/. has configured itself to make this easy for people to do. It's not theft, it's called linking, which is what the web is all about. If you'll note,/. makes money everytime a banner ad is displayed, which basically means this company is linking people to several handfuls of banner ads at/., so don't expect any great complaints from the geek compound.
A coworker of mine was doing smart card security research recently. A smart card is not simply a data storage device, but instead actually contains a small processor. This processor can be programmed to perform public key encryption and hashing, and thus, the smart card is able to limit data access. Rather than pass out the private key to the computer where the person is trying to to authenticate themself, the smartcard receives a secret which can be signed with the private key, passed back out to the authenticating computer, and there compared with the public key with that user. It can be done in a manner similar to PGP signing of email, without the card even possessing the instructions necessary to export the private key from the card.
The equipment that would be needed to get the private key off would be pretty expensive, since you would need to be able to break the card apart and read individual memory locations with some sort of electron scanning microscope or something. (Which is tougher than it sounds.) However, Hong Kong's use of biometric data makes that even more difficult, because you would then have to modify the person carrying the copied card so their biometric data matches what's stored on the card.
Essentially, copying a smartcard like this is astronomically difficult, and at the very least, m uch more difficult than xeroxing a paper card or making a duplicate of a plastic card with a hologram.
If Americans under the age of 18 DID vote, there wouldn't be so many laws making decisions for them and discriminating against them for their age. Instead politicians would be appealing to their vote early, and our government would have an attitude that was much more youth friendly, as opposed to a "Damn youngin's" attitude.
This isn't meant to start a distro war, but the principles on discussion here are similar to my reasons for preferring Debian. It's notoriously not a particularly easy distro, since there is a bit of mental overhead involved with becoming comfortable with it, but once you are, it then becomes (in my non-flamebait opinion) the easiest distro to do really productive things in really quickly.
When I consider the term "ease of use", I always consider two versions of it. On the one side, I have the concept of, "Could my grandma use this without being able to spell computer?" On the other side I have the concept, "Could I, with a little learning, be extremely productive with this?" When both of those concepts are in synch, an interface is then truly beautiful. Programs that can achieve both aspects of ease of use are apparent for their rediculously simple intuitive interfaces, and their extreme usefulness in achieving their purpose. Some of the many examples of this would be xmms or gnapster.
I think interface designers need to start concentrating on finding ways to express usefulness in a simple intuitive manner, rather than simply following the philosophy of interface reduction to keep things simple. I suspect you could fill a doctoral thesis just trying to figure out what it means for an interface to be both powerful and simple. Links would be appreciated.
> For instance it's easy to imagine repulsion forces as a result of exchanging some particles, but it's impossible to explain attraction that way.
Actually... If you take the uncertainty principle into account, you can explain attraction this way. Let's say we have a Higgs particle of a precisely known momentum, p, and this Higgs particle is going to mediate the exchange between particle A and particle B. The Higgs particle leaves particle A in a direction directly away from particle B, with momentum p. But because the momentum is exactly p, the position becomes uncertain (meaning the particle actually exists in multiple locations for a moment). Then since one of the locations where the Higgs particle can exist is at particle B, it is able to essentially strike particle B from the other side.
> Today's hasty cosmic visitor -- known by researchers as 2000 QW7 --
> was discovered just last weekend on August 26, 2000
This makes me wonder what sort of realistic contingency plan we have for reacting to such a thing within a week, if this is all the advanced notice we are going to get. And no, I don't count seeing Armageddon as adequate preparation.
Because anyone who wants to stay up-to-date on security problems with any Linux application can simply stay on the appropriate mailing list and find out when an update patch is available. Microsoft is a different phenomenon, and thus requires different media coverage. Also, the X-Chat vulnerability announcement comes with a fix, the Microsoft Word one is a continuing, acknowledged problem that will likely not be fixed, thus it becomes newsworthy.
Awatmath.1946
net.followup
utcsrgv!utzoo!decvax!watmath!idallen
Tue Mar 9 21:49:08 1982
On telling people not to crack security.
It's like avoiding a black market -- either you "license" people under your own roof to play with your system and (possibly along the way...) find holes, or else you tell them not to play and force them "underground". I'd rather find out from people close at hand, that my system has holes. Telling people not to play won't stop holes from being found. It just means they will be found by less friendly people. -IAN!
Re:Libertarians are for freedom of everything.
on
BSD And Politics
·
· Score: 2
> The freedom to not have to pay for abortions.
Libertarians are pretty much categorically AGAINST things like this being spoon-fed by the government. I suggest you visit www.issues2000.org and read Harry Browne's platform.
Liberty is not obtained by tyranny, nor is it obtained by anarchy. You cannot be liberated when your neighbor can kill you with no penalty. This is not freedom. Freedom is the right to swing your fist so long as it does not strike your neighbor on the nose. Governments should exist for the purpose of ensuring that when each of us swings our fist, we do not strike another. Up to that point, governments serve the purpose of creating BOTH liberty and safety. It is simply when they exceed that point, and start controlling what we do that does not hurt others, that we end up losing liberty, and usually gaining no safety in the process.
Open Source Reporting is definitely the way to go. When reporters open their sources to the general public for review, they can receive careful scrutiny under the "many eyes" philosophy. If we continue to dilly dally around with Closed Source Reporting, we will continue to see the same problems with security, reliability, and dependability that we've been seeing. News reporting is no longer as simple as it used to be, back in the days when a brief summary of the local town meeting and a list of the day's hangings was enough to fill a web page. No, we face a whole new category of reporting problems when we attempt to tackle large-scale news reporting. The only effective way to manage this problem is to promote Open Sources.
I'm American, and we do occasionally have our colletive heads up our collective asses, but not this time. TLD's by country make very little sense. Of what sense is geographic location of a domain server when talking about the internet? A domain server in the UK can resolve a website with one host in the US and one host in Portugal, and it can resolve an ftp site in western Afghanistan.
Portability has a lot to do with the usefulness of a language in the current market. If you have well written C++ code for Windows, you can get some programmers to port it to other platforms. If you write software in a language that runs on MS operating systems, good luck, because then you'll have to completely rewrite it from scratch to sell your software in any other market.
You can gripe about them for closed standards and DVD, but you have to give them credit for keeping the audio cassette tape standardized. A number of companies wanted to make proprietary changes to it, but Sony prohibited them from doing so (by owning the patent).
At age five my father gave me my first exposure to a computer when he started teaching me to program. It changed my life, defined my mode of thought and my way of approaching problems, taught me to probe and experiment, and taught me that solutions can be obtained by ordering a problem properly. These are the fundamentals that we need to be teaching our children, not how to surf the web for pages about monster trucks and pokemon, and not how to make web pages by drag and drop. Children need to learn how to organize their thoughts and approach a problem, and at the same time need to be stimulated to develop procedural thinking. Exposure to knowledge is an end, not a means.
These "experts" are correct in that if we use computers to simply give children exposure to the huge knowledgebase of the web, they gain nothing, and probably lose out on time they could spend doing other things. But they are completely wrong in saying that is all computers can provide for children. Children need to learn how to think in an orderly logical manner, and how to process information. What can do this better than a machine that does nothing but process information in an orderly logical manner? Don't give children a web browser, give them a programming window. You'd be surprised how much programming is like playing with legos when you learn as a child.
At the very least, all colleges should PROVIDE encrypted access to college servers and email. There's no need at this point to ban all telnet and ftp, but when someone has their personal data compromised, then the administration has room to say, "Well, you would have been fine if you had been using a secure protocol like this ssh here that we told you to use." As it is, a lot of colleges don't even support encrypted connections on the server side, making it a wide open playing field for anyone who wants to compromise even the security conscious people.
I play my mp3's using the UI of my choice on my linux box, send them straight out my ultra-cheap SB16 card from before the invention of the transistor, and using $10 worth of cables from Radio Shack, send them right into the back of my sound system. I don't see the need for a dedicated unit for this, unless your processor is too overtaxed to handle the mp3 decoding (in which case, you'd be better off spending the money on a new processor).
That withstanding, I think it's a cool idea, and definitely a positive move for the mp3 format. It will help people realize that it's just another medium, rather than a weapon of anarchy and mass destruction.
What I want is a Linux module that monitors the typing of whoever is logged in as root, and sends an email to a remote address of mine when a violation is detected. That would be extremely useful.
Forget this music crap. If I can route it to my speakers, I can burn it to cd, make an mp3, or record it to tape and take it to my car. Let them develop the technology, then eventually we'll put it to good use.
Slashdot Mirror
How is it controllable??
/. has configured itself to make this easy for people to do. It's not theft, it's called linking, which is what the web is all about. If you'll note, /. makes money everytime a banner ad is displayed, which basically means this company is linking people to several handfuls of banner ads at /., so don't expect any great complaints from the geek compound.
A coworker of mine was doing smart card security research recently. A smart card is not simply a data storage device, but instead actually contains a small processor. This processor can be programmed to perform public key encryption and hashing, and thus, the smart card is able to limit data access. Rather than pass out the private key to the computer where the person is trying to to authenticate themself, the smartcard receives a secret which can be signed with the private key, passed back out to the authenticating computer, and there compared with the public key with that user. It can be done in a manner similar to PGP signing of email, without the card even possessing the instructions necessary to export the private key from the card.
The equipment that would be needed to get the private key off would be pretty expensive, since you would need to be able to break the card apart and read individual memory locations with some sort of electron scanning microscope or something. (Which is tougher than it sounds.) However, Hong Kong's use of biometric data makes that even more difficult, because you would then have to modify the person carrying the copied card so their biometric data matches what's stored on the card.
Essentially, copying a smartcard like this is astronomically difficult, and at the very least, m uch more difficult than xeroxing a paper card or making a duplicate of a plastic card with a hologram.
If Americans under the age of 18 DID vote, there wouldn't be so many laws making decisions for them and discriminating against them for their age. Instead politicians would be appealing to their vote early, and our government would have an attitude that was much more youth friendly, as opposed to a "Damn youngin's" attitude.
This isn't meant to start a distro war, but the principles on discussion here are similar to my reasons for preferring Debian. It's notoriously not a particularly easy distro, since there is a bit of mental overhead involved with becoming comfortable with it, but once you are, it then becomes (in my non-flamebait opinion) the easiest distro to do really productive things in really quickly.
When I consider the term "ease of use", I always consider two versions of it. On the one side, I have the concept of, "Could my grandma use this without being able to spell computer?" On the other side I have the concept, "Could I, with a little learning, be extremely productive with this?" When both of those concepts are in synch, an interface is then truly beautiful. Programs that can achieve both aspects of ease of use are apparent for their rediculously simple intuitive interfaces, and their extreme usefulness in achieving their purpose. Some of the many examples of this would be xmms or gnapster.
I think interface designers need to start concentrating on finding ways to express usefulness in a simple intuitive manner, rather than simply following the philosophy of interface reduction to keep things simple. I suspect you could fill a doctoral thesis just trying to figure out what it means for an interface to be both powerful and simple. Links would be appreciated.
> For instance it's easy to imagine repulsion forces as a result of exchanging some particles, but it's impossible to explain attraction that way.
Actually... If you take the uncertainty principle into account, you can explain attraction this way. Let's say we have a Higgs particle of a precisely known momentum, p, and this Higgs particle is going to mediate the exchange between particle A and particle B. The Higgs particle leaves particle A in a direction directly away from particle B, with momentum p. But because the momentum is exactly p, the position becomes uncertain (meaning the particle actually exists in multiple locations for a moment). Then since one of the locations where the Higgs particle can exist is at particle B, it is able to essentially strike particle B from the other side.
> Today's hasty cosmic visitor -- known by researchers as 2000 QW7 --
> was discovered just last weekend on August 26, 2000
This makes me wonder what sort of realistic contingency plan we have for reacting to such a thing within a week, if this is all the advanced notice we are going to get. And no, I don't count seeing Armageddon as adequate preparation.
Because anyone who wants to stay up-to-date on security problems with any Linux application can simply stay on the appropriate mailing list and find out when an update patch is available. Microsoft is a different phenomenon, and thus requires different media coverage. Also, the X-Chat vulnerability announcement comes with a fix, the Microsoft Word one is a continuing, acknowledged problem that will likely not be fixed, thus it becomes newsworthy.
Awatmath.1946
net.followup
utcsrgv!utzoo!decvax!watmath!idallen
Tue Mar 9 21:49:08 1982
On telling people not to crack security.
It's like avoiding a black market -- either you "license" people under your own roof to play with your system and (possibly along the way...) find holes, or else you tell them not to play and force them "underground". I'd rather find out from people close at hand, that my system has holes. Telling people not to play won't stop holes from being found. It just means they will be found by less friendly people. -IAN!
> The freedom to not have to pay for abortions.
Libertarians are pretty much categorically AGAINST things like this being spoon-fed by the government. I suggest you visit www.issues2000.org and read Harry Browne's platform.
Liberty is not obtained by tyranny, nor is it obtained by anarchy. You cannot be liberated when your neighbor can kill you with no penalty. This is not freedom. Freedom is the right to swing your fist so long as it does not strike your neighbor on the nose. Governments should exist for the purpose of ensuring that when each of us swings our fist, we do not strike another. Up to that point, governments serve the purpose of creating BOTH liberty and safety. It is simply when they exceed that point, and start controlling what we do that does not hurt others, that we end up losing liberty, and usually gaining no safety in the process.
Open Source Reporting is definitely the way to go. When reporters open their sources to the general public for review, they can receive careful scrutiny under the "many eyes" philosophy. If we continue to dilly dally around with Closed Source Reporting, we will continue to see the same problems with security, reliability, and dependability that we've been seeing. News reporting is no longer as simple as it used to be, back in the days when a brief summary of the local town meeting and a list of the day's hangings was enough to fill a web page. No, we face a whole new category of reporting problems when we attempt to tackle large-scale news reporting. The only effective way to manage this problem is to promote Open Sources.
I'm American, and we do occasionally have our colletive heads up our collective asses, but not this time. TLD's by country make very little sense. Of what sense is geographic location of a domain server when talking about the internet? A domain server in the UK can resolve a website with one host in the US and one host in Portugal, and it can resolve an ftp site in western Afghanistan.
> The article mentions about .ORG as being for charities. That really pisses me off. .ORG is for non-profit organisations.
:)
Like Slashdot.
And it will be run by the same people who run the U.S. Patent Office.
Portability has a lot to do with the usefulness of a language in the current market. If you have well written C++ code for Windows, you can get some programmers to port it to other platforms. If you write software in a language that runs on MS operating systems, good luck, because then you'll have to completely rewrite it from scratch to sell your software in any other market.
Mitnick and Pascal, two things the world could have done without.
See it often.
You can gripe about them for closed standards and DVD, but you have to give them credit for keeping the audio cassette tape standardized. A number of companies wanted to make proprietary changes to it, but Sony prohibited them from doing so (by owning the patent).
Have you ever heard of Quake?
At age five my father gave me my first exposure to a computer when he started teaching me to program. It changed my life, defined my mode of thought and my way of approaching problems, taught me to probe and experiment, and taught me that solutions can be obtained by ordering a problem properly. These are the fundamentals that we need to be teaching our children, not how to surf the web for pages about monster trucks and pokemon, and not how to make web pages by drag and drop. Children need to learn how to organize their thoughts and approach a problem, and at the same time need to be stimulated to develop procedural thinking. Exposure to knowledge is an end, not a means.
These "experts" are correct in that if we use computers to simply give children exposure to the huge knowledgebase of the web, they gain nothing, and probably lose out on time they could spend doing other things. But they are completely wrong in saying that is all computers can provide for children. Children need to learn how to think in an orderly logical manner, and how to process information. What can do this better than a machine that does nothing but process information in an orderly logical manner? Don't give children a web browser, give them a programming window. You'd be surprised how much programming is like playing with legos when you learn as a child.
At the very least, all colleges should PROVIDE encrypted access to college servers and email. There's no need at this point to ban all telnet and ftp, but when someone has their personal data compromised, then the administration has room to say, "Well, you would have been fine if you had been using a secure protocol like this ssh here that we told you to use." As it is, a lot of colleges don't even support encrypted connections on the server side, making it a wide open playing field for anyone who wants to compromise even the security conscious people.
What's the world coming to? I heard this on the radio this morning before I got around to checking Slashdot. Amazing that this is radio-worthy...
I play my mp3's using the UI of my choice on my linux box, send them straight out my ultra-cheap SB16 card from before the invention of the transistor, and using $10 worth of cables from Radio Shack, send them right into the back of my sound system. I don't see the need for a dedicated unit for this, unless your processor is too overtaxed to handle the mp3 decoding (in which case, you'd be better off spending the money on a new processor).
That withstanding, I think it's a cool idea, and definitely a positive move for the mp3 format. It will help people realize that it's just another medium, rather than a weapon of anarchy and mass destruction.
What I want is a Linux module that monitors the typing of whoever is logged in as root, and sends an email to a remote address of mine when a violation is detected. That would be extremely useful.
Forget this music crap. If I can route it to my speakers, I can burn it to cd, make an mp3, or record it to tape and take it to my car. Let them develop the technology, then eventually we'll put it to good use.