We would be foolish to not let the reality of terrorism affect our foreign policy. I didn't say we should let terrorists set our foreign policy. Are you saying that the deaths of thousands of civilians are an insignificant side-bar which should not be allowed to impact how we conduct our foreign affairs? The fact that our current policies have led, however indirectly, to the deaths of thousands of innocent American civilans certainly needs to be taken into account. I mean, you seem to be arguing that we cannot, under any circumstances, allow terrorism to control foreign policy. That argument is basically saying civilan deaths at the hands of terrorists are not important, and do not warrent any consideration in our foreign policy. But of course, that isn't what you mean. I think what you might actually mean is: terrorism should only make our foreign policy more violent. We should never allow the deaths of civilans to make us want to take a more peaceful path. Is that more what you are arguing?
Really, I don't see how any one can argue with the fact that our current foreign policy has led to thousands of civilan deaths, and we should take that fact into account going forward. It's pure folly to not let recent events guide us going foward. You act like it's a good thing for us to stumble forward ignoring the bodies that we are literally tripping over, because to do otherwise would be to give terrorists control. Wake up. Yesterday, they were in control. The sooner we acknowledge that we are not all powerful and adjust our policies accordingly, the better off we'll be in the long run.
While I would tend to support this position in most circumstances, planes are special. At altitude, firing a gun on a plane is very likely to puncture the skin of the aircraft causing depressurization. On the street an errant bullet in unlikely to cause any significant harm. On a plane, the opposite is true. Any errant shot has a very real chance to take down the plane.
Why should we increase our support of Israel ten-fold? So that we can get attacked again? It's high time we realize the we are vulnerable, and will always be vulnerable as long as we maintain an open society. Does that mean that we shouldn't respond to this latest attack? Of course not. But at the same time, we should realize that our foreign policy is literally driving large numbers of people into suicidal frenzys!
Rather than go into a blind rage of fury, we need to look long and hard at how the rest of the world views our policies and talk about whether the risk those policies create offsets the benefits. We may very well find that the lives lost in NYC yesterday are the price we pay for cheap gas. After all, oil is the only reason we give a damn about the middle east. I know I'm being overly simplistic, but the reality is that our actions have consequences. We need to be willing to talk openly and honestly about these things. Letting the rage of the moment cloud our judgement in this time of crisis is the worst thing we can do.
I believe it is you who is out of touch with American foreign policy. You see, we provide weapons to Israel. Israel then uses those weapons to attack Palestine. In some recent cases, being so bold as to launch air-to-surface missles at cars in order to kill the drivers or attack houses in inhabited areas. If you really think that Palestinians who watch their people being attacked and killed by American-made helicopters and jets hate us because we are rich, you need to pay more attention. Not that any of this justifies todays events. But, Palestinians have quite valid reasons for disliking the US. And, as a democrocy, we do bear responsibility for the actions of our leaders. So perhaps you should pay more attention to what our leaders are doing in our name and vote accordingly.
Given that they seem to have had absolutely no clue at all, I would say they don't seem very necessary at all. In fact, they probably give us a false sense of security. Perhaps it's time for Americans to realize that the worlds largets military and largest spy organizations don't allow us to screw with the rest of the world with impunity.
Because if so, you have just commited a serious crime. One that is punishable by heavy duty jail time. By linking to a web site which distributed circumvention technology, you are just as guilty as the criminals who are distributing the circumvention tech. At least according to the precedent set in the 2600 lawsuit.
I'm not going to deny that coffee is addictive. But, you should take into account that you are probably severly dehydrated when you are drinking 2 cups of coffee and a 6-pack of coke a day. Most Americans are chronically dehydrated. If you just cut out most of the coffee and cokes, and drank a lot of water, you would feel a lot better. And still have your morning cup of joe! That's what I do.
I agree completely. All government funded software should be public domain. I'm sick and tired of my tax dollars going to fund development of commercial software. This is nothing more than welfare for rich (and in the case of M$, criminal) organizations.
The main difference is that they address totally different security needs. Grsecurity is focused on preventing various common buffer overflows, race conditions, port scans, etc. It doesn't really do anything to make the basic Unix permissions any more fine grained than the currently are.
On the other hand, the SELinux is focused on exactly this. It allows you to specify much more finely grained permissions for users and processes. This actually complements the grsecurity work. SELinux is focused on minimizing or containing the damage that can be done with a given application. This can both minimize the things that a buffer overflow can do, and minimize the evil tricks that a user might be able to get away with using installed software. For example, a user could restrict what directories netscape is allowed to read and write to. Or an admin could restrict 'top' to opening the kernel read-only so that a buffer overflow wouldn't enable root access. Or preventing even 'root' from changing important system-level libraries and binaries.
All sorts of really neat things are possible. The downside of course, as you mentioned, is more complexity to administer. But it doesn't make sense to compare Grsecurity and SELinux. They address different security shortcoming of Linux.
I think the LED's are inherently more efficent than the fluorescent lamps currently in use. They will certainly be more durable and probably cheaper in quantity too.
I'm not really sure what the color flashing is for. Maybe you could use a monochrome LCD and cycle it while changing the colors to produce a full-color effect? That might be a lot more efficient than the current color-filters which absorb a lot of light I'm sure.
What is the crypto protecting?
on
MAME on X-Box
·
· Score: 2
I have no doubt that you are right, and M$ probably will use the DMCA to try and stop any XBox hack. Exactly how they will justify it will be interesting, though. I mean, what copyrighted material would they be protecting? At best they could claim that they were protecting the BIOS. Such claims would be excellent for DMCA foes, since clearly there is no actual or even potential copyright infringment taking place. Unlike other DMCA cases, where the activities have created the possibility or even a likelihood of infringement, this potential case would have no such tarnish. It would be clear that the DMCA was being applied to enforce arbitrary use restrictions which have no basis in copyright law.
The main problem with the DMCA would be laid open for all to see: It allows copyright holders to legislate what is and is not "legal" use of their product, and summon the executive branch to enforce whatever "laws" they dream up.
Three others use exactly these words: "If the future is going to be as successful as the recent past, the technology sector must remain free from excess regulation."
Would that be the recent past, or the not-so-recent past? Because I think I speak for a lot of people when I say that the technology sector should not repeat its "success" of the last six months.
If, or when one does, it will open a Pandora's box of ethical and philosophical questions. After all, if a computer is perceived to be as intelligent as a person, what is the difference between a smart computer and a human being?
and
"All of us strongly believe that machines are the next step in evolution," said Dunietz. "The distinction between real flesh and blood, old-fashioned and the new kind, will start to blur."
If these researchers get to the point where they can't see a moral difference between killing a person and turning off a computer, they need to get out of the lab more. What next, natural rights for computer programs? That's like inventing television, and then being unwilling to turn off the TV for fear of killing the little people inside. Rubbish.
TCP windows are probably a bad place. They tend to follow very well defined behavior, and often only change in direct response to other packets in the stream. For example, during a one-way bulk data transfer, the senders window will rarely change at all. The receivers window will usually change only by the amount of data received in a packet. All very very predictable.
Name one? What, is this some kind of joke? Have you even looked at the headline that you are posting under? Professor Felton was specifically threatened with "enforcement actions under the DMCA and possibly other federal laws." if he presented his paper which discussed how SDMI watermarking techniques worked. That's what this whole article is about! Jeez. Go back under your bridge, troll.
Ummm, where to start. Perhaps you should read the provisions of the DMCA. It does not address whether or not people are allowed to copy your works. At all. That's not what it does. That issue is addressed by copyright law. The DMCA does not change who is allowed to legally copy your works. So, as far as this debate is concerned, your whole second paragraph is irrelevant.
You've completely ignored the 1st amendment aspects of the law. Discussion of any technique which controls access to copyrighted material is banned. In your third paragraph you imply that freedom of speech is a perceived freedom of hackers and crackers. Fortunately, your disbelief in the Bill of Rights will not be a factor in court. Neither will your belief that Princeton Univerisity professors are crackers/hackers.
As to your belief in a median compromise, I agree wholeheartedly. The problem is that copyright law is based upon a balance between the rights of the copyright holders, and the rights of the people. The DMCA destroys this balance by allowing the copyright holders to enforce whatever restrictions the technology allows with no concern for the rights of the public. Copyright law, despite the name, doesn't even really address copying. It really only addresses distribution. I'm allowed to copy my books, my software, my music, whatever, as long as I don't distribute the copies. Most importantly, I can use the material I've purchased however I want. The DMCA allows restrictions not on distribution, but on the use, storage, and copying of media. Restrictions that copyright holders have never really had the right to. Moreover, it allows these restrictions to be imposed with no judicial or legislative oversight. It's as though the whole body of copyright law has been trumped by whatever technical measures the RIAA can manage to dream up. And if the technical measures don't really work, well that's OK because you can still have people locked up for discussing the fact that they don't work! If you think this is a balance, I'm curious if you realize that it's not a balanced one. One of the pans is pinned to the base by an 800lb gorilla named DMCA.
This is not about copying music. This is about free speech. This is about whether or not the government can throw you in jail for saying something simply because it might threaten the income of one of their corporate benefactors. If you want to maintain your upper-middle class status and not end up being a slave of some corporate run fascist government, you should try and look at the real issues here. Stop looking at the shiny distracting gadget which is the ability to copy music, and realize that the DMCA is the largest erosion of the 1st amendment in quite some time.
Channel coupling is a method of decreasing the bitrate while maintaining identical or similar quality. Vorbis supports multiple modes, from a "lossless stereo" to aggressive modes. The lossless mode produces greater compression with bit-for-bit identical output results to non-coupled modes. The more aggresive modes sacrifice some of the stereo separation in order to decrease the bitrate.
So, your question is a little silly. The whole point to having multiple bitrates is to allow the user to choose their preferred mix of quality and size. If an aggressive channel-coupling mode can provide significant size savings while having a minimal impact on quality, lots of people will find that worthwhile. And, as you would know if you read the link before posting, you don't have to sacrifice quality at all! Do you really need to ask why someone might want to encode in a mode which has a lower bitrate and identical quality?
I noticed this too. I'm curious what schools are pursuing this type of curriculum. When I was in school, it seemed like I was learning a new language for every class. Whatever language was most apropos was (usually) used. Freshman year Intro class? Pascal. Artificial Intelligence? Lisp. Operating Systems? C++ (that's a little odd, I admit.) Embedded Systems? 68K Assembly. Numerical Analysys? Mathmatica. The default of course was good old C, which I ended up doing a fair amount of.
Re:Code Red is trying to eat me!
on
Code Red III
·
· Score: 2
Code Red will crash some Cisco 675 DSL routers. That's probably why they are calling.
What sophisticated equiment? These guys are using a laptop with a $100 802.11b card in it! Any card based on the Intersil Prism2 chipset will work. D-Link, Compaq. There's a bunch of them, and they tend to be the cheaper cards. They happened to use the Linksys. Since when is anything made by Linksys "sophisticated quitement that isn't readily available"! If you are talking about the antenna to pick up the signal at a distance, there are many ways to make a homemade antenna or convert an old dish for cheap.
You won't find many similarities. The paper that you link to documents a number of flaws in the way WEP is used. These are really generic flaws that apply to the use of any stream cipher. They are not RC4 specific, and focus on two main points. One, the IV is only 24 bits, so there are only 2^24th different key streams. Building a dictionary of all of these is quite doable in a reasonable amount of space. Also, the CRC check on WEP encrypted packets is linear. Bascially it means that you can flip bits in the packet, and know which bits to flip in the CRC portion of the packet so that it will be accepted as valid. This lets you do things like capture a packet, change it's destination address, and resend it. You can use this trick to get the AP to decode the packets for you. Quite slick. I don't know that anybody ever implemented any of these. And again, they are not RC4 specific, and tend to have certain practical problems. You pretty much have to have some knowledge about the network to begin these attacks, such as knowing what addresses are in use.
The new attack is a whole different game. It's based on a RC4 specific attack published by Scott Fluhrer, Itsik Mantin, and Adi Shamir (the 'S' in 'RSA'). It's titled Weaknesses in the Key Scheduling Algorithm of RC4. I don't have a URL offhand. Basically, RC4 has a lot of weak keys. If one of these keys is being used, then knowledge of a few key bits and the output of the cipher lets you determine a little bit more about the key bits you don't know. They theorized that WEP could be attacked with their method.
The latest paper discusses implementation of the new RC4 attack. In a nutshell, they could take the knowledge of the IV (which is used as 24 bits of the key) and the first byte of output from the cipher (easy to determine since all the packets are 802.2 encapsulated SNAP packets making the first byte 0xAA in ALL packets) to determine if the key was likely to be a weak key. They would analyze the packets whose IV indicated it is probably a weak key, and use that to determine the most likely value for the 'secret' key bits.
This is a slick attack for two reasons: it scales linearly with the size of the key. So, a 128-bit key is only about 3 times as hard to crack as a 40-bit key. Ouch. Also, it requires no previous knowledge of the network and is completely passive. Just sniff the packets until you know the key. They found it usually took about five or six million packets.
So, the newest paper is really new. None of the content is related to the paper you link to. It's not just a rehash. That's the amazing thing about WEP. It doesn't just have problems, it has a lot of them. If I had been on the design team, I would be embarrased to admit it. Almost every aspect of the protocol is broken. Almost any part that hadn't been probably will be soon.
Re:Ease of use/installation can go to far
on
KDE 2.2 Tagged
·
· Score: 3, Insightful
You forgot at least one step. You do have the person read and understand the Makefile, right? I mean, you don't really expect them to "make install" without checking out what is going to happen first. Especially when it's a Makefile that's was stored remotely! Actually, you do mention "make -n" but only to see what's going on when things break.
The reality is that there is a certain level of trust involved in downloading and installing software. If a black hat wants to replace some well known installation package with a trojan, it doesn't really matter whether it's being installed via "lynx -source | sh" or "configure && make && make install". Some people will download the go-gnome.com script and check it out. Most won't. Some people look at Makefile's before they "make install". Most don't. make is just as powerful a scripting language as sh, so it's not like one is "safer" to run as root than another. I agree that it certainly feels as though one is safer than the other, but if you think about it for a little bit, they are basically equivalent. Actually, it's easy to prove that they are equivalent. A Makefile can execute any arbitrary shell script that happens to have been downloaded with the tarball. A shell script can include a Makefile which it saves and make's. Any task which can be performed with one can be performed with the other!
In the end, the go-gnome.com trick is a really easy way to bootstrap yourself into having Gnome running. It's something that anybody can run. And yes, they are putting a lot of trust in the source of the shell script. Just like they would be doing if they downloaded tarballs and compiled them. Two paths to the same place with equivalent risk levels. The difference is, a newbie user might get one of them to work. Unless things have changed drastically, trying to compile Gnome from scratch is a challenge even if you have a lot of Linux experience. Last time I tried it, I ended up chasing down to about third-order dependencies before giving up. I don't think a Linux newbie has a chance in hell of compiling Gnome from scratch.
but I can't do this. What's cool about this isn't the fact that they have figured out how to have a computer sort poker chips. It's the fact that they can do it by simply shaking the table! I challenge you to find any human that can simultaniously pass the salt to one end of the table while passing the pepper to the other end of the table by merely shaking it! There is nothing humanlike about this at all.
Here's a theory. Perhaps there is a connection to the fact that the media, especially broadcast media, is owned by the companies that paid for the DMCA? Do you really think Disney-owned ABC is going to come out against the DMCA? Do you really think AOL/Time/Warner, with membership in the RIAA the MPAA and the DVD-CCA, is going to come out against the DMCA? Maybe your local paper (which almost certainly is not locally owned) is slightly more likely to be critical of the DMCA. But more than likely they have their eye on eBook style protections for their own content.
Remember, the DMCA is a law written by and for media companies! A few articles have gotten out. The NYTimes for example has covered it. But the vast majority of the media has not. If you ever needed a clearer example of self-censorship, you probably won't find one.
Slashdot Mirror
We would be foolish to not let the reality of terrorism affect our foreign policy. I didn't say we should let terrorists set our foreign policy. Are you saying that the deaths of thousands of civilians are an insignificant side-bar which should not be allowed to impact how we conduct our foreign affairs? The fact that our current policies have led, however indirectly, to the deaths of thousands of innocent American civilans certainly needs to be taken into account. I mean, you seem to be arguing that we cannot, under any circumstances, allow terrorism to control foreign policy. That argument is basically saying civilan deaths at the hands of terrorists are not important, and do not warrent any consideration in our foreign policy. But of course, that isn't what you mean. I think what you might actually mean is: terrorism should only make our foreign policy more violent. We should never allow the deaths of civilans to make us want to take a more peaceful path. Is that more what you are arguing?
Really, I don't see how any one can argue with the fact that our current foreign policy has led to thousands of civilan deaths, and we should take that fact into account going forward. It's pure folly to not let recent events guide us going foward. You act like it's a good thing for us to stumble forward ignoring the bodies that we are literally tripping over, because to do otherwise would be to give terrorists control. Wake up. Yesterday, they were in control. The sooner we acknowledge that we are not all powerful and adjust our policies accordingly, the better off we'll be in the long run.
While I would tend to support this position in most circumstances, planes are special. At altitude, firing a gun on a plane is very likely to puncture the skin of the aircraft causing depressurization. On the street an errant bullet in unlikely to cause any significant harm. On a plane, the opposite is true. Any errant shot has a very real chance to take down the plane.
Why should we increase our support of Israel ten-fold? So that we can get attacked again? It's high time we realize the we are vulnerable, and will always be vulnerable as long as we maintain an open society. Does that mean that we shouldn't respond to this latest attack? Of course not. But at the same time, we should realize that our foreign policy is literally driving large numbers of people into suicidal frenzys!
Rather than go into a blind rage of fury, we need to look long and hard at how the rest of the world views our policies and talk about whether the risk those policies create offsets the benefits. We may very well find that the lives lost in NYC yesterday are the price we pay for cheap gas. After all, oil is the only reason we give a damn about the middle east. I know I'm being overly simplistic, but the reality is that our actions have consequences. We need to be willing to talk openly and honestly about these things. Letting the rage of the moment cloud our judgement in this time of crisis is the worst thing we can do.
I believe it is you who is out of touch with American foreign policy. You see, we provide weapons to Israel. Israel then uses those weapons to attack Palestine. In some recent cases, being so bold as to launch air-to-surface missles at cars in order to kill the drivers or attack houses in inhabited areas. If you really think that Palestinians who watch their people being attacked and killed by American-made helicopters and jets hate us because we are rich, you need to pay more attention. Not that any of this justifies todays events. But, Palestinians have quite valid reasons for disliking the US. And, as a democrocy, we do bear responsibility for the actions of our leaders. So perhaps you should pay more attention to what our leaders are doing in our name and vote accordingly.
Given that they seem to have had absolutely no clue at all, I would say they don't seem very necessary at all. In fact, they probably give us a false sense of security. Perhaps it's time for Americans to realize that the worlds largets military and largest spy organizations don't allow us to screw with the rest of the world with impunity.
Because if so, you have just commited a serious crime. One that is punishable by heavy duty jail time. By linking to a web site which distributed circumvention technology, you are just as guilty as the criminals who are distributing the circumvention tech. At least according to the precedent set in the 2600 lawsuit.
I'm not going to deny that coffee is addictive. But, you should take into account that you are probably severly dehydrated when you are drinking 2 cups of coffee and a 6-pack of coke a day. Most Americans are chronically dehydrated. If you just cut out most of the coffee and cokes, and drank a lot of water, you would feel a lot better. And still have your morning cup of joe! That's what I do.
I agree completely. All government funded software should be public domain. I'm sick and tired of my tax dollars going to fund development of commercial software. This is nothing more than welfare for rich (and in the case of M$, criminal) organizations.
The main difference is that they address totally different security needs. Grsecurity is focused on preventing various common buffer overflows, race conditions, port scans, etc. It doesn't really do anything to make the basic Unix permissions any more fine grained than the currently are.
On the other hand, the SELinux is focused on exactly this. It allows you to specify much more finely grained permissions for users and processes. This actually complements the grsecurity work. SELinux is focused on minimizing or containing the damage that can be done with a given application. This can both minimize the things that a buffer overflow can do, and minimize the evil tricks that a user might be able to get away with using installed software. For example, a user could restrict what directories netscape is allowed to read and write to. Or an admin could restrict 'top' to opening the kernel read-only so that a buffer overflow wouldn't enable root access. Or preventing even 'root' from changing important system-level libraries and binaries.
All sorts of really neat things are possible. The downside of course, as you mentioned, is more complexity to administer. But it doesn't make sense to compare Grsecurity and SELinux. They address different security shortcoming of Linux.
I think the LED's are inherently more efficent than the fluorescent lamps currently in use. They will certainly be more durable and probably cheaper in quantity too.
I'm not really sure what the color flashing is for. Maybe you could use a monochrome LCD and cycle it while changing the colors to produce a full-color effect? That might be a lot more efficient than the current color-filters which absorb a lot of light I'm sure.
I have no doubt that you are right, and M$ probably will use the DMCA to try and stop any XBox hack. Exactly how they will justify it will be interesting, though. I mean, what copyrighted material would they be protecting? At best they could claim that they were protecting the BIOS. Such claims would be excellent for DMCA foes, since clearly there is no actual or even potential copyright infringment taking place. Unlike other DMCA cases, where the activities have created the possibility or even a likelihood of infringement, this potential case would have no such tarnish. It would be clear that the DMCA was being applied to enforce arbitrary use restrictions which have no basis in copyright law.
The main problem with the DMCA would be laid open for all to see: It allows copyright holders to legislate what is and is not "legal" use of their product, and summon the executive branch to enforce whatever "laws" they dream up.
Three others use exactly these words: "If the future is going to be as successful as the recent past, the technology sector must remain free from excess regulation."
Would that be the recent past, or the not-so-recent past? Because I think I speak for a lot of people when I say that the technology sector should not repeat its "success" of the last six months.
From the article:
If, or when one does, it will open a Pandora's box of ethical and philosophical questions. After all, if a computer is perceived to be as intelligent as a person, what is the difference between a smart computer and a human being?
and
"All of us strongly believe that machines are the next step in evolution," said Dunietz. "The distinction between real flesh and blood, old-fashioned and the new kind, will start to blur."
If these researchers get to the point where they can't see a moral difference between killing a person and turning off a computer, they need to get out of the lab more. What next, natural rights for computer programs? That's like inventing television, and then being unwilling to turn off the TV for fear of killing the little people inside. Rubbish.
TCP windows are probably a bad place. They tend to follow very well defined behavior, and often only change in direct response to other packets in the stream. For example, during a one-way bulk data transfer, the senders window will rarely change at all. The receivers window will usually change only by the amount of data received in a packet. All very very predictable.
Name one? What, is this some kind of joke? Have you even looked at the headline that you are posting under? Professor Felton was specifically threatened with "enforcement actions under the DMCA and possibly other federal laws." if he presented his paper which discussed how SDMI watermarking techniques worked. That's what this whole article is about! Jeez. Go back under your bridge, troll.
Ummm, where to start. Perhaps you should read the provisions of the DMCA. It does not address whether or not people are allowed to copy your works. At all. That's not what it does. That issue is addressed by copyright law. The DMCA does not change who is allowed to legally copy your works. So, as far as this debate is concerned, your whole second paragraph is irrelevant.
You've completely ignored the 1st amendment aspects of the law. Discussion of any technique which controls access to copyrighted material is banned. In your third paragraph you imply that freedom of speech is a perceived freedom of hackers and crackers. Fortunately, your disbelief in the Bill of Rights will not be a factor in court. Neither will your belief that Princeton Univerisity professors are crackers/hackers.
As to your belief in a median compromise, I agree wholeheartedly. The problem is that copyright law is based upon a balance between the rights of the copyright holders, and the rights of the people. The DMCA destroys this balance by allowing the copyright holders to enforce whatever restrictions the technology allows with no concern for the rights of the public. Copyright law, despite the name, doesn't even really address copying. It really only addresses distribution. I'm allowed to copy my books, my software, my music, whatever, as long as I don't distribute the copies. Most importantly, I can use the material I've purchased however I want. The DMCA allows restrictions not on distribution, but on the use, storage, and copying of media. Restrictions that copyright holders have never really had the right to. Moreover, it allows these restrictions to be imposed with no judicial or legislative oversight. It's as though the whole body of copyright law has been trumped by whatever technical measures the RIAA can manage to dream up. And if the technical measures don't really work, well that's OK because you can still have people locked up for discussing the fact that they don't work! If you think this is a balance, I'm curious if you realize that it's not a balanced one. One of the pans is pinned to the base by an 800lb gorilla named DMCA.
This is not about copying music. This is about free speech. This is about whether or not the government can throw you in jail for saying something simply because it might threaten the income of one of their corporate benefactors. If you want to maintain your upper-middle class status and not end up being a slave of some corporate run fascist government, you should try and look at the real issues here. Stop looking at the shiny distracting gadget which is the ability to copy music, and realize that the DMCA is the largest erosion of the 1st amendment in quite some time.
Channel coupling is a method of decreasing the bitrate while maintaining identical or similar quality. Vorbis supports multiple modes, from a "lossless stereo" to aggressive modes. The lossless mode produces greater compression with bit-for-bit identical output results to non-coupled modes. The more aggresive modes sacrifice some of the stereo separation in order to decrease the bitrate.
So, your question is a little silly. The whole point to having multiple bitrates is to allow the user to choose their preferred mix of quality and size. If an aggressive channel-coupling mode can provide significant size savings while having a minimal impact on quality, lots of people will find that worthwhile. And, as you would know if you read the link before posting, you don't have to sacrifice quality at all! Do you really need to ask why someone might want to encode in a mode which has a lower bitrate and identical quality?
I noticed this too. I'm curious what schools are pursuing this type of curriculum. When I was in school, it seemed like I was learning a new language for every class. Whatever language was most apropos was (usually) used. Freshman year Intro class? Pascal. Artificial Intelligence? Lisp. Operating Systems? C++ (that's a little odd, I admit.) Embedded Systems? 68K Assembly. Numerical Analysys? Mathmatica. The default of course was good old C, which I ended up doing a fair amount of.
Code Red will crash some Cisco 675 DSL routers. That's probably why they are calling.
What sophisticated equiment? These guys are using a laptop with a $100 802.11b card in it! Any card based on the Intersil Prism2 chipset will work. D-Link, Compaq. There's a bunch of them, and they tend to be the cheaper cards. They happened to use the Linksys. Since when is anything made by Linksys "sophisticated quitement that isn't readily available"! If you are talking about the antenna to pick up the signal at a distance, there are many ways to make a homemade antenna or convert an old dish for cheap.
You won't find many similarities. The paper that you link to documents a number of flaws in the way WEP is used. These are really generic flaws that apply to the use of any stream cipher. They are not RC4 specific, and focus on two main points. One, the IV is only 24 bits, so there are only 2^24th different key streams. Building a dictionary of all of these is quite doable in a reasonable amount of space. Also, the CRC check on WEP encrypted packets is linear. Bascially it means that you can flip bits in the packet, and know which bits to flip in the CRC portion of the packet so that it will be accepted as valid. This lets you do things like capture a packet, change it's destination address, and resend it. You can use this trick to get the AP to decode the packets for you. Quite slick. I don't know that anybody ever implemented any of these. And again, they are not RC4 specific, and tend to have certain practical problems. You pretty much have to have some knowledge about the network to begin these attacks, such as knowing what addresses are in use.
The new attack is a whole different game. It's based on a RC4 specific attack published by Scott Fluhrer, Itsik Mantin, and Adi Shamir (the 'S' in 'RSA'). It's titled Weaknesses in the Key Scheduling Algorithm of RC4. I don't have a URL offhand. Basically, RC4 has a lot of weak keys. If one of these keys is being used, then knowledge of a few key bits and the output of the cipher lets you determine a little bit more about the key bits you don't know. They theorized that WEP could be attacked with their method.
The latest paper discusses implementation of the new RC4 attack. In a nutshell, they could take the knowledge of the IV (which is used as 24 bits of the key) and the first byte of output from the cipher (easy to determine since all the packets are 802.2 encapsulated SNAP packets making the first byte 0xAA in ALL packets) to determine if the key was likely to be a weak key. They would analyze the packets whose IV indicated it is probably a weak key, and use that to determine the most likely value for the 'secret' key bits.
This is a slick attack for two reasons: it scales linearly with the size of the key. So, a 128-bit key is only about 3 times as hard to crack as a 40-bit key. Ouch. Also, it requires no previous knowledge of the network and is completely passive. Just sniff the packets until you know the key. They found it usually took about five or six million packets.
So, the newest paper is really new. None of the content is related to the paper you link to. It's not just a rehash. That's the amazing thing about WEP. It doesn't just have problems, it has a lot of them. If I had been on the design team, I would be embarrased to admit it. Almost every aspect of the protocol is broken. Almost any part that hadn't been probably will be soon.
You forgot at least one step. You do have the person read and understand the Makefile, right? I mean, you don't really expect them to "make install" without checking out what is going to happen first. Especially when it's a Makefile that's was stored remotely! Actually, you do mention "make -n" but only to see what's going on when things break.
The reality is that there is a certain level of trust involved in downloading and installing software. If a black hat wants to replace some well known installation package with a trojan, it doesn't really matter whether it's being installed via "lynx -source | sh" or "configure && make && make install". Some people will download the go-gnome.com script and check it out. Most won't. Some people look at Makefile's before they "make install". Most don't. make is just as powerful a scripting language as sh, so it's not like one is "safer" to run as root than another. I agree that it certainly feels as though one is safer than the other, but if you think about it for a little bit, they are basically equivalent. Actually, it's easy to prove that they are equivalent. A Makefile can execute any arbitrary shell script that happens to have been downloaded with the tarball. A shell script can include a Makefile which it saves and make's. Any task which can be performed with one can be performed with the other!
In the end, the go-gnome.com trick is a really easy way to bootstrap yourself into having Gnome running. It's something that anybody can run. And yes, they are putting a lot of trust in the source of the shell script. Just like they would be doing if they downloaded tarballs and compiled them. Two paths to the same place with equivalent risk levels. The difference is, a newbie user might get one of them to work. Unless things have changed drastically, trying to compile Gnome from scratch is a challenge even if you have a lot of Linux experience. Last time I tried it, I ended up chasing down to about third-order dependencies before giving up. I don't think a Linux newbie has a chance in hell of compiling Gnome from scratch.
but I can't do this. What's cool about this isn't the fact that they have figured out how to have a computer sort poker chips. It's the fact that they can do it by simply shaking the table! I challenge you to find any human that can simultaniously pass the salt to one end of the table while passing the pepper to the other end of the table by merely shaking it! There is nothing humanlike about this at all.
Here's a theory. Perhaps there is a connection to the fact that the media, especially broadcast media, is owned by the companies that paid for the DMCA? Do you really think Disney-owned ABC is going to come out against the DMCA? Do you really think AOL/Time/Warner, with membership in the RIAA the MPAA and the DVD-CCA, is going to come out against the DMCA? Maybe your local paper (which almost certainly is not locally owned) is slightly more likely to be critical of the DMCA. But more than likely they have their eye on eBook style protections for their own content.
Remember, the DMCA is a law written by and for media companies! A few articles have gotten out. The NYTimes for example has covered it. But the vast majority of the media has not. If you ever needed a clearer example of self-censorship, you probably won't find one.