Oh, shut up about your delusions about Americans and their cars. You want to know why Americans are "so hung up on their cars"? Because it's the only damn well useful way to get around in 95% of the US. I grew up without a car, and I don't own a car now, because where I live doesn't make it worthwhile - I'm not exactly psychologically wedded to having a car.
But for a few years I lived in Phoenix, and I tried not having a car for a while, and it was absolutely unmanageable. There is a bus system, which I tried to use. However, it takes over two hours to get across the city on the bus, as opposed to about 45 minutes by car. Most lines don't run much past 10pm or so (hope you weren't planning on staying out late!) or on Sundays (hope you weren't planning to do anything on the weekend!) And if I felt like going to, say, Carefree, well, there just wasn't any bus. Get a bike? Sure, and ride 30 miles each way in 110F weather (sharing the road with cars doing 70). Right. Hope you weren't planning on carrying much, either.
When you grouse about Americans' attitude toward cars, you're looking only at the bad parts of cars and the good parts of public transportation. This is called intellectually dishonest. Sure, you can say if cities were designed differently, if public transportation were designed such-and-such a way, if, if, if. Fact is, they aren't. Given what we've got, a lot of people's attitudes toward their cars are pretty reasonable.
Tim Berners-Lee in early versions of the HTTP protocol made a similar bone-headed mistake...
I don't think it was a mistake, at least not in the "dropping a gold brick on your foot" sense. Each HTTP conversation is a logically separate entity at the HTTP protocol level; it seemed to make sense to have it also be a separate TCP session. In retrospect, it wasn't a fantastic idea, but it was the simple thing to do. (I also doubt he envisioned pages with 180 separate elements on them, unfortunately.)
Custom software is a very small market when compared to commercial development.
Do you have any actual numbers to support this? Walking into your local software store is only a good way to measure the kinds of software that gets sold in a local store. You probably won't see too many copies of Oracle or Dynamo there, but that doesn't mean that those are minor and unimportant pieces of the software market.
There's more than one "software market", in a way. There's local-store-software, there's "enterprise software", and there's custom software (to name categories off the top of my head) and they both overlap and complement each other. For example, my employer has implemented a large and complex e-commerce app on top of a "web application platform". The platform is proprietary commodity software, sold to a wide market...but the actual "store", built on top of it, is all custom work. (And there's coding there too, not just content.) Hiring a top web app firm to implement your e-commerce app for you is not cheap - there's big money in the custom software market.
I can't quite tell from the question, but: could VNC help here? Since there's a VNC viewer and server for almost every platform, you can be wonderfully agnostic about what you deploy.
Been there, done that, seen how often it works. In fact, I see the "because you subscribed" notices more often in emails sent to an email address I never use...
*sigh* Yeah, I know, but spammers lie. This is one of the great sad truths of life. I'm not saying that "because you subscribed" is a magic phrase that automatically means you should consider it legit, but if the envelope sender matches the addresses in the body of the mail, which are consistent with each other, and in turn are consistent with any URLs mentioned...it's more likely. I get a lot of the "because you subscribed" mail too (thank Crom for procmail!) but the great majority of them are mailed from one domain, include a URL in another domain, and an "unsubscribe" address in a third, which smells really fishy.
Funny; I walk on state-funded streets all the time. Is that a privilege too? Could they require me to carry a license to walk on the street? (Hmm...they more or less effectively do. Ever get picked up by the cops with no ID on you?)
Now the dissenting point of view: I've been on the other side of SpamCop too many times, because there are too many people out there with an overdeveloped sense of anti-spam righteousness and an underdeveloped sense of clue. I worked for a company that maintained a number of mailing lists - which I know were strictly opt-in - and every time we sent out a mailing, we'd get back at least one incoherent "STOP SMPAMMING ME YUO BATARDS I WILL SUE YOUR FOR ONE MILLION DOLARS" and a bunch of SpamCop reports. So we ended up with a SpamCop report as long as your arm, through no fault of our own. (We even got in a bit of trouble with Jon Orwant and O'Reilly one time! That was more a case of the interaction of a couple different things having an unexpected result than the typical spam-like mail, though, and Orwant and the O'Reilly guys were pretty cool about it once they realized we were actual human beings trying to DTRT. OK, gratuitous name-dropping over.)
I have to admit that we didn't make things all that easy for the subscribers - we only sent out mailings every few months, so it was easy for people to forget they'd subscribed, and the business people were always changing the names of the lists, and merging the lists, and splitting the lists, so it was easy for people to get confused about what exactly they were receiving. Still, it was an eye-opener to be on the other side of the fence.
SpamCop isn't the problem itself - the idea is good - but let's face it: Internet users are largely the same users who call their monitor the computer and their computer the hard drive, or think you can get the Internet on CDROM, or click on any attachment they get. Do you really think they're going to be capable of using a tool like SpamCop properly?
So, a couple tips (which I wish I could send to the Internet population as a whole, since the/. types need it less than others):
-Read the whole message. If you don't recognize it, make sure it didn't just change its name or merge with another list or something.
-Check to see if it has unsubscribe instructions. Yes, I know, every spam these days says "mail jessica12345@hotmail.com to unsubscribe!", but if you get a message from "newsletter@example.com" that says "You are receiving this message because you subscribed to the Foo Newsletter at http://www.example.com/subscribe; to unsubscribe, simply forward this message to unsubscribe@example.com; if you have a question or a problem, please contact us at newsletter@example.com" - then it's probably real and MAYBE YOU SHOULD TRY ACTUALLY FOLLOWING THE INSTRUCTIONS. (Instead of just picking an email address at random from the mailing and demanding to be unsubscribed!)
-Don't start swearing at people and making threats right off the bat. If the sender is legit, there will be a real human reading your mail, and pissing him off is probably not a good way to get stuff done. If you've already tried to unsubscribe and it hasn't worked, consider the possibility that there was a technical glitch, and maybe the sender isn't just trying to piss you off. (I was amused to notice a certain correlation between the number of swear words the angry recipient used and his (claimed) rank in his organization. If the email began "Fuck you, you cocksucking spammers...", it was a pretty good bet it would end "...Joe Johnson, CEO, MegaSite.Com")
True, but in the field of compression, "practically random" means "random". One of the definitions of a random sequence is that you can't describe the sequence in fewer terms than the sequence itself contains - which is to say, it's incompressible. (That definition is from
Pi in the Sky, by John D. Barros.)
I was thinking about submitting the ZeoSync release, and then I thought, nah, it's just fluff, no one will be interested... It's true that a press release is usually written by suits, not scientists, so you can't expect too much real meat - but "ZeoSync's approach to the encoding of practically random sequences is expected to evolve into the reduction of already reduced information" is a real winner; if you're "reducing information", it's not lossless compression! I smell a rat. The whole thing sounds like it could have been written by the Onion, for Crom's sake.
Infinitely better predictions from John C. Dvorak here.
You have to like predictions that begin "This is where columnists like me either predict the obvious, reiterate current trends in the form of a prediction, make short term preordained predictions based on insider information, or simply get it all wrong."
And that's part of the problem. Even if the science is valid, to be useful by airport screeners, it has to be boiled down into a device that basically says "TERRORIST" or "OK". You lose all the subtlety that might be in the science of the device so that a high-school dropout can operate it quickly.
One way I've seen suggested is that although the choices appear on screen, you use the keypad to choose. (If you use a 3x3 grid of choices, it maps nicely to the numeric keypad.) Hopefully the screen does not indicate what you've chosen! These "visual password" systems seem to rely very heavily on a good implementation: a good one could be better than a text password system, and a bad one could be completely worthless.
how about we just stick to the good old "3 tries and you're locked out" system...
Because systems with built-in self-DOS capabilities aren't such a good idea, goofball. Got somebody you don't like? Try to log in as him, fail, and his account gets locked. Delay systems are better than lockouts. I admit to not being entirely sure how all this would or should apply to something like an ATM that can't be accessed remotely, though.
Done earlier/better by RealUser?
on
Pictorial Passwords
·
· Score: 3, Insightful
RealUser has done almost exactly the same thing, except using faces, not abstract designs. It's worth checking out their site, since they seem to have thought it through reasonably well. (Read the whitepapers; they have the real meat...) One of the interesting things about these systems is that since you can't describe your password, the correct choices have to be displayed on screen along with some invalid choices, which opens up the system to some attacks unless you construct it very carefully.
This would not necessarily be unique to this squid. Vampyroteuthis infernalis (OK, not technically a "squid", but a cephalopod) appears to have eight arms of equal length, until you examine it very closely. (As a side note, Vampyroteuthis is ugly
as sin.) Then again, we barely know what this thing is yet. Vampyroteuthis was originally thought to be an octopus, and is considered to have rather jellyfish-like behavior, and ended up getting put in its own taxonomic category, so the magnapinnidae could be something in their own class too.
As for "no eyes visible" and "transparent"...we've got one not-very-good photo; the scientists say they videotaped it for up to ten minutes. I think I'll go with their judgement. Besides which eyelessness is not unknown among deep-sea creatures either, like the hagfish. So, an eyeless, mostly symmetric squid that behaves like a jellyfish...it would be a weird squid, but it could still be one.
Amen to that. Verisign actually won't permit Opera on Linux to submit requests for certificates - you get the message "Please fix this error: User-Agent: Opera/5.0 (Linux 2.4.5 i686; U) [en]", as though you'd made a mistake in filling out the form! But if you pretend to be IE, you get through no problem. (I'm sure it's not just Opera on Linux, but all "unknown" browsers, but it's still offensive.)
I wonder if Linux users are more likely, in a statistically significant way, to conceal their User-Agent. I make heavy use of Opera and Netscape on Linux and Netscape on Irix, but 90% of the time they say they're Lotus Notes on OS/2.
Why we still 20-30 yrs later have no good new metaphors is because there is no fundamental development dedicated to that effort.
I disagree. Of course, I'm not aware of every UI research program going on in the world, but I think that there are other factors too, the main one being, IMHO, is the marginal benefit/marginal cost tradeoff. If someone invents the Super-UI that immensely increased productivity and required no learning time, it would be a no-brainer; everyone would adopt it. If someone invented another UI that offered no benefit, and it took forever to get good with it, it would be another no-brainer; no one would change.
But those are the degenerate cases. Most inventions aren't like that. Most inventions offer some benefit, and impose some cost. People will only change when the tradeoff looks worthwhile to them. The tradeoff point is going to be different for everyone. If no one's changed, it may only imply that no one's come up with anything motivating enough yet. If people are still using the desktop metaphor, maybe it's because the desktop metaphor is/good enough/ for what people need to do.
Who really cares whether it's "intuitive"? Way too much emphasis is placed on "intuitiveness". You can't intuit the use of much of anything beyond a hammer, and maybe not even that. Much of what you think you're "intuiting", you're really figuring out based on analogies to other things. (Nothing against analogies, except that, as much of this discussion is about, they can become more limiting than empowering.) Do you ask/why/ red means stop and green means go? Or do you just accept that it/does/ - and you don't even think about it much, because you were raised from a baby to know it - and work from that accepted knowledge? Would you expect a Bushman to be able to intuit the relationship? Does it matter?
Re:I AM **SICK** OF STUPID BUFFER OVERFLOW HOLES!!
on
Solaris, AIX Login Hole
·
· Score: 2, Informative
Yeah, but I don't think it's quite as easy as you make it out to be, either. From Solaris 8's ld.so.1 manpage:
SECURITY
To prevent malicious dependency substitution or symbol
interposition, some restrictions may apply to the evalua-
tion of the dependencies of secure processes.
The runtime linker categorizes a process as secure if the
user is not a super-user, and either the real user and
effective user identifiers are not equal, or the real group
and effective group identifiers are not equal. See
getuid(2), geteuid(2), getgid(2), and getegid(2).
In short, you can't just make "printf" equal "exec/sbin/sh" and run your favorite setuid root program with LD_PRELOAD set.
Re:Who owns the moon?
on
Lunar Lasers
·
· Score: 1
Seriously, this site has a good collection of documents on what constitutes current "space law". There are various treaties, many of which say airy-fairy stuff to the effect of "The Moon is the common property of all humanity and no one is allowed to own any of it and anything you earn from it has to be shared with all of the world..." Which is going to go right out the window once people start finding serious uses for the Moon, believe you me.
Until the oil is GONE, you won't see any of these replacing good old reliable burning of fossil fuels. When the oil does run out, the screams of the populace will echo for miles, and they'll have themselves and their companies to blame.
Here's my prediction: the oil will never be GONE, and you will eventually see something replace it. After all, we stopped using wood, peat moss, and whale oil for fuel sources, but you may have noticed that trees, peat bogs, and whales all still exist. We didn't stop using them because we "ran out" of any of them, and oil will be no different. We switch energy sources when the cost of the old one starts to go up; this encourages research into different energy sources, which lowers the costs of new ones, encouraging a switch. So, when oil starts to become harder to find and extract, other things will look like a better deal, and we'll switch long before we run out. Hopefully this can be "end of Ehrlichian silliness" as well as "end of rant"...
what keeps the power from dissipating over the great distance from earth to the moon
It's a laser (or maser - same deal). That means the light (or other EM radiation) is coherent. It doesn't diverge, like light from your flashlight. (Theoretically, anyway. Real lasers are slightly imperfect.)
why not just build satellites in geosync orbit?
Yeah, I wondered the same thing. The main difference I can see is that if you put up satellites, you have to get the whole shebang into orbit; if you start from the moon, you can manufacture a lot of the stuff you need on the moon. Less mass to orbit -> cheaper. Also, maintenance on satellites is tricky, whereas a semi-permanent crew on the moon could just walk over.
Slashdot Mirror
But for a few years I lived in Phoenix, and I tried not having a car for a while, and it was absolutely unmanageable. There is a bus system, which I tried to use. However, it takes over two hours to get across the city on the bus, as opposed to about 45 minutes by car. Most lines don't run much past 10pm or so (hope you weren't planning on staying out late!) or on Sundays (hope you weren't planning to do anything on the weekend!) And if I felt like going to, say, Carefree, well, there just wasn't any bus. Get a bike? Sure, and ride 30 miles each way in 110F weather (sharing the road with cars doing 70). Right. Hope you weren't planning on carrying much, either.
When you grouse about Americans' attitude toward cars, you're looking only at the bad parts of cars and the good parts of public transportation. This is called intellectually dishonest. Sure, you can say if cities were designed differently, if public transportation were designed such-and-such a way, if, if, if. Fact is, they aren't. Given what we've got, a lot of people's attitudes toward their cars are pretty reasonable.
There's more than one "software market", in a way. There's local-store-software, there's "enterprise software", and there's custom software (to name categories off the top of my head) and they both overlap and complement each other. For example, my employer has implemented a large and complex e-commerce app on top of a "web application platform". The platform is proprietary commodity software, sold to a wide market...but the actual "store", built on top of it, is all custom work. (And there's coding there too, not just content.) Hiring a top web app firm to implement your e-commerce app for you is not cheap - there's big money in the custom software market.
I can't quite tell from the question, but: could VNC help here? Since there's a VNC viewer and server for almost every platform, you can be wonderfully agnostic about what you deploy.
Funny; I walk on state-funded streets all the time. Is that a privilege too? Could they require me to carry a license to walk on the street? (Hmm...they more or less effectively do. Ever get picked up by the cops with no ID on you?)
What about BSDi (or BSD/OS, or whatever they call it now)? Yes, it's "a BSD", but it's also proprietary in a sense, no?
I have to admit that we didn't make things all that easy for the subscribers - we only sent out mailings every few months, so it was easy for people to forget they'd subscribed, and the business people were always changing the names of the lists, and merging the lists, and splitting the lists, so it was easy for people to get confused about what exactly they were receiving. Still, it was an eye-opener to be on the other side of the fence.
SpamCop isn't the problem itself - the idea is good - but let's face it: Internet users are largely the same users who call their monitor the computer and their computer the hard drive, or think you can get the Internet on CDROM, or click on any attachment they get. Do you really think they're going to be capable of using a tool like SpamCop properly?
So, a couple tips (which I wish I could send to the Internet population as a whole, since the /. types need it less than others):
-Read the whole message. If you don't recognize it, make sure it didn't just change its name or merge with another list or something.
-Check to see if it has unsubscribe instructions. Yes, I know, every spam these days says "mail jessica12345@hotmail.com to unsubscribe!", but if you get a message from "newsletter@example.com" that says "You are receiving this message because you subscribed to the Foo Newsletter at http://www.example.com/subscribe; to unsubscribe, simply forward this message to unsubscribe@example.com; if you have a question or a problem, please contact us at newsletter@example.com" - then it's probably real and MAYBE YOU SHOULD TRY ACTUALLY FOLLOWING THE INSTRUCTIONS. (Instead of just picking an email address at random from the mailing and demanding to be unsubscribed!)
-Don't start swearing at people and making threats right off the bat. If the sender is legit, there will be a real human reading your mail, and pissing him off is probably not a good way to get stuff done. If you've already tried to unsubscribe and it hasn't worked, consider the possibility that there was a technical glitch, and maybe the sender isn't just trying to piss you off. (I was amused to notice a certain correlation between the number of swear words the angry recipient used and his (claimed) rank in his organization. If the email began "Fuck you, you cocksucking spammers...", it was a pretty good bet it would end "...Joe Johnson, CEO, MegaSite.Com")
I was thinking about submitting the ZeoSync release, and then I thought, nah, it's just fluff, no one will be interested... It's true that a press release is usually written by suits, not scientists, so you can't expect too much real meat - but "ZeoSync's approach to the encoding of practically random sequences is expected to evolve into the reduction of already reduced information" is a real winner; if you're "reducing information", it's not lossless compression! I smell a rat. The whole thing sounds like it could have been written by the Onion, for Crom's sake.
Infinitely better predictions from John C. Dvorak here. You have to like predictions that begin "This is where columnists like me either predict the obvious, reiterate current trends in the form of a prediction, make short term preordained predictions based on insider information, or simply get it all wrong."
And that's part of the problem. Even if the science is valid, to be useful by airport screeners, it has to be boiled down into a device that basically says "TERRORIST" or "OK". You lose all the subtlety that might be in the science of the device so that a high-school dropout can operate it quickly.
One way I've seen suggested is that although the choices appear on screen, you use the keypad to choose. (If you use a 3x3 grid of choices, it maps nicely to the numeric keypad.) Hopefully the screen does not indicate what you've chosen! These "visual password" systems seem to rely very heavily on a good implementation: a good one could be better than a text password system, and a bad one could be completely worthless.
RealUser has done almost exactly the same thing, except using faces, not abstract designs. It's worth checking out their site, since they seem to have thought it through reasonably well. (Read the whitepapers; they have the real meat...) One of the interesting things about these systems is that since you can't describe your password, the correct choices have to be displayed on screen along with some invalid choices, which opens up the system to some attacks unless you construct it very carefully.
As for "no eyes visible" and "transparent"...we've got one not-very-good photo; the scientists say they videotaped it for up to ten minutes. I think I'll go with their judgement. Besides which eyelessness is not unknown among deep-sea creatures either, like the hagfish. So, an eyeless, mostly symmetric squid that behaves like a jellyfish...it would be a weird squid, but it could still be one.
In all seriousness, probably not very good. A lot of large deep-sea squid taste like ammonia.
Amen to that. Verisign actually won't permit Opera on Linux to submit requests for certificates - you get the message "Please fix this error: User-Agent: Opera/5.0 (Linux 2.4.5 i686; U) [en]", as though you'd made a mistake in filling out the form! But if you pretend to be IE, you get through no problem. (I'm sure it's not just Opera on Linux, but all "unknown" browsers, but it's still offensive.)
I wonder if Linux users are more likely, in a statistically significant way, to conceal their User-Agent. I make heavy use of Opera and Netscape on Linux and Netscape on Irix, but 90% of the time they say they're Lotus Notes on OS/2.
But those are the degenerate cases. Most inventions aren't like that. Most inventions offer some benefit, and impose some cost. People will only change when the tradeoff looks worthwhile to them. The tradeoff point is going to be different for everyone. If no one's changed, it may only imply that no one's come up with anything motivating enough yet. If people are still using the desktop metaphor, maybe it's because the desktop metaphor is /good enough/ for what people need to do.
Who really cares whether it's "intuitive"? Way too much emphasis is placed on "intuitiveness". You can't intuit the use of much of anything beyond a hammer, and maybe not even that. Much of what you think you're "intuiting", you're really figuring out based on analogies to other things. (Nothing against analogies, except that, as much of this discussion is about, they can become more limiting than empowering.) Do you ask /why/ red means stop and green means go? Or do you just accept that it /does/ - and you don't even think about it much, because you were raised from a baby to know it - and work from that accepted knowledge? Would you expect a Bushman to be able to intuit the relationship? Does it matter?
SECURITY
To prevent malicious dependency substitution or symbol interposition, some restrictions may apply to the evalua- tion of the dependencies of secure processes. The runtime linker categorizes a process as secure if the user is not a super-user, and either the real user and effective user identifiers are not equal, or the real group and effective group identifiers are not equal. See getuid(2), geteuid(2), getgid(2), and getegid(2).
In short, you can't just make "printf" equal "exec /sbin/sh" and run your favorite setuid root program with LD_PRELOAD set.
Seriously, this site has a good collection of documents on what constitutes current "space law". There are various treaties, many of which say airy-fairy stuff to the effect of "The Moon is the common property of all humanity and no one is allowed to own any of it and anything you earn from it has to be shared with all of the world..." Which is going to go right out the window once people start finding serious uses for the Moon, believe you me.