Katz writes, "Anonymous posters have little credibility precisely because nobody knows who they are. For all their faults, journalists are accountable for the things they report. Anonymous posters have little credibility precisely because nobody knows who they are. For all their faults, journalists are accountable for the things they report."
The credibility of anonymous posters has less to do with "nobody knows who they are" and more to do with having no reputation capital. To borrow some Katz-isms, geeks build reputation capital by writing code and distributing it. Journalists build it by writing stories. You're judged by what you produce, and if you're truly anonymous, there's no basis for past comparison.
This does not apply only to anonymous posters. When Katz came to Slashdot, he had no reputation capital as far as I was concern. Heck, I thought he was a professional therapist who wiggled a lot, but that's Dr. Katz. He may be a journalist, but I'd never heard of him.
Which leads to my main point: Just because you're hearing it from someone who is a "credible journalist" doesn't mean you should accept it on it's face. Bad and even fraudulent journalism happens occassionally. I seem to remember one Pulitzer prize winner in the last decade that was later revealed to be a complete fabrication (some anti-drug piece). Reporters are supposed to verify their stories with multiple sources, doesn't always happen for various reasons.
In this respect, anonymous writers are no worse off than those with reputation capital: ALL reporting needs some form of independent verification before it should be considered credible. This is where the anonymity comes it: The well-known credible journalists sometimes can't get the story because no one is willing to talk to them, and then it takes the anonymous source to get enough information out for the regular journalists to investigate. Case in point: the previously-mentioned "Deep Throat" of Watergate.
(If there's a blank comment, sorry. I apparently hit return once too often and it made it submit. Probably not cancelled in time. Might I suggest, CmdrTaco, if you read this, reordering the Submit and Preview buttons, so that the worst-case is that the message gets previewed instead of submitted? I'm hoping the code rejects empty messages anyway.)
Dell, Compaq, Gateway, and IBM are all taking a beating from the new crop of cheap (under $600) PCs. Plus there is no big push to upgrade (there's a limit to how much slower and bloated Microsoft can make Windows on any given release). As a result, they have having to cut their profit margins considerably. One obvious way to save money is to stop sending it to Redmond whenever possible.
Another way to make money is in the server market, which all of the above are doing. They've also all made (or at least announced) some committment to Linux.
I'm sure there's a lot of internal e-mail floating around Microsoft right now that will greatly amuse us in 5-10 years.
You gotta figure, when they can't even spell "Torvalds" correctly, it's going to be bad. Outragously bad.
"Pale and wan?" I've got Enlightenment (with Absolute E), GNOME, and a couple of Eterms running right now, with a root background from Propaganda. Totally stable, and totally usable. Put that up against any Win98 desktop and you'll know the true meaning of "pale and wan".
I think we need to a habit of introducing Windoze lovers to our own Linux setups, just to see their reaction. Keep some anti-seizure drugs around, just in case.
(Anyone else think that RedHat 6.0 will have E/ShinyMetal as the standard window manager? Or will they stick to something a little more conservative, like WindowMaker, for the default? Hopefully not fvwm2; it's just way too Windoze-like.)
...is that the whole GNU project is, for all intents and purposes, his life's work. And he had most of the pieces, except for the one critical piece he needed. And then Linus comes along and wrecks the whole thing by supplying the missing piece.
"Wreck" might be too strong a word. Linus made the whole thing work, but in doing so wrecked RMS's plans for a complete FSF OS. Releasing the kernel under the GPL made things worse, in a sense: Had it been released under some other sort of license, there might be more of an excuse to reject it in favor of a GPL kernel, like Hurd. But since it was GPL, it made Hurd mostly, if not entirely, irrelevant. (Linus gives some pretty good arguments in his "Open Sources" chapter about why a microkernel-based system is likely to be inferior.)
RMS has a bit of a dilemma: The Linux kernel fufills the goal GNU, to create a free UNIX clone. But few people (Linus in particular) want to call it GNU/Linux. That seems unlikely to change, but RMS just won't let it go. I don't know if it's ego or just a desire to promote free software for it's own sake.
RMS does deserve respect for his and the FSF's accomplishments, and should continue to extole the virtues of free(d) software. But "GNU/Linux" is really a dead issue, and pursuing it is not going to be a productive use of time. Debian is GNU/Linux, and if that's what they want to call it, fine. I don't use Debian myself, though I respect what they do, but Linux is Linux, and that's not going to change.
On arrogance: Of course we're arrogant. And deservedly so. It's not our fault if people don't realize that yet. They'll learn eventually.
When the going gets tough and the stomach acids flow The cold wind of conformity is nipping at your nose When some trendy new atrocity has brought you to your knees Come with us, we'll sail the Seas of Cheese... -- Primus
Apparently it is possible for someone (probably Rob) to nuke messages completely. When I posted the preceeding, there was "First Post" message. Now gone, and I'm running at a threshold of -1. This particular message was no great loss, but obviously if "First Post" messages can be nuked, so can others. This would seem to be an "undocumented feature". This seems to be inconsistent with the described moderation features, so it seems reasonable to infer that only a very few people have it.
I still have reservations about being able to lower scores; "first posts" are unlikely to have increased scores. However, having a lower limit of -1 seems like it should stop the would-be censors. I would still prefer a lower limit of zero so that you would see everything by default. And all posts should start at zero, regardless of whether or not you are anonymous. The upper limit is not so important but I can see the technical reasons for it being there.
1) It discriminates unfairly against anonymous posters for no more reason than they prefer not to be identified (an automatic one-point penalty).
2) Whether or not a post survives to be read is primarily a popularity contest among moderators. I've seen several reports, which I believe, of posts being scored downwards for no obvious reason.
3) Negatively-scored posts are hard to find. Yes, you can set your default threshold to be very low so that you should be able to, theoretically, see everything. That is, IF you log in. Otherwise, you are stuck with adjusting it through the link on each article. And the interface only allows for going up or down one point at a time (yeah, you can rewrite the URL, but that's besides the point).
With some very small changes, this could be a fair system:
1) All comments start with a score of zero, regardless of identification.
2) Scores are non-negative.
3) Moderators can only increase a comment's score. I.e., as one poster suggested, treat the points as currency. Generally you are free to give away currency but not take it away...
Thus, default settings will show all posts. Flame/noise posts are not a big problem unless there are a lot of comments on an article. When there are too many to consider, knock the threshold up by one until it's more reasonable.
I won't/can't take credit for all these ideas. However, this is a workable combination which seems fair to everyone and doesn't allow censorship by moderators. It can also be implemented very, very easily. If anything, doing it this way is less CPU-intensive than the current way (no need to test if the user is anonymous or not for initial score; no button for negative scoring).
Even if they do log, then the ones who want the info now have to subpeona the proxy to find you, which could take a while. And the magusnet.com proxy chains through another proxy to boot, so now that's three subpeonas you've got to issue, in sequence, and the logs may no longer be around at that point. And this assumes you aren't making longer proxy chains, which you can do. This whole Yahoo thing has been going on for weeks now. Plus subpeonas generally have to be issued within the jurisdiction that they take effect. So now maybe they have to go to another state or another country, which takes time and money.
Don't put all your faith in proxies, but they do help, even if they do log.
DO NOT KEEP RECORDS. If you keep records, you can be ordered by a court to turn them over. Nothing REQUIRES you to keep records. Do not keep them.
In any case, Yahoo is not being sued. Their users are being sued, as soon as their identities can be determined. In an analogous situation, Slashdot would not be sued, but you might be ordered to turn over records. Check out what's left of the original CDA. Under that law, you are an interactive service provider, and interactive service providers are specifically EXEMPTED from being held responsible for things that their USERS say. This law has been tested a couple of times in court, once at least with AOL, and the ruling of the court was that the provider (AOL) was not responsible for things that their user said. I know Wired at least covered this.
Do not keep records, and make it well-known that you do not keep records. That is your best defense and one employed by anonymous remailer operators. If you keep records, you are a TARGET, and soon a victim of, well, you know.
Microsoft may be the 800-pound gorilla, but IBM is King Fscking Kong. I guess it really is true: Be careful what you wish for; you may get it. World domination, here we come, if we aren't squashed in the process. It's going to be an interesting year.
The COPYING file in the Linux source tree is helpful:
NOTE! This copyright does *not* cover user programs that use kernel services by normal system calls - this is merely considered normal use of the kernel, and does *not* fall under the heading of "derived work". Also note that the GPL below is copyrighted by the Free Software Foundation, but the instance of code that it refers to (the Linux kernel) is copyrighted by me and others who actually wrote it.
Linus Torvalds
----------------------------------------
GNU GENERAL PUBLIC LICENSE Version 2, June 1991
[I won't reproduce the rest of it here.]
Which brings up the question: Does the term "user programs" also include modules? Obviously a module runs in kernel space, but for the same reason can't use "normal system calls". I think that passage was probably written to reassure developers that they could write proprietary apps. And supposedly Linus has given the okay to proprietary modules, so long as they don't require kernel modifications.
The MOSIX developers are walking a very thin line here. They have a proprietary module that requires kernel mods, but the kernel mods themselves are GPL'd. OTOH, it sounds like the only mods they are making are in adding a/proc interface. It's too bad there's no method of having a module make additions to/proc when it is loaded. We could avoid the whole issue that way. Looks like maybe it could be done with a proc_register() call, but then I'm no kernel hacker.
The real danger is if you are running stuff as root out of inetd. finger seems to have this problem on RedHat. qmail takes the correct approach: Use timeouts on all I/O, run as a user process only, and use tcpserver instead of inetd to limit number of connections. If you are running stuff out of inetd, make sure it at least uses an inactivity timeout.
In any case, finding the attacker is real easy. It's a suicide crack.
Some individual services may be somewhat lame in this respect, but that hardly makes it a UNIX flaw. It's an application problem.
Read the thread. RPM DOES build on an existing tool. It's called "cpio". Read your man page, it's a standard UNIX utility. And RedHat supplies rpm2cpio so those who are inclined can read just the cpio parts.
What's next, flaming.tar files for only being readable by tar? Oops, not true: cpio can read.tar files.
You are correct, in that if you already have some investment in using Solaris, this is pretty good news, because you'll get bug fixes quicker. The point is, I do not think this will attract new users to Solaris or inspire the sort of development that Linux currently enjoys.
I think the old cliche applies here:
Why buy the cow when you can get the milk for free?
(cow == "commiting to full open source model", milk == "hackers debugging your code")
i.e., with community source, someone is givin' it away, and it ain't Sun.
So Sun basically is trying to get the best of both worlds: Getting hundreds of hackers to debug your source code for free (freed software world), and getting a piece of the action for every copy sold (un-free software world).
Somehow, I do not think developers will be throwing themselves at Sun like armadillos into oncoming cars to take them up on this offer. I guess it depends on how big a cut Sun wants, and if it's set in advance of you developing your product, or after.
(For the unaware, the armadillo looks like an armored rat and is about the size of a small dog, but is low to the ground -- low enough to pass unscathed under some cars and most larger vehicles -- but it's defense mechanism is to jump straight up into the air where they are invariably killed, victims of... well, you know.)
I see a lot of/.ers spouting that spam is commercial speech, so it isn't protected by the first amendement. This is dead WRONG. Granted, it does not get the same degree of protection as politcal speech. Think about this: If commercial speech had no first amendment protection, then the selling of books could be regulated or banned.
Advertising and other communications proposing commercial transactions between the speaker and listener are not fully protected by the First Amendment. Generally, the Supreme Court has said that commercial speech may be restrained if it is false, misleading or concerns unlawful activity. Any governmental restraint must advance a substantial public interest and must not be more extensive than necessary to serve that interest.
Now although the content of the spam is sometimes going to be protected (there's a lot promoting all sorts of bogus crap, which would not be protected), the methodology for sending spam is not always legal. If you are relaying off someone server without permission, you are committing theft of service. IANAL, and theft of service may or may not be a criminal offense, but would at least by actionable in a civil case. Sending spam without using a relay is almost certainly going to be a violation of contract with the ISP (terms of service almost always prohibit spamming), and this is enforcable by the courts. Some of these spammers get throwaway accounts using stolen credit cards. Guess what, that's also already a crime in and of itself.
And as someone else has pointed out, the law doesn't prohibit spamming at all. You can still spam using a throwaway ISP account, start up a HotMail account to direct bounces or send remove requests to (it's a real place to receive e-mail that you control, so it probably is within the law), and spam until you get cancelled without much worry about being arrested.
What's more, the spammers who do this for a living aren't going to be hurt by this. They'll have lawyers and if they're careful in how they spam, they'll get away with it.
Basically, this is about as bad as the anti-spam bill that (fortunately) died in congress last year in that both essentially legitimize the practice of spamming. I sure which I had a dollar for every spam I received that claimed they were an "ethical bulk e-mailer" (oxymoron) in compliance with S.1618, the Murkokowski bill. Barf. I'm already seeing the same spiel for California and Washington.
Regulating spammers will help spammers, and will probably hurt everyone else in the long run. Spammers should be stopped, but through Terms of Service agreements and theft-of-service prosecution.
Of course you can yell "fire!" in a crowded public area and get away with it. Especially if it's on fire.
The judge who wrote the whole "shouting 'fire' in a crowded theater" thing changed his mind a few days later, but some folks just love to quote it anyway. Also, I'm familar with the Bill of Rights, but I've yet to see anyone produce the much-touted Bill of Responsibilities.
There are plenty of legal remedies against spammers already using existing law.
And, if your mail server really got hijacked by spammers, you have only me to blame.
You can't reasonably expect to kill 100% of it without some pretty undesirable side-effects.
The solution is not to simply hit the DELETE button (the spammer's solution) nor create new crimes. Virtually every ISP out there has an anti-spam policy. Use it: Read the headers, find the guy's ISP, send them the spam, and he's cancelled, and hopefully out some money. Though please: Make sure the spam is fresh! Reporting old spams just wastes the ISP's time. Figure a spammer sends to 50,000 people in an hour. You've gotta figure at least a couple are going to see the message immediately or within an hour or two and report it. If you don't read your mail over the weekend and notice you have a spam from friday night, forget it: The spammer was probably cancelled saturday morning.
Spam can already be dealt with by enforcing contracts with terms of service and with civil lawsuits on the basis of theft of service.
Of course, if you are running an open relay and someone uses it to spam the world, then you're just a victim of your own stupidity.
Sure, in a real world political situation, anarchy is generally a Bad Thing. Nature generally abhors a vacuum, particularly a power vacuum, and there's probably always going to be someone around to fill that vacuum when it appears. For a good sci-fi treatment, try Larry Niven's short story "Cloak of Anarchy" which I think may be in "Tales of Known Space".
It's no different in a large-scale closed source development project. You will have power struggles among the developers, even with a strong project manager, resulting from differences of opinions on how the project should proceed or how it should be implemented.
But, in an open source project, these problems can't kill you. They can delay progress somewhat, but the project itself can't be killed if the source code is already out there. The worst case scenario is that you get a code fork, and that's hardly a disaster with open source. From a traditional business viewpoint, it's horrible, because you're paying for two competing projects.
Suppose for example Linus and Alan Cox had some insurmountable difference about the kernel architecture (this is a pure hypothetical example). Alan could start his own branch of kernel development based on Linux 2.2, and he could probably attract some other developers. He'd have to call it something other than Linux, of course, and not Alanix either, because that sucks. This is probably not a great thing for kernel development, but probably not a disaster so long as Alan doesn't do something crazy like abandon Posix.
You could also look at Linux vs. FreeBSD, which are competing projects. Fortunately, applications tend to be pretty portable between the two.
Part of the beauty of open source is, if the main developer says, "It's my way, or the highway," you can take the highway, and the code, and not have to start over completely from scratch.
Okay, sure, these little feuds and personality clashes aren't very helpful. The upside is, they don't kill us or our projects.
Then you encase your keyboard in an opaque box, which can double as a faraday cage. And you turn the ceiling fan on high along with your HEPA filter. Or you use something other than a passphrase -- dare I suggest -- some sort of biometric data.
Circumventors will always find a way in due time, and hey, according to Brin, if you outlaw the circumvention technology, it'll move underground and then only the elite groups will have them. But that's okay, because the more instrusive this stuff becomes (like gnat-bot cameras), the more expensive and difficult it becomes to circumvent. And guess who benefits? Yep, the elite groups, those with the money and power.
It seems to be a general rule that whenver you introduce some new law, regulation, or restriction upon society, the more powerful groups are always the ones who most benefit from it. Take a look at the recent enforcement regarding underground gasoline storage tanks. The regulations have been around for about 10 years requiring all operators to replace their underground tanks and replace them with tanks which have monitoring equipment for detecting leaks. They just went into force the end of December, and because of this, about 20,000 rural gas stations have had to close. Search CNN.com for "rural gas stations". So who either benefited most or got hurt the least? The big oil companies. And the little guys, the independent dealers, got screwed. They can't afford to pay $100,000 to "upgrade" their tanks, and the big guys can.
Same deal here. The more surveillance there is, the more the elite groups can circumvent it relative to the ordinary person.
P.S. AFAIK, AES is no good anyway. I think the algorithm's secret, so there's no good way to judge it's security. Anyone know more?
He frets about the elite groups being the only ones with access if the technology is forced underground, so he counters this by giving everyone access to a zillion times more info than they would have had otherwise, INCLUDING the elite groups, which will be the only ones the with resources to do any useful analysis on it (data-mining).
This is kinda like, "Nuclear weapons in the hands of elite groups will destroy the world, so let's counter this by issuing everybody their own personal H-bomb."
There error density in the article is unacceptably high...
"However, Linux 2.0 lacks the following features:
"* video card support" ??? "* Wireless LAN support" http://www.rage.net/wireless/wireless_howto.html Plus 2.2 most definitely has wireless LAN support. "* good selection of productivity software" Depends on your definitions here, but that will be a hard position to take in a year.
"UNIX has more than 10 million lines of code, while Linux has only 1.5 million," so Linux has a higher error density (errors per lines of code). Where is he getting this numbers? Is he just counting the kernel? If so, he is probably undercounting severely. No way is a typical UNIX kernel that much larger. If he is counting utilities, then he is way underestimating. Either way, it's a completely bogus comparison. In the text, he is supposedly comparing utilites.
Okay, by my count (using find, wc, and python) on/usr/src/linux and *.[ch], Linux 2.2.1 has 1604504 lines of code. Throw.S files in there and the total swells to 1676913 lines of code.
Now the RedHat 5.2 CD #2 with all the SRPMS is a couple hundred megs. I'd pop it in and find out the exact number, but I don't have it handy. It's got to be at least 300 MB, at a guess. Taking into account roughly the same compression rate as the 2.2 kernel src (about one line per 7 bytes), that's 42 million lines of code for RedHat. It's a guestimate, but at worse I figure +/- 10 million lines, but easily as much as UNIX (whatever UNIX he's talking about where you can count lines of code). SuSE is substantially larger.
He also assumes that the Linux (apparently kernel) code base will continue to grow exponentially in terms of lines of code and will be as bloated as NT (and where will NT be?). A lot of those lines of code go into supporting different platforms and drivers. I suspect maybe 25% of it or less is actually used on any given platform. How many platforms does NT support? (Two, if you count token Alpha support.)
There's more, but basically the bottom line is: This guy is totally smoking crack or something. Oh wait, I get it now! He's dropping acid! That's why Linux doesn't pass the "acid test": He popped a couple microdots and Linux didn't sing a pizza into his nose or something. Bad trip, man!
it's obvious from the Slashdot code and the schemas that he can do this with little effort. He could this retroactively for several months if he wanted to. So why is he saying otherwise?
I'm certainly NOT saying he SHOULD do anything like this. Far from it. I'm saying, his source tarball makes it obvious that he COULD do this, so what's with the "I wish..." baloney?
No need to trust me, just click that little code link on the left side of your screen.
Makes me wish I logged anonymous coward activity so that I could find out how much is coming from tide*.microsoft.com.
Oh, really? Couldn't you just do this:
SELECT cid, host_name FROM comments WHERE name="Anonymous Coward" WHERE sid IN (SELECT sid FROM articles WHERE tid="microsoft");
The actual value of tid may not be microsoft, and MySQL won't do sub-selects, but it doesn't take a rocket scientist to figure it out from your schemas. # MySQL dump 4.0 # # Host: localhost Database: slashdot #------------------------------------------------- -------
# # Table structure for table 'comments' # CREATE TABLE comments ( sid varchar(30) DEFAULT '' NOT NULL, cid int(15) DEFAULT '0' NOT NULL, pid int(15) DEFAULT '0' NOT NULL, date datetime, name varchar(50) DEFAULT '' NOT NULL, email varchar(50), host_name varchar(50), url varchar(50), rank int(1), subject varchar(50) DEFAULT '' NOT NULL, comment text DEFAULT '' NOT NULL, pending int(1) DEFAULT '0', PRIMARY KEY (sid,cid) );
Then, for the lazy, grep for microsoft, if that's all you're really interested in.
Slashdot Mirror
Katz writes, "Anonymous posters have little credibility precisely because nobody knows who they are. For all their faults, journalists are accountable for the things they report. Anonymous posters have little credibility precisely because nobody knows who they are. For all their faults, journalists are accountable for the things they report."
The credibility of anonymous posters has less to do with "nobody knows who they are" and more to do with having no reputation capital. To borrow some Katz-isms, geeks build reputation capital by writing code and distributing it. Journalists build it by writing stories. You're judged by what you produce, and if you're truly anonymous, there's no basis for past comparison.
This does not apply only to anonymous posters. When Katz came to Slashdot, he had no reputation capital as far as I was concern. Heck, I thought he was a professional therapist who wiggled a lot, but that's Dr. Katz. He may be a journalist, but I'd never heard of him.
Which leads to my main point: Just because you're hearing it from someone who is a "credible journalist" doesn't mean you should accept it on it's face. Bad and even fraudulent journalism happens occassionally. I seem to remember one Pulitzer prize winner in the last decade that was later revealed to be a complete fabrication (some anti-drug piece). Reporters are supposed to verify their stories with multiple sources, doesn't always happen for various reasons.
In this respect, anonymous writers are no worse off than those with reputation capital: ALL reporting needs some form of independent verification before it should be considered credible. This is where the anonymity comes it: The well-known credible journalists sometimes can't get the story because no one is willing to talk to them, and then it takes the anonymous source to get enough information out for the regular journalists to investigate. Case in point: the previously-mentioned "Deep Throat" of Watergate.
(If there's a blank comment, sorry. I apparently hit return once too often and it made it submit. Probably not cancelled in time. Might I suggest, CmdrTaco, if you read this, reordering the Submit and Preview buttons, so that the worst-case is that the message gets previewed instead of submitted? I'm hoping the code rejects empty messages anyway.)
Dell, Compaq, Gateway, and IBM are all taking a beating from the new crop of cheap (under $600) PCs. Plus there is no big push to upgrade (there's a limit to how much slower and bloated Microsoft can make Windows on any given release). As a result, they have having to cut their profit margins considerably. One obvious way to save money is to stop sending it to Redmond whenever possible.
Another way to make money is in the server market, which all of the above are doing. They've also all made (or at least announced) some committment to Linux.
I'm sure there's a lot of internal e-mail floating around Microsoft right now that will greatly amuse us in 5-10 years.
like "Debbie Does Dallas".
You gotta figure, when they can't even spell "Torvalds" correctly, it's going to be bad. Outragously bad.
"Pale and wan?" I've got Enlightenment (with Absolute E), GNOME, and a couple of Eterms running right now, with a root background from Propaganda. Totally stable, and totally usable. Put that up against any Win98 desktop and you'll know the true meaning of "pale and wan".
I think we need to a habit of introducing Windoze lovers to our own Linux setups, just to see their reaction. Keep some anti-seizure drugs around, just in case.
(Anyone else think that RedHat 6.0 will have E/ShinyMetal as the standard window manager? Or will they stick to something a little more conservative, like WindowMaker, for the default? Hopefully not fvwm2; it's just way too Windoze-like.)
...is that the whole GNU project is, for all intents and purposes, his life's work. And he had most of the pieces, except for the one critical piece he needed. And then Linus comes along and wrecks the whole thing by supplying the missing piece.
"Wreck" might be too strong a word. Linus made the whole thing work, but in doing so wrecked RMS's plans for a complete FSF OS. Releasing the kernel under the GPL made things worse, in a sense: Had it been released under some other sort of license, there might be more of an excuse to reject it in favor of a GPL kernel, like Hurd. But since it was GPL, it made Hurd mostly, if not entirely, irrelevant. (Linus gives some pretty good arguments in his "Open Sources" chapter about why a microkernel-based system is likely to be inferior.)
RMS has a bit of a dilemma: The Linux kernel fufills the goal GNU, to create a free UNIX clone. But few people (Linus in particular) want to call it GNU/Linux. That seems unlikely to change, but RMS just won't let it go. I don't know if it's ego or just a desire to promote free software for it's own sake.
RMS does deserve respect for his and the FSF's accomplishments, and should continue to extole the virtues of free(d) software. But "GNU/Linux" is really a dead issue, and pursuing it is not going to be a productive use of time. Debian is GNU/Linux, and if that's what they want to call it, fine. I don't use Debian myself, though I respect what they do, but Linux is Linux, and that's not going to change.
On arrogance: Of course we're arrogant. And deservedly so. It's not our fault if people don't realize that yet. They'll learn eventually.
When the going gets tough
and the stomach acids flow
The cold wind of conformity
is nipping at your nose
When some trendy new atrocity
has brought you to your knees
Come with us, we'll sail the
Seas of Cheese... -- Primus
Apparently it is possible for someone (probably Rob) to nuke messages completely. When I posted the preceeding, there was "First Post" message. Now gone, and I'm running at a threshold of -1. This particular message was no great loss, but obviously if "First Post" messages can be nuked, so can others. This would seem to be an "undocumented feature". This seems to be inconsistent with the described moderation features, so it seems reasonable to infer that only a very few people have it.
Expiring minds want to know.
I still have reservations about being able to lower scores; "first posts" are unlikely to have increased scores. However, having a lower limit of -1 seems like it should stop the would-be censors. I would still prefer a lower limit of zero so that you would see everything by default. And all posts should start at zero, regardless of whether or not you are anonymous. The upper limit is not so important but I can see the technical reasons for it being there.
And it bites for several reasons:
1) It discriminates unfairly against anonymous posters for no more reason than they prefer not to be identified (an automatic one-point penalty).
2) Whether or not a post survives to be read is primarily a popularity contest among moderators. I've seen several reports, which I believe, of posts being scored downwards for no obvious reason.
3) Negatively-scored posts are hard to find. Yes, you can set your default threshold to be very low so that you should be able to, theoretically, see everything. That is, IF you log in. Otherwise, you are stuck with adjusting it through the link on each article. And the interface only allows for going up or down one point at a time (yeah, you can rewrite the URL, but that's besides the point).
With some very small changes, this could be a fair system:
1) All comments start with a score of zero, regardless of identification.
2) Scores are non-negative.
3) Moderators can only increase a comment's score. I.e., as one poster suggested, treat the points as currency. Generally you are free to give away currency but not take it away...
Thus, default settings will show all posts. Flame/noise posts are not a big problem unless there are a lot of comments on an article. When there are too many to consider, knock the threshold up by one until it's more reasonable.
I won't/can't take credit for all these ideas. However, this is a workable combination which seems fair to everyone and doesn't allow censorship by moderators. It can also be implemented very, very easily. If anything, doing it this way is less CPU-intensive than the current way (no need to test if the user is anonymous or not for initial score; no button for negative scoring).
Even if they do log, then the ones who want the info now have to subpeona the proxy to find you, which could take a while. And the magusnet.com proxy chains through another proxy to boot, so now that's three subpeonas you've got to issue, in sequence, and the logs may no longer be around at that point. And this assumes you aren't making longer proxy chains, which you can do. This whole Yahoo thing has been going on for weeks now. Plus subpeonas generally have to be issued within the jurisdiction that they take effect. So now maybe they have to go to another state or another country, which takes time and money.
Don't put all your faith in proxies, but they do help, even if they do log.
DO NOT KEEP RECORDS. If you keep records, you can be ordered by a court to turn them over. Nothing REQUIRES you to keep records. Do not keep them.
In any case, Yahoo is not being sued. Their users are being sued, as soon as their identities can be determined. In an analogous situation, Slashdot would not be sued, but you might be ordered to turn over records. Check out what's left of the original CDA. Under that law, you are an interactive service provider, and interactive service providers are specifically EXEMPTED from being held responsible for things that their USERS say. This law has been tested a couple of times in court, once at least with AOL, and the ruling of the court was that the provider (AOL) was not responsible for things that their user said. I know Wired at least covered this.
Do not keep records, and make it well-known that you do not keep records. That is your best defense and one employed by anonymous remailer operators. If you keep records, you are a TARGET, and soon a victim of, well, you know.
Microsoft may be the 800-pound gorilla, but IBM is King Fscking Kong. I guess it really is true: Be careful what you wish for; you may get it. World domination, here we come, if we aren't squashed in the process. It's going to be an interesting year.
Watch this page
(And that's a pun, not an error.)
The COPYING file in the Linux source tree is helpful:
/proc interface. It's too bad there's no method of having a module make additions to /proc when it is loaded. We could avoid the whole issue that way. Looks like maybe it could be done with a proc_register() call, but then I'm no kernel hacker.
NOTE! This copyright does *not* cover user programs that use kernel
services by normal system calls - this is merely considered normal use
of the kernel, and does *not* fall under the heading of "derived work".
Also note that the GPL below is copyrighted by the Free Software
Foundation, but the instance of code that it refers to (the Linux
kernel) is copyrighted by me and others who actually wrote it.
Linus Torvalds
----------------------------------------
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
[I won't reproduce the rest of it here.]
Which brings up the question: Does the term "user programs" also include modules? Obviously a module runs in kernel space, but for the same reason can't use "normal system calls". I think that passage was probably written to reassure developers that they could write proprietary apps. And supposedly Linus has given the okay to proprietary modules, so long as they don't require kernel modifications.
The MOSIX developers are walking a very thin line here. They have a proprietary module that requires kernel mods, but the kernel mods themselves are GPL'd. OTOH, it sounds like the only mods they are making are in adding a
Linux defines in (2.2.x):
/* On x86 Max 4092, or 4090 w/APM configured. */
#define NR_TASKS 512
#define MAX_TASKS_PER_USER (NR_TASKS/2)
#define MIN_TASKS_LEFT_FOR_ROOT 4
The real danger is if you are running stuff as root out of inetd. finger seems to have this problem on RedHat. qmail takes the correct approach: Use timeouts on all I/O, run as a user process only, and use tcpserver instead of inetd to limit number of connections. If you are running stuff out of inetd, make sure it at least uses an inactivity timeout.
In any case, finding the attacker is real easy. It's a suicide crack.
Some individual services may be somewhat lame in this respect, but that hardly makes it a UNIX flaw. It's an application problem.
Read the thread. RPM DOES build on an existing tool. It's called "cpio". Read your man page, it's a standard UNIX utility. And RedHat supplies rpm2cpio so those who are inclined can read just the cpio parts.
.tar files for only being readable by tar? Oops, not true: cpio can read .tar files.
What's next, flaming
"Bend Over, Boy, Because You Have It Coming To You."
You are correct, in that if you already have some investment in using Solaris, this is pretty good news, because you'll get bug fixes quicker. The point is, I do not think this will attract new users to Solaris or inspire the sort of development that Linux currently enjoys.
I think the old cliche applies here:
Why buy the cow when you can get the milk for free?
(cow == "commiting to full open source model", milk == "hackers debugging your code")
i.e., with community source, someone is givin' it away, and it ain't Sun.
So Sun basically is trying to get the best of both worlds: Getting hundreds of hackers to debug your source code for free (freed software world), and getting a piece of the action for every copy sold (un-free software world).
Somehow, I do not think developers will be throwing themselves at Sun like armadillos into oncoming cars to take them up on this offer. I guess it depends on how big a cut Sun wants, and if it's set in advance of you developing your product, or after.
(For the unaware, the armadillo looks like an armored rat and is about the size of a small dog, but is low to the ground -- low enough to pass unscathed under some cars and most larger vehicles -- but it's defense mechanism is to jump straight up into the air where they are invariably killed, victims of... well, you know.)
Got your attention? Good.
I see a lot of /.ers spouting that spam is commercial speech, so it isn't protected by the first amendement. This is dead WRONG. Granted, it does not get the same degree of protection as politcal speech. Think about this: If commercial speech had no first amendment protection, then the selling of books could be regulated or banned.
From this page
Need more info? Search Google!
Now although the content of the spam is sometimes going to be protected (there's a lot promoting all sorts of bogus crap, which would not be protected), the methodology for sending spam is not always legal. If you are relaying off someone server without permission, you are committing theft of service. IANAL, and theft of service may or may not be a criminal offense, but would at least by actionable in a civil case. Sending spam without using a relay is almost certainly going to be a violation of contract with the ISP (terms of service almost always prohibit spamming), and this is enforcable by the courts. Some of these spammers get throwaway accounts using stolen credit cards. Guess what, that's also already a crime in and of itself.
And as someone else has pointed out, the law doesn't prohibit spamming at all. You can still spam using a throwaway ISP account, start up a HotMail account to direct bounces or send remove requests to (it's a real place to receive e-mail that you control, so it probably is within the law), and spam until you get cancelled without much worry about being arrested.
What's more, the spammers who do this for a living aren't going to be hurt by this. They'll have lawyers and if they're careful in how they spam, they'll get away with it.
Basically, this is about as bad as the anti-spam bill that (fortunately) died in congress last year in that both essentially legitimize the practice of spamming. I sure which I had a dollar for every spam I received that claimed they were an "ethical bulk e-mailer" (oxymoron) in compliance with S.1618, the Murkokowski bill. Barf. I'm already seeing the same spiel for California and Washington.
Regulating spammers will help spammers, and will probably hurt everyone else in the long run. Spammers should be stopped, but through Terms of Service agreements and theft-of-service prosecution.
Of course you can yell "fire!" in a crowded public area and get away with it. Especially if it's on fire.
The judge who wrote the whole "shouting 'fire' in a crowded theater" thing changed his mind a few days later, but some folks just love to quote it anyway. Also, I'm familar with the Bill of Rights, but I've yet to see anyone produce the much-touted Bill of Responsibilities.
There are plenty of legal remedies against spammers already using existing law.
And, if your mail server really got hijacked by spammers, you have only me to blame.
You can't reasonably expect to kill 100% of it without some pretty undesirable side-effects.
The solution is not to simply hit the DELETE button (the spammer's solution) nor create new crimes. Virtually every ISP out there has an anti-spam policy. Use it: Read the headers, find the guy's ISP, send them the spam, and he's cancelled, and hopefully out some money. Though please: Make sure the spam is fresh! Reporting old spams just wastes the ISP's time. Figure a spammer sends to 50,000 people in an hour. You've gotta figure at least a couple are going to see the message immediately or within an hour or two and report it. If you don't read your mail over the weekend and notice you have a spam from friday night, forget it: The spammer was probably cancelled saturday morning.
Spam can already be dealt with by enforcing contracts with terms of service and with civil lawsuits on the basis of theft of service.
Of course, if you are running an open relay and someone uses it to spam the world, then you're just a victim of your own stupidity.
But it's a GOOD sort of anarchy.
Sure, in a real world political situation, anarchy is generally a Bad Thing. Nature generally abhors a vacuum, particularly a power vacuum, and there's probably always going to be someone around to fill that vacuum when it appears. For a good sci-fi treatment, try Larry Niven's short story "Cloak of Anarchy" which I think may be in "Tales of Known Space".
It's no different in a large-scale closed source development project. You will have power struggles among the developers, even with a strong project manager, resulting from differences of opinions on how the project should proceed or how it should be implemented.
But, in an open source project, these problems can't kill you. They can delay progress somewhat, but the project itself can't be killed if the source code is already out there. The worst case scenario is that you get a code fork, and that's hardly a disaster with open source. From a traditional business viewpoint, it's horrible, because you're paying for two competing projects.
Suppose for example Linus and Alan Cox had some insurmountable difference about the kernel architecture (this is a pure hypothetical example). Alan could start his own branch of kernel development based on Linux 2.2, and he could probably attract some other developers. He'd have to call it something other than Linux, of course, and not Alanix either, because that sucks. This is probably not a great thing for kernel development, but probably not a disaster so long as Alan doesn't do something crazy like abandon Posix.
You could also look at Linux vs. FreeBSD, which are competing projects. Fortunately, applications tend to be pretty portable between the two.
Part of the beauty of open source is, if the main developer says, "It's my way, or the highway," you can take the highway, and the code, and not have to start over completely from scratch.
Okay, sure, these little feuds and personality clashes aren't very helpful. The upside is, they don't kill us or our projects.
Then you encase your keyboard in an opaque box, which can double as a faraday cage. And you turn the ceiling fan on high along with your HEPA filter. Or you use something other than a passphrase -- dare I suggest -- some sort of biometric data.
Circumventors will always find a way in due time, and hey, according to Brin, if you outlaw the circumvention technology, it'll move underground and then only the elite groups will have them. But that's okay, because the more instrusive this stuff becomes (like gnat-bot cameras), the more expensive and difficult it becomes to circumvent. And guess who benefits? Yep, the elite groups, those with the money and power.
It seems to be a general rule that whenver you introduce some new law, regulation, or restriction upon society, the more powerful groups are always the ones who most benefit from it. Take a look at the recent enforcement regarding underground gasoline storage tanks. The regulations have been around for about 10 years requiring all operators to replace their underground tanks and replace them with tanks which have monitoring equipment for detecting leaks. They just went into force the end of December, and because of this, about 20,000 rural gas stations have had to close. Search CNN.com for "rural gas stations". So who either benefited most or got hurt the least? The big oil companies. And the little guys, the independent dealers, got screwed. They can't afford to pay $100,000 to "upgrade" their tanks, and the big guys can.
Same deal here. The more surveillance there is, the more the elite groups can circumvent it relative to the ordinary person.
P.S. AFAIK, AES is no good anyway. I think the algorithm's secret, so there's no good way to judge it's security. Anyone know more?
He frets about the elite groups being the only ones with access if the technology is forced underground, so he counters this by giving everyone access to a zillion times more info than they would have had otherwise, INCLUDING the elite groups, which will be the only ones the with resources to do any useful analysis on it (data-mining).
This is kinda like, "Nuclear weapons in the hands of elite groups will destroy the world, so let's counter this by issuing everybody their own personal H-bomb."
There error density in the article is unacceptably high...
/usr/src/linux and *.[ch], Linux 2.2.1 has 1604504 lines of code. Throw .S files in there and the total swells to 1676913 lines of code.
"However, Linux 2.0 lacks the following features:
"* video card support" ???
"* Wireless LAN support" http://www.rage.net/wireless/wireless_howto.html Plus 2.2 most definitely has wireless LAN support.
"* good selection of productivity software" Depends on your definitions here, but that will be a hard position to take in a year.
"UNIX has more than 10 million lines of code, while Linux has only 1.5 million," so Linux has a higher error density (errors per lines of code). Where is he getting this numbers? Is he just counting the kernel? If so, he is probably undercounting severely. No way is a typical UNIX kernel that much larger. If he is counting utilities, then he is way underestimating. Either way, it's a completely bogus comparison. In the text, he is supposedly comparing utilites.
Okay, by my count (using find, wc, and python) on
Now the RedHat 5.2 CD #2 with all the SRPMS is a couple hundred megs. I'd pop it in and find out the exact number, but I don't have it handy. It's got to be at least 300 MB, at a guess. Taking into account roughly the same compression rate as the 2.2 kernel src (about one line per 7 bytes), that's 42 million lines of code for RedHat. It's a guestimate, but at worse I figure +/- 10 million lines, but easily as much as UNIX (whatever UNIX he's talking about where you can count lines of code). SuSE is substantially larger.
He also assumes that the Linux (apparently kernel) code base will continue to grow exponentially in terms of lines of code and will be as bloated as NT (and where will NT be?). A lot of those lines of code go into supporting different platforms and drivers. I suspect maybe 25% of it or less is actually used on any given platform. How many platforms does NT support? (Two, if you count token Alpha support.)
There's more, but basically the bottom line is: This guy is totally smoking crack or something. Oh wait, I get it now! He's dropping acid! That's why Linux doesn't pass the "acid test": He popped a couple microdots and Linux didn't sing a pizza into his nose or something. Bad trip, man!
it's obvious from the Slashdot code and the schemas that he can do this with little effort. He could this retroactively for several months if he wanted to. So why is he saying otherwise?
I'm certainly NOT saying he SHOULD do anything like this. Far from it. I'm saying, his source tarball makes it obvious that he COULD do this, so what's with the "I wish..." baloney?
No need to trust me, just click that little code link on the left side of your screen.
Oh, really? Couldn't you just do this:
SELECT cid, host_name FROM comments WHERE name="Anonymous Coward"
WHERE sid IN (SELECT sid FROM articles WHERE tid="microsoft");
The actual value of tid may not be microsoft, and MySQL won't do sub-selects, but it doesn't take a rocket scientist to figure it out from your schemas.- -------
# MySQL dump 4.0
#
# Host: localhost Database: slashdot
#------------------------------------------------
#
# Table structure for table 'comments'
#
CREATE TABLE comments (
sid varchar(30) DEFAULT '' NOT NULL,
cid int(15) DEFAULT '0' NOT NULL,
pid int(15) DEFAULT '0' NOT NULL,
date datetime,
name varchar(50) DEFAULT '' NOT NULL,
email varchar(50),
host_name varchar(50),
url varchar(50),
rank int(1),
subject varchar(50) DEFAULT '' NOT NULL,
comment text DEFAULT '' NOT NULL,
pending int(1) DEFAULT '0',
PRIMARY KEY (sid,cid)
);
Then, for the lazy, grep for microsoft, if that's all you're really interested in.