Re:Someone discovered Windows is insecure.
on
Shattering Windows
·
· Score: 1
Indeed. I thought WindowsUpdate was a little too obvious and easy. The same goes for the alleged "callback" in winXP, because both of these examples already takes away your possession of your computer by Law #1. After all, if you assume M$ is a "bad guy" and you run their OS, then you've already lost possession.
QED, or something like that.
Re:Someone discovered Windows is insecure.
on
Shattering Windows
·
· Score: 1
Hello and welcome to/. News! It's now 11pm!
This article, referenced in the M$ email in the article, points to 10 points on security.
Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore.
So, unless I run Linux or BSD or some other OS, "Uncle Bill" owns my computer! Yay...
Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore.
For the sake of this argument, assume Microsoft is a "bad guy". So, if I run some operating system (say, MacOS or Solaris) and it runs IE and supports DirectX, and DirectX is used to execute code to write to some important files in the System Folder, then I've lost possession of my computer.
Or what if some administrator is feeling a little frazzled and puts up something malicious on windowsupdate.com?
Law #4: If you allow a bad guy to upload programs to your web site, it's not your web site any more.
Remind me again about that <INPUT TYPE="file"> form submission tag, and why it should ever be used? Or implemented in the first place? I can just see somebody using IIS and having a form for uploading files getting compromised because he/she received an infected program or a trojan.
I wonder if they should have considered this last law before pulling their maneuvers:
Law #9: Absolute anonymity isn't practical, in real life or on the web.
They knew we'd all find out, right?:)
I could see some extreme potential for anti-M$ FUD here. Or at the very least, some obnoxious lambasting with cold facts!
Sounds fair. So publish us some screenshots, or give us some info. You could advance the scientific community--but you'll never do it by sitting on your work/discoveries.
Some scientists strive for fame and fortune.
Others strive for the bettering of mankind.
Me, I strive to do both, and neither, depending on my mood.
As always, YMMV. HTH. HAND. For some value of each.:)
Unless I missed something, 2**7 == 128. And what I understand is that many programs, while patched to avoid Y2K problems, may still be programmatically configured with a base year of 1900. If that 8th bit of that byte were used for a one-bit flag of some sort...
Well, that sounds quite frightning.
But I don't quite follow the logic on 2038.
Anyway, the local speculation here was that most unix systems would fall to the 2028 bug, not the Y2K bug. But COBOL can be damned anyway.
Many of the policies tend to be quite clear on this issue. For example, my state:
5. JURISDICTION. Transmitting or causing the transmission of unsolicited bulk electronic mail to or through an interactive computer service's computer network located in this state shall constitute an act in this state.
That legalese, I think, is sufficiently clear to stand by itself. That said, of course, IANAL.
On another note, Utah and Ohio are somewhat known for tighter legal control.
After all, they are among the states that get special mention on those satellite channels that give titillating promos for the porn channels.
And they're the states that were the reason for the "you may have other rights, which vary from state to state" you find in most license agreements; these states are the ones that have laws that specify that even a license that completely disclaims all liability can't be held up in court.
In short, if I agreed a little more with some of their more unconventional laws, I'd move to Utah in a heartbeat.
But FWIW, I have begun documenting my spams. Occasionally I do unsubscribe, but most I just send to the Federal Trade Commission. I figure that someday there might be a precedent, and I wouldn't mind making $500 per unsolicited email.:)
Anyway, I got the idea for spamming the FTC from here.
The site also shows a big simulator for training. It looks like your average 6-wheeled ATV. So, apparently they've experimented with a series of wheeled designs too. And they don't look like big green ants.
On a side note, it rather reminded me of a grasshopper, not an ant.
But I just want to see that simulator software GPL'd. Run it on Windows or Linux, I don't care. Even if it weren't turned into a game, it'd be cool for the geek factor!:)
CNN and Headline News is covering it too.
With AOL in their back pocket, it's interesting to see that their eyes wouldn't be blinded by something such as this--their users should be so used to popups, thinking that they just happened and that was one of the virtues or some integral function of the Internet.
But as CNN says, "Google denounced pop-up ads in January."
Weird, I don't remember popups on Google. Ever. I don't even remember graphic ads. Perhaps they're referring to Google's filtering of popups in their cache?
You know, that article seemed plausible to me for most of the read, but near the end I had to stop and wonder for a bit before mentally throwing the whole thing out.
Not taking into account differences betwixt win98 and win2k, I first had to sit and wonder about the "[:" drive. I've never seen a system that was capable of exceeding 26 drives. Someone with more experience may be able to comment here on the features of Win2k, but I am almost 100% certain one can't access a drive by number or symbol on win98 or anything earlier (the closest approximation being network shares via "\\host\share".)
But one should consider that there are many systems, Win2k, WinNT, WinXP, or Win9x, that either don't get the "Network Neighborhood" shares and browsing ability configured in the first place. This would skew that paricular scale a good bit.
Also, many people in my area never change the names of the icons on the desktop. Many just stick with the Themes. Me, I just skip the themes and leave the bland defaults. After all, I only see my Windows desktop when I want to do something I can't do on my system in Linux...
But when the article claimed that fresh reinstalls no longer work, I had to dismiss the article. Disk failures and failed flash upgrades being the only things that would prevent me from starting anew, I've been known to use a computer for 12+ years before retiring it.
Now, if you would like a metric, I prefer to use this system:
With my last 3 or 4 systems, I perform fresh installs during the normal New Year's celebrations.
Cruft measurements are done by a calendar. We're now ending July, so I anticipate my system to be nearly 2/3 of its maximal cruft rating.
With Windows, this is something I consider commonplace. With Linux, I don't have to perform this task, but it's useful for freeing up disk space and getting all my programs running with the same libraries.:) It's also great to start over and then find a solid starting point for installing the security patches and bugfixes.
The OS utilized in aircraft is generally either Wind River's VxWorks or OARcorp's RTEMS.
RTEMS is open-source, but it seems to have outgrown its Ada ancestry.
Aircraft control code is written in Ada because Ada was designed for real-time embedded applications such as these.
Of course, the operating system in both products above is a very minimalistic one indeed, and things like memory allocation and device management are neither abstracted away nor handled for you. This means that the work of writing a reliable device driver and making certain to deallocate memory after it has been used is left to the programmer to do. And many programmers tend to commonly make mistakes in these areas, causing many problems.
There's a company called Rockwell-Collins out in Iowa that builds and programs aircraft. I can't speak much more than these for specifics (I didn't work there, and NDAs prevent acquaintances from cluing me in) but I know that there is a great deal of testing before certification of the software for use by the FAA, and so hopefully enough bugs would be found and squashed by then that rebooting the in-flight computer should certainly not be a common thing.
Disclaimer: I am not an employee for RCI, nor have I ever been.
You have a small problem. Unlike the formatted standard on Headline News that gobbles up the left 1/3 and bottom half of the screen, or the VH1 Morning that takes a similar fashion, I'd expect this to be the very annoying format-the-screen-to-free-up-a-portion that only tears up the screen for the popup ad, then returns to normal.
Thus you need 1) a motorized piece of cardboard to cover it only when the ad is up, or 2) an on-the-fly reformatter that can stretch the video back out. This second option would be preferable, as it would effectively nullify the ad.
I tend to think it's more effective to do as moviemakers have done for years--incorporate everyday products into movies, plastering the company's ad on the product in the movie. This form of advertising is nice because you have the added value of hero affiliation (for example, a guy buys a Trojan condom because, say, Tom Hanks used a Trojan on Meg Ryan in some movie.) This form of advertising is more subconscious and transparent to the customer, and far less annoying. It also can be nicely done without breaking up the movie.
So just take the commercials, and throw them right out the window. Decommercialize TV, and more people will be interested in wasting their time in front of it.
Javascript popups--I KNEW there was a reason I stick to lynx!
But then, I watch TV strictly for the commercials. Not because I care for the products, but because they keep getting more and more extravagant to grab the weakening attention of the consumer.
Katz did once write an article on the Attention Economy--just don't say he didn't tell you so!:)
Am I the only one here old enough to remember this? Seems Bowie was for mp3s back then.
Nevertheless, I've never seen any mp3s on his web-site.
Besides, with Bowie's Al-Gorish claims to geekdom in the past, and a webpage that insists I go get a new plugin... Hey, where's the non-flash version? This sort of eyecandy whoredom that goes with most bands' web-sites is rather quite sickening. If you're in a band, what would your fans want?
Samples, mp3s, demos, unreleased material
Tour dates
photos
A way to communicate with the band
etc.
I refuse to believe that if you're in a band, that your fans really want lots of eyecandy that's just that--eyecandy. If you're an artist in the visual sense, then perhaps some eyecandy is to be expected. But in a band--no. And flash? Flash might do some okay things, but it's never used right....
Bowie has had some interesting quips in his day, but he seems altogether too self-absorbed. Okay, the music is okay, some of it. But his 15 minutes of fame are over.
Hmm. Last time I checked, I thought firmware was burned onto a chip. Thus it cannot be harmed...
Of course, after flash BIOS came out, that might not be quite so accurate anymore.
Nevertheless, I wish I owned a mac or two to test this on. More likely the disk being locked in the drive and not being removed is simply causing the mac to not boot, because it was configured to boot off a CD if it recognized the disc as bootable.
I'd be more interested to see that some hobbyist tried it in a mac, and instead of shipping the mac back to the dealer like an average user, he/she removed the CD and verified that the system returned to its normal happy mac icon boot sequence.
Once again giving up the ability to mod down the trolls to add a bit of insight that appears to have been missed.
In my 23 years of life, I have had 2 girlfriends. I slept with but did not have sex with the first one. The one I'm with now claimed my virginity, we've been together just over 2 years, and we've done it 304 times.
Yes, I'm counting. I still have trouble believing I'm getting any. She thinks it's cute when she asks and I can tell her how many times we've done it.
My policies:
I count only full cycle encounters. Either I, as the male, am going to cum, or we'll have to consensually stop because we've been going on too long and got tired.
If she's really wet and I slip out, putting it back in doesn't change the count.
Oral sex doesn't change the count, although it theoretically could if it were one long sustained blowjob that didn't involve penetration and eventually ended in orgasm.
If she cums I count that separately -- I keep various counts going. But the whole lovemaking session counts as 1, no more. To date, I've only successfully gotten her off about 27 times. Yeah, that's kinda unremarkable, I think, 27 into 304 is less than one in ten times. But she seems to be happy with it when it really happens..
I don't claim to be an expert, but I've always got something new I want to try. She's a little suspect of the new toys, but she wanted them bought--we just haven't used them yet.
We've tried 37 unique positions, and often end up in one of a few tried-but-true positions.
I took a sex class here at the university -- she was eager to look over my books.
And that's about all I have to say about that.
I'm assuming this is germane to the discussion. Check my info -- I don't post trolls...
Okay, this may sound a little Microsoftian, but I don't see why this couldn't work.
First, as stated above, the "legacy site" referred to in the propsal could easily be your computer, eliminating the need for subscription services between sites, making the member.xml file a simple cookie.
But why can't the browser build in the "You know me" button? The system could be done with a few simple cookies, built on a tier system.
Netscape Communicator comes with a cheesy profile manager, which really isn't very useful unless it's tied to an LDAP server. But through the profiles, you could provide what information you wish to disclose, on a tier system.
The browser could browse all sites at Tier 0, where your most public and non-identifying information is kept. If a site wants it, it might get your first name, for example, for a more personal touch. Say your name is Karen, it could say "Hello Karen!" but it wouldn't get any other personal information.
The "You know me" button could increase the Tier level for the site that is being displayed, providing incrementally more data to the form you're filling out for ordering something, for example.
So for the decentralized server, I have only one word: LDAP. It's currently in place, it's local, and you can have users that can set their own information or have it admin-maintained, and with some modifications to a browser it could easily be implemented.
As for specifying the "URL to the XML data on the legacy site", that's as difficult as going to the preferences and specifying your ldap server, then authenticating with it.
And you get your bookmarks too, for free! What a deal!
I believe he really meant this.
It's a rackmount, but on wheels, not wall-mounted.
Painfully pricey, though, in the $700-$900 range, and 29u. Still bigger than the thread was suggesting.
Giving up the chance to moderate to make an obeservation.
This reminds me of an old security program I used to use (way back in my MS-DOS days.) It was called PC-LOCK, and the default password was "PASSWORD". Installed lightning fast--even considering all it did was rewrite the partition IDs, update the bootsector on the active primary partition, and add a TSR device driver to config.sys (which allowed you to hit the shift key 3 times in rapid succession to lock the system.)
I suggest LCD display as follows:
Unless I misinterpreted, the box doesn't have a serial port. So we have to get a little creative:
1. Get the Cappucino.
2. get a USB hub.
3. Install linux on it.
4. Get a linksys usb ethernet adapter.
5. get this usb serial adapter.
6. Get the serial LCD 2x16 display from JDR Microdevices. In the components section, they have one that attaches to a serial port.
7. Install USB support, and then configure the serial port and use setserial to get things going.
You might have to write a little code to make it work, but it should be relatively simple writes to the/dev/ttySx device.
The beauty of using the cappucino would allow me to do this but using double-stick tape and tacking it all on the back side of my door and run wires out through the peephole to the outside of the door where I mount the LCD. 3 little boxes (cappucino, usb hub, LCD serial interface) stuck to the door, and a few cables, with the power and cat5 cords coming down from above, with enough slack to allow the door to open...
Seems like a reasonable project, and would allow me to program the display over the network from my main server.
Voila! A personal electronic bulletin board!
And the idle cpu cycles on the cappucino could be used for something more interesting, say SETI or distributed.net processing...
From the document U. Of Ill. Policy on Patents and Copyrights:
SECTION 2. DEFINITIONS
(d) University Resources Usually and Customarily Provided. When
determining ownership and license rights in copyrightable works,
"university resources usually and customarily provided" includes such
support as office space, library facilities, ordinary access to computers
and networks, or salary. In general, it does not include use of students
or employees as support staff to develop the work, or substantial use of
specialized or unique facilities and equipment, or other special
subventions provided by the University unless approved as an exception.
SECTION 4. COPYRIGHTS
(2) Works created as a specific requirement of employment or as an
assigned university duty that may be specified, for example, in a written
job description or an employment agreement. Such specification may define
the full scope or content of the employees university employment duties
comprehensively or may be limited to terms applicable to a single
copyrightable work. Absent such prior written specification, ownership
will vest with the University in those cases where the University provides
the motivation for the preparation of the work, the topic or content of
which is determined by the creators employment duties and/or when the work
is prepared at the university's expense.
Here at the University of Northern Iowa we have a similar document, and this issue also came up with me recently when developing the low-level software which would be used to control the devices in a computer-controlled train set. Some of the devices required too complex a driver to be really considered within the scope of the class (the course was on Real-Time Systems; we were largely interested in the concurrency aspect.)
As I was more proficient in working with the low-level driver code, I wrote that, and released it under the GPL to the other students and the professor, so it could be used again in future semesters.
However, the terms I included above (which are in my own university's policy) would have completely invalidated my release of it under the GPL, under the conditions that:
The University provided the motivation,
the university provided the resources (train hardware and computing resources on which I wrote, tested, and stored the code),
university expense could be claimed for the time it took me to develop the code, and
they could lay ownership claim to the work, refusing to permit me to keep my grade in the course or to allow me to graduate if I refused.
There was also the issue that, as I was providing work which could be retained by the university, I could be considered an employee, despite the fact that I am not employed by, nor was I paid for my work by the university. And all because I was writing code that the other students in the class couldn't/wouldn't write. This is why they can claim expense simply for the time I put into it: others could not use the hardware without the code I was developing, and therefore I was "inhibiting the academic process" by only taking time to develop software to help the other students!
Fortunately, the issue of legal ownership did not end up becoming a key concern, as the application of my drivers were considered too specialized to be of any applicable use in any other context. However, the point is still there--the university could indeed lay claim to all effort I put into the project, and could resell the entire project, complete with my code but without my written consent, all because of the policies laid out in the document.
Of course, they did the same thing that is done in the first stages of building gcc as a cross-compiler: build a compiler that compiles the compiler you'll eventually use. This early-stage compiler need not support all of C, only the parts that the compiler uses.
if you look in this Makefile, you'll see that in stages one and two it builds a program called xgcc, which it later deletes, but not before it compiles your cross-compiler.
the nice thing about doing this is that the compiler that is finally built when the entire compilation process is complete doesn't have to necessarily be "real C" in the source code. It could be a nice intermingling of any number of languages. It isn't, but it does give them that freedom.
So to review:
gcc (installed) -> xgcc -> new gcc compiler
Well, I see that it has been suggested and flamed,
but I'm going to suggest the same thing. I'm taking a class called "Human Relationships and Sexuality" and we actually did discuss having sex with a willing partner, for the purpose of muscle relaxation and pain relief. I think it goes without saying, but there's always the other risks too, so if you try this option, protect yourself. (Protection methods are outside the scope of this document.)
It was suggested that if you are having lower back pain, you should lay down and let your partner be in control, taking the strain off your back temporarily, and after it's all over, the hormones and endorphins released are very good for relieving pain. This was also discussed as the most natural way possible to cure a headache, despite the culturalized "Not tonight honey, I have a headache." joke so many of us are familiar with.
Of course, our erotophobic society won't accept this behavior, so (at least in public work places) I'd suggest getting up and stretching, maybe walking around a few minutes (a trip to the watercooler or something might work), or using a naproxin sodium product, such as Alieve. If alieve is unavailable in your area, you could go for an ibuprofen product, but these tend to be less effective, at least in my experience.
I would have suggested the very same thing, for determining what files get installed/removed. Make a basic filesystem and chroot into it, and then install/run the commercial app. This way your system would be protected.
Of course, my other suggestion would put things into a little more perspective:
1. Make a complete system backup.
2. as root: md5sum `find / -name \*` >/files.1
3. ls -l `find / -name \*` >>/files.1
4. install the commercial app.
5. repeat steps 2 and 3, to different filenames(files.2).
6. diff/files.1/files.2
the output of #6, if you were feeling properly bored, could be parsed by a perl or shell script if you wanted it pretty, otherwise you'd know what files were created, deleted, or modified.
Of course, this solution wouldn't have the foresight to note the differences in other system changes, such as the log files... But you could deal with that yourself.
btw, I assume bash as your shell... you can probably avoid the backslash escape before the asterisk in other shells. heh
Despite the article's BS, Linux WILL run on a Pentium 4.
I have been subscribed to the lkml (Linux Kernel developer Mailing List) for several months now, and it was over a month ago when this topic came up. There was much controversy over why Intel chose a nonsequential number for the CPU ID, so it had to be coded around.
But the article speaks rubbish. Dealing with CPU IDs is not a distro-specific problem, it is an issue for the kernel only.
Now, RedHat might have gotten around it--but they've been releasing their own versions of the kernel, gcc, binutils, and their own kernel drivers for several versions now. (They get flamed often in lkml for this...)
One would be to start distributed sniffers on every network around the globe, that merely sent logs back to some centralized location for tracking. We could write a dozen different worms that manage to invade various OSs, and patch init so it sends data out over the network--even through firewalls!
The other easy way is to put a patch into everybody's browser that sends stats back somewhere--but then we'd need to make them upgrade to it.
I got it! Why don't we just all go IPv6 and tell the world that there isn't a browser in existence that supports it! Then they'll have to upgrade!
Oh wait, didn't M$ put tracking hooks into IE on ME?!?!! Seems to me I already saw that..... heh
When I read about this one for the first time, I immediately expected it to be so darn hackable it's not even funny.
Based on the specs from when I first read about it, I figured the only hack-proofing measures to be taken were : too small a case, mercury switch (and who sees those in computers nowadays?), proprietary CDROM, hardcoded BIOS. Everything else seemed quite standard and PC-like from the descriptions I read.
Of course, now that it's hit/., it'll no doubt go the way of the IOpener--oh wait, they aren't trying to recoup their losses by forcing you into a service contract with an overpriced ISP!
I know I'll be hoping that it's still around when I get paid again around Dec. 1.
Slashdot Mirror
QED, or something like that.
This article, referenced in the M$ email in the article, points to 10 points on security.
- Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore.
- So, unless I run Linux or BSD or some other OS, "Uncle Bill" owns my computer! Yay...
- Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore.
- For the sake of this argument, assume Microsoft is a "bad guy". So, if I run some operating system (say, MacOS or Solaris) and it runs IE and supports DirectX, and DirectX is used to execute code to write to some important files in the System Folder, then I've lost possession of my computer.
- Law #4: If you allow a bad guy to upload programs to your web site, it's not your web site any more.
- Remind me again about that <INPUT TYPE="file"> form submission tag, and why it should ever be used? Or implemented in the first place? I can just see somebody using IIS and having a form for uploading files getting compromised because he/she received an infected program or a trojan.
I wonder if they should have considered this last law before pulling their maneuvers:Or what if some administrator is feeling a little frazzled and puts up something malicious on windowsupdate.com?
- Law #9: Absolute anonymity isn't practical, in real life or on the web.
They knew we'd all find out, right?I could see some extreme potential for anti-M$ FUD here. Or at the very least, some obnoxious lambasting with cold facts!
Some scientists strive for fame and fortune.
Others strive for the bettering of mankind.
Me, I strive to do both, and neither, depending on my mood.
As always, YMMV. HTH. HAND. For some value of each. :)
Unless I missed something, 2**7 == 128. And what I understand is that many programs, while patched to avoid Y2K problems, may still be programmatically configured with a base year of 1900. If that 8th bit of that byte were used for a one-bit flag of some sort...
Well, that sounds quite frightning.
But I don't quite follow the logic on 2038.
Anyway, the local speculation here was that most unix systems would fall to the 2028 bug, not the Y2K bug. But COBOL can be damned anyway.
5. JURISDICTION. Transmitting or causing the transmission of unsolicited bulk electronic mail to or through an interactive computer service's computer network located in this state shall constitute an act in this state.
That legalese, I think, is sufficiently clear to stand by itself. That said, of course, IANAL.
On another note, Utah and Ohio are somewhat known for tighter legal control.
After all, they are among the states that get special mention on those satellite channels that give titillating promos for the porn channels.
And they're the states that were the reason for the "you may have other rights, which vary from state to state" you find in most license agreements; these states are the ones that have laws that specify that even a license that completely disclaims all liability can't be held up in court.
In short, if I agreed a little more with some of their more unconventional laws, I'd move to Utah in a heartbeat.
But FWIW, I have begun documenting my spams. Occasionally I do unsubscribe, but most I just send to the Federal Trade Commission. I figure that someday there might be a precedent, and I wouldn't mind making $500 per unsolicited email. :)
Anyway, I got the idea for spamming the FTC from here.
HTH. HAND.
On a side note, it rather reminded me of a grasshopper, not an ant.
But I just want to see that simulator software GPL'd. Run it on Windows or Linux, I don't care. Even if it weren't turned into a game, it'd be cool for the geek factor! :)
With AOL in their back pocket, it's interesting to see that their eyes wouldn't be blinded by something such as this--their users should be so used to popups, thinking that they just happened and that was one of the virtues or some integral function of the Internet.
But as CNN says, "Google denounced pop-up ads in January."
Weird, I don't remember popups on Google. Ever. I don't even remember graphic ads. Perhaps they're referring to Google's filtering of popups in their cache?
Not taking into account differences betwixt win98 and win2k, I first had to sit and wonder about the "[:" drive. I've never seen a system that was capable of exceeding 26 drives. Someone with more experience may be able to comment here on the features of Win2k, but I am almost 100% certain one can't access a drive by number or symbol on win98 or anything earlier (the closest approximation being network shares via "\\host\share".)
But one should consider that there are many systems, Win2k, WinNT, WinXP, or Win9x, that either don't get the "Network Neighborhood" shares and browsing ability configured in the first place. This would skew that paricular scale a good bit.
Also, many people in my area never change the names of the icons on the desktop. Many just stick with the Themes. Me, I just skip the themes and leave the bland defaults. After all, I only see my Windows desktop when I want to do something I can't do on my system in Linux...
But when the article claimed that fresh reinstalls no longer work, I had to dismiss the article. Disk failures and failed flash upgrades being the only things that would prevent me from starting anew, I've been known to use a computer for 12+ years before retiring it.
Now, if you would like a metric, I prefer to use this system:
- With my last 3 or 4 systems, I perform fresh installs during the normal New Year's celebrations.
- Cruft measurements are done by a calendar. We're now ending July, so I anticipate my system to be nearly 2/3 of its maximal cruft rating.
With Windows, this is something I consider commonplace. With Linux, I don't have to perform this task, but it's useful for freeing up disk space and getting all my programs running with the same libraries.RTEMS is open-source, but it seems to have outgrown its Ada ancestry.
Aircraft control code is written in Ada because Ada was designed for real-time embedded applications such as these.
Of course, the operating system in both products above is a very minimalistic one indeed, and things like memory allocation and device management are neither abstracted away nor handled for you. This means that the work of writing a reliable device driver and making certain to deallocate memory after it has been used is left to the programmer to do. And many programmers tend to commonly make mistakes in these areas, causing many problems.
There's a company called Rockwell-Collins out in Iowa that builds and programs aircraft. I can't speak much more than these for specifics (I didn't work there, and NDAs prevent acquaintances from cluing me in) but I know that there is a great deal of testing before certification of the software for use by the FAA, and so hopefully enough bugs would be found and squashed by then that rebooting the in-flight computer should certainly not be a common thing.
Disclaimer: I am not an employee for RCI, nor have I ever been.
Thus you need 1) a motorized piece of cardboard to cover it only when the ad is up, or 2) an on-the-fly reformatter that can stretch the video back out. This second option would be preferable, as it would effectively nullify the ad.
I tend to think it's more effective to do as moviemakers have done for years--incorporate everyday products into movies, plastering the company's ad on the product in the movie. This form of advertising is nice because you have the added value of hero affiliation (for example, a guy buys a Trojan condom because, say, Tom Hanks used a Trojan on Meg Ryan in some movie.) This form of advertising is more subconscious and transparent to the customer, and far less annoying. It also can be nicely done without breaking up the movie.
So just take the commercials, and throw them right out the window. Decommercialize TV, and more people will be interested in wasting their time in front of it.
Javascript popups--I KNEW there was a reason I stick to lynx! :)
But then, I watch TV strictly for the commercials. Not because I care for the products, but because they keep getting more and more extravagant to grab the weakening attention of the consumer.
Katz did once write an article on the Attention Economy--just don't say he didn't tell you so!
Nevertheless, I've never seen any mp3s on his web-site.
Besides, with Bowie's Al-Gorish claims to geekdom in the past, and a webpage that insists I go get a new plugin... Hey, where's the non-flash version?
This sort of eyecandy whoredom that goes with most bands' web-sites is rather quite sickening. If you're in a band, what would your fans want?
I refuse to believe that if you're in a band, that your fans really want lots of eyecandy that's just that--eyecandy.
If you're an artist in the visual sense, then perhaps some eyecandy is to be expected. But in a band--no. And flash? Flash might do some okay things, but it's never used right....
Bowie has had some interesting quips in his day, but he seems altogether too self-absorbed. Okay, the music is okay, some of it. But his 15 minutes of fame are over.
Of course, after flash BIOS came out, that might not be quite so accurate anymore.
Nevertheless, I wish I owned a mac or two to test this on. More likely the disk being locked in the drive and not being removed is simply causing the mac to not boot, because it was configured to boot off a CD if it recognized the disc as bootable.
I'd be more interested to see that some hobbyist tried it in a mac, and instead of shipping the mac back to the dealer like an average user, he/she removed the CD and verified that the system returned to its normal happy mac icon boot sequence.
Once again giving up the ability to mod down the trolls to add a bit of insight that appears to have been missed.
In my 23 years of life, I have had 2 girlfriends. I slept with but did not have sex with the first one. The one I'm with now claimed my virginity, we've been together just over 2 years, and we've done it 304 times.
Yes, I'm counting. I still have trouble believing I'm getting any. She thinks it's cute when she asks and I can tell her how many times we've done it. My policies:
To date, I've only successfully gotten her off about 27 times. Yeah, that's kinda unremarkable, I think, 27 into 304 is less than one in ten times. But she seems to be happy with it when it really happens..
I don't claim to be an expert, but I've always got something new I want to try. She's a little suspect of the new toys, but she wanted them bought--we just haven't used them yet.
We've tried 37 unique positions, and often end up in one of a few tried-but-true positions.
I took a sex class here at the university -- she was eager to look over my books.
And that's about all I have to say about that.
I'm assuming this is germane to the discussion. Check my info -- I don't post trolls...
First, as stated above, the "legacy site" referred to in the propsal could easily be your computer, eliminating the need for subscription services between sites, making the member.xml file a simple cookie.
But why can't the browser build in the "You know me" button? The system could be done with a few simple cookies, built on a tier system.
Netscape Communicator comes with a cheesy profile manager, which really isn't very useful unless it's tied to an LDAP server. But through the profiles, you could provide what information you wish to disclose, on a tier system.
The browser could browse all sites at Tier 0, where your most public and non-identifying information is kept. If a site wants it, it might get your first name, for example, for a more personal touch. Say your name is Karen, it could say "Hello Karen!" but it wouldn't get any other personal information.
The "You know me" button could increase the Tier level for the site that is being displayed, providing incrementally more data to the form you're filling out for ordering something, for example.
So for the decentralized server, I have only one word: LDAP. It's currently in place, it's local, and you can have users that can set their own information or have it admin-maintained, and with some modifications to a browser it could easily be implemented.
As for specifying the "URL to the XML data on the legacy site", that's as difficult as going to the preferences and specifying your ldap server, then authenticating with it.
And you get your bookmarks too, for free! What a deal!
It's a rackmount, but on wheels, not wall-mounted.
Painfully pricey, though, in the $700-$900 range, and 29u. Still bigger than the thread was suggesting.
Giving up the chance to moderate to make an obeservation.
This reminds me of an old security program I used to use (way back in my MS-DOS days.) It was called PC-LOCK, and the default password was "PASSWORD". Installed lightning fast--even considering all it did was rewrite the partition IDs, update the bootsector on the active primary partition, and add a TSR device driver to config.sys (which allowed you to hit the shift key 3 times in rapid succession to lock the system.)
1. Get the Cappucino.
2. get a USB hub.
3. Install linux on it.
4. Get a linksys usb ethernet adapter.
5. get this usb serial adapter.
6. Get the serial LCD 2x16 display from JDR Microdevices. In the components section, they have one that attaches to a serial port.
7. Install USB support, and then configure the serial port and use setserial to get things going.
You might have to write a little code to make it work, but it should be relatively simple writes to the /dev/ttySx device.
The beauty of using the cappucino would allow me to do this but using double-stick tape and tacking it all on the back side of my door and run wires out through the peephole to the outside of the door where I mount the LCD.
3 little boxes (cappucino, usb hub, LCD serial interface) stuck to the door, and a few cables, with the power and cat5 cords coming down from above, with enough slack to allow the door to open...
Seems like a reasonable project, and would allow me to program the display over the network from my main server.
Voila! A personal electronic bulletin board!
And the idle cpu cycles on the cappucino could be used for something more interesting, say SETI or distributed.net processing...
SECTION 2. DEFINITIONS
(d) University Resources Usually and Customarily Provided. When determining ownership and license rights in copyrightable works, "university resources usually and customarily provided" includes such support as office space, library facilities, ordinary access to computers and networks, or salary. In general, it does not include use of students or employees as support staff to develop the work, or substantial use of specialized or unique facilities and equipment, or other special subventions provided by the University unless approved as an exception.
SECTION 4. COPYRIGHTS
(2) Works created as a specific requirement of employment or as an assigned university duty that may be specified, for example, in a written job description or an employment agreement. Such specification may define the full scope or content of the employees university employment duties comprehensively or may be limited to terms applicable to a single copyrightable work. Absent such prior written specification, ownership will vest with the University in those cases where the University provides the motivation for the preparation of the work, the topic or content of which is determined by the creators employment duties and/or when the work is prepared at the university's expense.
Here at the University of Northern Iowa we have a similar document, and this issue also came up with me recently when developing the low-level software which would be used to control the devices in a computer-controlled train set. Some of the devices required too complex a driver to be really considered within the scope of the class (the course was on Real-Time Systems; we were largely interested in the concurrency aspect.)
As I was more proficient in working with the low-level driver code, I wrote that, and released it under the GPL to the other students and the professor, so it could be used again in future semesters.
However, the terms I included above (which are in my own university's policy) would have completely invalidated my release of it under the GPL, under the conditions that:
There was also the issue that, as I was providing work which could be retained by the university, I could be considered an employee, despite the fact that I am not employed by, nor was I paid for my work by the university. And all because I was writing code that the other students in the class couldn't/wouldn't write. This is why they can claim expense simply for the time I put into it: others could not use the hardware without the code I was developing, and therefore I was "inhibiting the academic process" by only taking time to develop software to help the other students!
Fortunately, the issue of legal ownership did not end up becoming a key concern, as the application of my drivers were considered too specialized to be of any applicable use in any other context. However, the point is still there--the university could indeed lay claim to all effort I put into the project, and could resell the entire project, complete with my code but without my written consent, all because of the policies laid out in the document.
if you look in this Makefile, you'll see that in stages one and two it builds a program called xgcc, which it later deletes, but not before it compiles your cross-compiler.
the nice thing about doing this is that the compiler that is finally built when the entire compilation process is complete doesn't have to necessarily be "real C" in the source code. It could be a nice intermingling of any number of languages. It isn't, but it does give them that freedom.
So to review:
gcc (installed) -> xgcc -> new gcc compiler
I thought we were working on RC5-128 now. hmm.
I think it goes without saying, but there's always the other risks too, so if you try this option, protect yourself. (Protection methods are outside the scope of this document.)
It was suggested that if you are having lower back pain, you should lay down and let your partner be in control, taking the strain off your back temporarily, and after it's all over, the hormones and endorphins released are very good for relieving pain. This was also discussed as the most natural way possible to cure a headache, despite the culturalized "Not tonight honey, I have a headache." joke so many of us are familiar with.
Of course, our erotophobic society won't accept this behavior, so (at least in public work places) I'd suggest getting up and stretching, maybe walking around a few minutes (a trip to the watercooler or something might work), or using a naproxin sodium product, such as Alieve. If alieve is unavailable in your area, you could go for an ibuprofen product, but these tend to be less effective, at least in my experience.
I would have suggested the very same thing, for determining what files get installed/removed. Make a basic filesystem and chroot into it, and then install/run the commercial app. This way your system would be protected.
Of course, my other suggestion would put things into a little more perspective: /files.1 /files.1 /files.1 /files.2
1. Make a complete system backup.
2. as root: md5sum `find / -name \*` >
3. ls -l `find / -name \*` >>
4. install the commercial app.
5. repeat steps 2 and 3, to different filenames(files.2).
6. diff
the output of #6, if you were feeling properly bored, could be parsed by a perl or shell script if you wanted it pretty, otherwise you'd know what files were created, deleted, or modified.
Of course, this solution wouldn't have the foresight to note the differences in other system changes, such as the log files... But you could deal with that yourself.
btw, I assume bash as your shell... you can probably avoid the backslash escape before the asterisk in other shells. heh
Despite the article's BS, Linux WILL run on a Pentium 4.
I have been subscribed to the lkml (Linux Kernel developer Mailing List) for several months now, and it was over a month ago when this topic came up. There was much controversy over why Intel chose a nonsequential number for the CPU ID, so it had to be coded around.
But the article speaks rubbish. Dealing with CPU IDs is not a distro-specific problem, it is an issue for the kernel only.
Now, RedHat might have gotten around it--but they've been releasing their own versions of the kernel, gcc, binutils, and their own kernel drivers for several versions now. (They get flamed often in lkml for this...)
One would be to start distributed sniffers on every network around the globe, that merely sent logs back to some centralized location for tracking. We could write a dozen different worms that manage to invade various OSs, and patch init so it sends data out over the network--even through firewalls!
The other easy way is to put a patch into everybody's browser that sends stats back somewhere--but then we'd need to make them upgrade to it.
I got it! Why don't we just all go IPv6 and tell the world that there isn't a browser in existence that supports it! Then they'll have to upgrade!
Oh wait, didn't M$ put tracking hooks into IE on ME?!?!!
Seems to me I already saw that..... heh
Based on the specs from when I first read about it, I figured the only hack-proofing measures to be taken were : too small a case, mercury switch (and who sees those in computers nowadays?), proprietary CDROM, hardcoded BIOS. Everything else seemed quite standard and PC-like from the descriptions I read.
Of course, now that it's hit /., it'll no doubt go the way of the IOpener--oh wait, they aren't trying to recoup their losses by forcing you into a service contract with an overpriced ISP!
I know I'll be hoping that it's still around when I get paid again around Dec. 1.