I'm 47 years old. A little less than thirty years ago, I built one of Don Lancaster's TV Typewriters, an ancestor of the computer monitor you're sitting in front of right now. Around twenty years ago, I helped write "big iron" code that simulated underground explosions as an earthmoving tool (it tried to predict where the displaced soil and rocks would land), and I got to be on site for some of the tests) Ten years ago, I wrote a document management system that accepted faxed cell-phone contracts from kiosks, so that when someone tried to get out of a contract, we could fax them back their signature. Today, I'm active in Linux, Apache, MySQL, Perl, PHP, C, C++, PalmOS, Windows XP, Unix and SANs.
The point is, whatever you're doing today seems like drudge work, but after a quarter-century, everyone forgets the boring bits and just recalles the sexy parts.
It kind of reminds me of the end of Northern Exposure.
Sorry, but the cancelation of Nothern Exposure was a mercy killing. I loved Northern Exposure but once Joel left...
The show tried to keep going, but its heart was gone. Hell, Joel's leaving was the biggest load of crap I've ever seen. Northern Exposure was a sophisticated remake of Green Acres. Yes, really!!! Joel was Oliver Douglas, an everyman who found himself in a weird, off-kilter world. So how did the character get written out? By becoming the weirdiest, most off-kilter character ever seen! It was a betrayal of everything that his character stood for. I continued to watch for a while, but gave up before the last episode ran.
Did you read (as opposed to glance over) the article? Data mining was *NOT* used during the DC sniper case, only after the fact:
The system was set up in Montgomery County, Md., only a day before the arrests were made, so it did not play a role in solving the shootings. Working through the hundreds of thousands of leads that were entered into various police computer systems, however, Coplink noted that witnesses reported seeing John Muhammad's blue Chevrolet Caprice near two of the Washington-area shootings, and local police ran computer checks on his license plate at least three times during the killing spree.
The profiling was done entirely by humans, with no computer assistance.
The work-around is for P to implement the technique via a plug-in, and release the plug-in under a license that isn't GPLv2. Linux already works like this, and while some people on both sides of the issue have problems with that, it seems to be working well in practice.
Later, someone else can implement whatever they wish and make their software accept Konquerer plug-ins. Anyone that uses the plug-in in violation of a patent is doing so within the privacy of their own bedroom, so to speak, and shoulders the risk of being caught (little risk for me at home, greater risk for a Fortune 500 company).
My email, reproduced below, is a compromise, reflecting both the FSF concerns and the points made by Bruce Perens in other threads.
I complement the W3C working committee on the revisions that have been made to the Patent Policy. The originally proposed policy would have denied the full and free use of free software to build the Web. The most recent revision attempts to guarantee that free software may be used without fear of patent encumbrances. Unfortunately, the most recent revision still contains a flaw. In spite of this, I APPROVE OF THE PROPOSED POLICY as being the best that we can hope for at this time.
I refer to Item 3 of Section 3, titled 'W3C Royalty-Free (RF) Licensing Requirements'. This Item allows for a supposedly free grant to use a patent to be restricted such that a piece of Web infrastructure software might be encumbered if used for some non-Web use. This is an unfortunate restriction. For example, web browsers and proxy servers require the use of similar software to locate and retrieve content. It is quite possible that the proposed requirements could allow a patent to be used royalty free in one case, but not the other. As another example, web browsers and file managers also contain much duplicate functionality. Again, a patent could be royalty bearing when used in the latter though not the former.
I would like to see the language of Item 3, Section 3, be changed to require that any patents be completed unencumbered, but I realize that this may be impossible in the current political climate within the committee.
The opinions expressed in this email are my own and do not necessarily reflect those of my employer.
Good point, but there already is an OS called Minux (google report 3,300 hits on the word). And Winux is also fairly common when refering to software, although not for an OS (google reports 5,650 hits).
The U.S. Patent and Trademark Office may only require an applicant prove acquired distinctiveness if the mark is merely descriptive of the goods or services. Common words or phases that are NOT merely descriptive of the goods or services are registrable without the need to prove the mark has acquired distinctiveness. For example, there is a well-known company that chose the word "apple" as a mark for the sale of computers. "Apple" is of course a common word. However, when used in connection with the sale of computers it is highly unique and even arbitrary. Apple Computer Co. was not required to show that their mark had a distinctive secondary meaning apart from the original meaning.
The trademark for "Windows" is in trouble because the word was used to describe computer GUI software long before Microsoft introduced their product.
I'm 47 and my earliest memory is of walking outdoors in diapers. I infer that I was at least 1 year old (walking) and at most 2 (in diapers). I was in a lightly wooded area near a lake with several adults who weren't paying much attention to me until I fell into some sort of depression (a hole or ditch), landed on a gumball, and started crying. From talking to my mother, it was probably Reelfoot Lake State Park in Tennesse. The next memories that I can assign dates to deal with kindergarden. I have several memories taking place in a house that my parents bought before I turned two, but we lived there for eight or nine years so I can't assign any dates to any of them.
My mother (who is over 70) says that her eariest memory is of being startled by an aunt while having her diaper changed. She also reports a claim that she was "out of diapers" before her first birthday (which probably explains some other personality quirks, but I digress). She also recalls that at age three she was told that she "remembers everything", and from that point onward she would practice remembering things. Because of this, she has detailed memories of much of her early childhood.
I have heard claims that one's earliest memories deal with traumatic events. Certainly the ones that I've described fit that description. Does anyone have a non-traumatic earliest memory?
No, I'm not complaining about the creation of Windows 95. I'm objecting to Microsoft deliberately engineering arbitrary incompatibilities into a product. That is most definitely a question of ethics and morality. Are you afraid to answer the direct question that I posed before?
In every case I can think of where Microsoft took over a competitors marketshare it has been because the MS product line kept improving over time, whereas the competitor released a really crappy major upgrade.
I note that you don't mention DR-DOS, which predates all of your other examples.
Microsoft wasn't always a wealthy company, they became that way for a reason. Because they were willing to try things, and they were willing to risk failure. That, my friend, is how you succeed in this world!
I agree. Microsoft tried "unconventional" techniques to compete with DR-DOS, and were willing to risk failure (i.e. the court system). And thus they become a wealthy company.
For those who don't want to read the article that I referenced about, let me quote a passage near the end:
Suppose that company A manufactures a product system with two components, A1 and A2, each sold separately. Company A has monopoly power over A1, but company B competes in the market for the second component with its compatible offering, B2. Thus, consumers initially can use a product system comprised of either A1 and A2 or A1 and B2. Company A now introduces a new product system, A1' and A2', which serves roughly the same function for consumers as the old product system. Component B2, however, is incompatible with A1'. Furthermore, company A discontinues the sale of A1 or else reprices A1 substantially higher than before. As a consequence, consumers switch to the new product system and company B is driven from the market for component two.
When, if ever, should the antitrust laws sanction company A for driving B out of the market?
I would be interested in hearing your answer to that question.
but the reality is they [Microsoft]just also happen to be a lot smarter than their competitors
Au contraire! Microsoft isn't smarter than their competitors, they just have deeper pockets. The first few versions of IE weren't very good. If you or I had started a company trying to market it against Netscape, we would have disappeared without a trace. Microsoft, on the other hand, could eat the cost and try again. Eventually, they came up with something that was just good enought that they then gave away for free. Netscape's business model was to give away the browser and sell the server. Microsoft's was to give away the browser and the server to protect their OS.
For most of their history, Microsoft was not driven by R&D. (They still aren't exactly driven by R&D, but they can and do spend more than their competitors.) Instead, they identified product lines that might be profitable and bought a market leader. (See Visio, among others.) If the market leader rebuffed their offer, then they went to the next larger company. In the worst case, they would do something in-house, but whichever way they wound up with a product, they spend money until it's a success or an abject failure (Microsoft Bob, for example). Then, inovation stops.
Microsoft makes more mistakes than anyone else, but it doesn't matter: They can just afford to make mistakes that would bankrupt anyone else.
As far as network management is concerned, SNMP was designed with the philosophy that the management app would poll for status, since that scales, but would also support events, since that provides a more timely response. UDP was chosen as the transport protocol, so that events could (and usually would) be transparently dropped when there were network problems. "The Simple Book" provides more details; suffice it to say that I agree with the arguments made therein.
The arguments are weaker if you are monitoring things above the network layer, but I think that they still hold a lot of water.
Nagios apparently uses the polling model, which is good, but seems to use TCP, which is bad. It also seems to have support for so-called mid-level managers (MLMs), that watch subsections of a network and aggregate the results for higher levels. This is a good thing. In order to scale, MLMs should not report a lot of detail unless directly queried. I don't know how well Nagios supports the MLM model. Can anyone tell me more?
And how do you defend against opportunity situations like reboot? One could take over the shell (linux) or insert an install CD.
If any of my servers go down, a trouble ticket is opened, the on-call sysadmin gets a page, and email is sent to several PHBs, all in less time than it takes the BIOS to finish its POST.
Its also vulnerable by any available service vulnerable to a root priv escalation attack.
True, but that's a vulnerability to more people than just rogue sysadmins. Hopefully there's only a small window of opportunity between finding out about an attack and getting it patched. And heaven help anyone internal caught exploiting such an attack.
I believe the only flaw with this system is to believe that it makes subverting the system impossible. Its not a bad psychological device to discourage "hacking".
Kinda like putting locks on doors discourages breaking and entering?
But this kind of procedure can only implementable with a disciplined production/engineering environment.
I've implemented environments like this with only two Unix sysadmins. In that case, I was the junior guy. The senior guy had been with the outfit for seven years and was pretty disciplined, but I was replacing a guy who considered himself a "hax0r" and it wasn't too hard to get things locked down even tighter. It helped that the company was in a business that gave them access behind their customers' firewalls, so security was very important to the owners.
Regular root access with auditing will accomplish almost as much as sudo.
True, but sudo with regular auditing accomplishes even more.
sudo passwd. By default, sudo installs in a very locked-down state. Not that many commands allow access to a shell, so don't allow people to sudo them. And don't use wildcards or ALL as permitted commands.
Shell-required operations. You seldom need to be root. Allow people to sudo your platform's standard package installer (rpg, apt-get, pkgadd, etc). I've not seen any that allow shell access. Make sure that those operations are heavily audited, since someone could produce a trojan package. Best practice would be to write a wrapper around your installer that only installs packages that are approved by someone else. The wrapper can also fix up any identity problems. I'll leave that as an exercise for the student, but note that the login.c knows how to do it.
Filesystem check encountered errors. Enter root password to continue...Are you using a journalled file system? Are your servers on a UPS? It's been years since I've seen this message on any system I've administered.
BTW, I acknowlege that sometimes you have to edit files. Nobody says you can't use sed. Write a script to do the work, let someone audit it, then add it to the list of permitted commands. In a pinch, The Operator Shell (which I don't advise using in place of sudo) includes a hacked version of elvis (RVI) which won't let you edit any file that wasn't mentioned on the command line.
Tracking down the envelope doesn't have to be a big deal. One place that I worked had it thumbtacked to a bulletin board in their 24x7 help desk area. (Remember, the envelope is signed along the seal, so everyone can tell if it's been opened. Plus, it was one of those Kevlar FedEx jobs that's pretty difficult to open without detection. And the bulletin board was in a very visible location.) If I needed the root password, I just opened a trouble ticket. Of course, my boss would be calling me the next business day to inquire why I'd needed it, but it took less than a minute to get it.
You must be inexperienced. I've set up systems where no one had root access. You set up sudo (or one of its commercial clones) to give specific people permission to do specific things, then you write a script to change the root password to a very random string and send it to a real printer. As soon as the printer delivers the goods (in the presence of one of more officers), it is folded and placed in an envelope (which everyone signs on the seal) and locked away. Any emergency big enough to require the password needs to be brought to the possessing officer's attention anyway, and anyone can look at the envelope to make sure that it hasn't been tampered with.
Presumption of guilt does not imply bad code, it implies prejudice(*).
(*) Please don't flame me for calling Linus a racist.
What's wrong with you that you assume that you're going to be flamed for using a word correctly? Do you think that most slashdot readers are too niggardly to own a dictionary?
"For Microsoft to take the existing state of Bluetooth and embed it into XP would just be begging for trouble," said Martin Reynolds, an analyst at Gartner, in Stamford, Conn. "Bluetooth interoperability is a complete disaster... by and large, one Bluetooth device is not going to work with another Bluetooth device, because the specifications don't work. We need someone to take the lead with this thing and fix it."
Note also how casual the Bluetooth folk are about certifying interoperable: it's more like the regular meetings of Esperanto speakers arguing on the fine points of the language -- or perhaps Unitarians -- than, say, the Academie Français. That is, certification to Bluetooth is left up the individual company's testing procedures. This is unfortunate, as the Wi-Fi mark has been one of the single biggest factors in coalescing the 802.11b protocol into something that businesses and consumers can rely on. Bluetooth will sputter if interoperability certification doesn't become one of the requirements of the mark. No consumer will want to use Bluetooth if buying two or more identically marked devices doesn't offer complete intercompatibility.
Long answer: It depends upon the watermarking algorithm. For example, they could encode a serial number by tweaking the volume of the recording at various places. Would you notice if your favorite song was a single dB louder or quieter during various passages?
A major root-cause of the toolkit problem is that no one has extended X to support "standardized" primitives. For example, menus and toolbars. See this for more info.
Re:history lessons..
on
Design Patterns
·
· Score: 3, Insightful
[ICANN Chairman Vint] Cerf suggested Auerbach could have explored cheaper alternatives to litigation.
Yeah, Vint thought that he could have signed the nondisclosure agreement. That would have been a lot cheaper, wouldn't it. I wonder if there'd be any chance of a successful lawsuit to protest the elimination of the publicly elected directors?
Imagine connecting the nontech-based paint job to the vehicle's speedometer. As the vehicle moves, the camo pattern could scroll at the same speed in the opposite direction. In the proper environment, this could make the vehicle difficult to spot when moving, since the observer's eyes would be presented with data not normally present in nature.
Slashdot Mirror
The point is, whatever you're doing today seems like drudge work, but after a quarter-century, everyone forgets the boring bits and just recalles the sexy parts.
Go with Dish Network. They have a PVR that uses their program guide, and they don't charge any monthly fees to use it.
The show tried to keep going, but its heart was gone. Hell, Joel's leaving was the biggest load of crap I've ever seen. Northern Exposure was a sophisticated remake of Green Acres. Yes, really!!! Joel was Oliver Douglas, an everyman who found himself in a weird, off-kilter world. So how did the character get written out? By becoming the weirdiest, most off-kilter character ever seen! It was a betrayal of everything that his character stood for. I continued to watch for a while, but gave up before the last episode ran.
Later, someone else can implement whatever they wish and make their software accept Konquerer plug-ins. Anyone that uses the plug-in in violation of a patent is doing so within the privacy of their own bedroom, so to speak, and shoulders the risk of being caught (little risk for me at home, greater risk for a Fortune 500 company).
Good point, but there already is an OS called Minux (google report 3,300 hits on the word). And Winux is also fairly common when refering to software, although not for an OS (google reports 5,650 hits).
The trademark for "Windows" is in trouble because the word was used to describe computer GUI software long before Microsoft introduced their product.
My mother (who is over 70) says that her eariest memory is of being startled by an aunt while having her diaper changed. She also reports a claim that she was "out of diapers" before her first birthday (which probably explains some other personality quirks, but I digress). She also recalls that at age three she was told that she "remembers everything", and from that point onward she would practice remembering things. Because of this, she has detailed memories of much of her early childhood.
I have heard claims that one's earliest memories deal with traumatic events. Certainly the ones that I've described fit that description. Does anyone have a non-traumatic earliest memory?
No, I'm not complaining about the creation of Windows 95. I'm objecting to Microsoft deliberately engineering arbitrary incompatibilities into a product. That is most definitely a question of ethics and morality. Are you afraid to answer the direct question that I posed before?
For those who don't want to read the article that I referenced about, let me quote a passage near the end:
I would be interested in hearing your answer to that question.For most of their history, Microsoft was not driven by R&D. (They still aren't exactly driven by R&D, but they can and do spend more than their competitors.) Instead, they identified product lines that might be profitable and bought a market leader. (See Visio, among others.) If the market leader rebuffed their offer, then they went to the next larger company. In the worst case, they would do something in-house, but whichever way they wound up with a product, they spend money until it's a success or an abject failure (Microsoft Bob, for example). Then, inovation stops.
Microsoft makes more mistakes than anyone else, but it doesn't matter: They can just afford to make mistakes that would bankrupt anyone else.
The arguments are weaker if you are monitoring things above the network layer, but I think that they still hold a lot of water.
Nagios apparently uses the polling model, which is good, but seems to use TCP, which is bad. It also seems to have support for so-called mid-level managers (MLMs), that watch subsections of a network and aggregate the results for higher levels. This is a good thing. In order to scale, MLMs should not report a lot of detail unless directly queried. I don't know how well Nagios supports the MLM model. Can anyone tell me more?
- sudo passwd . By default, sudo installs in a very locked-down state. Not that many commands allow access to a shell, so don't allow people to sudo them. And don't use wildcards or ALL as permitted commands.
- Shell-required operations. You seldom need to be root. Allow people to sudo your platform's standard package installer (rpg, apt-get, pkgadd, etc). I've not seen any that allow shell access. Make sure that those operations are heavily audited, since someone could produce a trojan package. Best practice would be to write a wrapper around your installer that only installs packages that are approved by someone else. The wrapper can also fix up any identity problems. I'll leave that as an exercise for the student, but note that the login.c knows how to do it.
- Filesystem check encountered errors. Enter root password to continue... Are you using a journalled file system? Are your servers on a UPS? It's been years since I've seen this message on any system I've administered.
BTW, I acknowlege that sometimes you have to edit files. Nobody says you can't use sed. Write a script to do the work, let someone audit it, then add it to the list of permitted commands. In a pinch, The Operator Shell (which I don't advise using in place of sudo) includes a hacked version of elvis (RVI) which won't let you edit any file that wasn't mentioned on the command line.Tracking down the envelope doesn't have to be a big deal. One place that I worked had it thumbtacked to a bulletin board in their 24x7 help desk area. (Remember, the envelope is signed along the seal, so everyone can tell if it's been opened. Plus, it was one of those Kevlar FedEx jobs that's pretty difficult to open without detection. And the bulletin board was in a very visible location.) If I needed the root password, I just opened a trouble ticket. Of course, my boss would be calling me the next business day to inquire why I'd needed it, but it took less than a minute to get it.
You must be inexperienced. I've set up systems where no one had root access. You set up sudo (or one of its commercial clones) to give specific people permission to do specific things, then you write a script to change the root password to a very random string and send it to a real printer. As soon as the printer delivers the goods (in the presence of one of more officers), it is folded and placed in an envelope (which everyone signs on the seal) and locked away. Any emergency big enough to require the password needs to be brought to the possessing officer's attention anyway, and anyone can look at the envelope to make sure that it hasn't been tampered with.
Also, see Wi-Fi News: News for 8/1/2002:
Long answer: It depends upon the watermarking algorithm. For example, they could encode a serial number by tweaking the volume of the recording at various places. Would you notice if your favorite song was a single dB louder or quieter during various passages?
Did anyone else read the document and hear Apu's voice?
A major root-cause of the toolkit problem is that no one has extended X to support "standardized" primitives. For example, menus and toolbars. See this for more info.
Imagine connecting the nontech-based paint job to the vehicle's speedometer. As the vehicle moves, the camo pattern could scroll at the same speed in the opposite direction. In the proper environment, this could make the vehicle difficult to spot when moving, since the observer's eyes would be presented with data not normally present in nature.