And this is different from USB how? Firewire is a peer to peer protocol. Every firewire port must implement at least 3 things:
1: initiate communication with another peer 2: respond to communication from another peer 3: manage sharing or upstream communication so all independently acting peers can communicate.
USB is a master/slave protocol (or host/device in USB's politically correct terminology).
Only the PC (or any product that acts as the master or host) needs to implement #1.
Only the devices (or slaves) need to implement #2. This allows very low cost devices.
No USB device ever needs to implement #3. USB is always a tree structure, with a single host (master) controlling all communication with one or more devices (slaves) which only respond to the host and ever initiate communication on their own. This is the biggest factor in USB's low cost.
My Epson printer has a similar function - plug a camera (not sure what kind offhand) into it via the USB port on front and it can print out directly from it without being connected to the PC. I've seen similar functions in other printer brands as well. Your printer is acting as a USB host (or master), just like your PC does.
Is is true all downstream devices on a single host controller share bandwidth. But USB control transfers to enumerate devices are such a tiny fraction of the available bandwidth that their impact is virtually zero.
The thing that does have a big impact is using 12 mbps or 1.5 mbps devices in a way that they hog the bus. Ideally, all non-high-speed transfers would be converted to 480 mbps.
You might imagine a motherboard with 10 USB ports could communicate with all 10 independently. But that is rarely the case. Usually they all share the same bandwidth. You might expect there would be buffering for 12 and 1.5 mbps transfers, so they wouldn't hog the bus from the other 9 boths. That too is rarely the case.
USB 2.0 hubs do buffer and convert 12 and 1.5 mbps transfers to 480 mbps. Again, you might expect a 4 port hub to properly allow 4 slow devices to share. That is sometimes the case. Better hubs have multi-TT (transaction translators, basically the USB term for a buffer). But many hubs have only a single TT, which means only one downstream 12 mbps or 1.5 mbps device can talk at once, and any others on that hub must wait until the single buffer is available.
If the USB 2.0 spec had required all hubs to include a TT on every downstream port, and had the "root hub" (on the motherboard which provides many ports with shared bandwidth) been required to implement TTs on every port, there would have been much higher levels of satisfaction with USB 2.0.
The when Compaq, HP, Intel, Lucent, Microsoft, NEC and Philips wrote the USB 2.0 spec, they apparently believed 480 mbps speed would soon replace 12 mbps in most devices. Requiring many TTs probably seems excessively costly to support legacy devices that would soon become obsolete. What instead happened is only certain devices requiring high speed implemented 480 mbps. Almost all others stayed at 12 mbps. Most devices that implement 12 mbps use a 48 MHz clock internally, and many low-cost silicon fabs really only supports clocks to about 60-100 MHz (especially if the chip's fab supports the extra polysilicon layers for implementing flash or eeprom).
Let's hope they learn their lesson and require TTs in ALL cases where 480, 12 and 1.5 mbps devices could share the upstream bandwidth, especially on motherboards. If they do, USB 3.0 will probably be very nice, providing so much more shared bandwidth than necessary that hardly anybody will care if it's shared. But if they skimp and allow any sharing, anywhere, without TTs - the result will probably be a lot like USB 2.0 - very fast, but sometimes you plug in another device and all of a sudden it sucks.
Since most windows boxen sell for under $1000, and Apple is the only computer manufacturer with a major retail presence, it makes prefect sense they own the over $1000 retail market.
A better question might be what are those other 34% of people inhaling? They spent over $1000 retail for a windows machine, for christ sake, which probably isn't any better than what they could have ordered from Dell for under $700.
It's strange how windows users attached to cheap, fast hardware get incensed over people who value OSX and all the premium "quality of overall experience". But fine, if you like windows and think OSX isn't better, or is even worse somehow, I can see that point of view.
I just can't see how so many people overpay for a wintel box, spending as much as they would have on a Mac. If you're going to get incensed at people (as sooooo many have in these comments), lay off the Mac users. They chose to spend more, and by and large they're very happy. Instead, get mad at that other 34% who spent as much as a Mac but only ended up with a wintel machine that should have cost them so much less.
Third of all, the DDK (now called the WDK) can be downloaded using the directions on this page (no pooch screwing necessary!)
Yes, you are right. Thank you.
At first I went there, clicked on both of the links claiming to be downloads and neither were. But then I read the instructions, which pretty much means you have to sign up on their connect site. No big deal.
Regarding your assertion that I can sign my own driver, so far everything I've seen says that only works in test mode. I'm certainly going to try, of course. But from what I've read on the MSDN documentation, the signature needs to be from microsoft or via a certificate I would be issued from a trusted CA (or a cert of some sort mass-deployed by an IT dept, which isn't the case for general windows PCs). Honestly, the $250 (x # of OS versions) for WHQL is probably cheaper than anything from Verisign.
The really sad thing is I only need this for an INF file that simple tells windows to load its own USBSER.SYS driver when I plug my device in. The whole idea behind USB device classes is the USB device follows a standardized protocol to allow the operating system to load a generic class driver, rather than need a specific driver. Microsoft does it with HID (keyboard, mouse, joystick, etc) and Mass Storage classes, but not for CDC (Communication Class). Their USBSER.SYS has been included since Windows 98, but on every version an INF is required to get it actually loaded. Sadly, even just a single text-only INF with no binary driver at all still requires a signature to load without a nasty warning, and to load at all on 64 bit Vista.
Mac OS X and Linux mange to load their CDC class drivers just fine when a CDC class device is plugged in.
"Why can't I just download a piece of software and double-click on it to install?!?!"
Actually, you run "Synaptic Package Manager" from the the System -> Administration menu, and then click on the checkbox next to its name (and perhaps the checkboxes of other programs you want to install, each time choosing "Mark for installation"), and then click "Apply". Everything is found in one place.
Maybe you're more comfortable with the windows way, which is more than just "double-click to install". First, you find it somewhere, you do the download, and you perform several more clicks in the installer. Moreover, you (hopefully) run an anti-virus scan and hope there's no spyware or trojans lurking inside, since the file came from some random website.
"What is the difference between KDE and Gnome and why should it matter?!?!"
Why does it matter? They both work just fine. It really doesn't matter which one you use. If you happen to install a program that uses libraries from the other, the package manager will automatically take care of all the dependency details for you. All you do is run whatever you like. There really no reason to worry about it.
Unless you like worrying about such things, that is. But then, why not worry about the multiple interface options in XP and Vista?
"Why do I have to go to the command line interface to do even basic stuff?"
Most "basic stuff" can be done just fine from the many dialog boxes. However, there are multiple ways to do almost everything.
But then, really, what the big deal if someone gives you a solution to your problem that involves opening up a terminal and pasting a command into it? That's pretty simple. In windows, for example, the solution to many problems are to add or edit registary settings.
The simple truth is both systems have their quirks. If you've invested many years into Windows, you're going to be very used to all its little issues and things are going to feel very foreign in Ubuntu.
23 years ago was 1985. The word "dominated" back then applied to only one company in the computing world, IBM, not Microsoft.
The Apple ][ and C64 were still big sellers. PCs, 4.77 MHz and some "turbo" 8 MHz 8086s were starting to catch one. Many of them ran IBM's dos, not Microsoft's. One type of machine that wasn't catching on much yet was the Apple Macintosh. Sure, it was amazing, but it wasn't for a few more years that many people even took it seriously. PC hardware featured color text and CGA graphics. The Amiga was the one machine which featured really amazing graphics.
Your point is still quite valid. However, Microsoft's dominance really can't be considered to have begun until the death of DR-DOS and other DOS competitors, right around the time Windows 3.0 had started to catch on and Windows 3.1 was released. That was 1992 by the way, not 1985.
You can get a degree based on your accumulated life experience. No studying, no classes, no writing papers or a thesis, and no exams. Just send in a little processing fee, and your shiney new diploma will be delivered within a few days.
You don't even need google search at all. They already know you qualify for a diploma and the link to get it will automatically appear in your email inbox.
Furthermore, having the means to charge your vehicle in the garage (with a net savings for $35-$75 a fill-up.....
My Honda Acura has a 12 gallon tank. Most compact cars have a similar tank. So a net savings of $35 per fill up would mean the electricity is free! Saving $75 means somehow $40 is magically appearing. Investing in a fuel efficient car only makes these numbers more silly.
I mean, you may have some good points, but the numbers just don't add up.
For example, I'm still trying to understand why you believe I'd be willing to spend $200/month on solar panels to save $100/month in gasoline? I mean, if they're paid off in 10 years, I'd still have to wait another 10 years before it's not a financial loss. Sure, gas might become more expensive, but then there's inflation that makes the savings 10-20 years out less valuable. Also, if solar panels improve and become more economical (seems likely), buying now for a 20 year ROI seems like a pretty bad decision.
It's going to take a lot more than just encryption to frustrate police efforts to find those with kiddie porn. In practice, these criminals aren't detected and caught by wholesale monitoring of internet communication anyway.
Numerous cases of kiddie porn busts have been reported here and elsewhere. Details aren't always perfectly clear, but typically the story involved the cops posing as consumers or producers to lure suspects. There are fine lines between much of this detective work and entrapment, but those are matters for courts to decide and generally the cops know the rules. Plenty of predators have been caught by cops posing as underage girls online. Some busts have even been reported where a cop noticed unauthorized wifi usage from someone parked in a car and it turned out the guy was downloading kiddie porn.
Often busts are reported to have been made based on forensic evidence captured from someone's hard drive, so capturing a guy who goes to meet a (fictitious) 13 year old can yield many leads. Don't forget that these bastards are typically facing lengthy minimum prison sentences with little chance of defending themselves in court. If they have information that can lead to more arrests (quite likely), the prosecutor can offer them a plea bargain.
Ultimately, if people are creating this stuff and distributing it to others they don't know, the people involved are the weak link and traditional, good old fashion police work focuses on the people, not the tech.
It's not just enough that they write a driver for Linux, as they do for windows. Sure, that's nice, and some have. But in practice, it's not enough to provide a binary-only driver as is commonly done for windows.
Linux often breaks compatibility for old drivers. Kernel APIs change and Linux has a very poor history of maintaining backwards compatibility for binary drivers. Companies that have tried to go down this path have quickly found they need to release MANY different version of the driver for different kernels, or support only a narrow range of kernels, such as a couple versions of a particular distro like RHEL.
Even when the driver is released as source, if it isn't GPL, or if it contains a non-GPL binary blob, or it doesn't follow practices the kernel devs use, or the code isn't up to other kernel standards including aesthetic considerations, it won't ever get integrated into the kernel. And really, the only way for a driver to "just work" in all common linux systems is for it to be integrated into the kernel. Take, for example, the vmware and nvidia kernel modules, which have an installer that automatically tries to search among many precompiled copies for one that matches the running kernel, and then falls back to trying to run gcc to compile the source. Even that is error prone, as gcc may not be installed, or the offical path to the kernel headers may change of the years (once scrips had/usr/src/linux/include and expected a symlink, but witness how well even that works on many modern systems).
After all, it's not like a fourteen year old can't select "I was born in 1972" in a drop down. Those pages were basically worthless. I'm not surprised the court ruled as they did.
The 2257 regs were about verifying the age of the models appearing in the photos, not the age of consumers viewing them.
It is still illegal to use underage models. But 2257 imposed massive recordkeeping burdens on porn sites. Not just checking every model's ID, but all sorts of unnecessary things, like requiring being open certain hours for random, unannounced inspections of the records, requiring each site to maintain records (no outsourcing to companies much better able to handle it all), and so on. 2257 made it a felony to have even fairly minor errors in records. Not just "protecting the children", but criminal liability for not exactly following extremely detailed, excessively burdensome record keeping requirements.
By classifying it they add (many) hurdles to using it as evidence in any type of trial or litigation
Isn't the appeal court decision to send the case (previous dismissed on summary judgment) back to court for trial?
Not the case of Higazy being accused of criminal activity... that was dismissed long ago. THIS case is him suing the FBI agent and others for violating his constitutional rights. Maybe you missed that?
The only portion redacted is Higazy's claim of how the polygraph questioning went, accusing Templeton of making threats against his family. The appeals court decision specifically mentions more fact finding is needed, and remands the case back to the lower court. At least to my untrained (IANAL) eye, that sure seems like the opposite of a hurdle going to trial or litigation!
Have we made enough of an utter farce of our court system (and country) yet?
Probably not in this case.
Clearly the hotel staff made an error, insisting the radio was found in Higazy's room, when in fact it months later it became clear it belonged to a pilot staying in another room nearby. After this came to light, the hotel staff admitted a number of errors in handling the "evidence", only afterward of course.
Higazy sued, and the hotel settled. Though we aren't privy to the details of the settlement, it's pretty safe to assume Higazy got some form of restitution with which he was satisfied. To me, that looks like the opposite of the court system being an utter farce.
When Higazy was first detained, he had been staying in a corner room right next to where the planes struck the world trade center, and to the FBI's best knowledge, a radio which certainly could have been used as a beacon was reportedly found in his room. The FBI has no reason to suspect the information about who owned the radio was false. Neither did the judge, who still issued an opinion that the government's case was very weak, and scheduled another hearing. Given the circumstantial evidence, it's hard to imagine how the court or FBI should have handled anything differently up to that point.
About the only thing that really is an utter farce would be the "lie detector". Templeton is accused of coercing Higazy by threatening his family. This has not been proven, and even from the redacted text, it seems nobody else was present and it's Higazy's word against Templeton's. Initially Higazy lost the case at summary judgment, but now the appeals court has ruled that at least part of that case needs more proceedings.
The court opinions are also quite critical of the government for obtaining a false confession. Much of the appeals court decision is about who is responsible... if their misconduct is ultimately to be blamed for Higazy being improperly detained, or if someone else along the chain is responsible. It's a lengthy read, and it's clear the court is concerned.
You are quite right though, this whole thing IS appalling.
I must respectfully disagree.
Certainly the FBI obtaining a false confession is appalling, especially since Templeton is likely to get away with it (by whatever means he actually used).
The hotel's mishandling of the radio is also pretty bad. They have paid the price for their mistakes. The court system made that possible.
Redacting the Higazy's specific account of the session is questionable. However, it is still clear the FBI obtained a false confession. The accusation that coercion of the threat against Higazy's family is still quite clear. The court system is allowing Higazy to pursue this further.
Otherwise, the court system seems to have worked quite well. Given the circumstances, the court decided to hold him and schedule another hearing. At the next hearing, the FBI presented a confession and conflicting stories, and did not disclose any coercive measures. Given the evidence provided, how else should the court have acted? Wouldn't it be an "utter farse" to release a man who was in
Ultimately, such advise pretty much only applies to those who don't need it anyway. I mean, in reality, only really inspired and motivated and usually quite talented individuals will go to such effort to create a useful project in their spare time. Or if they aren't initially so talented, they quickly build up experiences doing such.
From the article, bread is often made with fructose. There's no logical reason to include fructose in those hamburger buns, other than the food industry discovered doing so resulted in an increase in sales. They probably didn't know why, from a body chemistry point of view. In all likelihood, they probably concluded people simply liked them better. But now, many years later, there's science that's showing WHY adding lots of fructose increased consumption (sales & profits).
So yes, the smart money is on Burgers... WITH sales-enhancing but otherwise unnecessary ingredients added, even in the face of credible science showing long-term detrimental public health ramifications.
The point is simply that number of disclosed bugs is not a valid comparison. It matters not if he "did his best".
"The numbers" would certainly look very different if Microsoft adopted the methodology used by most open source projects of fully disclosing every bug. Or if open source projects mirrored Microsoft's practices. It is very well known that Microsoft does NOT fully disclose all bugs and many cumulative patches silently fix MANY problems. The severity of bugs is also classified very differently.
You are right about one thing, it is all a numbers game. But you are WRONG that it means anything, even that Microsoft is improving. It means NOTHING. Nothing at all. It's only a numbers game. Even if someone else games the numbers differently and Linux-based systems look better, it still means nothing to compare numbers of bugs when very different philosophies and practices govern which bugs are fully disclosed and how their severities are rated.
I have a couple projects I'm working on right now, waiting for the final GPLv3 before I made the code available.
As a developer, though admittedly a small-time developer (under 100k lines of source published under GPLv2 over the last several years), I see the GPLv3 much like a version upgrade of a library or operating system. The new one may have a few minor quirks, but they're well worth it for bugs fixed in the new version. As a developer who releases under the GPL, I especially see the "tivo" issue as something like a security hole, and I'm glad it's getting fixed!
The thought process behind all this wishful thinking seems to be that "developers" (proprietary leeches who want to use the code but not share their own additions) are somehow customers, and what they want matters. That would be true if they were paying customers. But the truth is, every time I publish any GPL code, I never expect to make a dime (other than perhaps people find me and want consulting on their projects). So all these "developers" who want more permissive, BSD-style terms don't factor into my decision making process. I want to share the code, and since I don't expect to make any money, it's only fair that anyone who uses it must share theirs too.
The number is 128 bits, not 16 or 32. There are 8 bits in a byte. Usually each byte is printed as 2 characters, 0-9,A-F.
There change of randomly typing a particular 128 bit number is very, very small. Even if all the people on earth typed very rapidly, 24/7, and their next of kin kept continuing the effort, the sun would die out long before even a small fraction of all the possible 128 integers could be typed.
Just to do a little math, 2^128 is 3.4e38 possible numbers. If 6 billion people each type 144000 keys per day (that's 100 per minute, fast typing 24/7, no breaks for food, sleep, sex/reproduction, coordinating their efforts, etc), then typing all possible keys requires 3.9e23 days, or 107,902,800,000,000,000,000 years!
You really don't have to worry about accidentally typing the number!
this isn't merely about freedom of speech, it is a spontaneous and massive civil disobedience, basically highlighting how the citizens affected by these DMCA do not respect the law, do not want the law, and increasingly do not tolerate the law.
Actually, the bulk of the civil disobedience could be attributed as a reaction to heavy-handed censorship at Digg - at site that claimed to give users editorial control. By heavy-handed, I mean not only deleting anything with the number, and banning users who posted it, and then deleting any negative commentary even if it didn't have the number, and banning any users critical of them, and denying they had a financial relationship with the AACS LA, and deleting any comments pointing that out, and banning any users who attempted to call attention to that relationship (even if they never posted about the number itself).
The truth is, the key was made public on February 11. This whole thing didn't blow up until Digg started their poorly advised, heavy-handed censorship, of the key and of all dissenting opinions. Had Digg handled this differently, such as posting conspicuously what they were doing, and only deleted the messages with the key, and not banned anyone, and allowed dissenting viewpoints (perhaps calmly stating their case), and honestly disclosed their relationship with the AACS LA, then in all likelihood this never would have blown up and caused the key to be replicated everywhere by rightfully angry users. The key had been public for 7 weeks, but it hadn't become widely published until only a few days ago when Digg handled this whole thing in about the worst possible way (given the nature of their site and userbase).
No, Digg did MUCH MORE than simply try to comply with a DMCA takedown notice.
They censored all discussion critical of their actions. They banned users critical of them, even those who never posted the number. They deleted all commentary that pointed out their previous sponsorship by the AACS-LA, and banned anyone attempting to bring this to light.
Their apology pretended like they had never deleted or banned anyone for simple dissent, or even banned anyone, only just deleted the magic number. Even after the apology, they continued to suppress stories calling attention to their censorship of pure, non-infringing dissent speech and mention of their financial relationship with the AACS-LA.
THAT is what much of the Digg revolt was about. It's a LOT more than just the number. Here are a couple good articles with the real truth. The Digg folks would like nothing more than for everyone to believe this was ONLY about a 16 byte number. Please read these and next time you see this mistruth, you'll know better.
Reading the slashdot summary, and even the article itself, you may not realize that the Volume ID is just one piece of the puzzle.
The Volume ID is a small bit of data that's stored partially in the lead-in section, and partially in some other non-data area physically on the disc (which I don't fully understand, and apparently isn't available in the public HD-DVD documentation and is only available under NDA). Compliant drives only read and provide the volume ID after completing a cryptographic handshake, which hasn't been broken yet. So now they've made a firmware patch so the drive reads the Volume ID without authorization, without going through the as-yet-uncracked crpyto authorization process.
The purpose of the Volume ID is to prevent copying a disc by simply copying all its data. Because the Volume ID isn't stored within the data sectors, it can't be read normally. Well, that is, without impersonating the software (which hasn't been accomplished yet), or without a modified drive that doesn't require the software to authenticate before reading and returning the data.
That's all. Just one piece, not a full crack of AACS.
On the doom9 discussion forum where this all happened, everyone was very surprised to learn all existing discs have the same processing key. Those who seem to really know the details all say the AACSLA can use a different processing key on each disc, or small groups of discs. There is a lot of guessing as to how long it'll take them to change how they issue keys for new discs, but it seems certain they will improve soon.
Regarding this statement:
Something needs to be common between every DVD, otherwise you couldn't make players that can play every DVD.
That common element is a "title key" that is unique to that particular disc, and it is encrypted by a "device key" that is embedded inside the player (not on the disc). There are several intermediate decryption steps, where keys and other data are combined in complex ways. But ultimately, there is not some common thing among all DVDs.
The "processing key" is at one of these intermediate steps, shortly after the device key is used. The AACSLA could and should have used a different processing key on every disc or small groups of discs. The term "very lazy" was used on the doom9 forum. The AACSLA almost certainly will start changing the processing key for new discs. How soon, nobody knows.
Nobody has yet discovered (and made public) any "device key". It is rumored that someone may have one and is waiting to release it. The first step in the process involves 512 copies of a key, each encrypted with a different device key, so that any particular player will use one of the 512. The AACSLA can cause new discs to not work with existing device keys, which is what seems to have happened with the recent upgrades to the software players. If anyone ever captures the device key from a major brand hardware player (that is installed in millions of homes and not upgradeable), the AACSLA will have very difficult decision to make!
Some time ago, I got a complaint from someone trying to use my website. I use mod_throttle, mainly due to people trying to run automated whole-site downloader programs that get stuck inside the bugzilla pages. When that happens, every perl-rendered bugzilla page chews up excessive CPU time and they're so heavily interlinked that this continues on forever. The bugzilla documentation specifically recommends installing mod_throttle to deal with this well known problem.
In this guy's case, he wasn't really even aware he was running fasterfox. He'd installed it some time ago and basically forgotten all about it. He had no idea it was set to prefetch.
My mod_throttle settings are pretty liberal. It really takes a lot of excessive, rapid fetching to trigger. That is EXACTLY what fasterfox did.
I examined the logs, and what I saw was fasterfox would prefetch every html link every time a page was visited. Every one, WITHOUT USING THE BROWSER CACHE. That's right, no cache. The same dozen or so pages (linked from the nav bar) would get refetched every single time, even if they were fetched just seconds ago from the last time it saw links to them.
That's just broken. If it were only to check if the html is already in the browser's cache, then after a few pages those most-linked pages would all be cached and the user could have a nice, ultra-fast browsing experience.
But if only the program is transparent and the rest of the code on the machine is not, what's to prevent (for example) Steve Jobs for running for president and including a line of code that tells the MacOS voting machines that he always wins at least 50.1% of the vote?
The bill requires an automatic audit of 3% of the required voter-verified paper output, and also required signs encouraging all voters to check the paper copy before leaving.
So if that hidden line of code in the OS steals votes, it either will or won't also steal the printed paper output. If it causes the paper to be printed incorrectly, at least some voters will certainly notice and complain and the fraud will be exposed. If it only changes the electronic count and prints the paper according to the voter's wishes, that discrepancy will almost certainly be noticed during the audit of 3% of the paper. Either way, the fraud will become apparent.
Reviewing the source will make such fraud much more difficult to hide, but in all likelyhood, public source review will most likely combat unforeseen security holes and unintentional bugs... which are also important issues. The paper trail and automatic audit will also expose such problems, but only after the fact. Source review can potentially prevent problems before the election, which is why it's such a good idea.
This reminds me of pretty much the only Simpson's episode I ever saw....
Bart does something to piss off a large crowd. They start chasing him, our for vengeance. A car pulls to to a screeching stop in front of Bart and a well dressed man offers Bart a get-away ride.
Bart says quickly, "angry mod"... "stranger"... looks at the furious crowd rapidly approaching... "angry mod"... turn to the car "stranger"... and hops in. (or something like that, it was years ago)
I can just imagine execs at Dell.... "give up Microsoft deals"... "lose linux business".... looks at mighty Microsoft able to do whatever they want with barely a slap on the wrist from the DoJ.... "give up Microsoft favor".... turns to Linux fans - "piss off linux users", ok then.
We've heard all this "too many choices" - "too hard for newbies" over and over. Yeah, right. That's the real reason, yeah!
Slashdot Mirror
1: initiate communication with another peer
2: respond to communication from another peer
3: manage sharing or upstream communication so all independently acting peers can communicate.
USB is a master/slave protocol (or host/device in USB's politically correct terminology).
Only the PC (or any product that acts as the master or host) needs to implement #1.
Only the devices (or slaves) need to implement #2. This allows very low cost devices.
No USB device ever needs to implement #3. USB is always a tree structure, with a single host (master) controlling all communication with one or more devices (slaves) which only respond to the host and ever initiate communication on their own. This is the biggest factor in USB's low cost. My Epson printer has a similar function - plug a camera (not sure what kind offhand) into it via the USB port on front and it can print out directly from it without being connected to the PC. I've seen similar functions in other printer brands as well. Your printer is acting as a USB host (or master), just like your PC does.
Is is true all downstream devices on a single host controller share bandwidth. But USB control transfers to enumerate devices are such a tiny fraction of the available bandwidth that their impact is virtually zero.
The thing that does have a big impact is using 12 mbps or 1.5 mbps devices in a way that they hog the bus. Ideally, all non-high-speed transfers would be converted to 480 mbps.
You might imagine a motherboard with 10 USB ports could communicate with all 10 independently. But that is rarely the case. Usually they all share the same bandwidth. You might expect there would be buffering for 12 and 1.5 mbps transfers, so they wouldn't hog the bus from the other 9 boths. That too is rarely the case.
USB 2.0 hubs do buffer and convert 12 and 1.5 mbps transfers to 480 mbps. Again, you might expect a 4 port hub to properly allow 4 slow devices to share. That is sometimes the case. Better hubs have multi-TT (transaction translators, basically the USB term for a buffer). But many hubs have only a single TT, which means only one downstream 12 mbps or 1.5 mbps device can talk at once, and any others on that hub must wait until the single buffer is available.
If the USB 2.0 spec had required all hubs to include a TT on every downstream port, and had the "root hub" (on the motherboard which provides many ports with shared bandwidth) been required to implement TTs on every port, there would have been much higher levels of satisfaction with USB 2.0.
The when Compaq, HP, Intel, Lucent, Microsoft, NEC and Philips wrote the USB 2.0 spec, they apparently believed 480 mbps speed would soon replace 12 mbps in most devices. Requiring many TTs probably seems excessively costly to support legacy devices that would soon become obsolete. What instead happened is only certain devices requiring high speed implemented 480 mbps. Almost all others stayed at 12 mbps. Most devices that implement 12 mbps use a 48 MHz clock internally, and many low-cost silicon fabs really only supports clocks to about 60-100 MHz (especially if the chip's fab supports the extra polysilicon layers for implementing flash or eeprom).
Let's hope they learn their lesson and require TTs in ALL cases where 480, 12 and 1.5 mbps devices could share the upstream bandwidth, especially on motherboards. If they do, USB 3.0 will probably be very nice, providing so much more shared bandwidth than necessary that hardly anybody will care if it's shared. But if they skimp and allow any sharing, anywhere, without TTs - the result will probably be a lot like USB 2.0 - very fast, but sometimes you plug in another device and all of a sudden it sucks.
A better question might be what are those other 34% of people inhaling? They spent over $1000 retail for a windows machine, for christ sake, which probably isn't any better than what they could have ordered from Dell for under $700.
It's strange how windows users attached to cheap, fast hardware get incensed over people who value OSX and all the premium "quality of overall experience". But fine, if you like windows and think OSX isn't better, or is even worse somehow, I can see that point of view.
I just can't see how so many people overpay for a wintel box, spending as much as they would have on a Mac. If you're going to get incensed at people (as sooooo many have in these comments), lay off the Mac users. They chose to spend more, and by and large they're very happy. Instead, get mad at that other 34% who spent as much as a Mac but only ended up with a wintel machine that should have cost them so much less.
Yes, you are right. Thank you.
At first I went there, clicked on both of the links claiming to be downloads and neither were. But then I read the instructions, which pretty much means you have to sign up on their connect site. No big deal.
Regarding your assertion that I can sign my own driver, so far everything I've seen says that only works in test mode. I'm certainly going to try, of course. But from what I've read on the MSDN documentation, the signature needs to be from microsoft or via a certificate I would be issued from a trusted CA (or a cert of some sort mass-deployed by an IT dept, which isn't the case for general windows PCs). Honestly, the $250 (x # of OS versions) for WHQL is probably cheaper than anything from Verisign.
The really sad thing is I only need this for an INF file that simple tells windows to load its own USBSER.SYS driver when I plug my device in. The whole idea behind USB device classes is the USB device follows a standardized protocol to allow the operating system to load a generic class driver, rather than need a specific driver. Microsoft does it with HID (keyboard, mouse, joystick, etc) and Mass Storage classes, but not for CDC (Communication Class). Their USBSER.SYS has been included since Windows 98, but on every version an INF is required to get it actually loaded. Sadly, even just a single text-only INF with no binary driver at all still requires a signature to load without a nasty warning, and to load at all on 64 bit Vista.
Mac OS X and Linux mange to load their CDC class drivers just fine when a CDC class device is plugged in.
Actually, you run "Synaptic Package Manager" from the the System -> Administration menu, and then click on the checkbox next to its name (and perhaps the checkboxes of other programs you want to install, each time choosing "Mark for installation"), and then click "Apply". Everything is found in one place.
Maybe you're more comfortable with the windows way, which is more than just "double-click to install". First, you find it somewhere, you do the download, and you perform several more clicks in the installer. Moreover, you (hopefully) run an anti-virus scan and hope there's no spyware or trojans lurking inside, since the file came from some random website.
"What is the difference between KDE and Gnome and why should it matter?!?!"
Why does it matter? They both work just fine. It really doesn't matter which one you use. If you happen to install a program that uses libraries from the other, the package manager will automatically take care of all the dependency details for you. All you do is run whatever you like. There really no reason to worry about it.
Unless you like worrying about such things, that is. But then, why not worry about the multiple interface options in XP and Vista?
"Why do I have to go to the command line interface to do even basic stuff?"
Most "basic stuff" can be done just fine from the many dialog boxes. However, there are multiple ways to do almost everything.
But then, really, what the big deal if someone gives you a solution to your problem that involves opening up a terminal and pasting a command into it? That's pretty simple. In windows, for example, the solution to many problems are to add or edit registary settings.
The simple truth is both systems have their quirks. If you've invested many years into Windows, you're going to be very used to all its little issues and things are going to feel very foreign in Ubuntu.
23 years ago was 1985. The word "dominated" back then applied to only one company in the computing world, IBM, not Microsoft.
The Apple ][ and C64 were still big sellers. PCs, 4.77 MHz and some "turbo" 8 MHz 8086s were starting to catch one. Many of them ran IBM's dos, not Microsoft's. One type of machine that wasn't catching on much yet was the Apple Macintosh. Sure, it was amazing, but it wasn't for a few more years that many people even took it seriously. PC hardware featured color text and CGA graphics. The Amiga was the one machine which featured really amazing graphics.
Your point is still quite valid. However, Microsoft's dominance really can't be considered to have begun until the death of DR-DOS and other DOS competitors, right around the time Windows 3.0 had started to catch on and Windows 3.1 was released. That was 1992 by the way, not 1985.
Even that is the hard way!
You can get a degree based on your accumulated life experience. No studying, no classes, no writing papers or a thesis, and no exams. Just send in a little processing fee, and your shiney new diploma will be delivered within a few days.
You don't even need google search at all. They already know you qualify for a diploma and the link to get it will automatically appear in your email inbox.
My Honda Acura has a 12 gallon tank. Most compact cars have a similar tank. So a net savings of $35 per fill up would mean the electricity is free! Saving $75 means somehow $40 is magically appearing. Investing in a fuel efficient car only makes these numbers more silly.
I mean, you may have some good points, but the numbers just don't add up.
For example, I'm still trying to understand why you believe I'd be willing to spend $200/month on solar panels to save $100/month in gasoline? I mean, if they're paid off in 10 years, I'd still have to wait another 10 years before it's not a financial loss. Sure, gas might become more expensive, but then there's inflation that makes the savings 10-20 years out less valuable. Also, if solar panels improve and become more economical (seems likely), buying now for a 20 year ROI seems like a pretty bad decision.
It's going to take a lot more than just encryption to frustrate police efforts to find those with kiddie porn. In practice, these criminals aren't detected and caught by wholesale monitoring of internet communication anyway.
Numerous cases of kiddie porn busts have been reported here and elsewhere. Details aren't always perfectly clear, but typically the story involved the cops posing as consumers or producers to lure suspects. There are fine lines between much of this detective work and entrapment, but those are matters for courts to decide and generally the cops know the rules. Plenty of predators have been caught by cops posing as underage girls online. Some busts have even been reported where a cop noticed unauthorized wifi usage from someone parked in a car and it turned out the guy was downloading kiddie porn.
Often busts are reported to have been made based on forensic evidence captured from someone's hard drive, so capturing a guy who goes to meet a (fictitious) 13 year old can yield many leads. Don't forget that these bastards are typically facing lengthy minimum prison sentences with little chance of defending themselves in court. If they have information that can lead to more arrests (quite likely), the prosecutor can offer them a plea bargain.
Ultimately, if people are creating this stuff and distributing it to others they don't know, the people involved are the weak link and traditional, good old fashion police work focuses on the people, not the tech.
And all those new execs will prefer the superior sound quality of vinyl records
It's not just enough that they write a driver for Linux, as they do for windows. Sure, that's nice, and some have. But in practice, it's not enough to provide a binary-only driver as is commonly done for windows.
/usr/src/linux/include and expected a symlink, but witness how well even that works on many modern systems).
Linux often breaks compatibility for old drivers. Kernel APIs change and Linux has a very poor history of maintaining backwards compatibility for binary drivers. Companies that have tried to go down this path have quickly found they need to release MANY different version of the driver for different kernels, or support only a narrow range of kernels, such as a couple versions of a particular distro like RHEL.
Even when the driver is released as source, if it isn't GPL, or if it contains a non-GPL binary blob, or it doesn't follow practices the kernel devs use, or the code isn't up to other kernel standards including aesthetic considerations, it won't ever get integrated into the kernel. And really, the only way for a driver to "just work" in all common linux systems is for it to be integrated into the kernel. Take, for example, the vmware and nvidia kernel modules, which have an installer that automatically tries to search among many precompiled copies for one that matches the running kernel, and then falls back to trying to run gcc to compile the source. Even that is error prone, as gcc may not be installed, or the offical path to the kernel headers may change of the years (once scrips had
The 2257 regs were about verifying the age of the models appearing in the photos, not the age of consumers viewing them.
It is still illegal to use underage models. But 2257 imposed massive recordkeeping burdens on porn sites. Not just checking every model's ID, but all sorts of unnecessary things, like requiring being open certain hours for random, unannounced inspections of the records, requiring each site to maintain records (no outsourcing to companies much better able to handle it all), and so on. 2257 made it a felony to have even fairly minor errors in records. Not just "protecting the children", but criminal liability for not exactly following extremely detailed, excessively burdensome record keeping requirements.
Isn't the appeal court decision to send the case (previous dismissed on summary judgment) back to court for trial?
Not the case of Higazy being accused of criminal activity... that was dismissed long ago. THIS case is him suing the FBI agent and others for violating his constitutional rights. Maybe you missed that?
The only portion redacted is Higazy's claim of how the polygraph questioning went, accusing Templeton of making threats against his family. The appeals court decision specifically mentions more fact finding is needed, and remands the case back to the lower court. At least to my untrained (IANAL) eye, that sure seems like the opposite of a hurdle going to trial or litigation!
Have we made enough of an utter farce of our court system (and country) yet?
Probably not in this case.
Clearly the hotel staff made an error, insisting the radio was found in Higazy's room, when in fact it months later it became clear it belonged to a pilot staying in another room nearby. After this came to light, the hotel staff admitted a number of errors in handling the "evidence", only afterward of course.
Higazy sued, and the hotel settled. Though we aren't privy to the details of the settlement, it's pretty safe to assume Higazy got some form of restitution with which he was satisfied. To me, that looks like the opposite of the court system being an utter farce.
When Higazy was first detained, he had been staying in a corner room right next to where the planes struck the world trade center, and to the FBI's best knowledge, a radio which certainly could have been used as a beacon was reportedly found in his room. The FBI has no reason to suspect the information about who owned the radio was false. Neither did the judge, who still issued an opinion that the government's case was very weak, and scheduled another hearing. Given the circumstantial evidence, it's hard to imagine how the court or FBI should have handled anything differently up to that point.
About the only thing that really is an utter farce would be the "lie detector". Templeton is accused of coercing Higazy by threatening his family. This has not been proven, and even from the redacted text, it seems nobody else was present and it's Higazy's word against Templeton's. Initially Higazy lost the case at summary judgment, but now the appeals court has ruled that at least part of that case needs more proceedings.
The court opinions are also quite critical of the government for obtaining a false confession. Much of the appeals court decision is about who is responsible... if their misconduct is ultimately to be blamed for Higazy being improperly detained, or if someone else along the chain is responsible. It's a lengthy read, and it's clear the court is concerned.
You are quite right though, this whole thing IS appalling.
I must respectfully disagree.
Certainly the FBI obtaining a false confession is appalling, especially since Templeton is likely to get away with it (by whatever means he actually used).
The hotel's mishandling of the radio is also pretty bad. They have paid the price for their mistakes. The court system made that possible.
Redacting the Higazy's specific account of the session is questionable. However, it is still clear the FBI obtained a false confession. The accusation that coercion of the threat against Higazy's family is still quite clear. The court system is allowing Higazy to pursue this further.
Otherwise, the court system seems to have worked quite well. Given the circumstances, the court decided to hold him and schedule another hearing. At the next hearing, the FBI presented a confession and conflicting stories, and did not disclose any coercive measures. Given the evidence provided, how else should the court have acted? Wouldn't it be an "utter farse" to release a man who was in
Yep, it is nice... to say anyway.
Ultimately, such advise pretty much only applies to those who don't need it anyway. I mean, in reality, only really inspired and motivated and usually quite talented individuals will go to such effort to create a useful project in their spare time. Or if they aren't initially so talented, they quickly build up experiences doing such.
Others simply don't.
From the article, bread is often made with fructose. There's no logical reason to include fructose in those hamburger buns, other than the food industry discovered doing so resulted in an increase in sales. They probably didn't know why, from a body chemistry point of view. In all likelihood, they probably concluded people simply liked them better. But now, many years later, there's science that's showing WHY adding lots of fructose increased consumption (sales & profits).
So yes, the smart money is on Burgers... WITH sales-enhancing but otherwise unnecessary ingredients added, even in the face of credible science showing long-term detrimental public health ramifications.
The point is simply that number of disclosed bugs is not a valid comparison. It matters not if he "did his best".
"The numbers" would certainly look very different if Microsoft adopted the methodology used by most open source projects of fully disclosing every bug. Or if open source projects mirrored Microsoft's practices. It is very well known that Microsoft does NOT fully disclose all bugs and many cumulative patches silently fix MANY problems. The severity of bugs is also classified very differently.
You are right about one thing, it is all a numbers game. But you are WRONG that it means anything, even that Microsoft is improving. It means NOTHING. Nothing at all. It's only a numbers game. Even if someone else games the numbers differently and Linux-based systems look better, it still means nothing to compare numbers of bugs when very different philosophies and practices govern which bugs are fully disclosed and how their severities are rated.
As a developer, though admittedly a small-time developer (under 100k lines of source published under GPLv2 over the last several years), I see the GPLv3 much like a version upgrade of a library or operating system. The new one may have a few minor quirks, but they're well worth it for bugs fixed in the new version. As a developer who releases under the GPL, I especially see the "tivo" issue as something like a security hole, and I'm glad it's getting fixed!
The thought process behind all this wishful thinking seems to be that "developers" (proprietary leeches who want to use the code but not share their own additions) are somehow customers, and what they want matters. That would be true if they were paying customers. But the truth is, every time I publish any GPL code, I never expect to make a dime (other than perhaps people find me and want consulting on their projects). So all these "developers" who want more permissive, BSD-style terms don't factor into my decision making process. I want to share the code, and since I don't expect to make any money, it's only fair that anyone who uses it must share theirs too.
The number is 128 bits, not 16 or 32. There are 8 bits in a byte. Usually each byte is printed as 2 characters, 0-9,A-F.
There change of randomly typing a particular 128 bit number is very, very small. Even if all the people on earth typed very rapidly, 24/7, and their next of kin kept continuing the effort, the sun would die out long before even a small fraction of all the possible 128 integers could be typed.
Just to do a little math, 2^128 is 3.4e38 possible numbers. If 6 billion people each type 144000 keys per day (that's 100 per minute, fast typing 24/7, no breaks for food, sleep, sex/reproduction, coordinating their efforts, etc), then typing all possible keys requires 3.9e23 days, or 107,902,800,000,000,000,000 years!
You really don't have to worry about accidentally typing the number!
this isn't merely about freedom of speech, it is a spontaneous and massive civil disobedience, basically highlighting how the citizens affected by these DMCA do not respect the law, do not want the law, and increasingly do not tolerate the law.
Actually, the bulk of the civil disobedience could be attributed as a reaction to heavy-handed censorship at Digg - at site that claimed to give users editorial control. By heavy-handed, I mean not only deleting anything with the number, and banning users who posted it, and then deleting any negative commentary even if it didn't have the number, and banning any users critical of them, and denying they had a financial relationship with the AACS LA, and deleting any comments pointing that out, and banning any users who attempted to call attention to that relationship (even if they never posted about the number itself).
The truth is, the key was made public on February 11. This whole thing didn't blow up until Digg started their poorly advised, heavy-handed censorship, of the key and of all dissenting opinions. Had Digg handled this differently, such as posting conspicuously what they were doing, and only deleted the messages with the key, and not banned anyone, and allowed dissenting viewpoints (perhaps calmly stating their case), and honestly disclosed their relationship with the AACS LA, then in all likelihood this never would have blown up and caused the key to be replicated everywhere by rightfully angry users. The key had been public for 7 weeks, but it hadn't become widely published until only a few days ago when Digg handled this whole thing in about the worst possible way (given the nature of their site and userbase).
No, Digg did MUCH MORE than simply try to comply with a DMCA takedown notice.
They censored all discussion critical of their actions. They banned users critical of them, even those who never posted the number. They deleted all commentary that pointed out their previous sponsorship by the AACS-LA, and banned anyone attempting to bring this to light.
Their apology pretended like they had never deleted or banned anyone for simple dissent, or even banned anyone, only just deleted the magic number. Even after the apology, they continued to suppress stories calling attention to their censorship of pure, non-infringing dissent speech and mention of their financial relationship with the AACS-LA.
THAT is what much of the Digg revolt was about. It's a LOT more than just the number. Here are a couple good articles with the real truth. The Digg folks would like nothing more than for everyone to believe this was ONLY about a 16 byte number. Please read these and next time you see this mistruth, you'll know better.
Digg fights user revolt over HD-DVD ban - Digg founders took HD-DVD sponsorship.
Digg still isn't telling the whole truth about its HD-DVD sponsorship
Reading the slashdot summary, and even the article itself, you may not realize that the Volume ID is just one piece of the puzzle.
The Volume ID is a small bit of data that's stored partially in the lead-in section, and partially in some other non-data area physically on the disc (which I don't fully understand, and apparently isn't available in the public HD-DVD documentation and is only available under NDA). Compliant drives only read and provide the volume ID after completing a cryptographic handshake, which hasn't been broken yet. So now they've made a firmware patch so the drive reads the Volume ID without authorization, without going through the as-yet-uncracked crpyto authorization process.
The purpose of the Volume ID is to prevent copying a disc by simply copying all its data. Because the Volume ID isn't stored within the data sectors, it can't be read normally. Well, that is, without impersonating the software (which hasn't been accomplished yet), or without a modified drive that doesn't require the software to authenticate before reading and returning the data.
That's all. Just one piece, not a full crack of AACS.
On the doom9 discussion forum where this all happened, everyone was very surprised to learn all existing discs have the same processing key. Those who seem to really know the details all say the AACSLA can use a different processing key on each disc, or small groups of discs. There is a lot of guessing as to how long it'll take them to change how they issue keys for new discs, but it seems certain they will improve soon.
Regarding this statement:
Something needs to be common between every DVD, otherwise you couldn't make players that can play every DVD.
That common element is a "title key" that is unique to that particular disc, and it is encrypted by a "device key" that is embedded inside the player (not on the disc). There are several intermediate decryption steps, where keys and other data are combined in complex ways. But ultimately, there is not some common thing among all DVDs.
The "processing key" is at one of these intermediate steps, shortly after the device key is used. The AACSLA could and should have used a different processing key on every disc or small groups of discs. The term "very lazy" was used on the doom9 forum. The AACSLA almost certainly will start changing the processing key for new discs. How soon, nobody knows.
Nobody has yet discovered (and made public) any "device key". It is rumored that someone may have one and is waiting to release it. The first step in the process involves 512 copies of a key, each encrypted with a different device key, so that any particular player will use one of the 512. The AACSLA can cause new discs to not work with existing device keys, which is what seems to have happened with the recent upgrades to the software players. If anyone ever captures the device key from a major brand hardware player (that is installed in millions of homes and not upgradeable), the AACSLA will have very difficult decision to make!
Some time ago, I got a complaint from someone trying to use my website. I use mod_throttle, mainly due to people trying to run automated whole-site downloader programs that get stuck inside the bugzilla pages. When that happens, every perl-rendered bugzilla page chews up excessive CPU time and they're so heavily interlinked that this continues on forever. The bugzilla documentation specifically recommends installing mod_throttle to deal with this well known problem.
In this guy's case, he wasn't really even aware he was running fasterfox. He'd installed it some time ago and basically forgotten all about it. He had no idea it was set to prefetch.
My mod_throttle settings are pretty liberal. It really takes a lot of excessive, rapid fetching to trigger. That is EXACTLY what fasterfox did.
I examined the logs, and what I saw was fasterfox would prefetch every html link every time a page was visited. Every one, WITHOUT USING THE BROWSER CACHE. That's right, no cache. The same dozen or so pages (linked from the nav bar) would get refetched every single time, even if they were fetched just seconds ago from the last time it saw links to them.
That's just broken. If it were only to check if the html is already in the browser's cache, then after a few pages those most-linked pages would all be cached and the user could have a nice, ultra-fast browsing experience.
The bill requires an automatic audit of 3% of the required voter-verified paper output, and also required signs encouraging all voters to check the paper copy before leaving.
So if that hidden line of code in the OS steals votes, it either will or won't also steal the printed paper output. If it causes the paper to be printed incorrectly, at least some voters will certainly notice and complain and the fraud will be exposed. If it only changes the electronic count and prints the paper according to the voter's wishes, that discrepancy will almost certainly be noticed during the audit of 3% of the paper. Either way, the fraud will become apparent.
Reviewing the source will make such fraud much more difficult to hide, but in all likelyhood, public source review will most likely combat unforeseen security holes and unintentional bugs... which are also important issues. The paper trail and automatic audit will also expose such problems, but only after the fact. Source review can potentially prevent problems before the election, which is why it's such a good idea.
This reminds me of pretty much the only Simpson's episode I ever saw....
... "stranger" ... looks at the furious crowd rapidly approaching ... "angry mod" ... turn to the car "stranger" ... and hops in. (or something like that, it was years ago)
.... "give up Microsoft deals" ... "lose linux business" .... looks at mighty Microsoft able to do whatever they want with barely a slap on the wrist from the DoJ .... "give up Microsoft favor" .... turns to Linux fans - "piss off linux users", ok then.
Bart does something to piss off a large crowd. They start chasing him, our for vengeance. A car pulls to to a screeching stop in front of Bart and a well dressed man offers Bart a get-away ride.
Bart says quickly, "angry mod"
I can just imagine execs at Dell
We've heard all this "too many choices" - "too hard for newbies" over and over. Yeah, right. That's the real reason, yeah!