It seems that G.W. qualified EVERY answer dealing with privacy...
That's not exactly correct. GWB didn't bother to answer their questions, but instead sent in what sounds like his generic policy paper on the issue. PC World went through and dug out the comments that came closest to answering their specific questions, but in a lot of cases the questions are different enough that the actual answer comes out as somewhat qualified compared to the question asked.
All you can do now is neurotically, obsessively, try to think of every situation in which this cracking could
happen, and try and cover it. Then ask all your friends, enemies, and family pets to tell you what you missed.
That's not quite true, though. One additional, and very important, thing that you can do is to try to figure out how to minimize the damage that an attacker can do even if he does manage to crack something. This is an area in which Unix/Linux and NT both fall down pretty badly; they spend a lot of time trying to make it hard to get priviledge, but let you do pretty much anything you want if you do. There needs to be a lot more attention paid to making systems damage tolerant, so that a broken ftpd (or whatever) won't put the whole system at risk.
The nastiest bit of the whole thing is saved for the very end of the article: the MS script is set up to do this cookie exchanging indiscriminately, not just for other MS sites. As the author put it:
Since the MSN server returns the ID found in pre-existing cookies,
anyone, anywhere can create links to his own pages which will deliver visiting users' MSN
GUIDs to his own server.
I don't know precisely how many of Microsoft's servers may behave this way, nor whether this practice is widespread on the Web. But to the degree that such
identifiers might lead to personal information, this indiscriminate handing-out of GUIDs could have very undesirable consequences to users' privacy.
That's a very, very serious security hole. I don't know how much data MS keeps, but I wouldn't be terribly surprised if it were possible to mine credit cards numbers this way. It's more proof of MS's lax attitude toward security.
I was under the impression that for water vapour to get into the air, liquid water must evaporate (solid water certainly does not transform directly into vapour!).
Solid water most certainly does transform directly into vapor. It does so more slowly than liquid water, but you can sublime (i.e. transform from solid directly to gas) any substance, including water. This is, in fact, how freeze drying works; the thing to be dried is frozen and subjected to very low pressure, which causes the water to sublime away. If you have ever lived in a cold, dry climate, you would know that snow will gradually dissappear even if the temperature never gets anywhere close to freezing.
Alos, our government is a coaliation between two of the parties, the jurry is still out as to weather this is a good thing or
not.
Coalition governments can be a problem under some circumstances, particularly when the electoral system allows small special interest parties to get representatives, as in a classic pure proportional representation system. This is because the minority partners can threaten to overthrow the coalition unless they get their special interest legislation passed. This is effectively the opposite of the problem of the first-past-the-post system. The 5% requirement (which I think was first tried in the German Federal Republic) is supposed to keep out single-interest parties and minimize that kind of vote selling.
The general problem of giving excessive power to minority parties is in some ways similar to the obnoxious requirement here in California that the budget be passed by a 2/3 vote. The original goal was to prevent wasteful spending by requiring the vast majority of representatives to support something to get it passed. Instead, though, it encourages a minority of representatives to be obstructionist and demand to be bought off with spending of dubious value that must be spent in their districts.
Um, if it effectively controlled access wouldn't this law be *unnecessary*?
No, not at all. Most of the specific instances of breaking encryption that have been brought up already have been the result of second rate access controls, but it is theoretically possible that somebody could break or otherwise circumvent a really good access control scheme- by reverse engineering, memory probing for decryption keys, or simple brute force and luck. Remember that no encryption scheme of the type needed for, say, a DVD player can be expected to survive a sufficiently motivated attack. Remember also that Congress has extended copyright to a ridiculously long term, so what seems like a reasonable and effective access control scheme today may be considered trivial to break before the copyright has expired.
Actually, this sounds a lot like current laws covering burglary tools. There are a lot of tools that can be used either for legitimate purposes or to help break into people's houses. It is not, in general, illegal to own those types of tools or use them for their legitimate legal function. If, however, you get caught using them to break into somebody's house, or IIRC if you're found in posession of stolen goods or other circumstantial evidence of burglarious activity and burglary tools, you can be charged for posession of burglary tools. Nobody gets in trouble just for having a crowbar in his garage; they do get in trouble for having a crowbar in their bag along with their neighbor's TV set.
Something similar is likely to apply to the computer equivalent. If you're a network administrator and happen to have a copy of nmap on your computer, the FBI isn't going to come and break down your door in the middle of the night for having cracking tools. After all, it has a significant, legitimate use in your work and hence doesn't fall under the heading of "[specifically] [primarily] [particularly] for the purpose of committing any of the offences established in accordance with Article 2 - 5;". If, OTOH, you're found with emails copied from somebody else's computer and a copy of nmap on your hard drive then you might find some additional charges leveled against you. In that case it's pretty clearly under the heading of "the possession of an item referred to in paragraphs (a)(1) and (2) above, with intent that it be used for the purpose of committing the offenses established in Articles 2 - 5." The bigger problem is that this is likely to have a chilling effect on the development of newer, more effective tools for security monitoring.
This is especially amusing when you realize that a standard hospital code for a cardiac arrest is "Code Blue". This is one of those weird medical things. In order to avoid panic among patients, certain potentially dangerous situations are given color codes that the staff are supposed to know but that won't spook patients. So when I hear that there's a "Code Yellow" I know to start looking carefully for bombs.
There are two problems with this approach. One is that different packages may very well have similar heuristics for determining what to block. Sites that mention, say, breast cancer are still likely to be blocked. This can be quite serious. I'm a scientist, and my workplace uses a filter program. One of the sites that it blocked was a site that had time sensitive information about submitting grants for breast cancer research. The people who needed that information needed it right away, and it was extremely obnoxious to be forced to demand that it be put on the non-blocked list. The big lesson from this is that it only takes one incorrectly blocked site to ruin your whole day.
The flip side is that not quite all blocks are done by heuristics. Some sites are deliberately blocked for commercial or political reasons- the Peacefire site itself is possibly the best example. This is another case in which the different blocking companies are likely to agree, so again you have falsely blocked sites. The difference is that in this case they're blocked because filtering companies in general don't want you to see them.
Of course the combination of false positive (i.e. blocked but shouldn't have been) and false negative (i.e. should have been blocked but wasn't) should be more powerful than either statistic alone. After all, you don't just want to prove that the filterware is damaging by preventing access to legitimate sites. Some people are likely to view that as acceptable so long as it keeps the kiddies from seeing pr0n. Similarly, some people are going to be willing to accept an inability to block everything so long as the obvious places are blocked. But the combination of the two- that it blocks legitimate sites and fails at its ostensable purpose of keeping the kids' eyes off pr0n- makes it truly worthless.
That's not necessarily so. Take a look at OpenBSD, for instance. It's certainly Open Source (and Free Software for you FSFers), but it's also aimed quite narrowly at enhanced security applications rather than general utility. There are plenty of projects out there that are quite narrowly focused; it's just that their narrow focus tends to prevent them from getting the kind of really big publicity that Linux gets. You could even argue that OSS/Free Software is a perfect solution for the large number of problems that have too narrow a userbase to support a commercial product. If anything, I'd say that most OSS/Free Software projects tend to be too narrowly focused, since they tend to start out as attempts to scratch a particular programmer's itch rather than to be a generally useful program for a large enough group of customers to justify for profit development.
Intel is going the clock speed route for a reason, and it is pretty clear to me.
Yep, It's pretty clear to me, too- Marketing. Intel has clearly decided that MHz sells, not real world performance. They clearly believe that the average buyer doesn't know enough to look at overall performance, particularly when there's a single, easy to follow number that supposedly measures speed. The sad part is that they're almost certainly correct. There are a lot of people who believe that MHz is the ultimate measure of a processor's goodness, so the hypothetical 2 GHz PIV will be obviously better than a 1.4 GHz AMD, even if the actual performance of the AMD chip is higher.
What I wonder is why noone has done this on the moon yet. After venting the space it would make an ideal sealed container for colonization projects. If we had done this during some of the Apollo missions (or at least during that era) the caverns created would have had 30+ years to vent already.
There would be some practical problems, too. The most important is that in order to get one of these nice deep bubbles, you need to get the nuclear explosive deep enough under ground that it won't blow the top off your new chamber. That means a moderately large drilling project; at the very least you're going to have to make a hole 100+ meters deep to put the nuke in. There was no way that the Appolo missions could have brought along enough equipment to do that kind of drilling. The were just barely able to get to the Moon and back, so dragging along a few tons of drilling equipment was pretty much out of the question.
There were obviously some political issues, too. For one thing, even if they could get by the issue of detonating a nuke in space, this would have looked like an American declaration of interest in colonizing the Moon. That's understandable because it would have been. That probably wouldn't have sat well during the depths of the cold war. Possibly more important, as you correctly point out this is a long term project; you aren't just going to do your nuclear excavation one day and move in the next. It's going to take a decade or two for the radiation to fall to acceptable levels, and I've never particularly noticed the U.S. government to be particularly competent at planning beyond the next presidential election, much less the next decade.
That's nothing. You should see the exits on the Pasadena Freeway. There are quite a few of them that are marked as "Exit 5 m.p.h." and they're dead serious about it. They are nothing but a right angle turn with a stop sign at the end of it. Even worse are the on-ramps, which do a right hand turn and then a stop sign. You have about 50 feet from the stop sign to get up to freeway speeds before merging with traffic.
Re:Linux is not an OS, either...
on
Is UNIX An OS?
·
· Score: 1
While I agree that it shows bad taste for the FSF to try to get too much credit for Linux, the basic argument does have some merit. Most UNIX people will agree that in order to be a UNIX you need more than just a UNIX kernel. You also need to have a compiler with standard C libraries, a shell, standard command line utilities, etc. Linux proper provides only the kernel, with the FSF providing the standard versions of much of the rest. You could, at least in theory, port a different set of those utilities for the Linux kernel- say the set provided with the BSDs- and get a GNU-free version of Linux.
Of course the FSF also neglects to mention that there's also a hell of a lot that's neither GNU nor Linux included in most distributions. XFree86, for instance, is completely separate but is included in just about every distro. So are KDE, Netscape/Mozilla, Sendmail, BIND, etc., etc. ad nauseum. Trying to call it GNU/Linux rather than GNU/XFree/Sendmail/.../Linux is ignoring those other important contributors. This is, in a sense, similar to the FSF's own complaints about the advertizing clause in the original BSD license. If you can't include everyone's name, the only fair thing to do is to include only the most distinctive name, which is that of the kernel, Linux.
Wasn't the NSI cybersquatting issue already mentioned in this article in YRO? I'll admit that it's going to get more attention as a front page article (which it deserves to get), but this is about the zillionth time that/. has repeated an article recently.
European governments collectively spend a fraction of what the US spends on defense and (counter)-intelligence; a single
European government spends probably two orders of magnitude (at least) less, and some countries three orders of magnitude less.
And a lot of that is because many European countries are several orders of magnitude smaller than the U.S., and they depend on cost saving approaches like conscription to keep their costs low. Their military spending per capita may be somewhat lower than the U.S., but not orders of magnitude lower. And of course most of the EU countries are also in NATO, so they're also depending fairly heavily on the U.S. military to defend them, which helps keep their costs lower.
That said, there's every evidence that many European companies aim their intelligence apparatus much more heavily at Industrial espionage than the U.S. As was pointed out above, everyone knows that the French government loves to pass on useful information to French industry, and my impression is that they're just the most obvious case. The relationship between industy and government has always been closer just about everywhere in Europe than in the United States in other areas, like subsidies, government ownership, etc., so it's not too surprising that passing of intelligence information should be too. IMHO, part of the reason that so many people in Europe are quick to accuse the U.S. of industrial espionage and people in the U.S. are so reluctant to admit it is because the Europeans know that they'd pass on secrets that they turned up, while Americans generally don't view doing so as a valid or acceptable role of government.
If Echelon is reality (and that's a big "if"), the US is the only player.
Actually, everything that I've ever seen on Echelon suggests that it's a joint U.S./U.K. project.
What happens when ld.so gets corrupted? You say fuck it?
I grimace because recovering is going to cost me some spare time. Then I reboot from a floppy, repair my / partition, and continue on about my business. You see, I actually keep my/home on a different partition from/, so I can (or could if I felt like it) encrypt my private files without needing to encrypt critical system files. The Unix file system is set up with mountable partitions that way specifically so that different classes of files can be treated differently.
But why shouldn't somebody want to encrypt their whole partition? There are actually a number of reasons why doing so might very well be a better idea than encrypting selected files:
No need for an explicit decision. Rather than having to decide whether a file is worth encrypting, it happens automatically. This is particularly nice if I later change my mind about wanting to encrypt something; there are no bits left on my HD that might contain an unencrypted version.
Less effort. Rather than having to encrypt and decrypt specific files each time I want to use them, or remember a specific password to access them, it happens without obvious effort. That's just plain handy.
Why not? Yes there is a possible performance penalty, but there's no other particular reason not to encrypt. Just because people have typically not done things that way doesn't mean that we should continue.
In general, I think that the valid question is not "why should you bother to encrypt your/home partition" but rather "why should the default behavior be to let anyone be able to read the data off the hard drive". The existence of file permission bits in Unix already implies that the right to prevent others from reading your data is a good thing. Why not back it up with a mechanism that can't be trivially avoided by reading the raw data off the disk?
Please explain why you believe it's impossible. Is it because they haven't done it yet?
Because the fundamental premise is obviously self contradictory. In order to have a truly effective watermark, the sound must be damaged to the tolerance of an ordinary listener when it's removed. In order to have a publically acceptable watermark, the sound must be unchanged to the most sensitive listener when it's added. The result is that you should always be able to create a procedure that mangles the sound at above the level at which the watermark exists, but below the level where an average listener will care. Doing so may damage the sound for true audiophiles, but won't mean anything to the casual listeners who constitute the lion's share of the market.
You know, I really dont think M$ should be broken up, in all honesty, they did what they did on their own, they
started from scratch and built an electronic empire.
I'm a opensource-ish kind of follower, yeah, but, let opensource dominate microsoft fairly, as it will in time.
Yeah, but they built that empire in part by using their monopoly power illegally. Remember that Microsoft isn't being broken up because it's a monopoly. It's being broken up because it used it's monopoly power in restraint of free trade by, for instance, setting pricing policies that essentially required companies to pay Microsoft even when they didn't install a Microsoft OS. It's great that Free Software may eventually be able to beat Microsoft by competing fairly, but that day's going to come a lot sooner if MS is forced to compete fairly, too.
Even the cable networks don't cover anything in any kind of depth. If you want decent news you have to get it from overseas. It's
sad but I guess that's what the American public likes.
If you really want decent news, don't try to get it from your television. TV is simply a terrible way of getting news because it's a low density sequential access medium: you have to watch what they want to show in the order they want to show it and they can't go into real detail. If you want to get real news, buy a newspaper or look at a good news website; both are random access and high density. I happen to live in a large metropolitan area with a great newpaper that costs $0.25 per day, and I wouldn't think of touching the TV for any news except for up to the second details.
Sell your PCs fully equipped with legally licensed operating systems preinstalled. Otherwise, who knows what you're leaving your customers-and yourself-open to?
This last bit here is what's really troubling to me. The rest of the comments are at least vaguely reasonable from a business standpoint: computer builders should offer to install the OS for their users for a variety of good reasons. The last line, though, strikes me as being a threat. When they ask what the seller is leaving his customers and himself open to by selling a naked PC, it makes it sound as though MS considers doing so to be contributory infringement if the user subsequently installs an illegal copy of Windows. They are admittedly showing some subtlety by putting it down at the very bottom like that, but it still suggests that the seller may get himself into legal trouble by doing so.
2-Regular people do not need 64bit CPUs, nor will they
for another half decade at least.
Sorry, but that's just silly. What people do and don't "need" is beside the point. I seriously doubt that most people "need" a processor much faster than 250-300 MHz for their serious computing needs; that's plenty fast enough to handle the web-surfing, word processing, spreadsheets, etc. that make up most people's daily computing use. But those people are going ahead and buying much faster processors because they're available at a reasonable price point. If Intel had put some serious effort into developing a 64 bit processor instead of continually extending the life of the PPro core, it too would be available at a reasonable price point and people would buy it. Would they really need all of the big advantages that you can get from a 64 bit processor? Of course not, but they could very well be getting more processing muscle for their dollar than they are today, and that would be a good thing.
Note that keystroke logging will let them read mail that I'm writing, but they'll need something a bit more powerful to figure out what I'm reading. Keystrokes logging will let them see that I typed:
[my password]
pine[enter]
I
[enter] ...
Not very informative if you're tring to see whether the bad guys are sending me secred messages. OTOH, they can read my password unless I'm truly paranoid and bounce back and forth between the place where I'm typing it in an another text box where I type gibberish.
Fortunately, I don't work somewhere paranoid enough to do that kind of thing. Heck they let me install SSH on their machines without complaint, which no organization that was really paranoid about security would do, and they let me plug my laptop into the company network- so I can actually be reasonably confident that on at least one computer they aren't doing keystrokes monitoring. Part of the reason that I like my current job and haven't gone somewhere that would pay a lot more is because I like that kind of attitude; I'd advise anyone who's really worried about this stuff to consider that before they jump straight for the job with the best pay.
Slashdot Mirror
That's not exactly correct. GWB didn't bother to answer their questions, but instead sent in what sounds like his generic policy paper on the issue. PC World went through and dug out the comments that came closest to answering their specific questions, but in a lot of cases the questions are different enough that the actual answer comes out as somewhat qualified compared to the question asked.
That's not quite true, though. One additional, and very important, thing that you can do is to try to figure out how to minimize the damage that an attacker can do even if he does manage to crack something. This is an area in which Unix/Linux and NT both fall down pretty badly; they spend a lot of time trying to make it hard to get priviledge, but let you do pretty much anything you want if you do. There needs to be a lot more attention paid to making systems damage tolerant, so that a broken ftpd (or whatever) won't put the whole system at risk.
The nastiest bit of the whole thing is saved for the very end of the article: the MS script is set up to do this cookie exchanging indiscriminately, not just for other MS sites. As the author put it:
That's a very, very serious security hole. I don't know how much data MS keeps, but I wouldn't be terribly surprised if it were possible to mine credit cards numbers this way. It's more proof of MS's lax attitude toward security.
Solid water most certainly does transform directly into vapor. It does so more slowly than liquid water, but you can sublime (i.e. transform from solid directly to gas) any substance, including water. This is, in fact, how freeze drying works; the thing to be dried is frozen and subjected to very low pressure, which causes the water to sublime away. If you have ever lived in a cold, dry climate, you would know that snow will gradually dissappear even if the temperature never gets anywhere close to freezing.
Coalition governments can be a problem under some circumstances, particularly when the electoral system allows small special interest parties to get representatives, as in a classic pure proportional representation system. This is because the minority partners can threaten to overthrow the coalition unless they get their special interest legislation passed. This is effectively the opposite of the problem of the first-past-the-post system. The 5% requirement (which I think was first tried in the German Federal Republic) is supposed to keep out single-interest parties and minimize that kind of vote selling.
The general problem of giving excessive power to minority parties is in some ways similar to the obnoxious requirement here in California that the budget be passed by a 2/3 vote. The original goal was to prevent wasteful spending by requiring the vast majority of representatives to support something to get it passed. Instead, though, it encourages a minority of representatives to be obstructionist and demand to be bought off with spending of dubious value that must be spent in their districts.
No, not at all. Most of the specific instances of breaking encryption that have been brought up already have been the result of second rate access controls, but it is theoretically possible that somebody could break or otherwise circumvent a really good access control scheme- by reverse engineering, memory probing for decryption keys, or simple brute force and luck. Remember that no encryption scheme of the type needed for, say, a DVD player can be expected to survive a sufficiently motivated attack. Remember also that Congress has extended copyright to a ridiculously long term, so what seems like a reasonable and effective access control scheme today may be considered trivial to break before the copyright has expired.
Actually, this sounds a lot like current laws covering burglary tools. There are a lot of tools that can be used either for legitimate purposes or to help break into people's houses. It is not, in general, illegal to own those types of tools or use them for their legitimate legal function. If, however, you get caught using them to break into somebody's house, or IIRC if you're found in posession of stolen goods or other circumstantial evidence of burglarious activity and burglary tools, you can be charged for posession of burglary tools. Nobody gets in trouble just for having a crowbar in his garage; they do get in trouble for having a crowbar in their bag along with their neighbor's TV set.
Something similar is likely to apply to the computer equivalent. If you're a network administrator and happen to have a copy of nmap on your computer, the FBI isn't going to come and break down your door in the middle of the night for having cracking tools. After all, it has a significant, legitimate use in your work and hence doesn't fall under the heading of "[specifically] [primarily] [particularly] for the purpose of committing any of the offences established in accordance with Article 2 - 5;". If, OTOH, you're found with emails copied from somebody else's computer and a copy of nmap on your hard drive then you might find some additional charges leveled against you. In that case it's pretty clearly under the heading of "the possession of an item referred to in paragraphs (a)(1) and (2) above, with intent that it be used for the purpose of committing the offenses established in Articles 2 - 5." The bigger problem is that this is likely to have a chilling effect on the development of newer, more effective tools for security monitoring.
This is especially amusing when you realize that a standard hospital code for a cardiac arrest is "Code Blue". This is one of those weird medical things. In order to avoid panic among patients, certain potentially dangerous situations are given color codes that the staff are supposed to know but that won't spook patients. So when I hear that there's a "Code Yellow" I know to start looking carefully for bombs.
There are two problems with this approach. One is that different packages may very well have similar heuristics for determining what to block. Sites that mention, say, breast cancer are still likely to be blocked. This can be quite serious. I'm a scientist, and my workplace uses a filter program. One of the sites that it blocked was a site that had time sensitive information about submitting grants for breast cancer research. The people who needed that information needed it right away, and it was extremely obnoxious to be forced to demand that it be put on the non-blocked list. The big lesson from this is that it only takes one incorrectly blocked site to ruin your whole day.
The flip side is that not quite all blocks are done by heuristics. Some sites are deliberately blocked for commercial or political reasons- the Peacefire site itself is possibly the best example. This is another case in which the different blocking companies are likely to agree, so again you have falsely blocked sites. The difference is that in this case they're blocked because filtering companies in general don't want you to see them.
Of course the combination of false positive (i.e. blocked but shouldn't have been) and false negative (i.e. should have been blocked but wasn't) should be more powerful than either statistic alone. After all, you don't just want to prove that the filterware is damaging by preventing access to legitimate sites. Some people are likely to view that as acceptable so long as it keeps the kiddies from seeing pr0n. Similarly, some people are going to be willing to accept an inability to block everything so long as the obvious places are blocked. But the combination of the two- that it blocks legitimate sites and fails at its ostensable purpose of keeping the kids' eyes off pr0n- makes it truly worthless.
That's not necessarily so. Take a look at OpenBSD, for instance. It's certainly Open Source (and Free Software for you FSFers), but it's also aimed quite narrowly at enhanced security applications rather than general utility. There are plenty of projects out there that are quite narrowly focused; it's just that their narrow focus tends to prevent them from getting the kind of really big publicity that Linux gets. You could even argue that OSS/Free Software is a perfect solution for the large number of problems that have too narrow a userbase to support a commercial product. If anything, I'd say that most OSS/Free Software projects tend to be too narrowly focused, since they tend to start out as attempts to scratch a particular programmer's itch rather than to be a generally useful program for a large enough group of customers to justify for profit development.
Yep, It's pretty clear to me, too- Marketing. Intel has clearly decided that MHz sells, not real world performance. They clearly believe that the average buyer doesn't know enough to look at overall performance, particularly when there's a single, easy to follow number that supposedly measures speed. The sad part is that they're almost certainly correct. There are a lot of people who believe that MHz is the ultimate measure of a processor's goodness, so the hypothetical 2 GHz PIV will be obviously better than a 1.4 GHz AMD, even if the actual performance of the AMD chip is higher.
There would be some practical problems, too. The most important is that in order to get one of these nice deep bubbles, you need to get the nuclear explosive deep enough under ground that it won't blow the top off your new chamber. That means a moderately large drilling project; at the very least you're going to have to make a hole 100+ meters deep to put the nuke in. There was no way that the Appolo missions could have brought along enough equipment to do that kind of drilling. The were just barely able to get to the Moon and back, so dragging along a few tons of drilling equipment was pretty much out of the question.
There were obviously some political issues, too. For one thing, even if they could get by the issue of detonating a nuke in space, this would have looked like an American declaration of interest in colonizing the Moon. That's understandable because it would have been. That probably wouldn't have sat well during the depths of the cold war. Possibly more important, as you correctly point out this is a long term project; you aren't just going to do your nuclear excavation one day and move in the next. It's going to take a decade or two for the radiation to fall to acceptable levels, and I've never particularly noticed the U.S. government to be particularly competent at planning beyond the next presidential election, much less the next decade.
That's nothing. You should see the exits on the Pasadena Freeway. There are quite a few of them that are marked as "Exit 5 m.p.h." and they're dead serious about it. They are nothing but a right angle turn with a stop sign at the end of it. Even worse are the on-ramps, which do a right hand turn and then a stop sign. You have about 50 feet from the stop sign to get up to freeway speeds before merging with traffic.
While I agree that it shows bad taste for the FSF to try to get too much credit for Linux, the basic argument does have some merit. Most UNIX people will agree that in order to be a UNIX you need more than just a UNIX kernel. You also need to have a compiler with standard C libraries, a shell, standard command line utilities, etc. Linux proper provides only the kernel, with the FSF providing the standard versions of much of the rest. You could, at least in theory, port a different set of those utilities for the Linux kernel- say the set provided with the BSDs- and get a GNU-free version of Linux.
Of course the FSF also neglects to mention that there's also a hell of a lot that's neither GNU nor Linux included in most distributions. XFree86, for instance, is completely separate but is included in just about every distro. So are KDE, Netscape/Mozilla, Sendmail, BIND, etc., etc. ad nauseum. Trying to call it GNU/Linux rather than GNU/XFree/Sendmail/.../Linux is ignoring those other important contributors. This is, in a sense, similar to the FSF's own complaints about the advertizing clause in the original BSD license. If you can't include everyone's name, the only fair thing to do is to include only the most distinctive name, which is that of the kernel, Linux.
Wasn't the NSI cybersquatting issue already mentioned in this article in YRO? I'll admit that it's going to get more attention as a front page article (which it deserves to get), but this is about the zillionth time that /. has repeated an article recently.
And a lot of that is because many European countries are several orders of magnitude smaller than the U.S., and they depend on cost saving approaches like conscription to keep their costs low. Their military spending per capita may be somewhat lower than the U.S., but not orders of magnitude lower. And of course most of the EU countries are also in NATO, so they're also depending fairly heavily on the U.S. military to defend them, which helps keep their costs lower.
That said, there's every evidence that many European companies aim their intelligence apparatus much more heavily at Industrial espionage than the U.S. As was pointed out above, everyone knows that the French government loves to pass on useful information to French industry, and my impression is that they're just the most obvious case. The relationship between industy and government has always been closer just about everywhere in Europe than in the United States in other areas, like subsidies, government ownership, etc., so it's not too surprising that passing of intelligence information should be too. IMHO, part of the reason that so many people in Europe are quick to accuse the U.S. of industrial espionage and people in the U.S. are so reluctant to admit it is because the Europeans know that they'd pass on secrets that they turned up, while Americans generally don't view doing so as a valid or acceptable role of government.
Actually, everything that I've ever seen on Echelon suggests that it's a joint U.S./U.K. project.
I grimace because recovering is going to cost me some spare time. Then I reboot from a floppy, repair my / partition, and continue on about my business. You see, I actually keep my /home on a different partition from /, so I can (or could if I felt like it) encrypt my private files without needing to encrypt critical system files. The Unix file system is set up with mountable partitions that way specifically so that different classes of files can be treated differently.
But why shouldn't somebody want to encrypt their whole partition? There are actually a number of reasons why doing so might very well be a better idea than encrypting selected files:
In general, I think that the valid question is not "why should you bother to encrypt your /home partition" but rather "why should the default behavior be to let anyone be able to read the data off the hard drive". The existence of file permission bits in Unix already implies that the right to prevent others from reading your data is a good thing. Why not back it up with a mechanism that can't be trivially avoided by reading the raw data off the disk?
Because the fundamental premise is obviously self contradictory. In order to have a truly effective watermark, the sound must be damaged to the tolerance of an ordinary listener when it's removed. In order to have a publically acceptable watermark, the sound must be unchanged to the most sensitive listener when it's added. The result is that you should always be able to create a procedure that mangles the sound at above the level at which the watermark exists, but below the level where an average listener will care. Doing so may damage the sound for true audiophiles, but won't mean anything to the casual listeners who constitute the lion's share of the market.
Yeah, but they built that empire in part by using their monopoly power illegally. Remember that Microsoft isn't being broken up because it's a monopoly. It's being broken up because it used it's monopoly power in restraint of free trade by, for instance, setting pricing policies that essentially required companies to pay Microsoft even when they didn't install a Microsoft OS. It's great that Free Software may eventually be able to beat Microsoft by competing fairly, but that day's going to come a lot sooner if MS is forced to compete fairly, too.
If you really want decent news, don't try to get it from your television. TV is simply a terrible way of getting news because it's a low density sequential access medium: you have to watch what they want to show in the order they want to show it and they can't go into real detail. If you want to get real news, buy a newspaper or look at a good news website; both are random access and high density. I happen to live in a large metropolitan area with a great newpaper that costs $0.25 per day, and I wouldn't think of touching the TV for any news except for up to the second details.
This last bit here is what's really troubling to me. The rest of the comments are at least vaguely reasonable from a business standpoint: computer builders should offer to install the OS for their users for a variety of good reasons. The last line, though, strikes me as being a threat. When they ask what the seller is leaving his customers and himself open to by selling a naked PC, it makes it sound as though MS considers doing so to be contributory infringement if the user subsequently installs an illegal copy of Windows. They are admittedly showing some subtlety by putting it down at the very bottom like that, but it still suggests that the seller may get himself into legal trouble by doing so.
Sorry, but that's just silly. What people do and don't "need" is beside the point. I seriously doubt that most people "need" a processor much faster than 250-300 MHz for their serious computing needs; that's plenty fast enough to handle the web-surfing, word processing, spreadsheets, etc. that make up most people's daily computing use. But those people are going ahead and buying much faster processors because they're available at a reasonable price point. If Intel had put some serious effort into developing a 64 bit processor instead of continually extending the life of the PPro core, it too would be available at a reasonable price point and people would buy it. Would they really need all of the big advantages that you can get from a 64 bit processor? Of course not, but they could very well be getting more processing muscle for their dollar than they are today, and that would be a good thing.
Note that keystroke logging will let them read mail that I'm writing, but they'll need something a bit more powerful to figure out what I'm reading. Keystrokes logging will let them see that I typed:
Not very informative if you're tring to see whether the bad guys are sending me secred messages. OTOH, they can read my password unless I'm truly paranoid and bounce back and forth between the place where I'm typing it in an another text box where I type gibberish.
Fortunately, I don't work somewhere paranoid enough to do that kind of thing. Heck they let me install SSH on their machines without complaint, which no organization that was really paranoid about security would do, and they let me plug my laptop into the company network- so I can actually be reasonably confident that on at least one computer they aren't doing keystrokes monitoring. Part of the reason that I like my current job and haven't gone somewhere that would pay a lot more is because I like that kind of attitude; I'd advise anyone who's really worried about this stuff to consider that before they jump straight for the job with the best pay.