Seriously, though: what happens when the Outlook-constrained CEO next to me opens up his VPN and grabs his inbox, with the mind-bendingly-over-large PowerPoint attachment and video clips and copies of websites that the employees mail around [instead of sending just a pointer or link to].
My responsible limited-bandwidth network use will get lost in the noise.:(
Implementers of these technologies: please implement per-connection throttling.
You can just see some USPTO guys getting phone calls... "the site's not up!" "That's odd... we must have been hacked!" "Where's all the traffic coming from?" "All over the net, but it's all referred from slash-dot-dot-org." "They must be some evil, anti-Microsoft, anti-IP... anti-_American_ site, then. Call up the Dept of the Interior... target the missiles for Slash dot dot org..."
Then micros~1 invokes some provision in the CDBTSSPASSDMSSCA to classify the/.'ing as a "malicious effort to impair the public's access to microsoft-provided technology. Which will be true, because the USPTO was a) wholly purchased from the US gov't. and b) now only allows the download of WinPDFs... PDF files that have transferred functionality previously in hardware to Windows...
That's not a "back door" [in most applications], it's just 'superuser' access.
Contrast this to a *nix box... Alice has security from her password -- correctly used -- inasmuch as that Mallory can't just waltz into the account. But just because if Alice forgets her password and the superuser changes it to something that Alice now knows [after credential checking and with a audit trail, perhaps], I don't think you can consider that less security. In fact, having that option will prevent Alice from doing silly things -- like writing the uber-important-I-can't-ever-forget-this-password on a sticky note and leaving it on her monitor.
As another comment suggests, a good method around this is the use of multiple biometrics... a "strong" check against one [perhaps in conjunction with producting coroborating credentials] should allow a super-user to modify the user record. Under appropriate controls, this still provides security.
Security comes from the application of the technology to the problem, and in the context of the system... It may be perfectly acceptable to have superuser access available to those who provide any two sides of the authentication triangle, if they can be trusted to safely deal with all sides [tokens, passwords and biometrics].
Added value, yes... but that comes from the reading device and a simple format... markup of the document should let it be paged, annotated and searched correctly and conveniently... it should be reasonable to take a web page, scribble annotations in the "margins", and be able to easily get those annotations back out in a useful format [perhaps printed, but hopefully not]. Getting support for tables, simple pictures, MathML, SVG-like things... that should be the focus. Sure, mostly useful for the academic texts you describe, but what more than "here's a paragraph... here's another one" do you need for a mass-market Tom Clancy novel...
WRT mass-consumer-ebooks, then a good display and a fast/light reader needs to come to the forefront.
An e-book appliance device is far superior to a laptop for these sorts of things... that's the real goal: encourage people to shell out $300 for the REB1xxx... which I think they should... it's quite nice to be able to download RISKS digest, The Onion, Freshmeat daily round-up, Slashdot/K5 articles, &c. &c. and read it in bed or outside or on Bart.
Dead tree is alright, as eText-reading tech has quite a ways to go. I have an early Rocket eBook, and it's an quite wonderful thhing [if you can find one, get it... well worth the $300 I paid for mine]... it's great at dealing with simple text-heavy HTML docs [Advogato, Kuro5hin,/., Freshmeat, &c.]... and it would probably do well with, say, a JavaDoc'd or Doxygen'd source tree.
It has failed me [slightly] on LaTeX2HTML'd documents... it works and the content is there, but a more specific conversion process needs to occur to get all the navigation correct, which is really important for the limited-UI eBook.
I'd be really happy to d/l an electronic version of "Ruby for Midgets" if it was _reasonably_ priced... and if it was well-formatted for the medium.
WRT other themes I'd like to see... more on general best-practices in programming. I can easily pick up Ruby from reading code... but a text on how to correctly and efficiently use -- coroutines for example -- would apply not just to Ruby but to other languages as well, including those that don't exist, yet... which helps against the one-year-in-advance problem.
Hmmm... 2 or 3 GnuCash developers independently post story submissions to/. about how they've released a significant new version of a key Linux application... one which has the potential to replace some people's last hurdle for switching away from Micros~1 completely...
And/. decides to reject all those, and instead posts a poor LWN piece which overstates a problem that is valid, but has nothing to do with GnuCash, and more about the poor state of Linux software installation, package management and impatience of users regarding the package system they're using.
Thanks Slashdot story selectors! The GnuCash folks did their part and wrote a bunch of code that works really well... ignore it if you must, but don't piss on their efforts.
Indeed. In fact, the development of GnuCash helped push a couple of those packages to have new features [there was a lot of back-and-forth with respect to Guppi, for instance, that benefits both projects]. Guile got a few things GnuCash was including itself into the guile distro, IIRC.
The deps for GnuCash are at the forefront of the state of the art for the GNU desktop, but c'mon: this ain't no half-hour hack; it's one of the more serious desktop applications for Linux, and thus requires some recent libraries. Or, you could just dual-boot and run Micros~1 Money or Quicken...
Be aware that the MS Natural KB has a horked insert->pgdn group and the arrow keys in a diamond instead of a inverted T. This is obstensibly so that it can "fit in most keyboard trays", but it's just vile. Get the "Pro" model, which is fixed [and has many happy blue "special keys" at the top which you can ignore or somehow map if you have the time:) ].
Slashdot Mirror
Seriously, though: what happens when the Outlook-constrained CEO next to me opens up his VPN and grabs his inbox, with the mind-bendingly-over-large PowerPoint attachment and video clips and copies of websites that the employees mail around [instead of sending just a pointer or link to].
:(
My responsible limited-bandwidth network use will get lost in the noise.
Implementers of these technologies: please implement per-connection throttling.
You can just see some USPTO guys getting phone calls... "the site's not up!" "That's odd ... we must have been hacked!" "Where's all the traffic coming from?" "All over the net, but it's all referred from slash-dot-dot-org." "They must be some evil, anti-Microsoft, anti-IP ... anti-_American_ site, then. Call up the Dept of the Interior ... target the missiles for Slash dot dot org..."
/.'ing as a "malicious effort to impair the public's access to microsoft-provided technology. Which will be true, because the USPTO was a) wholly purchased from the US gov't. and b) now only allows the download of WinPDFs ... PDF files that have transferred functionality previously in hardware to Windows ...
Then micros~1 invokes some provision in the CDBTSSPASSDMSSCA to classify the
And you though WinModems and WinWiFi were bad...
That's: http://antwrp.gsfc.nasa.gov/apod/ap020414.html.
That's not a "back door" [in most applications], it's just 'superuser' access.
... Alice has security from her password -- correctly used -- inasmuch as that Mallory can't just waltz into the account. But just because if Alice forgets her password and the superuser changes it to something that Alice now knows [after credential checking and with a audit trail, perhaps], I don't think you can consider that less security. In fact, having that option will prevent Alice from doing silly things -- like writing the uber-important-I-can't-ever-forget-this-password on a sticky note and leaving it on her monitor.
... a "strong" check against one [perhaps in conjunction with producting coroborating credentials] should allow a super-user to modify the user record. Under appropriate controls, this still provides security.
Contrast this to a *nix box
As another comment suggests, a good method around this is the use of multiple biometrics
Security comes from the application of the technology to the problem, and in the context of the system... It may be perfectly acceptable to have superuser access available to those who provide any two sides of the authentication triangle, if they can be trusted to safely deal with all sides [tokens, passwords and biometrics].
Added value, yes ... but that comes from the reading device and a simple format ... markup of the document should let it be paged, annotated and searched correctly and conveniently... it should be reasonable to take a web page, scribble annotations in the "margins", and be able to easily get those annotations back out in a useful format [perhaps printed, but hopefully not]. Getting support for tables, simple pictures, MathML, SVG-like things ... that should be the focus. Sure, mostly useful for the academic texts you describe, but what more than "here's a paragraph ... here's another one" do you need for a mass-market Tom Clancy novel...
WRT mass-consumer-ebooks, then a good display and a fast/light reader needs to come to the forefront.
An e-book appliance device is far superior to a laptop for these sorts of things... that's the real goal: encourage people to shell out $300 for the REB1xxx ... which I think they should... it's quite nice to be able to download RISKS digest, The Onion, Freshmeat daily round-up, Slashdot/K5 articles, &c. &c. and read it in bed or outside or on Bart.
Dead tree is alright, as eText-reading tech has quite a ways to go. I have an early Rocket eBook, and it's an quite wonderful thhing [if you can find one, get it ... well worth the $300 I paid for mine] ... it's great at dealing with simple text-heavy HTML docs [Advogato, Kuro5hin, /., Freshmeat, &c.] ... and it would probably do well with, say, a JavaDoc'd or Doxygen'd source tree.
It has failed me [slightly] on LaTeX2HTML'd documents ... it works and the content is there, but a more specific conversion process needs to occur to get all the navigation correct, which is really important for the limited-UI eBook.
I'd be really happy to d/l an electronic version of "Ruby for Midgets" if it was _reasonably_ priced ... and if it was well-formatted for the medium.
WRT other themes I'd like to see ... more on general best-practices in programming. I can easily pick up Ruby from reading code ... but a text on how to correctly and efficiently use -- coroutines for example -- would apply not just to Ruby but to other languages as well, including those that don't exist, yet... which helps against the one-year-in-advance problem.
jsled@normandy$ [~] whois 130.49.77.223@whois.arin.net
University of Pittsburgh (NET-U-PITT)
600 Epsilon Drive
Pittsburgh, PA 15238
US
Netname: U-PITT
Netblock: 130.49.0.0 - 130.49.255.255
[deletia]
...jsled
Hmmm... 2 or 3 GnuCash developers independently post story submissions to /. about how they've released a significant new version of a key Linux application ... one which has the potential to replace some people's last hurdle for switching away from Micros~1 completely...
And /. decides to reject all those, and instead posts a poor LWN piece which overstates a problem that is valid, but has nothing to do with GnuCash, and more about the poor state of Linux software installation, package management and impatience of users regarding the package system they're using.
Thanks Slashdot story selectors! The GnuCash folks did their part and wrote a bunch of code that works really well... ignore it if you must, but don't piss on their efforts.
Indeed. In fact, the development of GnuCash helped push a couple of those packages to have new features [there was a lot of back-and-forth with respect to Guppi, for instance, that benefits both projects]. Guile got a few things GnuCash was including itself into the guile distro, IIRC.
The deps for GnuCash are at the forefront of the state of the art for the GNU desktop, but c'mon: this ain't no half-hour hack; it's one of the more serious desktop applications for Linux, and thus requires some recent libraries. Or, you could just dual-boot and run Micros~1 Money or Quicken...
...jsled
It's not. There might be a Worldcom plug or two, but I don't remember it. It's really about the Telecosm [or Gilder's (per|con)ception of it...
Dude... /.'s been doing that for _quite_ a while... since way before VALinux' stock existed, I believe... shaddup.
Be aware that the MS Natural KB has a horked insert->pgdn group and the arrow keys in a diamond instead of a inverted T. This is obstensibly so that it can "fit in most keyboard trays", but it's just :) ].
vile. Get the "Pro" model, which is fixed [and has many happy blue "special keys" at the top which you can ignore or somehow map if you have the time
They're very good keyboards, though.