Read, be enlightened. Why you should never pay for online dating, a blog entry from the founder of OKCupid (via the wayback machine since it was pulled when they got bought out by for-pay dating site match.com):
Hasn't China tried this before with EVD? It didn't work then (or maybe it worked enough to be the sabre-rattling it was intended as), why should this be any different?
How do they store these digitized movies? Even better, how do they transport them?
Some back-of-the-envelope calculations assuming a 4000x4000 image, 24 bit color (too low?), lossless (optimistic) 4:1 compression and 24fps show that a 2 hour movie takes up over 1.8TiB.
Is it just a box of 300GB tapes, or do they have something even cooler?
Can you imagine the restore times for a movie from tape...
- mib
Even non-compiling source code is useful
on
Source Code Escrow
·
· Score: 5, Insightful
I've seen a lot of people comment that unmaintained source code is not useful. This is a fairly big assumption, and I'd wager few of you have actually been in the situation of losing a mission critical piece of software due to vendor abandonment.
I have. Several times.
Even non-compiling source code is very useful, for at least two reasons, and likely many more.
Interoperability/data extraction
Chances are if your software is abandoned, you're migrating to something else. Getting that data out of your old system is a lot easier if you can see the code that put it in there, as is writing a compatible system.
Maintenance by Reverse Engineering
Just seeing how things works allows you to extend the life of software by working around and fixing new problems. A good example is some abandonware we had that was locked by license key to a fixed hostid. A trawl through the source code would have allowed us to reverse engineer a license key generator and easily move the system to a new host. (In the end we had to fix this with judicious use of LD_PRELOAD and fake gethostid() and hostname() calls, but making a new license key would have been much nicer.)
From a business point of view, I'd like all software to be licensed under a source escrow arrangement.
Anyone know where/if you can get the source for SystemStarter? With a bit of tweaking it sounds like it'd be perfect for a batch processing harness I need, and would save me a bunch of work.
I tried navigating the apple open source areas, but I got stuck in a twisty maze of passages all alike.
Nowadays with so many people having home theatre systems capable of taking digital input, I predict a big rise in motherboards with onboard S/PDIF audio outputs. Let's get analogue signals and amplification away from all that RF interference inside the PC case. Just wait for the first set of PC speakers that uses one S/PDIF connector instead of between 1 and 3 mini-stereo jacks.
Telstra as a RETAIL company should be split from Telstra the NATIONAL INFRASTRUCTURE company.
This split has been cried out for in Australia ever since privatisation of Telstra was first envisioned. However, this will never happen under the current government, as they need a high Telstra share price to keep their core electors happy and to push their sale of the remaining 51% of the company. Splitting Telstra would inevitably devalue the stock. Selling Telstra (and in fact any public infrastructure they can get away with) to provide short-term financial windfalls and give the appearance of responsibility has been part of the Howard government's fiscal policy since day 1.
There have been at least two independent investigations which have recommended the split, including one commissioned by the NOIE themselves (which they then totally ignored).
Google for "telstra" "infrastructure" "split" for a plethora of related news articles.
From what I see, the improvement here is to use packet delay instead of packet loss for congestion control. They claim this has a bunch of advantages for both speed and quality.
Here is a Google cached copy of their paper from March 2003.
This could be a great rental-fee saver for my friends and I.
If I unseal the movie and watch it in 3 hours, it still has 45 hours of life left. I can then pass it on to someone else to watch because, unlike regular rentals, I don't have to trust them to return it.
I have a feeling video stores are not going to like this. Or do they get the majority of their money from people without friends?
For those who tried it, here is the solution to the "nonhomogeneous rope burning" problem. I'm ashamed to say this is the only one of the easy problems I couldn't figure out by myself when I tried them 6 months ago. If you didn't try the problem, you might want to go back and try it -- you become smarter by thinking about these, not by knowning the answers.
Light both ends of one rope, and one end of the other rope, and begin timing. When the first rope has burnt up half an hour has passed. At that point, light the second end of the other rope, which is now half an hour long. When the second rope has finished burning, an additional 15 minutes have passed, making a total of 45 minutes.
This was posted to slashdot last time we had a story on a similar topic, but it's worth a re-post for everyone who missed it. If you like logic puzzles and riddles, check out wu:: riddles. They have a section of Microsoft questions as well.
Here's an example riddle to get you started:
NONHOMOGENEOUS ROPE BURNING
You have two ropes, each of which takes one hour to burn completely. Both of these ropes are nonhomogeneous in thickness, meaning that some parts of the ropes are chunkier than other parts of the rope. Using these nonhomogeneous ropes and a lighter, time 45 minutes.
Note: Some clarification on what is meant by nonhomogeneous. For instance, maybe a particular section of rope that is 1/8 of the total length is really chunky, and takes 50 minutes to burn off. then it would take 10 minutes to burn off the remaning 7/8, since we know that the whole rope takes an hour to burn off. that's just an example; we don't know any such ratios beforehand. The point is, if you look at one of your ropes and cut it into pieces, you have no clue how long any individual piece will take to burn off.
"The village yeoman, Hugh, hewed two yews to use in the upcoming archery contest"
I tried your phrase on an actual live human (native English speaker, of normal-to-above-average intelligence), and it took her longer than normal to parse it (there was a noticeable facial expression change while she figured it out).
This seems to indicate it's just a matter of processing power (and the brain is still winning out over your dictation software).
Is it just me, or should this really have been called the "Los Angeles Anime Advertising Fest". A significant proportion of the program is excerpts from forthcoming DVDs from American distributors (ADV Films, Manga Ent., Pioneer).
Here's my take on the real "must-see" films of the festival:
Tamala2010 A Punk Cat in Space. Has an outside chance of actually being great, but at least it'll be strange and a good conversation piece.
Jungle Emperor Leo. This became "Kimba" in its Americanized form. A chance to see some of anime history in its original form that you may not get again.
Castle in the Sky/Kiki's Delivery Service. Do yourself a favor and see this superior double-feature instead of the lacklustre "Cat Returns."
Arete Hime. Worth a look for the animation, for which it won an award at the Toyko Anime Fair in 2002.
Memories. As anime films go, this one is a brilliant work of art.
I found some more PR guff about the fest at anime-tourist too.
I guess fanboys will want to see Animatrix as well (I probably would), though the three released online episodes don't seem anything to write home about.
I'm amazed to see so many suggestions regarding promotion possibilities -- I wonder if you all work in a different IT industry to me. I'm only 30 (don't laugh), but I'm already as high up the technical career ladder as it's possible to be at my workplace (and changing jobs would be a demotion based on the job ads I've seen). To get any higher I'd have to become a manager, which doesn't yet excite me. Isn't there more to a career than just climbing the ziggurat?
Anyway, if you are a manager, the best advice I can give is to find a copy of Peopleware: Productive Projects and Teams, read it, and use its advice. It's a thin book, but it is +100 Insightful when it comes to employees.
Some links on the book:
there is nothing more obnoxious in the console world than split screen gaming
I know the parent message was about Half-Life, but you know, game isn't just a longer way of writing FPS. Sure the Church of Carmack calls me a blasphemer, but if just one PC gamer is saved, it's worth it.
- mib
p.s. Don't be getting all smug now, believers in the Holy Order of the Two Commandments (1. Command. 2. Conquer.), you're just as bad.
diablobynight:
A lot of internal networks are password protected and protected by the complete inability to access them from outside the network.
That's a perfect example of something to use in conjunction with passwords: firewalls/IP restrictions. There's lots of other security "tech" too, depending on the level of protection you need. I'm not saying you shouldn't have passwords -- of course you should -- just don't think they're the end of the story, no matter how "hard" you try to make them.
If your data really is worth a lot of effort to steal (or your access), you should think about whether the convenience of remote access is worth it. There's certainly no remote access to our payroll database system, for example.
Anyway, can someone talk their way into your machine room? If so, you've got a problem. How many people have acesss to it anyway? A lot more than actually need it if that's the case, I'd wager. Go see your boss and start with a "all visitors in the machine room must be accompanied by a sysadmin/operator at all times" policy. Revise as appropriate.
Is all this a pain in the ass? Yes. Security is, that's why most people do their best to ignore it and most things are designed without it in mind. Turning on cracklib for passwords is the answer if the question is "how do I get warm fuzzy feeling about security so I can get back to reading slashdot?"
- mib
p.s. Is there a limit for when you're likely to be moded up? I imagine after 24hrs nobody is reading without at least a +2 filter. Then again, I shouldn't underestimate our ability not to have lives.:)
I see we have the expected collection of replies from people who think they're experts on passwords because they've turned on all the security settings on their debian box and ran a cracker over a shadow file. *sigh*
Here's the straight dope: passwords suck. No, seriously, I mean they really really suck. A password is either insecure because it's too "simple", or it's too hard to remember for anyone but us nerds who breezed high school without having to learn anything due to amazing powers of recall. Hard passwords are nearly always written down somewhere (how many of you carry passwords, or obfuscated passwords, in you wallet/purse, eh?). You can enforce really "hard" passwords, but all you'll do is make your users hate you. And watch you don't actually end up reducing the search space!
But hell, it doesn't matter anyway, because a complete brute-force search of the 8-character ascii domain is feasible, and is only going to get easier. (Longer passwords? Great, until you find a system you need to support that truncs at 8 -- suddenly you've got an even less secure password because the randomness in the first 8 chars wasn't an issue. Or you have to let people use phrases, and English's entropy isn't that high. What, you mean you don't manage domains of hosts with common auth? Sit back down then.)
The good news is, this doesn't mean shit. What are you trying to protect? Most people don't need uber-secure passwords. Who'd want to hack into my mother's webmail account? The effort involved wouldn't be worth any payoff.
But:
If you're letting users grab huge lists of your encrypted passwords, you're fucked.
If you're letting unknown parties have enough auth attempts to brute force even a non-obvious dictionary word, you're fucked
If you have something to secure that's worth somebody spending a lot of time and effort to break into and your only security is username and password, you are completely, utterly, and royally, fucked, and I hope I never have anything to do with systems you write.
Market regulation and trade restrictions are only "commie" if you're an American, whereby you pretend you don't have any (even though you do, heavily), force everyone else to abolish them, and thus stuff your own coffers even further.
xmove starts a pseudoserver which allows X11 clients to be relocated from one display to another. Upon startup it will create a listening port from which it accepts new client connections. When xmove is invoked it chooses a default server, and all clients will be displayed on that server until moved elsewhere. Several clients may connect through a single xmove, thus requiring only one xmove process per machine.
Don't any of you bozos pay attention to prior articles? Security is about risk management. If you have something to protect that is worth $1bn for someone to steal and the only protection you have on it is 1024-bit crypto, you deserve to have it stolen.
Your homework for today is to (re)read Secrets and Lies. There will be a quiz.
Slashdot Mirror
George Lucas? Is that you?
Read, be enlightened. Why you should never pay for online dating, a blog entry from the founder of OKCupid (via the wayback machine since it was pulled when they got bought out by for-pay dating site match.com):
http://web.archive.org/web/20101006104124/http://blog.okcupid.com/index.php/why-you-should-never-pay-for-online-dating/
Hasn't China tried this before with EVD? It didn't work then (or maybe it worked enough to be the sabre-rattling it was intended as), why should this be any different?
How do they store these digitized movies? Even better, how do they transport them?
Some back-of-the-envelope calculations assuming a 4000x4000 image, 24 bit color (too low?), lossless (optimistic) 4:1 compression and 24fps show that a 2 hour movie takes up over 1.8TiB.
Is it just a box of 300GB tapes, or do they have something even cooler?
Can you imagine the restore times for a movie from tape...
- mib
I have. Several times.
Even non-compiling source code is very useful, for at least two reasons, and likely many more.
Interoperability/data extraction
Chances are if your software is abandoned, you're migrating to something else. Getting that data out of your old system is a lot easier if you can see the code that put it in there, as is writing a compatible system.
Maintenance by Reverse Engineering
Just seeing how things works allows you to extend the life of software by working around and fixing new problems. A good example is some abandonware we had that was locked by license key to a fixed hostid. A trawl through the source code would have allowed us to reverse engineer a license key generator and easily move the system to a new host. (In the end we had to fix this with judicious use of LD_PRELOAD and fake gethostid() and hostname() calls, but making a new license key would have been much nicer.)
From a business point of view, I'd like all software to be licensed under a source escrow arrangement.
- mib
Anyone know where/if you can get the source for SystemStarter? With a bit of tweaking it sounds like it'd be perfect for a batch processing harness I need, and would save me a bunch of work.
I tried navigating the apple open source areas, but I got stuck in a twisty maze of passages all alike.
- mib
Nowadays with so many people having home theatre systems capable of taking digital input, I predict a big rise in motherboards with onboard S/PDIF audio outputs. Let's get analogue signals and amplification away from all that RF interference inside the PC case. Just wait for the first set of PC speakers that uses one S/PDIF connector instead of between 1 and 3 mini-stereo jacks.
This split has been cried out for in Australia ever since privatisation of Telstra was first envisioned. However, this will never happen under the current government, as they need a high Telstra share price to keep their core electors happy and to push their sale of the remaining 51% of the company. Splitting Telstra would inevitably devalue the stock. Selling Telstra (and in fact any public infrastructure they can get away with) to provide short-term financial windfalls and give the appearance of responsibility has been part of the Howard government's fiscal policy since day 1.
There have been at least two independent investigations which have recommended the split, including one commissioned by the NOIE themselves (which they then totally ignored).
Google for "telstra" "infrastructure" "split" for a plethora of related news articles.
- mib
This is part of a whole bunch of TCP and networking related work at CalTech.
I hate to do this to them, but the Caltech Networking Lab site has more info.
From what I see, the improvement here is to use packet delay instead of packet loss for congestion control. They claim this has a bunch of advantages for both speed and quality.
Here is a Google cached copy of their paper from March 2003.
This could be a great rental-fee saver for my friends and I.
If I unseal the movie and watch it in 3 hours, it still has 45 hours of life left. I can then pass it on to someone else to watch because, unlike regular rentals, I don't have to trust them to return it.
I have a feeling video stores are not going to like this. Or do they get the majority of their money from people without friends?
- mib
Woah... I think you're on to something here. Massive media conglomerates re-use old ideas to sucker public! Film at 11! Revolutionary!
In other news: blantant sarcasm, self-reference, and precluding criticism by disparaging your own crappy comments also considered passe.
Final Fantasy is live action? I think you've been staring at the screen a little too long! :)
Also, see:
- mib
WARNING: CONTAINS SPOILERS.
For those who tried it, here is the solution to the "nonhomogeneous rope burning" problem. I'm ashamed to say this is the only one of the easy problems I couldn't figure out by myself when I tried them 6 months ago. If you didn't try the problem, you might want to go back and try it -- you become smarter by thinking about these, not by knowning the answers.
This was posted to slashdot last time we had a story on a similar topic, but it's worth a re-post for everyone who missed it. If you like logic puzzles and riddles, check out wu:: riddles. They have a section of Microsoft questions as well.
Here's an example riddle to get you started:
"The village yeoman, Hugh, hewed two yews to use in the upcoming archery contest"
I tried your phrase on an actual live human (native English speaker, of normal-to-above-average intelligence), and it took her longer than normal to parse it (there was a noticeable facial expression change while she figured it out).
This seems to indicate it's just a matter of processing power (and the brain is still winning out over your dictation software).
- mib
Is it just me, or should this really have been called the "Los Angeles Anime Advertising Fest". A significant proportion of the program is excerpts from forthcoming DVDs from American distributors (ADV Films, Manga Ent., Pioneer).
Here's my take on the real "must-see" films of the festival:
Has an outside chance of actually being great, but at least it'll be strange and a good conversation piece.
This became "Kimba" in its Americanized form. A chance to see some of anime history in its original form that you may not get again.
Do yourself a favor and see this superior double-feature instead of the lacklustre "Cat Returns."
Worth a look for the animation, for which it won an award at the Toyko Anime Fair in 2002.
As anime films go, this one is a brilliant work of art.
I found some more PR guff about the fest at anime-tourist too.
I guess fanboys will want to see Animatrix as well (I probably would), though the three released online episodes don't seem anything to write home about.
Now, anyone want to buy me a trip to LA?
- mib
I'm confused. Are you talking about the VR genre, or the porn genre?
I'm amazed to see so many suggestions regarding promotion possibilities -- I wonder if you all work in a different IT industry to me. I'm only 30 (don't laugh), but I'm already as high up the technical career ladder as it's possible to be at my workplace (and changing jobs would be a demotion based on the job ads I've seen). To get any higher I'd have to become a manager, which doesn't yet excite me. Isn't there more to a career than just climbing the ziggurat?
Anyway, if you are a manager, the best advice I can give is to find a copy of Peopleware: Productive Projects and Teams, read it, and use its advice. It's a thin book, but it is +100 Insightful when it comes to employees. Some links on the book:
there is nothing more obnoxious in the console world than split screen gaming
I know the parent message was about Half-Life, but you know, game isn't just a longer way of writing FPS. Sure the Church of Carmack calls me a blasphemer, but if just one PC gamer is saved, it's worth it.
- mib
p.s. Don't be getting all smug now, believers in the Holy Order of the Two Commandments (1. Command. 2. Conquer.), you're just as bad.
That's a perfect example of something to use in conjunction with passwords: firewalls/IP restrictions. There's lots of other security "tech" too, depending on the level of protection you need. I'm not saying you shouldn't have passwords -- of course you should -- just don't think they're the end of the story, no matter how "hard" you try to make them.
If your data really is worth a lot of effort to steal (or your access), you should think about whether the convenience of remote access is worth it. There's certainly no remote access to our payroll database system, for example.
Anyway, can someone talk their way into your machine room? If so, you've got a problem. How many people have acesss to it anyway? A lot more than actually need it if that's the case, I'd wager. Go see your boss and start with a "all visitors in the machine room must be accompanied by a sysadmin/operator at all times" policy. Revise as appropriate.
Is all this a pain in the ass? Yes. Security is, that's why most people do their best to ignore it and most things are designed without it in mind. Turning on cracklib for passwords is the answer if the question is "how do I get warm fuzzy feeling about security so I can get back to reading slashdot?"
- mib
p.s. Is there a limit for when you're likely to be moded up? I imagine after 24hrs nobody is reading without at least a +2 filter. Then again, I shouldn't underestimate our ability not to have lives. :)
I see we have the expected collection of replies from people who think they're experts on passwords because they've turned on all the security settings on their debian box and ran a cracker over a shadow file. *sigh*
Here's the straight dope: passwords suck. No, seriously, I mean they really really suck. A password is either insecure because it's too "simple", or it's too hard to remember for anyone but us nerds who breezed high school without having to learn anything due to amazing powers of recall. Hard passwords are nearly always written down somewhere (how many of you carry passwords, or obfuscated passwords, in you wallet/purse, eh?). You can enforce really "hard" passwords, but all you'll do is make your users hate you. And watch you don't actually end up reducing the search space!
But hell, it doesn't matter anyway, because a complete brute-force search of the 8-character ascii domain is feasible, and is only going to get easier. (Longer passwords? Great, until you find a system you need to support that truncs at 8 -- suddenly you've got an even less secure password because the randomness in the first 8 chars wasn't an issue. Or you have to let people use phrases, and English's entropy isn't that high. What, you mean you don't manage domains of hosts with common auth? Sit back down then.)
The good news is, this doesn't mean shit. What are you trying to protect? Most people don't need uber-secure passwords. Who'd want to hack into my mother's webmail account? The effort involved wouldn't be worth any payoff.
But:
- mib
p.s. Useradd/passwd is not account management.
How to buy a region free DVD player in Australia:
- Walk into DVD player selling store.
- Ask for the player you want in a region free version.
- Pay.
- Take your region free player home.
Seriously, ask and ye shall receive. Nearly if not all brands/models have region free versions direct from the manufacturer.- mib
Market regulation and trade restrictions are only "commie" if you're an American, whereby you pretend you don't have any (even though you do, heavily), force everyone else to abolish them, and thus stuff your own coffers even further.
xmove could do some of what you want, moving clients between X servers. I haven't used it in 3 or 4 years, so I don't know if it still works.
From the man pages:
Don't any of you bozos pay attention to prior articles? Security is about risk management. If you have something to protect that is worth $1bn for someone to steal and the only protection you have on it is 1024-bit crypto, you deserve to have it stolen.
Your homework for today is to (re)read Secrets and Lies. There will be a quiz.