many more hobby platforms. The BSD clones, that BeOS clone that I forgot the name of, and so many obscure and sometimes unfinished OS'es out there. Built as a hobby, for fun, just like Linus started his Minix clone. He built it for fun, not to get rich. Put it out there for the world to see and to comment on, maybe to show off his skills.
But first and foremost it is a hobby platform, and hobbyists don't worry about cost/benefits. They like to fiddle with it, break it, and fix it again. And as it's a hobby, it may cost a bit (money and/or time), and for that reason alone I think all those open source OSes and applications will simply stay and evolve.
Open source has no central planning so it can quite literally evolve: the good stuff improves, and the bad branches die off. MS and Apple can not do that, they have central planning. It gives (at least in Apple's case) a nice coherent package, but it can not evolve. It can not really try out new technologies, radically different ways of doing a user interface for example, or just the small improvements we see in various softwares. It lacks internal competition such as KDE vs Gnome and all the other desktop ideas out there. They try to be the best, try out new things, borrow heavily from each other, and improve rapidly and ongoing.
Totally useless and a mere inconvenience for the die-hard file swappers. New sharing sites will pop up faster than I can say "First Post!" and new protocols to circumvent those blocks will have arrived by the time the mods have moderated "First Post" down to -1.
Well as long as the market share of IE remains above 40%, MS won't have much to worry, the time investment is still worth it. Now they spend 60% of the time making a web site that works only in 20% or so of the market's browsers.
Like with the rest of computing, there are two sides: Microsoft, and The Rest. As long as Microsoft is about 95%, about 95% of development resources go there, and 5% goes to The Rest. When Microsoft falls to say 70%, The Rest would get 30% market and 30% of the development efforts.
Sorry, I can't come up with a car analogy here to make it clear but I'm sure someone can.
Use a mobile phone for those calls, and simply keep it switched off when you don't want to be called. It's exactly why I have two mobile numbers: one private, one business. And yes the business one is on voice mail in the evenings and over the weekend. Leave me a voice message or SMS and I will know and react if I feel like it then, or next business day.
Mobile phones are cheap these days, very cheap, I now get 850 mins of air time o my mobile for barely a third of the price of my land line.
Lets prevent the need for having to prosecute, and the stress and other risks involved in the process of reaching the idea of wanting to prosecute in the first place. Prosecution is no more than a cure, and as always it is better to prevent than to try to cure later.
You do not need to run your own server to "participate on the Internet". You do not need to run your own web server to post comments on/. for example. Or to blog on Blogspot. Or to post your videos on Youtube. Just to name a few functions. Besides being geek I can't think of any reason to have to run your own servers as only way to "participate on the Internet".
Setting a limit of say 100 mails, no make that 500 mails per day will do the job pretty much as well.
It is a limit that normal users will not reach. OK maybe some send out newsletters, one could consider making the limit a bit flexible on request. Though help desk calls are expensive of course for the ISP.
500 mails per zombie per day I don't think is interesting for a spammer. Now they can do hundreds of thousands in a day per zombie. It would lower the value of botnets for starters. And the user that is infected will have problems sending mail for being over the limit within minutes of switching on his computer - I can't think of a better way to convince people to clean up their act.
That actually sounds reasonable to me. If you plan to run your own web server you are bound to create extra traffic. You pay for that. And if you think it's too much then rent server space at a web server co. Probably cheaper even.
Home internet connections are not to run servers on. Then you need a business connection. In which case you probably get a fixed IP to boot, saves finding (and paying for) a dynDNS service.
I'm happy I can just become root (either log-in to X as root, or open a terminal and do su - both are acceptable if you are knowledgeable enough to start messing with dlls) when necessary. And that Linux just allows me to mess around, no questions asked.
The folks it should affect are the power users, the hackers, maybe even the gamers. People that like to play and fiddle with their system, that like to install lots of new software (often from illegal sources), and try out new hardware.
They are the ones that MS has to keep on board, and if the allegations of TFS are true they may be the ones that get affected and that are also users knowledgeable enough to at least know about Linux and OS-X. They may give it a go. They may even like it. And then, when their friends come for advice on a new computer, they may even start to advice taking on Linux or a Mac.
It is well known now that Joe Sixpack doesn't care what he is using, as long as it works. And the current state of matters is that 95% or more of the hardware (save unbranded low quality stuff) Just Works with Linux. Not even the need for drivers to be installed, like Windows still needs. Wine is pretty much there, and IE and Word have very good alternatives in OSS.
The public at large doesn't care, and that may just as well be the reason that when buying a new computer they may follow the advice of their caring friends, and move on and away from Windows. It won't happen overnight but if Win7 is a failure like Vista then MS really has a serious problem on it's hands. I have no idea whether they will be able to recover from such a disaster. At the very least the public will be very very very critical of the iteration following Win7.
Protection of dll's should be by setting appropriate permissions, if a user gets sufficient permissions (administrator?) they should be able to replace any dll.
The protection given by the OS should be preventing unintended processes (viruses, worms, etc) to get those rights in the first place. Not actively checking whether a DLL has been changed and then stopping the use of a particular application.
This certainly reeks like specifically targeting Photoshop and maybe other apps, helping a vendor preventing users hack their software, in this case by circumventing a reg screen.
Well I do keep backups indeed! Very simply backups (just a tarball copy) but it's enough just in case.
And this was part of the process of upgrading my server more storage... two harddisks as RAID1... one of the two died already (within a week, expecting the replacement today afternoon)...
In this case I wanted to install ldap, doing so I suddenly was installing a couple dozen packages! This was suddenly a big chunk of Lenny that I was unknowningly installing.
Yes it is very infrequent but I am going to change my source names now to "Lenny" now instead of "stable". Just to keep it under control.
Today I just decided to do an upgrade of my Debian server, to have the latest security and bugfixes. Instead I suddenly got hundreds of packages to update... well this explains why. I jsut have my sources pointing at stable, so that is updated now automatically.
A complete new stable release, interesting.
Not sure whether I should be happy with this or not. On one hand great to have a major update of some software, on the other hand I hope I'm not going to break anything.
And the only thing I was actually planning to do was install ldap and authentication over ldap!
The problem of micropayments (payments of less than US$ 0.05 or even fractions of a cent) is that you ask a user all the time when they want to see certain content, whether they want to pay for it.
So the user not only gets an extra step in between (accepting a payment) to see an article or blog post or youtube video, also they have to think and decide whether or not to make this payment.
This is probably the main reason why micropayments never took off. Setting up an account at some provider and charging it up with say US$10 now and then and then have this provider take care of the payments is the trivial part, technically at least. Charging a credit card with anything less than a cent is of course impossible: and a cent is already too much for a real micropayment.
In case of a lost laptop with encryption there is something else to worry about: the strength of your passwords and the resilience against brute-forcing it.
Rate limiters don't work. Destroy after xxx passwords also not. The attacker has the source of TrueCrypt just like you, and thus can remove that kind of limits and brute-force your password. It's almost certainly easier than brute-forcing your encryption key directly. I don't think your password is as long as your encryption key is.
Losing your laptop with your password-protected keys on it is a worse issue than just losing your encrypted data without losing the keys with it. This is an issue I have never seen pop up in discussions on/. or elsewhere, it may be an overlooked weakness.
The driver behind you should at all times keep sufficient distance to stop. In normal driving you will have to assume they do so, as otherwise you can never make the decision whether or not to hit the breaks, even if something unexpected happens (like a child jumping on the street from in between parked cars). When necessary, you break and stop.
An orange light the same: when you (yes YOU) can safely stop, you stop. That the person behind you can not safely stop should not be part of your decision to stop or not. Otherwise you may have to decide between running over that kid or being hit hard in the back... in which case you will be too late anyway to avoid a collision.
Assuming you were far enough from the traffic light to stop normally (as in without leaving skid marks on the road) it was no matter what the correct thing to do. After all, yellow means "stop if you safely can", and tailgaters are not an issue for that rule.
Even worse: that second guy is, even with a bit short distance in between the vehicles, almost certainly far enough from the traffic light to stop safely. So not only should he not have assumed the car in front to go through the yellow expect to do the same, he should have stopped already. And maybe see the car in front of him move on, or not, that becomes irrelevant then.
At least it seems no-one has been able to clone these cards. That can not be said from smart passports issued in other countries...
Oh wait. It seems the UK government is the only one that can not read their own passports. These guys did not have that problem, and apparently had their hands on more equipment that could also read the UK passports.
This post is not covered under any license.
The problem is, under copyright law (US at least), your post is automatically copyrighted by you, and I'm not allowed to redistribute it without your permission.
You may implicitly grant the right for redistribution. Posting on a public forum like /. is such a situation, because of the clear purpose of the forum. Sending a letter to the editor of a newspaper also implicitly allows them to reprint it (and they often add other clauses, like the right to shorten/edit letters - by sending in your letter you implicitly agree to that).
So this post of mine comes with the implicit license towards /. to store it and publish it to their visitors. However I do not think posting here implies the right of other people to copy this comment and post it on another website, for example.
Oh and of course by being the author I am the copyright holder unless specifically stated otherwise through contract or whatever means.
But of course, for many people programming is a hobby. I also program for a hobby now and then - and Linux is a natural choice, it's a great hobby platform. And one of its strengths I think is a total lack of central planning, other than maybe the groups that develop and set technical standards.
A hobbyist doesn't care whether other people use their software. I have put some stuff out there, just with the idea maybe it's useful for someone. If not, well I can use it and I had my fun building it.
Linux is getting big, with lots of commercial support. RedHat is one of the oldest I think and there are so many more.
And then there are so many more hobby platforms. The BSD clones, that BeOS clone that I forgot the name of, and so many obscure and sometimes unfinished OS'es out there. Built as a hobby, for fun, just like Linus started his Minix clone. He built it for fun, not to get rich. Put it out there for the world to see and to comment on, maybe to show off his skills.
But first and foremost it is a hobby platform, and hobbyists don't worry about cost/benefits. They like to fiddle with it, break it, and fix it again. And as it's a hobby, it may cost a bit (money and/or time), and for that reason alone I think all those open source OSes and applications will simply stay and evolve.
Open source has no central planning so it can quite literally evolve: the good stuff improves, and the bad branches die off. MS and Apple can not do that, they have central planning. It gives (at least in Apple's case) a nice coherent package, but it can not evolve. It can not really try out new technologies, radically different ways of doing a user interface for example, or just the small improvements we see in various softwares. It lacks internal competition such as KDE vs Gnome and all the other desktop ideas out there. They try to be the best, try out new things, borrow heavily from each other, and improve rapidly and ongoing.
Wrong.
Explanation is not too bad though.
But the meaning is of course Digital Restrictions Management. (Trying to) restrict users from what they may want to do with a product.
Totally useless and a mere inconvenience for the die-hard file swappers. New sharing sites will pop up faster than I can say "First Post!" and new protocols to circumvent those blocks will have arrived by the time the mods have moderated "First Post" down to -1.
Well as long as the market share of IE remains above 40%, MS won't have much to worry, the time investment is still worth it. Now they spend 60% of the time making a web site that works only in 20% or so of the market's browsers.
Like with the rest of computing, there are two sides: Microsoft, and The Rest. As long as Microsoft is about 95%, about 95% of development resources go there, and 5% goes to The Rest. When Microsoft falls to say 70%, The Rest would get 30% market and 30% of the development efforts.
Sorry, I can't come up with a car analogy here to make it clear but I'm sure someone can.
Use a mobile phone for those calls, and simply keep it switched off when you don't want to be called. It's exactly why I have two mobile numbers: one private, one business. And yes the business one is on voice mail in the evenings and over the weekend. Leave me a voice message or SMS and I will know and react if I feel like it then, or next business day.
Mobile phones are cheap these days, very cheap, I now get 850 mins of air time o my mobile for barely a third of the price of my land line.
Lets prevent the need for having to prosecute, and the stress and other risks involved in the process of reaching the idea of wanting to prosecute in the first place. Prosecution is no more than a cure, and as always it is better to prevent than to try to cure later.
You do not need to run your own server to "participate on the Internet". You do not need to run your own web server to post comments on /. for example. Or to blog on Blogspot. Or to post your videos on Youtube. Just to name a few functions. Besides being geek I can't think of any reason to have to run your own servers as only way to "participate on the Internet".
Setting a limit of say 100 mails, no make that 500 mails per day will do the job pretty much as well.
It is a limit that normal users will not reach. OK maybe some send out newsletters, one could consider making the limit a bit flexible on request. Though help desk calls are expensive of course for the ISP.
500 mails per zombie per day I don't think is interesting for a spammer. Now they can do hundreds of thousands in a day per zombie. It would lower the value of botnets for starters. And the user that is infected will have problems sending mail for being over the limit within minutes of switching on his computer - I can't think of a better way to convince people to clean up their act.
That actually sounds reasonable to me. If you plan to run your own web server you are bound to create extra traffic. You pay for that. And if you think it's too much then rent server space at a web server co. Probably cheaper even.
Home internet connections are not to run servers on. Then you need a business connection. In which case you probably get a fixed IP to boot, saves finding (and paying for) a dynDNS service.
Windows is getting so user-unfriendly...
I'm happy I can just become root (either log-in to X as root, or open a terminal and do su - both are acceptable if you are knowledgeable enough to start messing with dlls) when necessary. And that Linux just allows me to mess around, no questions asked.
The folks it should affect are the power users, the hackers, maybe even the gamers. People that like to play and fiddle with their system, that like to install lots of new software (often from illegal sources), and try out new hardware.
They are the ones that MS has to keep on board, and if the allegations of TFS are true they may be the ones that get affected and that are also users knowledgeable enough to at least know about Linux and OS-X. They may give it a go. They may even like it. And then, when their friends come for advice on a new computer, they may even start to advice taking on Linux or a Mac.
It is well known now that Joe Sixpack doesn't care what he is using, as long as it works. And the current state of matters is that 95% or more of the hardware (save unbranded low quality stuff) Just Works with Linux. Not even the need for drivers to be installed, like Windows still needs. Wine is pretty much there, and IE and Word have very good alternatives in OSS.
The public at large doesn't care, and that may just as well be the reason that when buying a new computer they may follow the advice of their caring friends, and move on and away from Windows. It won't happen overnight but if Win7 is a failure like Vista then MS really has a serious problem on it's hands. I have no idea whether they will be able to recover from such a disaster. At the very least the public will be very very very critical of the iteration following Win7.
Protection of dll's should be by setting appropriate permissions, if a user gets sufficient permissions (administrator?) they should be able to replace any dll.
The protection given by the OS should be preventing unintended processes (viruses, worms, etc) to get those rights in the first place. Not actively checking whether a DLL has been changed and then stopping the use of a particular application.
This certainly reeks like specifically targeting Photoshop and maybe other apps, helping a vendor preventing users hack their software, in this case by circumventing a reg screen.
Well I do keep backups indeed! Very simply backups (just a tarball copy) but it's enough just in case.
And this was part of the process of upgrading my server more storage... two harddisks as RAID1... one of the two died already (within a week, expecting the replacement today afternoon)...
In this case I wanted to install ldap, doing so I suddenly was installing a couple dozen packages! This was suddenly a big chunk of Lenny that I was unknowningly installing.
Yes it is very infrequent but I am going to change my source names now to "Lenny" now instead of "stable". Just to keep it under control.
Today I just decided to do an upgrade of my Debian server, to have the latest security and bugfixes. Instead I suddenly got hundreds of packages to update... well this explains why. I jsut have my sources pointing at stable, so that is updated now automatically.
A complete new stable release, interesting.
Not sure whether I should be happy with this or not. On one hand great to have a major update of some software, on the other hand I hope I'm not going to break anything.
And the only thing I was actually planning to do was install ldap and authentication over ldap!
TrueCrypt must be running to do a decryption. This binary therefore must be available in unencrypted form, and thus can be replaced.
The problem of micropayments (payments of less than US$ 0.05 or even fractions of a cent) is that you ask a user all the time when they want to see certain content, whether they want to pay for it.
So the user not only gets an extra step in between (accepting a payment) to see an article or blog post or youtube video, also they have to think and decide whether or not to make this payment.
This is probably the main reason why micropayments never took off. Setting up an account at some provider and charging it up with say US$10 now and then and then have this provider take care of the payments is the trivial part, technically at least. Charging a credit card with anything less than a cent is of course impossible: and a cent is already too much for a real micropayment.
A more useful mirror would be this one.
I have stopped paying my life insurance already because in a year I may be dead but there will also be no-one left behind to pay out the policy.
Or to receive it for that matter.
In case of a lost laptop with encryption there is something else to worry about: the strength of your passwords and the resilience against brute-forcing it.
Rate limiters don't work. Destroy after xxx passwords also not. The attacker has the source of TrueCrypt just like you, and thus can remove that kind of limits and brute-force your password. It's almost certainly easier than brute-forcing your encryption key directly. I don't think your password is as long as your encryption key is.
Losing your laptop with your password-protected keys on it is a worse issue than just losing your encrypted data without losing the keys with it. This is an issue I have never seen pop up in discussions on /. or elsewhere, it may be an overlooked weakness.
The driver behind you should at all times keep sufficient distance to stop. In normal driving you will have to assume they do so, as otherwise you can never make the decision whether or not to hit the breaks, even if something unexpected happens (like a child jumping on the street from in between parked cars). When necessary, you break and stop.
An orange light the same: when you (yes YOU) can safely stop, you stop. That the person behind you can not safely stop should not be part of your decision to stop or not. Otherwise you may have to decide between running over that kid or being hit hard in the back... in which case you will be too late anyway to avoid a collision.
Assuming you were far enough from the traffic light to stop normally (as in without leaving skid marks on the road) it was no matter what the correct thing to do. After all, yellow means "stop if you safely can", and tailgaters are not an issue for that rule.
Even worse: that second guy is, even with a bit short distance in between the vehicles, almost certainly far enough from the traffic light to stop safely. So not only should he not have assumed the car in front to go through the yellow expect to do the same, he should have stopped already. And maybe see the car in front of him move on, or not, that becomes irrelevant then.
At least it seems no-one has been able to clone these cards. That can not be said from smart passports issued in other countries...
Oh wait. It seems the UK government is the only one that can not read their own passports. These guys did not have that problem, and apparently had their hands on more equipment that could also read the UK passports.