From The Collaborative International Dictionary of English v.0.48 [gcide]:
Hang \Hang\ (h[a^]ng), v. t. [imp. & p. p. {Hanged} (h[a^]ngd)
or {Hung} (h[u^]ng); p. pr. & vb. n. {Hanging}.
Usage: The use of hanged is preferable to that of hung, when
reference is had to death or execution by suspension,
and it is also more common.] [OE. hangen, hongien, v.
t. & i., AS. hangian, v. i., fr. h[=o]n, v. t. (imp.
heng, p. p. hongen); akin to OS. hang[=o]n, v. i., D.
hangen, v. t. & i., G. hangen, v. i, h[aum]ngen, v.
t., Icel. hanga, v. i., Goth. h[=a]han, v. t. (imp.
ha['i]hah), h[=a]han, v. i. (imp. hahaida), and perh.
to L. cunctari to delay. [root]37. ]
1. To suspend; to fasten to some elevated point without
support from below; -- often used with up or out; as, to
hang a coat on a hook; to hang up a sign; to hang out a
banner.
[1913 Webster]
...[definitions continue]...
Emphasis mine. It appears as though our grammar nazis, in addition to being tactless and unsympathetic, are also unaware that this "rule" in English is merely a suggestion, and not an actual rule.
The problem with trust agencies is that they are centralized because all users must be certain that they have the correct public key for each and every agency. Just because there are multiple points does not mean that it is totally decentralized if all users must know about all agencies in order for the system to work.
Furthermore, there is the problem of trusting the "trust" companies. How can you be absolutely certain that the public key you hold is actually the public key belonging to the trust company? What key distribution techniques can be used in this case, keeping in mind that before you have the public key of the trust company, you have no way of knowing that it is actually them. If you think about it, it becomes clear that this is circular unless you have a single trusted source that everybody knows about (such as a government) which has the ability to bring down wrath upon anyone who tries to forge their own certificates.
The only way that you could be certain that the public key you hold actually belongs to the trust company is to retrieve it from them through a secure channel (i.e. sneakernet) where you can verify that it is actually theirs (by visiting their physical establishment as described by whatever agency that deemed them a trustworthy).
I am not advocating a centralized system. However, I am saying that a partially decentralized system is not actually provably secure for most people (see sneakernet counterexample above).
The true solution is to use something that mimics the way trust forms in a social community. Essentially, this works on the basis of reputation as determined by other users/devices/nodes on the network. The basis for it is that in the real world, trust doesn't work because untrustworthy parties are prosecuted; instead, real people base their trust on a "web of trust" -- a small-world network of people who trust each other at different levels based on past experience.
This is the difference between the current system of "trusted networks" (be honest or be criminally prosecuted) and social networks (be honest or you will no longer be trusted). The latter, however, requires some sort of intelligent logic, which I am still working on.
I was thinking of starting with the BitTorrent protocol, but I would have to add so many things to it that it would be unrecognizable. I think that starting a ground-up implementation with extensibility in mind might be a better idea. However, part of what I want to do is make it possible to have multiple backends for the lowest software level transportation of data, and for that I could write an extension to allow bittorrent to be the protocol used there.
I'm not sure why I was modded funny...I'm actually planning this out. It'll be a while before I actually have the time to implement it, but I am planning it.
I completely agree that we need something not centralized. In fact, I'm actually in the planning stages of an entire decentralized system to possibly replace the web. I know, I know...ambitious goals. But I am convinced that the concept could work.
The idea is essentially to create a decentralized web of trust, and have nodes on the network find each other by asking other nodes. One of the advantages is that it abstracts the underlying IP addresses that are used to identify network devices into something that can be extensible once IP addresses become infeasible (for example, in mobile devices whose subnets keep changing).
When you post as AC you don't get notification when people respond to your post, so you have to check for yourself periodically if you want to know if somebody has replied.
We here in South Carolina applaud your rhetoric but thanks to that Yankee jackass Lee, your assertion that we are state citizens first and US citizens second has been proven false.
For all the crap people give the south, I'm glad y'all are realizin' what the whole "state rights" thing was about. I always read with interest the rants most recently from Cali and Texas governments about their relationship with the Fed.
The government is supposed to be by the people, for the people. The people living today are not the same people living 150 years ago; with that many generations along with several periods of immigration to the US, their ideologies are different.
Perhaps you haven't noticed some other changes that have occurred in the last 150 or so years? The "solid South" is no longer solidly behind the Democratic party. It tends to lean towards the Republican party nowadays. That's kind of a big change.
I have to agree. I use gnome-do all the time to run my applications because I can't be bothered searching through the menus if I already know what the program does. I even use it for my IM client: if I want to chat to someone, I enter their name and hit enter as soon as there are enough letters to match their name.
I once found a keylogger written in Python. I don't think I have the code for it anymore, but from what I remember, all it did was ask politely for X to give it all the inputed keys, as well as the name of the window and some other information.
This program did not need to be run as root; however, it would only pick up keys from the X session it was running in (duh) which was usually only the user it was running under. If that user was in the admin group, though, and typed in their password to run something as root, it would catch the password. I think that I started writing a program that tried to root the system through keylogging, but I think that through a combination of boredom with the project and thinking that this was a bit too dangerous a program to exist on my own computer, I purged it. Either way, I can't find any trace of it anymore on my own computer.
Personally, I take security on my own computer semi-seriously. I am as guilty as anybody else of running programs as root without doing a full background check on them. I plan to change this at some point, but at the moment I don't have the time to do a full redesign of my computer usage. Perhaps this summer I will... I do, at least, have a non-obvious username, and a root that has no valid password. Oh, and don't forget that blocking program that calls sleep in a loop from/etc/rcS.d that requires someone to press ctrl-alt-del during the boot process in order to finish booting the computer.
As a thought experiment, what if somebody (such as me) came up with a program that used some of the ideas behind torrents and distributed processing, and created a distributed, decentralized search engine? Say that this program became popular enough that it could create an index large enough and fast enough that it could rival google. Say that some people used it to find and download copyright infringing content.
How would this work, legally, if somebody decided to send a DMCA take down notice? Also, if this distributed search engine were in the position that TPB is in right now, what would be the result? Who would be sued, et cetera?
My guess is that it would be in the same position as programs such as BitTorrent and Transmission: no legal action can be taken against the program because it is just a dumb set of instructions and requires the use of a person to intentionally infringe on copyright.
By the way, I actually plan to implement something similar to this eventually in the future, but if somebody else wishes to run away with the idea, be my guest. Also, try to tell me about it, if you get a chance...I'd be interested to see where the idea goes.
It is not wise to post such things... there are people who actually would paste that into a terminal despite your warning.
The way it works is as follows::(){ something } # this is a valid function declaration which does something program1|program2 # this runs both program1 and program2, and pipes the output of one to the other command& # this runs a command in the background (i.e. non-blocking) ; # this is a line break : # this is a valid function call
So, it makes a recursive function which calls itself twice from within the body of the code. Since it calls itself non-blocking, there is no infinite recursion error. On the next line, it calls the function.
So, each parent function call spawns two children, and each child spawns two children, et cetera. This can easily bring down a system that is not securely configured (that is, most systems).
First, even if what it is preventing is genuinely harmful, it creates a precedent to allow laws that block other sorts of free speech.
Second, individuals have rights with regards to defamation protection; religions do not have such rights.
Third, any harmful results of the defamation (such as not hiring somebody because of their religion) should be what is outlawed; defamation of the religion should not be outlawed.
Or even an alternative US keyboard, like Dvorak, Dvorak for left hand, Dvorak for right hand, Dvorak for programmers, Dvorak for left foot, Dvorak for right foot, Dvorak for nose, Dvorak for left cheek,...
We should spend that effort spammers put out to get useful work done. Re-captcha is a perfect example. How about Google, want a new tagging system for images? It would make image search MUCH more usable. It could also be used to help AI/learning and object recognition. Just set up Captchas to do meaningful boring things that otherwise would not get done. I've no idea why this isn't more widespread.
It's not more widespread as a method of AI learning because in order for a CAPTCHA to work, the website providing it has to already know what the correct answer is...
This is interesting. The boot time for XP (or any operating system at all) must depend on the hardware.
I mention this because I have XP running in a virtual machine (with automatic login) and it takes almost exactly 20 seconds from when I click "run" to a usable desktop. I always have it do a full boot. (This may not work for the long term on a real computer, though, because I have it revert to the state it was in before I booted it every time I stop needing it, and thus each time I boot it, it is as though it has only booted a total of four or five times.)
On the other hand, the same computer I am running the virtual machine on takes four times as long to boot Ubuntu (the only OS installed on it).
If I get a chance, I should try installing Ubuntu in the virtual machine to see if it has the same speed boost in booting.
My computer's architecture is x86-64, dual core, 2.26 * 10^9 s^-1 and has 4 * 10^9 bytes of memory. The virtualized architecture is x86, single core, "2.26 * 10^9 s^-1" though this is clearly not the case due to software virtualization overhead, and 256 * 10^6 bytes of memory.
The only reason I can see that the virtual machine might be faster booting is that it has no real hardware: the screen is generic, as is the keyboard input and the mouse input.
Fun fact: Flash Player runs faster in the virtual machine than on my real computer with the x86 compatibility wrapper.
I love Ubuntu and use it for almost everything, but I just find it funny that XP boots so much faster in a software-virtualized machine than Ubuntu loads on the real machine.
[Oh, for those of you who don't like scientific notation and the units I used, 10^9 is giga-, 10^6 is mega, and s^-1 is Hz]
Thus the mounting that has to accompany it. I probably forgot a few directories that might be necessary (/etc and/lib both come to mind). This will allow them to use gnome and X and everything. You could even mount stuff more selectively than that, just to make sure that the good things work and the user doesn't have access to anything that can get them into trouble.
They will not have access to any devices, such as CD or USB drives, but those are probably against company policy, anyway.
You could also set up access control using SE linux, but I've never done that, so I don't really have too much advice there except to search the internet.
# This will chroot all users into the/home directory before they are logged in. Therefore they will have no access to devices or anything like that. However, you have to make sure that you also mount --bind/bin/home/bin mount --bind/usr/home/usr mount --bind/var/home/var
# and I think that that should probably be enough. # Disclaimer: I have never tried this, and so I don't know if this will cause any other problems that I haven't thought of. YMMV, IANAL, HAND.
No, because it was preventing you from photocopying the sheet. If you copied the sheet over by hand, it would be usable as many times as you wanted on as many machines as you wanted. On the other hand, the Activation Key can only be used once, even if you copy it by hand and try to use it again.
Simplistically, copy protection JUST attempts to prevent copying (an impossible task, but that isn't the point), whereas DRM phones home to make sure you aren't using the software/medium/etc anywhere where they don't want you to.
Copy protection tries to prevents copying. DRM tries to prevents use.
No, it's not. Windows Genuine Advantage activation does not prevent you from making a copy of the medium. It prevents you from using the software on more than one machine. It controls *use*, not *copying* and is therefore DRM and not copy-protection.
Even copying is not illegal, actually. Distribution is illegal. If I make a copy of a CD for personal use, that is perfectly legal. Now, if I sell that copy, that is copyright infringement. So, no, copy protection also does not have that "figleaf of moral cover", although it has slightly more justification than oppressive DRM, which tries to control use.
Both are defective by design, anyway, at least for media. If I can see it and I can hear it, then I can copy it. Unfortunately, the same thing cannot be said for games as they do not display exactly the same thing each time they are played.
...(and actually it doesn't prevent them from suing, but they shouldn't win)...
Actually, that isn't true if it is protected by DRM. The Digital Millennium Copyright Act makes sure of that. While it is fair use to copy something you own for personal use, it is illegal if doing so requires breaking or bypassing a digital lock. Then they can sue you to no end even though you were only exercising your fair use rights.
Yes, DRM isn't illegal, but the law should not help enforce it. The DMCA does just that.
That would be cool, but, unfortunately, they made it just like all the other wall warts and "dongly things" (Douglas Noel Adams reference) in that it tends to cover the other outlets. You could always buy a special extension cord for it, but who wants that? This would work, but it seems a little over the top to me as a solution for such a problem.
Slashdot Mirror
He said, "...invented to benefit the people...", not "...invented to benefit people..."
You are twisting his words instead of coming up with a real counter-argument.
Note: there are real counter-arguments, but you have not produced one here.
usul@SietchTabr:~$ dict hung
5 definitions found
From The Collaborative International Dictionary of English v.0.48 [gcide]:
Hang \Hang\ (h[a^]ng), v. t. [imp. & p. p. {Hanged} (h[a^]ngd)
or {Hung} (h[u^]ng); p. pr. & vb. n. {Hanging}.
Usage: The use of hanged is preferable to that of hung, when
reference is had to death or execution by suspension,
and it is also more common.] [OE. hangen, hongien, v.
t. & i., AS. hangian, v. i., fr. h[=o]n, v. t. (imp.
heng, p. p. hongen); akin to OS. hang[=o]n, v. i., D.
hangen, v. t. & i., G. hangen, v. i, h[aum]ngen, v.
t., Icel. hanga, v. i., Goth. h[=a]han, v. t. (imp.
ha['i]hah), h[=a]han, v. i. (imp. hahaida), and perh.
to L. cunctari to delay. [root]37. ]
1. To suspend; to fasten to some elevated point without
support from below; -- often used with up or out; as, to
hang a coat on a hook; to hang up a sign; to hang out a
banner.
[1913 Webster]
Emphasis mine. It appears as though our grammar nazis, in addition to being tactless and unsympathetic, are also unaware that this "rule" in English is merely a suggestion, and not an actual rule.
The problem with trust agencies is that they are centralized because all users must be certain that they have the correct public key for each and every agency. Just because there are multiple points does not mean that it is totally decentralized if all users must know about all agencies in order for the system to work.
Furthermore, there is the problem of trusting the "trust" companies. How can you be absolutely certain that the public key you hold is actually the public key belonging to the trust company? What key distribution techniques can be used in this case, keeping in mind that before you have the public key of the trust company, you have no way of knowing that it is actually them. If you think about it, it becomes clear that this is circular unless you have a single trusted source that everybody knows about (such as a government) which has the ability to bring down wrath upon anyone who tries to forge their own certificates.
The only way that you could be certain that the public key you hold actually belongs to the trust company is to retrieve it from them through a secure channel (i.e. sneakernet) where you can verify that it is actually theirs (by visiting their physical establishment as described by whatever agency that deemed them a trustworthy).
I am not advocating a centralized system. However, I am saying that a partially decentralized system is not actually provably secure for most people (see sneakernet counterexample above).
The true solution is to use something that mimics the way trust forms in a social community. Essentially, this works on the basis of reputation as determined by other users/devices/nodes on the network. The basis for it is that in the real world, trust doesn't work because untrustworthy parties are prosecuted; instead, real people base their trust on a "web of trust" -- a small-world network of people who trust each other at different levels based on past experience.
This is the difference between the current system of "trusted networks" (be honest or be criminally prosecuted) and social networks (be honest or you will no longer be trusted). The latter, however, requires some sort of intelligent logic, which I am still working on.
I was thinking of starting with the BitTorrent protocol, but I would have to add so many things to it that it would be unrecognizable. I think that starting a ground-up implementation with extensibility in mind might be a better idea. However, part of what I want to do is make it possible to have multiple backends for the lowest software level transportation of data, and for that I could write an extension to allow bittorrent to be the protocol used there.
I'm not sure why I was modded funny...I'm actually planning this out. It'll be a while before I actually have the time to implement it, but I am planning it.
I completely agree that we need something not centralized. In fact, I'm actually in the planning stages of an entire decentralized system to possibly replace the web. I know, I know...ambitious goals. But I am convinced that the concept could work.
The idea is essentially to create a decentralized web of trust, and have nodes on the network find each other by asking other nodes. One of the advantages is that it abstracts the underlying IP addresses that are used to identify network devices into something that can be extensible once IP addresses become infeasible (for example, in mobile devices whose subnets keep changing).
When you post as AC you don't get notification when people respond to your post, so you have to check for yourself periodically if you want to know if somebody has replied.
We here in South Carolina applaud your rhetoric but thanks to that Yankee jackass Lee, your assertion that we are state citizens first and US citizens second has been proven false.
For all the crap people give the south, I'm glad y'all are realizin' what the whole "state rights" thing was about. I always read with interest the rants most recently from Cali and Texas governments about their relationship with the Fed.
The government is supposed to be by the people, for the people. The people living today are not the same people living 150 years ago; with that many generations along with several periods of immigration to the US, their ideologies are different.
Perhaps you haven't noticed some other changes that have occurred in the last 150 or so years? The "solid South" is no longer solidly behind the Democratic party. It tends to lean towards the Republican party nowadays. That's kind of a big change.
I have to agree. I use gnome-do all the time to run my applications because I can't be bothered searching through the menus if I already know what the program does. I even use it for my IM client: if I want to chat to someone, I enter their name and hit enter as soon as there are enough letters to match their name.
I once found a keylogger written in Python. I don't think I have the code for it anymore, but from what I remember, all it did was ask politely for X to give it all the inputed keys, as well as the name of the window and some other information.
This program did not need to be run as root; however, it would only pick up keys from the X session it was running in (duh) which was usually only the user it was running under. If that user was in the admin group, though, and typed in their password to run something as root, it would catch the password. I think that I started writing a program that tried to root the system through keylogging, but I think that through a combination of boredom with the project and thinking that this was a bit too dangerous a program to exist on my own computer, I purged it. Either way, I can't find any trace of it anymore on my own computer.
If anyone is interested, the program is here.
Personally, I take security on my own computer semi-seriously. I am as guilty as anybody else of running programs as root without doing a full background check on them. I plan to change this at some point, but at the moment I don't have the time to do a full redesign of my computer usage. Perhaps this summer I will... I do, at least, have a non-obvious username, and a root that has no valid password. Oh, and don't forget that blocking program that calls sleep in a loop from /etc/rcS.d that requires someone to press ctrl-alt-del during the boot process in order to finish booting the computer.
Ah, yes. But that was more than just a search function.
As a thought experiment, what if somebody (such as me) came up with a program that used some of the ideas behind torrents and distributed processing, and created a distributed, decentralized search engine? Say that this program became popular enough that it could create an index large enough and fast enough that it could rival google. Say that some people used it to find and download copyright infringing content.
How would this work, legally, if somebody decided to send a DMCA take down notice? Also, if this distributed search engine were in the position that TPB is in right now, what would be the result? Who would be sued, et cetera?
My guess is that it would be in the same position as programs such as BitTorrent and Transmission: no legal action can be taken against the program because it is just a dumb set of instructions and requires the use of a person to intentionally infringe on copyright.
By the way, I actually plan to implement something similar to this eventually in the future, but if somebody else wishes to run away with the idea, be my guest. Also, try to tell me about it, if you get a chance...I'd be interested to see where the idea goes.
It is not wise to post such things... there are people who actually would paste that into a terminal despite your warning.
The way it works is as follows: :(){ something } # this is a valid function declaration which does something
program1|program2 # this runs both program1 and program2, and pipes the output of one to the other
command& # this runs a command in the background (i.e. non-blocking)
; # this is a line break
: # this is a valid function call
So, it makes a recursive function which calls itself twice from within the body of the code. Since it calls itself non-blocking, there is no infinite recursion error. On the next line, it calls the function.
So, each parent function call spawns two children, and each child spawns two children, et cetera. This can easily bring down a system that is not securely configured (that is, most systems).
No, it doesn't.
First, even if what it is preventing is genuinely harmful, it creates a precedent to allow laws that block other sorts of free speech.
Second, individuals have rights with regards to defamation protection; religions do not have such rights.
Third, any harmful results of the defamation (such as not hiring somebody because of their religion) should be what is outlawed; defamation of the religion should not be outlawed.
Or even an alternative US keyboard, like Dvorak, Dvorak for left hand, Dvorak for right hand, Dvorak for programmers, Dvorak for left foot, Dvorak for right foot, Dvorak for nose, Dvorak for left cheek, ...
We should spend that effort spammers put out to get useful work done. Re-captcha is a perfect example. How about Google, want a new tagging system for images? It would make image search MUCH more usable. It could also be used to help AI/learning and object recognition. Just set up Captchas to do meaningful boring things that otherwise would not get done. I've no idea why this isn't more widespread.
It's not more widespread as a method of AI learning because in order for a CAPTCHA to work, the website providing it has to already know what the correct answer is...
This is interesting. The boot time for XP (or any operating system at all) must depend on the hardware.
I mention this because I have XP running in a virtual machine (with automatic login) and it takes almost exactly 20 seconds from when I click "run" to a usable desktop. I always have it do a full boot. (This may not work for the long term on a real computer, though, because I have it revert to the state it was in before I booted it every time I stop needing it, and thus each time I boot it, it is as though it has only booted a total of four or five times.)
On the other hand, the same computer I am running the virtual machine on takes four times as long to boot Ubuntu (the only OS installed on it).
If I get a chance, I should try installing Ubuntu in the virtual machine to see if it has the same speed boost in booting.
My computer's architecture is x86-64, dual core, 2.26 * 10^9 s^-1 and has 4 * 10^9 bytes of memory.
The virtualized architecture is x86, single core, "2.26 * 10^9 s^-1" though this is clearly not the case due to software virtualization overhead, and 256 * 10^6 bytes of memory.
The only reason I can see that the virtual machine might be faster booting is that it has no real hardware: the screen is generic, as is the keyboard input and the mouse input.
Fun fact: Flash Player runs faster in the virtual machine than on my real computer with the x86 compatibility wrapper.
I love Ubuntu and use it for almost everything, but I just find it funny that XP boots so much faster in a software-virtualized machine than Ubuntu loads on the real machine.
[Oh, for those of you who don't like scientific notation and the units I used, 10^9 is giga-, 10^6 is mega, and s^-1 is Hz]
Oh, please. This was superseded by the Bistro drive years ago! It gets rid of all that mucking about with improbability. Much safer.
Thus the mounting that has to accompany it. I probably forgot a few directories that might be necessary (/etc and /lib both come to mind). This will allow them to use gnome and X and everything. You could even mount stuff more selectively than that, just to make sure that the good things work and the user doesn't have access to anything that can get them into trouble.
They will not have access to any devices, such as CD or USB drives, but those are probably against company policy, anyway.
You could also set up access control using SE linux, but I've never done that, so I don't really have too much advice there except to search the internet.
#/etc/security/limits.conf /home
@user - chroot
# This will chroot all users into the /home directory before they are logged in. Therefore they will have no access to devices or anything like that. However, you have to make sure that you also /bin /home/bin /usr /home/usr /var /home/var
mount --bind
mount --bind
mount --bind
# and I think that that should probably be enough.
# Disclaimer: I have never tried this, and so I don't know if this will cause any other problems that I haven't thought of. YMMV, IANAL, HAND.
No, because it was preventing you from photocopying the sheet. If you copied the sheet over by hand, it would be usable as many times as you wanted on as many machines as you wanted. On the other hand, the Activation Key can only be used once, even if you copy it by hand and try to use it again.
Simplistically, copy protection JUST attempts to prevent copying (an impossible task, but that isn't the point), whereas DRM phones home to make sure you aren't using the software/medium/etc anywhere where they don't want you to.
Copy protection tries to prevents copying. DRM tries to prevents use.
No, it's not. Windows Genuine Advantage activation does not prevent you from making a copy of the medium. It prevents you from using the software on more than one machine. It controls *use*, not *copying* and is therefore DRM and not copy-protection.
Even copying is not illegal, actually. Distribution is illegal. If I make a copy of a CD for personal use, that is perfectly legal. Now, if I sell that copy, that is copyright infringement. So, no, copy protection also does not have that "figleaf of moral cover", although it has slightly more justification than oppressive DRM, which tries to control use.
Both are defective by design, anyway, at least for media. If I can see it and I can hear it, then I can copy it. Unfortunately, the same thing cannot be said for games as they do not display exactly the same thing each time they are played.
...(and actually it doesn't prevent them from suing, but they shouldn't win)...
Actually, that isn't true if it is protected by DRM. The Digital Millennium Copyright Act makes sure of that. While it is fair use to copy something you own for personal use, it is illegal if doing so requires breaking or bypassing a digital lock. Then they can sue you to no end even though you were only exercising your fair use rights.
Yes, DRM isn't illegal, but the law should not help enforce it. The DMCA does just that.
That would be cool, but, unfortunately, they made it just like all the other wall warts and "dongly things" (Douglas Noel Adams reference) in that it tends to cover the other outlets. You could always buy a special extension cord for it, but who wants that? This would work, but it seems a little over the top to me as a solution for such a problem.
In the English world, words mean the same thing universally. But, then, that's only in the English world :)