Re:hmm nice.. now get some work done... right now!
on
Ximian gets new CEO
·
· Score: 3
This is what I've been able to pick up from rumors and inuendos on the various mailing lists:
Ximian could have released 1.4 shortly after the Gnome announcement, but let's think about what the 1.4 release meant. It meant that all the individual packages that make up Gnome were ready to release. It didn't mean that those packages played well together, or interacted in a way the user would expect. Because Ximian, being the integrator of all those packages, wanted to produce a desktop where all the parts worked together seamlessly, they still had a lot of work to do.
Here's one example: Miguel recently posted a lengthy patch to the Nautilus mailing list which would allow gmc and Nautilus to use the same desktop directory, so that when users switched back and forth between the two, they would retain all their launchers and folders. That's a very nice integration feature, but one which Nautilus didn't have in the version released with Gnome 1.4. It takes a good deal of code to make Nautilus understand GMC's.desktop files, and it takes time to write that code.
The indications are that Ximian does not think that 1.4 is "not that important." Rather, they think it's very important. They also think that their role as the integrator means more than just compiling all the packages into binaries.
What's the problem with paying people for their work?
Paying people for their own work is one thing. Paying them for other people's work -- the thousands and thousands of other programers who helped write the software -- is another.
The way you pay all those people is not with money, but code. They let you use their code, so you let them use yours. They didn't charge you for their code, so you don't charge them for yours.
If Libranet isn't making money off their distribution then tough. There's no such thing as a right-to-profit. You work for a start-up you take your risks. Sometimes you get burned. Find a new business plan, guys.
No matter what you do, they still get your IP number and your browser id string. Neither of these are guaranteed to be unique to a given user -- if you're either working on a multi-user system or use a proxy service, then other users may have the same IP and browser id string, which is why the ad companies prefer cookies. But if, like most people, you're the only user of the computer and you don't use a web proxy, then your IP is actually *better* than a cookie, since it will stay the same even if you switch to a different browser or delete/disable all cookies.
Also, the ad company can use the IP number to match up their tracking data with another site's personal data without needing any info from a GET form or a mangled URL.
Actually, it doesn't even take a form with a GET request. Rather than use a cookie, many sites now encode a unique user id in the URL, often after a '$', like http://company.com/page.htm$USERID. (Sites do this so that they can track session data on you even if you deny their cookie and even if you move across servers or domains.) Since WebBugsAreEvil.com gets this full URL, they now have your USERID at the site you visited and can connect their data with the data collected by the site.
You could just number the songs you share 1.mp3, 2.mp3, 3.mp3 and so on.
To get an Index of what 1, 2 & 3 are you have to offer a copyrighted song to that user who shares those files.
Sure this would defeat the copy protection, but it would also defeat what makes Napster useful. The "value" of Napster for the user is its unified index of music. Obfuscating song titles like this would effectively deunify that index. Napster's index would become useless -- it would just tell me that there were 23,328 "1.mp3" files out there -- and I would have to go to the owner of each of those files (a fragmented process) in order to find out what all those files were. How would this be any different from the pre-Napster days, when mp3s were put up on web and ftp servers with obfuscated names, and you had to have the owner's private index to know what they were?
I'm probably coming into this too late for anyone to read this but...
The math is bogus. There are two fundamental flaws with it:
it assumes an unbounded number of gnutella clients
it assumes that the propagation of a query never doubles back to an already visited node
Jordan brushes both these assumptions under the rug in his equation, saying it's for the "maximum number of reachable hosts" and therefore doesn't need to account for this kind of feedback. In fact, it's not as simple as he thinks.
Instead of starting with the exponential propagation of a query, start by looking at the network as a whole. Since there are P clients each with N forwarding routes, there are N*P total forwarding routes in the network. Gnutella clients will only forward a given query once (they keep track of a numeric ID for each query to avoid resending one that loops back to them), so the maximum number of transmissions that can result from a single query is also N*P (to reach this maximum would require an incredibly regular network structure, by the way, and is probably at least an order of magnitude above what real conditions would look like).
Now let's look at Jordan's numbers. He comes up with a shocking 1.2G of traffic from an 83 byte message in a case where N=8. (For the math, I'm only considering the "outgoing" traffic, since the incoming traffic varies proportionally with outgoing.) That represents about 15 million transmissions, which would mean that the network held about 2 million simultaneously active clients. That's an absolutely huge network compared to Napster (Gnapster reports about 11,000 simultaneous users) or Gnutella (LimeWire reports around 2000). Given that the current network is 3 orders of magnitude away from this size, I don't think we have to fear 1.2G of traffic anytime soon.
What most people care about is how much traffic they'll see on their own node. Let's say that people will start to get annoyed when baseline traffic hits 16K/s. Assume every query on the network reaches you (unlikely, but we're looking at maximums). On average, you will receive that query a maximum of N times, since the message goes through a maximum of N*P transmissions for P clients, for an average of N receptions per client. As Jordan says, the number of queries per second varies proportionally with the size of the network. Let's use his assumption of 1600 clients generating 1 query per second and each query taking about 83 bytes. 15K/s means about 200 query receptions per second. Dividing this number by N -- lets pick a high number, like 8 -- gives the number of originating queries, 25qps. This translates into a network size of 40,000 clients, or about 10 times the current size. Yes, that's closer than we'd like, but it's not nearly as doomsdayish as Joran proposed.
What Gnutella should do is raise T and lower N. People have gotten scared by the geometric progression argument and think that big values of T are scary. In fact, it's big values of N that are the problem. There's no difference between a T of 20 verses 20,000, since once you've reached the entire network (which 20 will probably do) you've reached it, and your query dies not because of TTL but because all clients have seen it. On the other hand, changing N from 4 to 8 means you'll receive twice as many copies of every message, thus doubling bandwidth and halving the feasible size of the network. Basically, N should be only large enough to keep a query alive, and T should be large enough to reach the entire network with the given N. I would suggest setting N to just 2, with an initial optimization that the originating client sends it out to many more clients for the first hop, say 32, just to make sure that the query doesn't die in its early stages before there are enough "live" copies of it traversing the network. With that optimization, Gnutella could scale to 160,000 clients before it hits the 16K/s baseline limit.
About five years ago, when NEAR was still being built, I worked for a NASA contractor (Swales Aerospace) that also did business with JHU and the NEAR folks, and I remember some hallway conversations about NEAR. The detail I remember in particular was that NEAR was not just a scientific mission, but received funding from Star Wars/SDI/ABM/whatever. Along with performing some astronomic functions, NEAR was designed to test new telemetry and guidance systems, ones that could handle incredibly fast approach speeds. NEAR intercepted the comet almost head-on, meaning the velocity of closure was tremendous. Basically, if NEAR could hit the comet at such rates (or, to be more exact, hit a stable orbit around the comet), then an ABM missile could hit a ballistic missile.
I'm afraid I can't remember more of the details. Has anyone else heard anything about NEAR and SDI? I haven't heard a peep out of the press. They're playing it as a miracle-of-science story rather than a demonstration-of-military-technology one.
Another big problem with any kind of on-line voting is that you run up against a conflict between the need for security and the need for guaranteed service.
Basically, most current security methodologies have, at their base, the following algorithm:
if (!secure(connection)) abort(connection);
That's not good enough for a voting system: aborting means you just disenfranchised a voter!
You've proposed that the current system be kept in place as a backup. That's not sufficient either. For a voting system to be valid, every effort must be taken so that all voters are treated equally and follow the same voting procedure. A system that makes voting more convenient for those with recent PCs and reliable net connections is illegal by voting laws.
Early returns are usually skewed toward the Republican candidates. This has to do with the makeup of the partys' bases and the number of voters per polling place. Republicans do better in wealthier and more rural areas. Both tend to have fewer voters per polling station, because there are just less people in rural areas, and wealthy areas have more public buildings (libraries, schools, etc.) for stations. As a result, these stations can report their returns earlier.
Also, because the Democratic constituency is more working-class, they tend to do more of their voting after work. This overloads the stations late in the afternoon (witness Detroit and St. Louis this year) and forces them to delay their count.
CNN just declared Bush the winner. With 98% of the election stations reporting, he has 2,803,129 votes to Gores 2,755,266, meaning less than 48,000 Florida voters, or about.8%, decided the election.
This argument about "teaching the Democrats a lesson" doesn't hold water. A Gore loss will be disastrous to the Green party. Here's my prediction: if Gore loses, the Green party will never again pull more than 1%.
Why? Draw a historical lesson from the other side of the political spectrum: in 1992 and 96, Pat Buchanan pulled a significant number of far right votes away from moderate Republican candidates, but this year, he can't even muster 1%. What changed? Well, this year the Republican party wants the election bad, really bad, so the far right is keeping quiet about their reservations with Bush. They've locked ranks to take the Whitehouse.
Now imagine that Gore loses and flash ahead to the 2004 race. The Democrats, like the Republicans this year, will want the election badly and will lock ranks behind the party candidate. The far left will abandon the Greens, and Nader will become just a footnote to the election, just like the far right abandoned Buchanan and made him a footnote this year.
Now imagine Gore wins instead. After four more years of centrist government, the far left will be even more unhappy with the Democratic party. Their ranks will grown, and Nader will have a shot at breaking 10% in 2004. In other words, a Democratic win is the best possible thing that can happen to the Green party.
Unfortunately, if Gore loses, the only ones who will be "taught a lesson" will be the Greens.
Microsoft has built into Whistler a feature that allows a user to request assistance from another user via e-mail, specifying a window of time in which the request must be answered. The user providing help may then take control of the problem system, fixing the problem while the user watches.
All it takes to grant remote access is to "send an e-mail"? So what happens the next time there's a virus like MELISSA or ILOVEYOU, only this time, along with sending messages to everyone in your address book, it also sends one of these "assistance requests" to a cracker?
Every day, I'm more and more happy I use Linux.
MS is cutting user security *extremely* close here. First, they made the job of crackers twice as easy by adding scripting to Outlook and Word. Now, they've finished the job by adding a shoddy remote access feature. They're placing a huge bet that there will never be another hole in Outlook Express, that word viruses will somehow go away, and that users will learn not to run programs out of e-mail messages, even though their own people can't get that one right.
Those of you who work in computer support, think about this: How many times have you seen Word viruses on a user's computer? Now imagine that each one of those cases was a full-blown remote exploit. Now shudder.
How many computers need to be owned before people wise up to MS's security failures? Why was it that MELISSA and ILOVEYOU were covered as stories about dangerous "computer criminals", rather than stories about Windows' security failings?
It's been interesting to watch MS change the story about the hack. Every day, it becomes less severe:
first, it lasted three months, and there was talk that not only was source downloaded, but it might have been modified
then, it was for six weeks, and MS was sure that no source was modified
now, it was only one week, and source was only "viewed", not downloaded, and to a minor "future product" at that.
What's going on? Well, it seems like MS's PR department has been working hard to downplay the attack. Notice how the informant shifts over time from an unnamed "Microsoft engineer" to Balmer to MS's "corporate security officer." I assume that what happened went like this: 1) a mid-level MS engineer leaked the real story to the press, 2) PR (Balmer) steped in for damage control, and finally 3) PR propped up a puppet with a written script to try and kill the issue.
The thing is, the strategy may backfire on MS. Now, they can't claim that open source developers are pirating their code. They've already gone on record saying no MS code exists in the wild. Which means that if you happen upon the source to Office, you are free to look at it, since MS has already declared that that code does not exist.
Durham, Oct 27 -- The linux world is in a tumult today after a report claiming hackers broke into the corporate network of industry leader Redhat. The report, published on the internet by a pseudonymous "BG", purports that "lots and lots" of hackers outside the Durham-based organization have been "stealing intellectual property" from the company for "a whole lot longer than three months." Redhat officials appear to be stonewalling on the issue, responding to questions with a baffled look and the reply, "What the hell are you talking about?"
According to the report, unknown hackers managed to procur a password to Redhat's network servers. They then used the password to download the blueprints to all of Redhat's products. Even worse, the password was circulated widely over the internet, allowing thousands, potentially over a million hackers to repeat the exploit.
One person familiar with the case said it appeared the hackers initially gained access to Redhat's corporate computers by exploiting a hole in the company's "FTP" software. This software is used to transfer files between remote computers. The hackers discovered that the password "anonymous" allowed them access to all of Redhat's intellectual property.
Most damning of the report's accusations is the claim that internal Redhat officers have known about the vulnerability for months, even years, but failed to alert customers or close the security hole.
The breach may have allowed hackers to insert instructions into the blueprints for Redhat's products, including the recently released Redhat Linux 7. One anonymous insider called such practices "common." When asked if they were planning an extensive audit of their code, Redhat officials repeated their reply, "What the hell are you talking about?"
I just called Amazon, and was told that if you send a message to account-close@amazon.com, your account will be cancelled. No ridiculous requests for words from books purchased, no bullshit... or so they say. I'm waiting to see if they really follow through.
I'm glad this story got posted -- I've been in the same boat as the original poster, but hadn't bothered to do anything about it yet.
I'll vote for Gore 'cuz its gonna be to close of an election to risk wasting my vote making a "Statement" on a 3rd party candidate
In North Carolina, votes for Nader really are wasted. Because of a technicality, the state isn't even going to count them. See a recent letter to the editor of the Raleigh News & Observer for the story.
Listen, I've also got a lot of problems with the way many journalists have let the candidates throw around half and full lies (so much for the "keepers of the public record" idea!). But if you want to start hard talking about "FACTS" then you have to live up to a higher standard than they do. Make sure your claims are accurate and cite your sources. Several of these seem like blatant fabrications, or are at least so far out there that they need some evidence.
Fifteen minutes with a web-browser brings up some of the real "FACTS" behind several of your items. I don't have time to check them all -- I wish you had done it before posting:
FICTION: Al Gore said his father, a senator, was a champion of civil rights during the 1960's.
FACT: Gore's father voted against the landmark Civil Rights Act of 1964 and was a racist who was fond of using the "N" word.
I assume you're refering to the Washington Post's article from back in April, though I've never seen any mention of Al Sr. being "fond of using the 'N' word"! Here's the full quote from the Post article:
Long before Bill Clinton came along, Gore lived in the shadow of another dominant politician, his father, Sen. Albert Gore Sr. of Tennessee. Many of the deepest tensions of American race relations were played out during the long career of Sen. Gore, whose opposition to the segregated ways of his native South angered many of his constituents and eventually led to his political demise. With one notable exception, when he capitulated to regional sentiment and opposed the 1964 Civil Rights Act, the choices he made over more than three decades in Washington were courageous -- and they provided lasting lessons in the political education of the son. If there are as many ways of looking at Al Gore on the issue of race as Wallace Stevens found to look at a blackbird, the first views, shading all the rest, including his relationship with Clinton, come from the life and times of his parents.
(no longer available for free from the Post, but a reprint is available at http://www.jessejacksonjr.o rg/ issues/i042300173.html)
Hmm... maybe that's why you didn't cite a source. Doesn't really support your argument, does it?
FICTION: Al Gore claimed the book "Love Story" was based on his life and Tipper's.
FACT: Author Erich Segal called a press conference to deny his claim. (Couldn't he at least lie about a love story where his sweetheart doesn't die?"
This is actually an older story that first started circulating in 1997. Here's the actual article from the time about Erich Segal's supposed "denial."
"When the author Erich Segal was asked about Gore's impression, he stated that the preppy hockey-playing male lead, Oliver Barrett IV, indeed was modeled after Gore and Gore's Harvard roommate, actor Tommy Lee Jones."
(Original from December 1997 NYTimes no longer available on-line. Similar article at the Chicago Tribune
http://chicagotribune.com/news/metro/chicago/print edition/article/0,2669,SAV-0008280152,FF.html )
Again, seems like Gore had a case here.
FICTION: While running for office, Gore's campaign literature claimed he was a "Brilliant Student".
FACT: Washington newspapers said he barely passed Harvard and consistently earned D's and C's.
What are these mythical "Washington newspapers" you keep citing? Give me an actual cite, ferkrisakes.
In this case, you're talking about this article from the March 18 Washington Post. Gore did get one D, some C's, and a B his first year, but his grades moved up from there, and he was generally an A and B student his senior year. He graudated cum laude (a far cry from "barely passing") based on the strength of his thesis. Here's a quote from the article:
In his junior year, he earned a B, a B-plus and an A-minus in three government courses, and he aced his senior government thesis on the impact of television on the presidency, a strong finish that made him a cum laude graduate. His devotion to the subject by then was so intense that he gave much of his time to a not-for-credit seminar with his favorite professor, Richard Neustadt, an expert on the presidency.
Both campaigns started spinning so fast that they took off and left earth long ago. The thing is, since the reporters have given up, no one's bothering to bring them back down. Go back and look at your claims: you've been spun. Bush's camp has had a pretty effective campaign against Gore's character going for over a year now. Look at an Oct. 15 NYTimes article called A Sustained G.O.P. Push to Mock Gore's Image for a story on it.
It's the perfidy (stupid): Same lies, same sellout
Yes, it is the perfidy. Like when Bush says:
In the October 12 debate he claimed that all three perpetrators of the murder of James Byrd Jr. were to be executed, and cited this as evidence of his hard stance against hate crimes. In fact, he was wrong about the record. Only two were given capital sentences (source: NYT). Had there been a hate crimes law, all three would have been given capital sentences.
In yesterday's debate, he claimed that national rates of health care coverage were falling while Texas' were rising. This was his rejoinder to Gore's question as to why Texas was 50th in the nation for family health care coverage. In actuality, Texas' rate of health care coverage has steadily declined during every year of Bush's six year term, with the exception of a small rise last year. In Texas, health care coverage has fallen from 78.2 to 76.7% (source: US Census web site), or 1.5%. Nationwide, over the same time span, health care rates have fallen only.2%, meaning that Texas is not only 50th, but falling.
At least when Gore makes a mistake, he has the integrity to admit it and apologize. Bush still hasn't issued any statements on either of these. And Gore's much trumpeted mistake about the girl standing in a Florida class room didn't really alter the substance of his argument, only the strength of the evidence he used. Bush made both of the above two points major components of his argument during the debate.
Slashdot Mirror
Ximian could have released 1.4 shortly after the Gnome announcement, but let's think about what the 1.4 release meant. It meant that all the individual packages that make up Gnome were ready to release. It didn't mean that those packages played well together, or interacted in a way the user would expect. Because Ximian, being the integrator of all those packages, wanted to produce a desktop where all the parts worked together seamlessly, they still had a lot of work to do.
Here's one example: Miguel recently posted a lengthy patch to the Nautilus mailing list which would allow gmc and Nautilus to use the same desktop directory, so that when users switched back and forth between the two, they would retain all their launchers and folders. That's a very nice integration feature, but one which Nautilus didn't have in the version released with Gnome 1.4. It takes a good deal of code to make Nautilus understand GMC's .desktop files, and it takes time to write that code.
The indications are that Ximian does not think that 1.4 is "not that important." Rather, they think it's very important. They also think that their role as the integrator means more than just compiling all the packages into binaries.
The way you pay all those people is not with money, but code. They let you use their code, so you let them use yours. They didn't charge you for their code, so you don't charge them for yours.
If Libranet isn't making money off their distribution then tough. There's no such thing as a right-to-profit. You work for a start-up you take your risks. Sometimes you get burned. Find a new business plan, guys.
Also, the ad company can use the IP number to match up their tracking data with another site's personal data without needing any info from a GET form or a mangled URL.
Actually, it doesn't even take a form with a GET request. Rather than use a cookie, many sites now encode a unique user id in the URL, often after a '$', like http://company.com/page.htm$USERID. (Sites do this so that they can track session data on you even if you deny their cookie and even if you move across servers or domains.) Since WebBugsAreEvil.com gets this full URL, they now have your USERID at the site you visited and can connect their data with the data collected by the site.
To get an Index of what 1, 2 & 3 are you have to offer a copyrighted song to that user who shares those files.
Sure this would defeat the copy protection, but it would also defeat what makes Napster useful. The "value" of Napster for the user is its unified index of music. Obfuscating song titles like this would effectively deunify that index. Napster's index would become useless -- it would just tell me that there were 23,328 "1.mp3" files out there -- and I would have to go to the owner of each of those files (a fragmented process) in order to find out what all those files were. How would this be any different from the pre-Napster days, when mp3s were put up on web and ftp servers with obfuscated names, and you had to have the owner's private index to know what they were?
The math is bogus. There are two fundamental flaws with it:
- it assumes an unbounded number of gnutella clients
- it assumes that the propagation of a query never doubles back to an already visited node
Jordan brushes both these assumptions under the rug in his equation, saying it's for the "maximum number of reachable hosts" and therefore doesn't need to account for this kind of feedback. In fact, it's not as simple as he thinks.Instead of starting with the exponential propagation of a query, start by looking at the network as a whole. Since there are P clients each with N forwarding routes, there are N*P total forwarding routes in the network. Gnutella clients will only forward a given query once (they keep track of a numeric ID for each query to avoid resending one that loops back to them), so the maximum number of transmissions that can result from a single query is also N*P (to reach this maximum would require an incredibly regular network structure, by the way, and is probably at least an order of magnitude above what real conditions would look like).
Now let's look at Jordan's numbers. He comes up with a shocking 1.2G of traffic from an 83 byte message in a case where N=8. (For the math, I'm only considering the "outgoing" traffic, since the incoming traffic varies proportionally with outgoing.) That represents about 15 million transmissions, which would mean that the network held about 2 million simultaneously active clients. That's an absolutely huge network compared to Napster (Gnapster reports about 11,000 simultaneous users) or Gnutella (LimeWire reports around 2000). Given that the current network is 3 orders of magnitude away from this size, I don't think we have to fear 1.2G of traffic anytime soon.
What most people care about is how much traffic they'll see on their own node. Let's say that people will start to get annoyed when baseline traffic hits 16K/s. Assume every query on the network reaches you (unlikely, but we're looking at maximums). On average, you will receive that query a maximum of N times, since the message goes through a maximum of N*P transmissions for P clients, for an average of N receptions per client. As Jordan says, the number of queries per second varies proportionally with the size of the network. Let's use his assumption of 1600 clients generating 1 query per second and each query taking about 83 bytes. 15K/s means about 200 query receptions per second. Dividing this number by N -- lets pick a high number, like 8 -- gives the number of originating queries, 25qps. This translates into a network size of 40,000 clients, or about 10 times the current size. Yes, that's closer than we'd like, but it's not nearly as doomsdayish as Joran proposed.
What Gnutella should do is raise T and lower N. People have gotten scared by the geometric progression argument and think that big values of T are scary. In fact, it's big values of N that are the problem. There's no difference between a T of 20 verses 20,000, since once you've reached the entire network (which 20 will probably do) you've reached it, and your query dies not because of TTL but because all clients have seen it. On the other hand, changing N from 4 to 8 means you'll receive twice as many copies of every message, thus doubling bandwidth and halving the feasible size of the network. Basically, N should be only large enough to keep a query alive, and T should be large enough to reach the entire network with the given N. I would suggest setting N to just 2, with an initial optimization that the originating client sends it out to many more clients for the first hop, say 32, just to make sure that the query doesn't die in its early stages before there are enough "live" copies of it traversing the network. With that optimization, Gnutella could scale to 160,000 clients before it hits the 16K/s baseline limit.
I'm afraid I can't remember more of the details. Has anyone else heard anything about NEAR and SDI? I haven't heard a peep out of the press. They're playing it as a miracle-of-science story rather than a demonstration-of-military-technology one.
Basically, most current security methodologies have, at their base, the following algorithm:
That's not good enough for a voting system: aborting means you just disenfranchised a voter!You've proposed that the current system be kept in place as a backup. That's not sufficient either. For a voting system to be valid, every effort must be taken so that all voters are treated equally and follow the same voting procedure. A system that makes voting more convenient for those with recent PCs and reliable net connections is illegal by voting laws.
Also, because the Democratic constituency is more working-class, they tend to do more of their voting after work. This overloads the stations late in the afternoon (witness Detroit and St. Louis this year) and forces them to delay their count.
Jesus that's close.
Why? Draw a historical lesson from the other side of the political spectrum: in 1992 and 96, Pat Buchanan pulled a significant number of far right votes away from moderate Republican candidates, but this year, he can't even muster 1%. What changed? Well, this year the Republican party wants the election bad, really bad, so the far right is keeping quiet about their reservations with Bush. They've locked ranks to take the Whitehouse.
Now imagine that Gore loses and flash ahead to the 2004 race. The Democrats, like the Republicans this year, will want the election badly and will lock ranks behind the party candidate. The far left will abandon the Greens, and Nader will become just a footnote to the election, just like the far right abandoned Buchanan and made him a footnote this year.
Now imagine Gore wins instead. After four more years of centrist government, the far left will be even more unhappy with the Democratic party. Their ranks will grown, and Nader will have a shot at breaking 10% in 2004. In other words, a Democratic win is the best possible thing that can happen to the Green party.
Unfortunately, if Gore loses, the only ones who will be "taught a lesson" will be the Greens.
Every day, I'm more and more happy I use Linux.
MS is cutting user security *extremely* close here. First, they made the job of crackers twice as easy by adding scripting to Outlook and Word. Now, they've finished the job by adding a shoddy remote access feature. They're placing a huge bet that there will never be another hole in Outlook Express, that word viruses will somehow go away, and that users will learn not to run programs out of e-mail messages, even though their own people can't get that one right.
Those of you who work in computer support, think about this: How many times have you seen Word viruses on a user's computer? Now imagine that each one of those cases was a full-blown remote exploit. Now shudder.
How many computers need to be owned before people wise up to MS's security failures? Why was it that MELISSA and ILOVEYOU were covered as stories about dangerous "computer criminals", rather than stories about Windows' security failings?
What's going on? Well, it seems like MS's PR department has been working hard to downplay the attack. Notice how the informant shifts over time from an unnamed "Microsoft engineer" to Balmer to MS's "corporate security officer." I assume that what happened went like this: 1) a mid-level MS engineer leaked the real story to the press, 2) PR (Balmer) steped in for damage control, and finally 3) PR propped up a puppet with a written script to try and kill the issue.
The thing is, the strategy may backfire on MS. Now, they can't claim that open source developers are pirating their code. They've already gone on record saying no MS code exists in the wild. Which means that if you happen upon the source to Office, you are free to look at it, since MS has already declared that that code does not exist.
Heh.
According to the report, unknown hackers managed to procur a password to Redhat's network servers. They then used the password to download the blueprints to all of Redhat's products. Even worse, the password was circulated widely over the internet, allowing thousands, potentially over a million hackers to repeat the exploit.
One person familiar with the case said it appeared the hackers initially gained access to Redhat's corporate computers by exploiting a hole in the company's "FTP" software. This software is used to transfer files between remote computers. The hackers discovered that the password "anonymous" allowed them access to all of Redhat's intellectual property.
Most damning of the report's accusations is the claim that internal Redhat officers have known about the vulnerability for months, even years, but failed to alert customers or close the security hole.
The breach may have allowed hackers to insert instructions into the blueprints for Redhat's products, including the recently released Redhat Linux 7. One anonymous insider called such practices "common." When asked if they were planning an extensive audit of their code, Redhat officials repeated their reply, "What the hell are you talking about?"
I'm glad this story got posted -- I've been in the same boat as the original poster, but hadn't bothered to do anything about it yet.
-- Adam
In North Carolina, votes for Nader really are wasted. Because of a technicality, the state isn't even going to count them. See a recent letter to the editor of the Raleigh News & Observer for the story.
-- Adam
Fifteen minutes with a web-browser brings up some of the real "FACTS" behind several of your items. I don't have time to check them all -- I wish you had done it before posting:
FICTION: Al Gore said his father, a senator, was a champion of civil rights during the 1960's.
FACT: Gore's father voted against the landmark Civil Rights Act of 1964 and was a racist who was fond of using the "N" word.
I assume you're refering to the Washington Post's article from back in April, though I've never seen any mention of Al Sr. being "fond of using the 'N' word"! Here's the full quote from the Post article:
HmmFICTION: Al Gore claimed the book "Love Story" was based on his life and Tipper's.
FACT: Author Erich Segal called a press conference to deny his claim. (Couldn't he at least lie about a love story where his sweetheart doesn't die?"
This is actually an older story that first started circulating in 1997. Here's the actual article from the time about Erich Segal's supposed "denial."
Again, seems like Gore had a case here.FICTION: While running for office, Gore's campaign literature claimed he was a "Brilliant Student".
FACT: Washington newspapers said he barely passed Harvard and consistently earned D's and C's.
What are these mythical "Washington newspapers" you keep citing? Give me an actual cite, ferkrisakes.
In this case, you're talking about this article from the March 18 Washington Post. Gore did get one D, some C's, and a B his first year, but his grades moved up from there, and he was generally an A and B student his senior year. He graudated cum laude (a far cry from "barely passing") based on the strength of his thesis. Here's a quote from the article:
Both campaigns started spinning so fast that they took off and left earth long ago. The thing is, since the reporters have given up, no one's bothering to bring them back down. Go back and look at your claims: you've been spun. Bush's camp has had a pretty effective campaign against Gore's character going for over a year now. Look at an Oct. 15 NYTimes article called A Sustained G.O.P. Push to Mock Gore's Image for a story on it.-- Adam
Yes, it is the perfidy. Like when Bush says:
- In the October 12 debate he claimed that all three perpetrators of the murder of James Byrd Jr. were to be executed, and cited this as evidence of his hard stance against hate crimes. In fact, he was wrong about the record. Only two were given capital sentences (source: NYT). Had there been a hate crimes law, all three would have been given capital sentences.
- In yesterday's debate, he claimed that national rates of health care coverage were falling while Texas' were rising. This was his rejoinder to Gore's question as to why Texas was 50th in the nation for family health care coverage. In actuality, Texas' rate of health care coverage has steadily declined during every year of Bush's six year term, with the exception of a small rise last year. In Texas, health care coverage has fallen from 78.2 to 76.7% (source: US Census web site), or 1.5%. Nationwide, over the same time span, health care rates have fallen only
.2%, meaning that Texas is not only 50th, but falling.
At least when Gore makes a mistake, he has the integrity to admit it and apologize. Bush still hasn't issued any statements on either of these. And Gore's much trumpeted mistake about the girl standing in a Florida class room didn't really alter the substance of his argument, only the strength of the evidence he used. Bush made both of the above two points major components of his argument during the debate.