Data doesn't use minutes, at least not PCS web access (using the #xxx numbers).
You can use most phones as normal modems, so if you dial your local ISP using ATDT5551212, it would count (but I think there are night and weekend minutes).
Or the lack of certs in OpenSSL so no one checks.
on
Due Diligence?
·
· Score: 4, Informative
I also checked the browsers, mainly command line a little while ago when the IE cert chain vulnerability was found. Most (wget, links, lynx) didn't bother to check the chain. Some didn't check anything at all, so any proxy server could spoof any page.
If you can see https://www.amazone.com, your browser is badly broken. amazone.com points to amazon.fr - but you should match the cert to the DNS.
Opera on the Zaurus was also vulnerable. Apple doesn't install any certificates in their OS X or Darwin OpenSSL directory.
One thing that happened between SSLeay (the original project) and OpenSSL is that the certificate chains were NOT installed by default, so everyone had a library, but no way of checking certificates since you require root certificates to check the site certificate. A second thing, probably worse is that the old default was to return an error if the certificate couldn't be validated. Now the default is TO GIVE NO ERROR IF THE CERTIFICATE CANNOT BE CHECKED. It would be better to give an error that would have to be overridden, which would cause developers to have to take a look and to actively disable security.
Curl was the only one that included any checking, but it required manually installing certs and specifying an option to turn it on. It would SILENTLY connect to SSL sites without security.
Mozilla was fine, and Konqueror fixed any problem it had, but the Opensource community should be embarrassed since the rest of the browsers security was not just flawed like IE, but DISABLED without any notice to this effect or NONEXISTENT.
It would apply since your hardware can be used diskless even if it has a disk, but the various types of apps had to be changed and a server (under bigger load in an terminal server conviguration) had to handle things.
But as far as wholesale windows replacement, this would be a good resource.
There is a way of creating a false AP (make sure it is 5 channels away from any AP channel you are using, i.e. if you are using 6, you can use 1 and/or 11). You can then send out random Macs, SSIDs, and whatever else. I think some stumblers will get wise to this so you might need to play more games.
But in short, you can't detect something like Kismet or the Dwep tools, and even if you are using WEP you are probably sending out weak packets, enough that after a few days the key can be obtained.
"We are paranoid someone is going to come along and take away mindshare from developers. We're paranoid something out there is going to be more exciting to developers."
Lets see, a closed system with low quality, where they use proprietary protocols they don't want you to alter and then they change them, stop support and force upgrades, v.s. an open system of high quality that you can actually make better and costs almost nothing.
"No, we don't want to tell you how this works, and we don't want you to touch it" is not an attitude that creates mindshare.
I can see why it might be exciting to use Microsoft, but that type of excitement would reduce mindshare.
since it has to be something human beings are doing for anything annoying that happens to the earth, what activity are they going to blame for the pole flip?
Windoze is slow x 2, Linux is best, but...
on
Is Mac OS X Slow?
·
· Score: 1
For something like an office app, on similar machines, it takes forever to even start on any Windows machine I've used. I haven't used an 8 way xeon though, but my dual athlon is notably annoying.
Linux flys, but there is usually not a lot of extra junk running in the background. I usually use it with simpler WMs and I don't have things doing live updates in 20 windows.
A 500Mhz iBook is quite adequate (I'm using one now), but there is a slight delay when launching things (the dock bounce), but it is far less than windows (even things like Microsoft Word). OS X has a bunch of things in the background, but most are sleeping, but I've noticed that some things seem to have memory leaks or seem to want to update every three seconds and these will cause things to slow down.
LinuxPPC seems a bit faster, but again, I have far fewer things running, and am often in console mode. Mozilla takes a while to launch regardless of platform.
So OS X and Macs are comparably fast, if you compare similar systems. Comparing very old powerbooks to 133Mhz pentium systems is fair, but not an old powerbook to a new laptop.
My dual 1.2Ghz athlon is comparable to my dual 800Mhz G4. V.S. OS X, the Athlon is faster under linux, much slower under windows, but it depends what I run. Linux has mostly smaller applications, but Cocoa applications seem to work well. Huge applications like Mozilla or large carbon apps tend to be slow.
Under Jaguar, I rarely get the beachball of interminable delay, and even then I can switch apps to something I can do. Linux normally lets me do this too, but Windows won't let me switch apps until it thinks I should (so I am often stuck for a while). So subjectively, OS X is similar to Linux.
Try writing into the support contracts that you get the source or they pay (escrowed) for support or correction over the life of the system if any of the following happen: 1. They go bankrupt. 2. Any change of business plan (acquisition, restructuring) causes them to drop support for the product. 3. Dependent software changes or updates and they decide not to support the newer version (Office 95 or 97 are now unsupported but are far less than 10 years old).
Also, what is the assurance of quality of support? Lets say the system is popular but the system is "too slow", but can't be addressed by upgrading hardware. The system has FAILED, but "support" is worthless. In a long-ago/. article, it noted that Microsoft support didn't compare favorably to "the Psychic friends network".
Or you call, get put on hold, talk to a receptionist spelling out every word of geekspeak, then a few days later someone calls back and leaves a message that they will call back sometime, (no callback number) since you were talking to someone else and voicemail picked up.
Or that the problem is something systemic and won't be addressed until the next version.
Make sure that the contract specifies things clearly and exactly. Remember you will be bound to the vendor for longer than many people are married.
(The OpenSource may not be cheaper initially, but has an upper limit on costs - Tell me what you are looking at and I can probably arrange support - either over a term or per-incident).
I got one of the Apple LCD cinema displays and it was one of the best purchases I made.
At the job I was at before that the room lights were so bright I think I was getting a tan and had to wear sunglasses indoors and had a "hood" over my CRT.
CRTs tend to blur when they are forced to be too bright, but unless the room is dark they must be turned up to be seen.
And I, like most programmers I know, want to overrez - they want to see 80 lines of code instead of 60 if they can.
There are good CRTs, but they cost nearly as much as an LCD (a 24", 22" viewable Sony comes to mind). They won't have the contrast ratio.
Multiheaded might or might not be good, it depends on what you are doing - a higher rez, bigger monitor might be better than two smaller ones.
Or maybe we should just have video walls in our cubicles.
Somehow people seem to think that medicine comes from some magic wand that costs nothing to wave so we can have infinite research, development, production, etc. for zero or nominal cost.
Since there is no opensource model for drug development, and worse, it is highly regulated (Here on/. we complain about the DMCA and UITCA, but the FDA and tort system do the same for medicine), it will NEVER be able to follow that model.
Why are most of those drugs developed here and not in France, Mexico, or even Japan? Or even Canada? Canada is free to spend more on its health care developing its own drugs (will THEY give them to the US for free or below cost?).
Meanwhile, our military does protect Canada, while it lets in terrorists and even gives them welfare so they have more time to figure out ways of killing US Citizens. Personally, I think we should not be an empire, but if we are, our "friends" should recognize what it means to them.
Or to put it correctly, a user buried and responsible for a major spread of that virus.
Somehow I don't associate "Trustworthy" with either "Microsoft" or Advertising.
Of course there was was a comic routine where some corporation was going to add something that would fix things to the box but not the product.
So look for the "Trustworthy Computing" ad campaign saying you are imagining all the problems with your computer and credit card info being on the internet.
Most universities and their researchers are rabid left-wing ideologues. Of course they could put aside *their* political and Gaia-worship (without the terms dogma and heresy) biases, but I expect it is easier for an industry insider to put aside the profit motive than a zealot his faith.
When the existing group bring to the table their biases and have their reports shaded one way, they should expect to be removed.
Part of the problem involves the intellectual property stuff often discussed here at slashdot.
When you are studying something that won't immediately be profitable, you can do so much more cleanly than something with immediate use, especially if you can get a patent, and insure it won't be heavily regulated. Even so, there are rivalries, the story of the discovery of the double helix structure of DNA is such an example.
Even in the article and about ethics, there was an interesting note about how a board wanted to increase protection for the mentally ill but not the unborn. Such a question right now is only political - "When do people have rights?" can be discussed by philosophers, theologians, and politicians. But it is not a scientific question.
Only bad policy can come when politics masquerades as science - Were Galileo around today, these boards would not approve funding for his research because it would probably contradict the current scientific dogmas. Another example is plate tectonics and continental drift - it was proposed and laughed at in 1905, back then continents didn't move. I forgot the name of the person who came up with the theory, but he would not have been funded either. Then there was Lamark v.s. Lysenko in Russia.
At least now the masquerade is ended - these boards were always political.
And maybe we can go to a different form. Instead of everyone going to the government for funds ("I want to be free except when I want something for free" seems to be the motto), foundations, 501c3s, trusts and others could be set up with tax deductions or credits to fund research, so you can shop for one that agrees with your biases.
Most sniffing is passive. You can't detect a card that is not transmitting. If they mean rogue access, they need to use the right terminology.
You also need a completely up-to-date list of correct MAC addresses since those can be changed or spoofed. And to know whose computer is on or off (or that the laptop is on the south side of the building so having the MAC attached to the north AP is suspicious).
Then there is the possibility of a rogue AP meshing with your network.
And there would be a huge problem with things like nocat where you won't know the MAC address. Combine this with the IE SSL cert or similar vulnerability, and you can jump on a session.
There isn't a lot of security built into WiFi. You need to put things at a different layer (wifi is outside the DMZ, use vpn), or it would be a nightmare keying the APs to MACs which can be spoofed anyway.
Back in the mid 1980s, there was a rivalry between intel and motorola on embedded processors.
Part of it was the 286 v.s. the 68000 (which had been around), and Motorola produced a long missive explaining the problem with (64k) segments when trying to do anything useful.
This was in response to benchmarks showing that the 286 was not horribly slower and some cases faster than the 68000.
Nice to know nothing has changed in well over a decade.
The first point is that there is a very nice X server called Oroborous - the only feature missing is cut-paste between X and Mac apps, but that should come soon. I run a number of X apps including AbiWord under OS X.
But, yes, I have Word and Excel installed. And Gnumeric. And Yellow Dog Linux, but I boot into that less and less.
Between the good look-and-feel, the crashproofing, and the regular apps, my Mac G4 and iBook are my "appliance" computers.
Windows always gets in your way, and it often crashes (the stability is inversely proportional to the usefulness - more hardware and more add on software and something will conflict). But things like stealing focus and locking it - if it is going to take 2 minutes to come up I can shoot off an email, but no... Vmware (or Virtual PC) is great in this regard.
Mac OS X just works. If I want to pull tracks off a CD, it is a no-brainer. I don't have any difficulty doing it under Linux, but it is easy to the point of almost no interaction on the mac for many things. Including iPhoto when I want to print.
But if I want to tinker, I just open a terminal window and I have something very close to Linux. A few hardware hacks and tweaks are missing at the margin (Apple needs to spend a little while with Darwin - sometimes I need to change my MAC address or generate strange packets when I am testing - the Sysadmins love linux point was right on, and I have several Linux boxen including two Zauri).
So there are a few warts on the "linux" face of Mac OS X, but they are rare and the rest work exactly like Linux. And the Macintosh/apple face lets me get a lot more done without any tweaking. It is to the point I use fetchmail procmail spamassassin and mutt for reading and processing my mail but use the mail app to send from URLs.
The hardware might be proprietary (maybe less so, terrasoft makes boxes that run Mac OS X), but it is very cool. The LCD screens are very easy on the eyes, and try pricing large ones for the PC. And it does run Linux.
Linux and BSD were always rivals, and Apple has put it in one very nice package. With an iBook or PowerBook, you get most of the benefits of a unix OS with almost none of the tweaking.
Although most claims of hacker damage are inflated, if they are maintaining that DNS entries aren't property, or aren't valuable, whatever, if a hacker points a server somewhere else, nothing of value has been damaged, taken, etc.
What I don't really understand is that if they got a forgery, did they, and if so why did they leave the error for 5 years?
I can see they might not have liability for believing a forgery, but for not returning the domain to the rightful owner?
There are the strip antennas that fit on the back of notebooks. They are about the size of a nameplate (and someone can paint the letters so they will look the same except for the wire). This will get the signal over, but I'm not sure if it will do 11kbps (or 54 for 802.11a)
100 Meters isn't that far though. A standard omnidirectional antenna would look like a pipe, so they could use it for a sign or something similar, and could provide over 10db gain - that should bridge things.
Finally, if the buildings are in a square, you could put a repeater AP at the center, so you have 50 meters instead of 100, which might be good for another 6db.
What goes unsaid is that consumers and businesses have little choice in software EULAs from commercial companies. If you don't like it, don't use it.
As has been pointed out, Government IS different. A security flaw might expose everyone's driver's licenses or even more personal data. What if the EULA is one of those "we take no responsibility", so either the department shuts down for a year porting it (vendors disappear, programs become obsolete).
Another thing has been pointed out in the DVD debates - what about 25 years from now? There was a program on PBS a while ago called "Slow Fires" about how many books were deteriorating because of acid in their paper. Also noted were a series of video tapes, some valuable Nixon archival footage, but there were others, that there was ONLY ONE PLAYER available in the world.
"It's not that we have no record of your marriage, it is that the software expired".
Having the source is the ultimate out. Although I would allow for alternatives, in the case of failure, the (perhaps escrowed) source (and need I say a build environment) MUST be available to fix things.
After California's negotiation with Oracle, I can see why they would be careful, and that was just on cost, not the complex world of copying, usage, redistribution, etc. written into EULAs.
EVERY GOVERNMENT COMPUTER RUNNING INTERNET EXPLORER IS VULNERABLE TO THE SSL CERTIFICATE EXPLOIT. This includes Macintosh. Doesn't that make you feel good?
Microsoft's non-response so far leaves everyone vulnerable. Konqueror was for a few minutes, Netscape and Mozilla wasn't, but they would have been fixed.
Did anyone, anywhere write into a contract that this must be fixed? What do we do in the interim? Hope no one is running an exploit anywhere?
I would be all for writing quality control into the contracts. Having electronic things explode or burst into flames is probably something you would want to avoid, or at least insure you didn't have to pay for or keep a bunch of defective items around. But I doubt Microsoft would be able to fulfill any terms adequate to protect taxpayers. Fine, don't mandate open source. But mandate returns or refunds/rebates for defects, with the vendor bearing the cost of conversion if something isn't fixable (for techinical, political, or economic reasons).
Even with the move to privatization, you don't expect the company hired to keep all the critical information if their contract is terminated or transferred.
What about cars? There might be a defect in Crown Victorias where they burst into flame if hit from behind. Some silly police departments want Ford to fix the problem before they will buy any more. They should be glad to be stuck with defective products and at the mercy of vendors denying any problems. Demand fixes and parts?
We have a lot of examples of CRITICAL defects in software. In the Government, they must be FIXED in a TIMELY manner. This is a requirement.
Microsoft fails to fulfill it now, and I suspect there are many other vendors that couldn't. Others could, but the working system will take longer and cost more money. OpenSource is no panacea in this regard, but it is much better.
Do you want to wait months while the currently active exploits may or may not be worked on (usually the "window" is such that there are several active unfixed flaws at the same time), and if the deployment might crash other things (the mega service pack that breaks more than it fixes), or do you want the flaw found and fixed before it appears here?
And runs linux. natively. You can develop on it, though I prefer to ssh to it. Get a wireless card if you want it to be really portable or want to run kismet.
Considering his views on that other issue (http://www.all.org/gates/index.htm), somehow after all the BSoDs, and the other general quality, and all the anti-competitive activity like the logic bomb against DrDOS, it should not be called Choice. Abortion is more appropriate.
You can brute force CCNs. Only about 1/10 are valid, and if you know MC v.s Visa you know what it begins with. If you know the bank you know more numbers. If SHA(ccn) == test... You can hash a block of numbers and look.
Add some junk or the address or something that wouldn't be compromised on the same server.
CCNs would take a while, but I'd still worry. SSNs or other smaller numbers would be completely insecure.
First both are heavily religous movies. The new age buddhist in Clones v.s. more traditional Christianity (Aunt Mae says the our father, they celebrate thanksgiving and there is a problem saying grace).
Peter Parker is a comic character. He makes a lot of mistakes trying to become the superhero, and we laugh with him when things don't work out. That is someone everyone can relate to. The universe doesn't depend on him, so he really has choices.
Luke and Anakin Skywalker can't look stupid. They do stupid things while doing something heroic, but there is no "oops", and they always end up working out. The silly stupid is reserved for Jar Jar, or C3PO.
Another difference is the mentor - ObiWan wants Luke to become like him, but Peter's Uncle can't help him with his spider powers, only his moral makeup.
And in Spiderman, there are a lot of moral trade-offs (he could have got the girl, but I won't spoil it). He could explain or expose his secret and it would fix things short term, but he doesn't. He doesn't expose the Green Goblin's identity because it would hurt someone else, though he will be blamed. There are heavy costs to do the right thing in Spider-Man. Every doesn't live happily ever after, but they retain their honor.
There is some of this in StarWars, but things tend to work out a lot better against heavier odds. Like at the end of Return of the Jedi, we see Luke's father with the good Jedi. Han Solo gets Leah - apparently there are no noblesse oblige and they can go away to a garden planet and not worry about the messy politics (I think about the US revolution or civil war - building and/or rebuilding a country isn't easy).
Star Wars is great myth, in the sense of a grand opera like the Ring Cycle. Bigger than life with cleaner endings and contrasts.
Spiderman fits within life.
TCP/IP Trademarks-Copyrights-Patents/Intellec-Prop
on
Fair IP Laws?
·
· Score: 1
The first problem is the USPTO. They are badly overworked and underfunded, they need to stop and reevaluate what should and should not be granted a patent. They may not grant valid patents, but the problem seems to be the other way, and they know it will go to court anyway.
Before we ask how long the title to property should last, we should make the title as issued stronger. An issued patent should be as or more solid than a title to your house. Not easily broken, and maybe insurable. The USPTO should issue patents that would be the equivalent of a finding for the patent holder in court, so anyone appealing should have a high burden of proof.
Currently they issue too easily and then let those who want to break it find prior art or other reasons the patent isn't valid.
Second, is software a toaster or book? Toasters aren't supposed to burn your house down so there are implicit warranties and liabilities. You can't sue an author because you didn't like the ending or the fondue from a cookbook. If any software is copyrighted, it should be in both source and binary form, and all the exceptions that libraries have (I can check out a copy) should apply. If they want to individually contract with each party under a NDA or Trade Secret, it will keep the Notary Publics employed - but that isn't a copyright.
Copyrights are supposed to secure income to the author and Patents to the inventor for a limited time to encourage innovation. Copyright should be 20 years, and Patents 10 given the speed of business, transportation and communication. If they want perpetual income they should use the proceeds to buy an annuity.
There is a case to be made beyond the 20 years for copyright in the area of artistic integrity. If I write something, I won't want something to come out defaced or altered under the same name. It would be a form of slander or libel. So I would extend an integrity copyright (you can't alter it and present it as the original work). The author can then present an "authorized" (pun intended) version of the work which should command a premium over the public domain version, as well as derivative works.
I don't know, but someone should calculate the number of books or recordings which are now out of print without any plans to print more. How do they benefit the authors? Where the majority of books go out of print plus some margin they should set the copyright period.
Slashdot Mirror
Data doesn't use minutes, at least not PCS web access (using the #xxx numbers).
You can use most phones as normal modems, so if you dial your local ISP using ATDT5551212, it would count (but I think there are night and weekend minutes).
I also checked the browsers, mainly command line a little while ago when the IE cert chain vulnerability was found. Most (wget, links, lynx) didn't bother to check the chain. Some didn't check anything at all, so any proxy server could spoof any page.
If you can see https://www.amazone.com, your browser is badly broken. amazone.com points to amazon.fr - but you should match the cert to the DNS.
Opera on the Zaurus was also vulnerable. Apple doesn't install any certificates in their OS X or Darwin OpenSSL directory.
One thing that happened between SSLeay (the original project) and OpenSSL is that the certificate chains were NOT installed by default, so everyone had a library, but no way of checking certificates since you require root certificates to check the site certificate. A second thing, probably worse is that the old default was to return an error if the certificate couldn't be validated. Now the default is TO GIVE NO ERROR IF THE CERTIFICATE CANNOT BE CHECKED. It would be better to give an error that would have to be overridden, which would cause developers to have to take a look and to actively disable security.
Curl was the only one that included any checking, but it required manually installing certs and specifying an option to turn it on. It would SILENTLY connect to SSL sites without security.
Mozilla was fine, and Konqueror fixed any problem it had, but the Opensource community should be embarrassed since the rest of the browsers security was not just flawed like IE, but DISABLED without any notice to this effect or NONEXISTENT.
but this is more for diskless workstations.
It would apply since your hardware can be used diskless even if it has a disk, but the various types of apps had to be changed and a server (under bigger load in an terminal server conviguration) had to handle things.
But as far as wholesale windows replacement, this would be a good resource.
There is a way of creating a false AP (make sure it is 5 channels away from any AP channel you are using, i.e. if you are using 6, you can use 1 and/or 11). You can then send out random Macs, SSIDs, and whatever else. I think some stumblers will get wise to this so you might need to play more games.
But in short, you can't detect something like Kismet or the Dwep tools, and even if you are using WEP you are probably sending out weak packets, enough that after a few days the key can be obtained.
"We are paranoid someone is going to come along and take away mindshare from developers. We're paranoid something out there is going to be more exciting to developers."
Lets see, a closed system with low quality, where they use proprietary protocols they don't want you to alter and then they change them, stop support and force upgrades, v.s. an open system of high quality that you can actually make better and costs almost nothing.
"No, we don't want to tell you how this works, and we don't want you to touch it" is not an attitude that creates mindshare.
I can see why it might be exciting to use Microsoft, but that type of excitement would reduce mindshare.
since it has to be something human beings are doing for anything annoying that happens to the earth, what activity are they going to blame for the pole flip?
For something like an office app, on similar machines, it takes forever to even start on any Windows machine I've used. I haven't used an 8 way xeon though, but my dual athlon is notably annoying.
Linux flys, but there is usually not a lot of extra junk running in the background. I usually use it with simpler WMs and I don't have things doing live updates in 20 windows.
A 500Mhz iBook is quite adequate (I'm using one now), but there is a slight delay when launching things (the dock bounce), but it is far less than windows (even things like Microsoft Word). OS X has a bunch of things in the background, but most are sleeping, but I've noticed that some things seem to have memory leaks or seem to want to update every three seconds and these will cause things to slow down.
LinuxPPC seems a bit faster, but again, I have far fewer things running, and am often in console mode. Mozilla takes a while to launch regardless of platform.
So OS X and Macs are comparably fast, if you compare similar systems. Comparing very old powerbooks to 133Mhz pentium systems is fair, but not an old powerbook to a new laptop.
My dual 1.2Ghz athlon is comparable to my dual 800Mhz G4. V.S. OS X, the Athlon is faster under linux, much slower under windows, but it depends what I run. Linux has mostly smaller applications, but Cocoa applications seem to work well. Huge applications like Mozilla or large carbon apps tend to be slow.
Under Jaguar, I rarely get the beachball of interminable delay, and even then I can switch apps to something I can do. Linux normally lets me do this too, but Windows won't let me switch apps until it thinks I should (so I am often stuck for a while). So subjectively, OS X is similar to Linux.
Try writing into the support contracts that you get the source or they pay (escrowed) for support or correction over the life of the system if any of the following happen: 1. They go bankrupt. 2. Any change of business plan (acquisition, restructuring) causes them to drop support for the product. 3. Dependent software changes or updates and they decide not to support the newer version (Office 95 or 97 are now unsupported but are far less than 10 years old).
/. article, it noted that Microsoft support didn't compare favorably to "the Psychic friends network".
Also, what is the assurance of quality of support? Lets say the system is popular but the system is "too slow", but can't be addressed by upgrading hardware. The system has FAILED, but "support" is worthless. In a long-ago
Or you call, get put on hold, talk to a receptionist spelling out every word of geekspeak, then a few days later someone calls back and leaves a message that they will call back sometime, (no callback number) since you were talking to someone else and voicemail picked up.
Or that the problem is something systemic and won't be addressed until the next version.
Make sure that the contract specifies things clearly and exactly. Remember you will be bound to the vendor for longer than many people are married.
(The OpenSource may not be cheaper initially, but has an upper limit on costs - Tell me what you are looking at and I can probably arrange support - either over a term or per-incident).
I got one of the Apple LCD cinema displays and it was one of the best purchases I made.
At the job I was at before that the room lights were so bright I think I was getting a tan and had to wear sunglasses indoors and had a "hood" over my CRT.
CRTs tend to blur when they are forced to be too bright, but unless the room is dark they must be turned up to be seen.
And I, like most programmers I know, want to overrez - they want to see 80 lines of code instead of 60 if they can.
There are good CRTs, but they cost nearly as much as an LCD (a 24", 22" viewable Sony comes to mind). They won't have the contrast ratio.
Multiheaded might or might not be good, it depends on what you are doing - a higher rez, bigger monitor might be better than two smaller ones.
Or maybe we should just have video walls in our cubicles.
C Traps and Pitfalls
Programming Pearls
More Programming Pearls.
Somehow people seem to think that medicine comes from some magic wand that costs nothing to wave so we can have infinite research, development, production, etc. for zero or nominal cost.
/. we complain about the DMCA and UITCA, but the FDA and tort system do the same for medicine), it will NEVER be able to follow that model.
Since there is no opensource model for drug development, and worse, it is highly regulated (Here on
Why are most of those drugs developed here and not in France, Mexico, or even Japan? Or even Canada? Canada is free to spend more on its health care developing its own drugs (will THEY give them to the US for free or below cost?).
Meanwhile, our military does protect Canada, while it lets in terrorists and even gives them welfare so they have more time to figure out ways of killing US Citizens. Personally, I think we should not be an empire, but if we are, our "friends" should recognize what it means to them.
Or to put it correctly, a user buried and responsible for a major spread of that virus.
Somehow I don't associate "Trustworthy" with either "Microsoft" or Advertising.
Of course there was was a comic routine where some corporation was going to add something that would fix things to the box but not the product.
So look for the "Trustworthy Computing" ad campaign saying you are imagining all the problems with your computer and credit card info being on the internet.
Most universities and their researchers are rabid left-wing ideologues. Of course they could put aside *their* political and Gaia-worship (without the terms dogma and heresy) biases, but I expect it is easier for an industry insider to put aside the profit motive than a zealot his faith.
When the existing group bring to the table their biases and have their reports shaded one way, they should expect to be removed.
Part of the problem involves the intellectual property stuff often discussed here at slashdot.
When you are studying something that won't immediately be profitable, you can do so much more cleanly than something with immediate use, especially if you can get a patent, and insure it won't be heavily regulated. Even so, there are rivalries, the story of the discovery of the double helix structure of DNA is such an example.
Even in the article and about ethics, there was an interesting note about how a board wanted to increase protection for the mentally ill but not the unborn. Such a question right now is only political - "When do people have rights?" can be discussed by philosophers, theologians, and politicians. But it is not a scientific question.
Only bad policy can come when politics masquerades as science - Were Galileo around today, these boards would not approve funding for his research because it would probably contradict the current scientific dogmas. Another example is plate tectonics and continental drift - it was proposed and laughed at in 1905, back then continents didn't move. I forgot the name of the person who came up with the theory, but he would not have been funded either. Then there was Lamark v.s. Lysenko in Russia.
At least now the masquerade is ended - these boards were always political.
And maybe we can go to a different form. Instead of everyone going to the government for funds ("I want to be free except when I want something for free" seems to be the motto), foundations, 501c3s, trusts and others could be set up with tax deductions or credits to fund research, so you can shop for one that agrees with your biases.
Most sniffing is passive. You can't detect a card that is not transmitting. If they mean rogue access, they need to use the right terminology.
You also need a completely up-to-date list of correct MAC addresses since those can be changed or spoofed. And to know whose computer is on or off (or that the laptop is on the south side of the building so having the MAC attached to the north AP is suspicious).
Then there is the possibility of a rogue AP meshing with your network.
And there would be a huge problem with things like nocat where you won't know the MAC address. Combine this with the IE SSL cert or similar vulnerability, and you can jump on a session.
There isn't a lot of security built into WiFi. You need to put things at a different layer (wifi is outside the DMZ, use vpn), or it would be a nightmare keying the APs to MACs which can be spoofed anyway.
Back in the mid 1980s, there was a rivalry between intel and motorola on embedded processors.
Part of it was the 286 v.s. the 68000 (which had been around), and Motorola produced a long missive explaining the problem with (64k) segments when trying to do anything useful.
This was in response to benchmarks showing that the 286 was not horribly slower and some cases faster than the 68000.
Nice to know nothing has changed in well over a decade.
The first point is that there is a very nice X server called Oroborous - the only feature missing is cut-paste between X and Mac apps, but that should come soon. I run a number of X apps including AbiWord under OS X.
But, yes, I have Word and Excel installed. And Gnumeric. And Yellow Dog Linux, but I boot into that less and less.
Between the good look-and-feel, the crashproofing, and the regular apps, my Mac G4 and iBook are my "appliance" computers.
Windows always gets in your way, and it often crashes (the stability is inversely proportional to the usefulness - more hardware and more add on software and something will conflict). But things like stealing focus and locking it - if it is going to take 2 minutes to come up I can shoot off an email, but no... Vmware (or Virtual PC) is great in this regard.
Mac OS X just works. If I want to pull tracks off a CD, it is a no-brainer. I don't have any difficulty doing it under Linux, but it is easy to the point of almost no interaction on the mac for many things. Including iPhoto when I want to print.
But if I want to tinker, I just open a terminal window and I have something very close to Linux. A few hardware hacks and tweaks are missing at the margin (Apple needs to spend a little while with Darwin - sometimes I need to change my MAC address or generate strange packets when I am testing - the Sysadmins love linux point was right on, and I have several Linux boxen including two Zauri).
So there are a few warts on the "linux" face of Mac OS X, but they are rare and the rest work exactly like Linux. And the Macintosh/apple face lets me get a lot more done without any tweaking. It is to the point I use fetchmail procmail spamassassin and mutt for reading and processing my mail but use the mail app to send from URLs.
The hardware might be proprietary (maybe less so, terrasoft makes boxes that run Mac OS X), but it is very cool. The LCD screens are very easy on the eyes, and try pricing large ones for the PC. And it does run Linux.
Linux and BSD were always rivals, and Apple has put it in one very nice package. With an iBook or PowerBook, you get most of the benefits of a unix OS with almost none of the tweaking.
Verisign might prove too much.
Although most claims of hacker damage are inflated, if they are maintaining that DNS entries aren't property, or aren't valuable, whatever, if a hacker points a server somewhere else, nothing of value has been damaged, taken, etc.
What I don't really understand is that if they got a forgery, did they, and if so why did they leave the error for 5 years?
I can see they might not have liability for believing a forgery, but for not returning the domain to the rightful owner?
There are the strip antennas that fit on the back of notebooks. They are about the size of a nameplate (and someone can paint the letters so they will look the same except for the wire). This will get the signal over, but I'm not sure if it will do 11kbps (or 54 for 802.11a)
100 Meters isn't that far though. A standard omnidirectional antenna would look like a pipe, so they could use it for a sign or something similar, and could provide over 10db gain - that should bridge things.
Finally, if the buildings are in a square, you could put a repeater AP at the center, so you have 50 meters instead of 100, which might be good for another 6db.
but not OS X which uses OpenSSL.
IE must have implemented the buggy crypto library from Windows.
Note that Lynx and Curl are also affected - most simple ssl implementations don't check cert chains correctly, if at all.
I'd go GPL.
What goes unsaid is that consumers and businesses have little choice in software EULAs from commercial companies. If you don't like it, don't use it.
As has been pointed out, Government IS different. A security flaw might expose everyone's driver's licenses or even more personal data. What if the EULA is one of those "we take no responsibility", so either the department shuts down for a year porting it (vendors disappear, programs become obsolete).
Another thing has been pointed out in the DVD debates - what about 25 years from now? There was a program on PBS a while ago called "Slow Fires" about how many books were deteriorating because of acid in their paper. Also noted were a series of video tapes, some valuable Nixon archival footage, but there were others, that there was ONLY ONE PLAYER available in the world.
"It's not that we have no record of your marriage, it is that the software expired".
Having the source is the ultimate out. Although I would allow for alternatives, in the case of failure, the (perhaps escrowed) source (and need I say a build environment) MUST be available to fix things.
After California's negotiation with Oracle, I can see why they would be careful, and that was just on cost, not the complex world of copying, usage, redistribution, etc. written into EULAs.
EVERY GOVERNMENT COMPUTER RUNNING INTERNET EXPLORER IS VULNERABLE TO THE SSL CERTIFICATE EXPLOIT. This includes Macintosh. Doesn't that make you feel good?
Microsoft's non-response so far leaves everyone vulnerable. Konqueror was for a few minutes, Netscape and Mozilla wasn't, but they would have been fixed.
Did anyone, anywhere write into a contract that this must be fixed? What do we do in the interim? Hope no one is running an exploit anywhere?
I would be all for writing quality control into the contracts. Having electronic things explode or burst into flames is probably something you would want to avoid, or at least insure you didn't have to pay for or keep a bunch of defective items around. But I doubt Microsoft would be able to fulfill any terms adequate to protect taxpayers. Fine, don't mandate open source. But mandate returns or refunds/rebates for defects, with the vendor bearing the cost of conversion if something isn't fixable (for techinical, political, or economic reasons).
Even with the move to privatization, you don't expect the company hired to keep all the critical information if their contract is terminated or transferred.
What about cars? There might be a defect in Crown Victorias where they burst into flame if hit from behind. Some silly police departments want Ford to fix the problem before they will buy any more. They should be glad to be stuck with defective products and at the mercy of vendors denying any problems. Demand fixes and parts?
We have a lot of examples of CRITICAL defects in software. In the Government, they must be FIXED in a TIMELY manner. This is a requirement.
Microsoft fails to fulfill it now, and I suspect there are many other vendors that couldn't. Others could, but the working system will take longer and cost more money. OpenSource is no panacea in this regard, but it is much better.
Do you want to wait months while the currently active exploits may or may not be worked on (usually the "window" is such that there are several active unfixed flaws at the same time), and if the deployment might crash other things (the mega service pack that breaks more than it fixes), or do you want the flaw found and fixed before it appears here?
And runs linux. natively. You can develop on it, though I prefer to ssh to it. Get a wireless card if you want it to be really portable or want to run kismet.
Considering his views on that other issue (http://www.all.org/gates/index.htm), somehow after all the BSoDs, and the other general quality, and all the anti-competitive activity like the logic bomb against DrDOS, it should not be called Choice. Abortion is more appropriate.
You can brute force CCNs. Only about 1/10 are valid, and if you know MC v.s Visa you know what it begins with. If you know the bank you know more numbers. If SHA(ccn) == test... You can hash a block of numbers and look.
Add some junk or the address or something that wouldn't be compromised on the same server.
CCNs would take a while, but I'd still worry. SSNs or other smaller numbers would be completely insecure.
First both are heavily religous movies. The new age buddhist in Clones v.s. more traditional Christianity (Aunt Mae says the our father, they celebrate thanksgiving and there is a problem saying grace).
Peter Parker is a comic character. He makes a lot of mistakes trying to become the superhero, and we laugh with him when things don't work out. That is someone everyone can relate to. The universe doesn't depend on him, so he really has choices.
Luke and Anakin Skywalker can't look stupid. They do stupid things while doing something heroic, but there is no "oops", and they always end up working out. The silly stupid is reserved for Jar Jar, or C3PO.
Another difference is the mentor - ObiWan wants Luke to become like him, but Peter's Uncle can't help him with his spider powers, only his moral makeup.
And in Spiderman, there are a lot of moral trade-offs (he could have got the girl, but I won't spoil it). He could explain or expose his secret and it would fix things short term, but he doesn't. He doesn't expose the Green Goblin's identity because it would hurt someone else, though he will be blamed. There are heavy costs to do the right thing in Spider-Man. Every doesn't live happily ever after, but they retain their honor.
There is some of this in StarWars, but things tend to work out a lot better against heavier odds. Like at the end of Return of the Jedi, we see Luke's father with the good Jedi. Han Solo gets Leah - apparently there are no noblesse oblige and they can go away to a garden planet and not worry about the messy politics (I think about the US revolution or civil war - building and/or rebuilding a country isn't easy).
Star Wars is great myth, in the sense of a grand opera like the Ring Cycle. Bigger than life with cleaner endings and contrasts.
Spiderman fits within life.
The first problem is the USPTO. They are badly overworked and underfunded, they need to stop and reevaluate what should and should not be granted a patent. They may not grant valid patents, but the problem seems to be the other way, and they know it will go to court anyway.
Before we ask how long the title to property should last, we should make the title as issued stronger. An issued patent should be as or more solid than a title to your house. Not easily broken, and maybe insurable. The USPTO should issue patents that would be the equivalent of a finding for the patent holder in court, so anyone appealing should have a high burden of proof.
Currently they issue too easily and then let those who want to break it find prior art or other reasons the patent isn't valid.
Second, is software a toaster or book? Toasters aren't supposed to burn your house down so there are implicit warranties and liabilities. You can't sue an author because you didn't like the ending or the fondue from a cookbook. If any software is copyrighted, it should be in both source and binary form, and all the exceptions that libraries have (I can check out a copy) should apply. If they want to individually contract with each party under a NDA or Trade Secret, it will keep the Notary Publics employed - but that isn't a copyright.
Copyrights are supposed to secure income to the author and Patents to the inventor for a limited time to encourage innovation. Copyright should be 20 years, and Patents 10 given the speed of business, transportation and communication. If they want perpetual income they should use the proceeds to buy an annuity.
There is a case to be made beyond the 20 years for copyright in the area of artistic integrity. If I write something, I won't want something to come out defaced or altered under the same name. It would be a form of slander or libel. So I would extend an integrity copyright (you can't alter it and present it as the original work). The author can then present an "authorized" (pun intended) version of the work which should command a premium over the public domain version, as well as derivative works.
I don't know, but someone should calculate the number of books or recordings which are now out of print without any plans to print more. How do they benefit the authors? Where the majority of books go out of print plus some margin they should set the copyright period.