From a purely technical point of view, censorship never works. The truth of John Gilmore's famous quote "the Net interprets censorship as damage and routes around it" roots deeply in the technical nature of the computer network architecture.
As far as I know, every effort of Internet censorship has been broken.
However some guy in the government has to justify the cost of censorship equipment/software/staff/etc. to his overlords and do something, no matter how silly it is...
Well, SSL is not intended to be a silver bullet. It can be used to prevent MITM attacks or packet inspection (i.e. content-based censorship). It is not used to defeat other attacks e.g. DoS (simply dropping connection to the "offending" hosts, which has been done before).
I'm just pointing out a method to "route around it". I believe that no censorship is 100% effective -- there's always a way out. In this case, switching to HTTPS suffices.
a) Are you saying all the system admins are not doing the job they are supposed[sic] to do? b) Apparently you haven't been using POSIX ACLs, Linux xattrs and SELinux contexts.
> if I were your boss, I'd fire you, because you're clearly lacking in ethical stability, and making threats such as you have marks you as a company liability.
I think that's why you'll never become a boss, because it appears that your moral compass is not damaged [1].
It is with great sadness to tell you that our Emerging Technologies blogger Roland Piquepaille has passed away suddenly. His wife Suzanne just confirmed his passing.
Roland, 62, was one of our most passionate bloggers and his ability to explain complex science well was something to behold. Roland spent most of his career in software, mainly for high performance computing and visualization companies, working for example for Cray Research and Silicon Graphics. He left the corporate world in 2001 after 33 years and jumped into blogging.
Roland passed away Monday in Paris. He was hit with a digestive virus that lead to a high fever and health complications beyond that. Suzanne said that the doctors are still trying to quantify how Roland got the virus and the exact details. We spent the last few hours confirming Roland's passing as word began to spread. It has been a rough year for the ZDNet family.
There will be a ceremony held on Monday. Rest in peace Roland, we'll miss you. Suzanne said that Roland had a few posts in the pipeline and wanted them published. If she is able to pull them from Roland's PC we'll put them on his blog to complete his record.
I just hope at least some of the player pianos could be preserved in a working state, although it would be getting more and more difficult as time goes by.
Technologies get replaced but the coolness remains.
I happen to have done some programming in this area. Just FYI, most of the astronomy code uses the Proleptic Gregorian Calendar which does *not* handle the transition from Julian calendar to Gregorian in 1582, by design. (BTW the "Julian" in Julian Calendar has nothing to do with the Julian Date.) This saves the effort of dealing with the mess of the "real" Julian Calendar which was plainly wrong about certain stuff (e.g. leap year).
Also, many astronomers' idea about "calendar" is very different from the general public and there can be subtle traps when trying to use astronomic code for a civilian application.
Examples: 1. The year 0, which is not valid in Gregorian, is seen very frequently seen in astronomical calculations. It means the year before AD 1 in Proleptic Gregorian. To further confuse the matter, that year was before the 1582 reform... 2. The idea of dates like "January 31.75" and "July 0" or even "July -1". They are valid astronomy-speak and frequently seen in ephemeris calculations. They usually prove to be useful for internal numeric computation. But be sure the code handling date representation on a higher level doesn't get confused. And think of "February 28.75"... 3. Leap seconds. You may think the Julian Day is a continuous, but Julian Day may refer to different things. It's no more that a notation which can be used for different time measurements. Julian Day for TAI is continuous but Julian Day for UTC is not. Fortunately, due to the nature of UTC it is only used at representation level and almost never in internal calculation. 4. Some of the good algorithms like the Fliegel-van Flandern for Julian Day calculation are very robust and "works right out of the box". However, it can be very cumbersome to implement in a language in which the rules for integer division is not truncation. For instance the default behavior in Python 2.x doesn't work, where (1 / 4) == 0 and (-1 / 4) == -1.
Sorry for replying to myself, but what I was trying to say is that a program dealing with old dates should be made bug-compatible rather than correcting the "bugs". Of course, given the varied usage and interpretation of the old calendar, a better approach is to make the behavior configurable while providing a reasonable default.
And as a reminder, the Julian Calendar prevailing before the Gregorian used to have bugs in its leap year algorithm. This only affect very old dates dating back to Roman era but yes, it was indeed a bug. Also, the requirement of being a multiplication of 400 for century years is a Gregorian feature that was absent in the Julian Calendar.
Hmm, indeed. However, this kind of service usually comes at a cost.
For most bloggers, it's the content of their posts that matters. They don't need byte-to-byte backup. They don't need to preserve the data structure. Usually a text editor/word processor plus storage space for photos, videos, etc. are enough to defeat such a disastrous crash. As long as the content you created is still readable, it's OK.
This is apparently not the most efficient way to save the readers' comments, but anyway, it's the community's existence, not what they said, that matters more. If all you have is just a plain list of your frequent readers' emails, you can still keep in touch with them and hopefully rebuild the community.
Sometimes small measures can do very much. It's just that we are not *doing* them.
No doubt this incident is the result of the admin's fault. He's been confusing mirroring and backup and carried on the mistake until it's too late, as pointed out in other comments.
Now what about a user's angle? The morale is you can never think your data is safer when it's "in the cloud". If you value your blog and your readers, you *should* save a copy of your work as well as the readers' info, *locally*, somewhere you have control over.
Like I've said elsewhere, the "notability" idea is a joke. How can you be sure there's a general rule deciding which is notable and which is not? It's all up to the individual reader. For 90% people an article explaining compiler design is of no notability.
Things can be done to maintain the quality of Wikipedia but requiring notability is not one of them.
My Proposition: Only the articles that are notable enough to be noted by the admin-trolls are deleted in the name of lacking notability.
And the author of such a software must take care of the i18n of it well, because "the alphabet" means different things to different people, while it doesn't make sense at all for some.
On the other hand, this design is already in use by some programs. One of them is an antivirus suite for Windows. When the user tries to stop the program, it shows a window with a message like "By doing this you'll not be able to protect your computer from viruses" etc., and the user will have to solve a CAPTCHA to proceed. (BTW that program sucks as hard as any other antivirus software.)
Personally I don't think this is a good design. Messages like "the RAID is failing" are intended to be read by admins, part of whose job is to read error messages and fix the problem instead of "clicking it away". Also, remember when you prevent the user from doing stupid things, you are at the same time preventing him/her from doing smart things.
I don't think a computer program should try to work around human mistakes. And it can't.
Sometimes we need to fsck the partition(s). Or we are planning to dd things to the raw device. Sometimes we are just being crazy. Who knows.
But that's not the point. The point is that removable media are far safer when unmounted. If there's a bug in the code responsible for automount that is exploitable, you are pwned.
Today's common keyboards are very programmer-hostile. The Control and Alternate (Meta) keys are not in their proper places. Wake me up when they come up with an EMACS-friendly one.
Viruses exploiting the AutoPlay is nothing new and going wild. The other day I went to a printing shop with stuff I was going to print stored on a USB stick. I plugged it in the Windows box at the shop and it got infected. Three "folder" icons appeared in the Windows file manager but they were not directories -- they were trojan executables with the icons identical to the default one for directories. They all ended in.exe but the Windows file manager hid the extension part of filename by default so a careless use couldn't tell that from a directory. Also the "autorun.inf" was clearly modified to point to the malware (written in plain text).
I was not infected because my machine is a Linux one and I know these malware tricks well, but I can imagine how many customers of that shop are tricked to click on the trojan program.
Autorun is evil. It is so vulnerable to exploitation and of little use and it's enabled by default on Windows. Sadly, the GNOME team, who's goal is to copy every mistake done by Microsoft, choose to mount removable media automatically by default. What's their next quest? Certified malware-to-malware compatibility?
When I saw the name for the first time, I thought about thinkpol. Maybe I'll release a programming language that is *actually* named "thinkpol" in the future.
Slashdot Mirror
From a purely technical point of view, censorship never works. The truth of John Gilmore's famous quote "the Net interprets censorship as damage and routes around it" roots deeply in the technical nature of the computer network architecture.
As far as I know, every effort of Internet censorship has been broken.
However some guy in the government has to justify the cost of censorship equipment/software/staff/etc. to his overlords and do something, no matter how silly it is...
Well, SSL is not intended to be a silver bullet. It can be used to prevent MITM attacks or packet inspection (i.e. content-based censorship). It is not used to defeat other attacks e.g. DoS (simply dropping connection to the "offending" hosts, which has been done before).
I'm just pointing out a method to "route around it". I believe that no censorship is 100% effective -- there's always a way out. In this case, switching to HTTPS suffices.
https://secure.wikimedia.org/$PROJECT/$LOCALE/wiki/Main_Page
(Don't click on it. Expand the macros yourself :)
It works in China as I can confirm it.
a) Are you saying all the system admins are not doing the job they are supposed[sic] to do?
b) Apparently you haven't been using POSIX ACLs, Linux xattrs and SELinux contexts.
> if I were your boss, I'd fire you, because you're clearly lacking in ethical stability, and making threats such as you have marks you as a company liability.
I think that's why you'll never become a boss, because it appears that your moral compass is not damaged [1].
[1] http://dilbert.com/fast/2008-07-21/
Oh, no, Roland is no more...
http://blogs.zdnet.com/emergingtech/?p=1138
It is with great sadness to tell you that our Emerging Technologies blogger Roland Piquepaille has passed away suddenly. His wife Suzanne just confirmed his passing.
Roland, 62, was one of our most passionate bloggers and his ability to explain complex science well was something to behold. Roland spent most of his career in software, mainly for high performance computing and visualization companies, working for example for Cray Research and Silicon Graphics. He left the corporate world in 2001 after 33 years and jumped into blogging.
Roland passed away Monday in Paris. He was hit with a digestive virus that lead to a high fever and health complications beyond that. Suzanne said that the doctors are still trying to quantify how Roland got the virus and the exact details. We spent the last few hours confirming Roland's passing as word began to spread. It has been a rough year for the ZDNet family.
There will be a ceremony held on Monday. Rest in peace Roland, we'll miss you. Suzanne said that Roland had a few posts in the pipeline and wanted them published. If she is able to pull them from Roland's PC we'll put them on his blog to complete his record.
The modifier keys (esp. ctrl) were in the right places!
I'm not dead! ... I... feel... happy...
Then do something less difficult instead.
Who controls the present controls the future. Who controls the past controls the present.
Listen to Gustav Mahler playing himself. He played a part (the Death March) of his Fifth Symphony in 1905, recorded to piano rolls.
I just hope at least some of the player pianos could be preserved in a working state, although it would be getting more and more difficult as time goes by.
Technologies get replaced but the coolness remains.
I happen to have done some programming in this area. Just FYI, most of the astronomy code uses the Proleptic Gregorian Calendar which does *not* handle the transition from Julian calendar to Gregorian in 1582, by design. (BTW the "Julian" in Julian Calendar has nothing to do with the Julian Date.) This saves the effort of dealing with the mess of the "real" Julian Calendar which was plainly wrong about certain stuff (e.g. leap year).
Also, many astronomers' idea about "calendar" is very different from the general public and there can be subtle traps when trying to use astronomic code for a civilian application.
Examples:
1. The year 0, which is not valid in Gregorian, is seen very frequently seen in astronomical calculations. It means the year before AD 1 in Proleptic Gregorian. To further confuse the matter, that year was before the 1582 reform...
2. The idea of dates like "January 31.75" and "July 0" or even "July -1". They are valid astronomy-speak and frequently seen in ephemeris calculations. They usually prove to be useful for internal numeric computation. But be sure the code handling date representation on a higher level doesn't get confused. And think of "February 28.75"...
3. Leap seconds. You may think the Julian Day is a continuous, but Julian Day may refer to different things. It's no more that a notation which can be used for different time measurements. Julian Day for TAI is continuous but Julian Day for UTC is not. Fortunately, due to the nature of UTC it is only used at representation level and almost never in internal calculation.
4. Some of the good algorithms like the Fliegel-van Flandern for Julian Day calculation are very robust and "works right out of the box". However, it can be very cumbersome to implement in a language in which the rules for integer division is not truncation. For instance the default behavior in Python 2.x doesn't work, where (1 / 4) == 0 and (-1 / 4) == -1.
</rants>
Sorry for replying to myself, but what I was trying to say is that a program dealing with old dates should be made bug-compatible rather than correcting the "bugs". Of course, given the varied usage and interpretation of the old calendar, a better approach is to make the behavior configurable while providing a reasonable default.
And as a reminder, the Julian Calendar prevailing before the Gregorian used to have bugs in its leap year algorithm. This only affect very old dates dating back to Roman era but yes, it was indeed a bug. Also, the requirement of being a multiplication of 400 for century years is a Gregorian feature that was absent in the Julian Calendar.
> understand first, act later
LBYL is dead. EAFP for the world!
OK, just kidding. Bad joke.
Hmm, indeed. However, this kind of service usually comes at a cost.
For most bloggers, it's the content of their posts that matters. They don't need byte-to-byte backup. They don't need to preserve the data structure. Usually a text editor/word processor plus storage space for photos, videos, etc. are enough to defeat such a disastrous crash. As long as the content you created is still readable, it's OK.
This is apparently not the most efficient way to save the readers' comments, but anyway, it's the community's existence, not what they said, that matters more. If all you have is just a plain list of your frequent readers' emails, you can still keep in touch with them and hopefully rebuild the community.
Sometimes small measures can do very much. It's just that we are not *doing* them.
No doubt this incident is the result of the admin's fault. He's been confusing mirroring and backup and carried on the mistake until it's too late, as pointed out in other comments.
Now what about a user's angle? The morale is you can never think your data is safer when it's "in the cloud". If you value your blog and your readers, you *should* save a copy of your work as well as the readers' info, *locally*, somewhere you have control over.
There's no place like $HOME.
And this is scary... http://vigor.sourceforge.net/
An implementation of the "Vi Clippy" originating from some UserFriendly strips making fun of Clippy.
Like I've said elsewhere, the "notability" idea is a joke. How can you be sure there's a general rule deciding which is notable and which is not? It's all up to the individual reader. For 90% people an article explaining compiler design is of no notability.
Things can be done to maintain the quality of Wikipedia but requiring notability is not one of them.
My Proposition: Only the articles that are notable enough to be noted by the admin-trolls are deleted in the name of lacking notability.
I thought Mb stands for megabits.
And the author of such a software must take care of the i18n of it well, because "the alphabet" means different things to different people, while it doesn't make sense at all for some.
On the other hand, this design is already in use by some programs. One of them is an antivirus suite for Windows. When the user tries to stop the program, it shows a window with a message like "By doing this you'll not be able to protect your computer from viruses" etc., and the user will have to solve a CAPTCHA to proceed. (BTW that program sucks as hard as any other antivirus software.)
Personally I don't think this is a good design. Messages like "the RAID is failing" are intended to be read by admins, part of whose job is to read error messages and fix the problem instead of "clicking it away". Also, remember when you prevent the user from doing stupid things, you are at the same time preventing him/her from doing smart things.
I don't think a computer program should try to work around human mistakes. And it can't.
Anyway, that's just my 2c.
Sometimes we need to fsck the partition(s). Or we are planning to dd things to the raw device. Sometimes we are just being crazy. Who knows.
But that's not the point. The point is that removable media are far safer when unmounted. If there's a bug in the code responsible for automount that is exploitable, you are pwned.
Today's common keyboards are very programmer-hostile. The Control and Alternate (Meta) keys are not in their proper places. Wake me up when they come up with an EMACS-friendly one.
Viruses exploiting the AutoPlay is nothing new and going wild. The other day I went to a printing shop with stuff I was going to print stored on a USB stick. I plugged it in the Windows box at the shop and it got infected. Three "folder" icons appeared in the Windows file manager but they were not directories -- they were trojan executables with the icons identical to the default one for directories. They all ended in .exe but the Windows file manager hid the extension part of filename by default so a careless use couldn't tell that from a directory. Also the "autorun.inf" was clearly modified to point to the malware (written in plain text).
I was not infected because my machine is a Linux one and I know these malware tricks well, but I can imagine how many customers of that shop are tricked to click on the trojan program.
Autorun is evil. It is so vulnerable to exploitation and of little use and it's enabled by default on Windows. Sadly, the GNOME team, who's goal is to copy every mistake done by Microsoft, choose to mount removable media automatically by default. What's their next quest? Certified malware-to-malware compatibility?
Luckily I ditched GNOME long ago.
When I saw the name for the first time, I thought about thinkpol. Maybe I'll release a programming language that is *actually* named "thinkpol" in the future.
Digital files cannot be made uncopyable any more than water can be made not wet. -- Bruce Schneier