Of course, you should NEVER EVER leave a box logged in as root and leave the sight of the terminal. Personally I am in favor of changing the text color of a terminal window logged in as root, or putting all root logins on a seperate desktop with "Be careful you are logged in as ROOT" in 3 foot high red letters on the background.
No, actually you are wrong. Open source means that the end user always has the power, your example of sending suggestions to the developer does not fit this description because it relies on the _developer_ making the final decision. With Open Source you can always take the code and run with it, although that _would_apply to a web page since I can just save the images and HTML, change and post to my own server, copyright issues notwithstanding.
I agree with you up until your last sentance, religious "morality" has no place in the US Government. The Government's business is protecting your basic human rights, the form of morality you choose is up to you and should not be dictated by the Government.
In fact, around here, there is some small debate about same-sex marriges. My personal view is that the Government should get out of the Christian marrige business. Put forth a standard "marrige" contract and allow any two+ parties to sign it, it will be legally binding and both parties will have agreed to the terms, making "divorce" a thing of the past.
Of someone is found in breach of contract then they can just follow the agreed upon procedure for that case. It would also allow people with different moral views to codify, and make binding, their views, on paper. If my religion required women to wear long black cloaks and cover their faces, I could write it into the contract and the other party would be free to sign or not sign it.
Or the other possibility is that over time, and several elections, the third party manages to beat out its next competetor and then the race is _really_ on. Look what happened to the Whigs in the mid 1800's, they got replaced pretty quickly by a small third party called the Republicans.
And that's why the US Government is not supposed to be a Democracy, it is supposed to be a Constitutional Republic. The idea is that you elect competant leaders who have to follow many hard and fast laws in the execution of their official duty. The laws run the country and the people maintain and enforce the laws. The laws can be changed with some difficulty so that you have some flexability without degenerating into a dictatorship or mob rule (which is what democracy really is anyway).
I personally think the only thing that has kept this country around for 200+ years (IIRC the longest government currently in existance!) is laws that prevent idiots from doing too much damage and a few great and visionary leaders who have tried to change the laws for the better. Contrast to the Soviet Union which degenerated into a petty dictatorship pretty quickly, because they didn't have the oversight of strong laws.
Just my $0.02 (Thinking about putting in a write-in vote myself, silence is completely non-productive)
Re:"Long uptime is evil" or "gee isnt my system op
on
Server Uptimes Ranked
·
· Score: 1
This is similar to the reason that none of the Windows machines (baring Win98) report uptimes in excess of 49 days. Their numbering syscall stops at that point (and caused the kernel to crash in Win95). Apparently there is annother facility to get this information but the Windows uptimed is not using it.
>I'd have gone out and bought UT if they'd released the source to their networking code - now THAT needs some serious improvement! (It blows chunkss compared to even the original Quake 1 - I get better gameplay over a modem with Q1 than I do with UT on a cable modem!)
Maybe you are thinking of the origional Unreal? My experience with UT is completely different, the computer that I run it on (not my own) is a PII450 with a 56K Winmodem, and no 3d card (ATI RagePro). I have no problem and the gameplay online is very smooth, the same cannot be said for Q2 on the same machine which is unplayable online. UT does not appear to be sensitive to the winmodem or the V.90 protocol which have caused problems with programs that require low latency connections.
The BSDs are no more compatable with one annother than any other Unix OS, or Linux. They are as fundementally different as Linux is to Solaris or HP-UX or SCO.
While it is true that changes can get distributed between the different OSs it is not too much different than the code exchange between Linux and *BSD. Certainly not the same as the difference between RedHat and Caldera or Debian or SuSE, they can easily run each others binaries, use the same libraries, etc. The only main difference between distros is the default configuration and file locations.
What we need to do is convince all these MTV people that there is a dire emergency, Y2K, Asteroids, GoodTimes, Etc. and that they all need to pile into spaceships for their own safety. Let them colonize Mars, it's cold there ya know. This would work as long as the joy didn't kill us, or that Asteroid didn't actually come.
I'm not so sure that the finger protocol is so inherently insecure (except for giving out user information). As I understand it the origional finger daemon was horrendously insecure and riddled with bugs. I am no so sure that applies to the current fingerd incarnation.
While this would be a neat hack, requiring ISPs to fiddle with their DNS settings would probably cause more trouble than its worth (some ISPs can barely turn DNS on). An easier solution would be to add a talk/finger plugin to Jabber, and sync up with the IETF IMPP protocol work. Just have the Jabber server at your ISP proxy for the dialed up user.
> Another benefit people here are glossing over. The police prefer to PREVENT crimes. Is it better to catch a criminal, or have a guard walk up right before the crime convincing the guy to move on. Remember, most crime is committed not hardened criminals, but by opportunist. These cameras will be most effective on the latter.
The police should not make it their goal to prevent all crime, they would have to implement a police state to accomplish this.
I disagree that most crime is amateur or opportunist in nature, from my experience 95% of crime is caused by 5% of the population, people who just can't catch a clue.
The difference here is that footage is being gathered, and analyzed without any consent on your part. Especially since they are for cases where a crime has not _actually_ been committed yet.
> Now if you were Martha Stewart doing doing a Kung-Fu move or picking her nose and the guard kept the recording and sold the footage to CBS for a prime time broadcast, I'm sure she wouldn't appreciate it. Her audience was the bar, not the world.
So how is it that Martha Stewart deserves her privacy but other people don't? Did she _assume_ that she was only being seen by the others in the bar?
If I am alone should I _assume_ that there is no one with a camera watching me, recording everything for posterity. I don't think I am asking too much here.
Of course if the cop actually _acted_ on the presumption that they were about to rob the bank, but had actually not done so they would be completely, undefendably, morally wrong. The police's job is not to prevent crime but to clean up the aftermath, find the responsible parties, etc. Nearly any overt act of prevention is an affront to your liberty and should not be tolerated. Put annother way, thinking about a crime and actually committing one are two different things, you should not be able to be jailed/harassed for just thinking. Unless of course you want the Thought Police protecting "Women and Children" from "deviants and perverts".
The problem is that you can't trust any device you plug this thing into. You can't be sure that the ATM or Kiosk that you plug this thing into isn't scamming your password/PIN even if it is on an encrypted connection to the card (it has to read keyboard input from somewhere). That means that the only way to trust the device is to have the UI on the device, anything else could be compromised, when you cannot trust the Kiosk/ATM software.
This is very similar to the way Konquerer handles cookies. It gives you the two options of: Always/Never/Just-This-Once Accept/Reject/Ask. This works on a per domain basis, and I believe that wildcards are allowed but I don't know how far that support goes (regexp, yeah). So I can say Always-Reject-* but Always-Ask-slashdot.org, or Always-Ask-*, Always-Reject-doubleclick.net, Always-Accept-slashdot.org. The possibilities are endless.
Oh, goody, an intelligent counter-argument instead of saying "Ooohh, SmartCard bad,bad,bad" without providing any evidence or showing any thought on the matter.
Now, continuing, this is a great idea, one that I have had myself. When I think of this I think of FORTEZZA cards or SecurID. That is what they sould be based on. They should be a repository for a strong private key, just like carrying your PGP/GPG key on a floppy. All data on the card would be encrypted and would require a passphrase from yourself to access it. Integrating this in the PalmPilot form factor with a real UI would be perfect, it would allow you to manage/edit the data as well as control ACLs on it. Similar work is being done for the Palm by GNU.
The main idea though is that YOU would create the database on the card, YOU would control the access to the information and YOU would be able to tailor what information gets sent to who. You trust the device, not the card reader (for it can be easily subverted) and encrypt all stored and transmitted data. Ideally you would have encryption keys for each place you visit and want to exchange data with so that even the reader and any go-between doesn't see the plaintext.
This is a Great idea!
PS: It would also HAVE to run an Open Source, verifiably secure OS, and open, verifibly secure protocols. OpenBSD is a start.
One thing is to think in the long term, and make this a one-way mission. That solves several of your problems because they would never have to be subjected to 1G again. Mars gravity is lower so rotation on a spacecraft can be less without causing critical health problems. It also solves some of the fuel problems because you don't necessarialy need enough to go back to Earth. This kind of mission is not something to be taken lightly, obviously, and would have to come of years, nay decades, of thought an preparation.
I am all for space exploration but I have to agree with your point. I think it would be a good idea to really get the Russians on board for this one. They are used to making miracles out of virtually nothing, space probes from toothpicks-and-chewing gum, McGyver style. They could really help the economy of NASA, and it would prevent them from starving at home on the pittanc that Russia can now afford for space. In Russia every dollar that goes to space is annother teacher that doesn't get paid, a disgruntled military officer who has to beg for change, annother child who goes hungry. We have the wealth to support this, they do not.
SEX, in space, that is what we needed. We could send all the alsscan.com nymphos through astronaut training, yeah baby. I hear that an astronaut couple have already asked to be the first to shag in space "for scientific research". Yeah right, they just watched Moonraker too many times (Why wasn't there a space sex scene in the last Austin Powers movie?)
The entire DoD budget is only a small fraction, say 25-35%, of the Federal budget. The vast majority of money is spent on welfare, Social Security, pork-barel programs, etc. Having just come from the military I can tell you that it is not flushed with money. What money we do have we spend on deployments like Somalia, West Africa, Bosnia ($$), Iraq, and the half a dozen other places we have a military presence. There is not enough people to even do the bare minimum of work and standards have fallen as a result. Training is inadequite(sp) and support personnel are non-existant, you should see how our LAN was run--it would turn your stomach and make your skin crawl. Everyone basically has to fend for themselves.
There is a universal government tendancy to believe that they aren't spending "real money". People feel no compunction on over-spending on frivilous stuff, like decorative remodeling. The budgetary process is critically flawed as well with the (in)famous theory that you MUST spend your entire budget or the money will be taken away and next year's budget reduced. This is probably the worst possible thing.
Heck, I blew that much on Public Radio. Got to make sure I have something decent to listen to on the way to work, Top-40 radio and know-nothing DJs don't cut it.
>I reject this argument for defense spending. DoD love to point at defense research spinoffs and quote the "trickle-down effect" of research. This is quite insane. Instead of investing billions into military research in the hope that a hundred million worth will trickle down to ordinary consumers, why not invest the billions in non-military research in the first place?
I disagree, I don't believe that the trickle-down effect of DoD researched tech is only worth "a hundred million", while spending is in the billions. I would argue the reverse, that spending is in the billions but the rewards are in the hundreds of billions. DoD funding is often a good excuse for hackers and geeks (TM) to develop really cool tech. Because they don't have marketroids trying to push a product out a door, it is a hackers paradise. Yes, this can be abused, the hackers can go for all cool without any redeeming substance, but this is the exception not the rule. Unlike acedemia though, there is a definate goal, a challenge to meet. What I am saying is that there are actually plusses to military research as opposed to non-military, and not an overwhelming complement of minuses.
A Mars program would require research funded in areas like closed systems ecology, recycling, energy efficiency, alternate fuels, manufacturing, materials research, telecommunications, and your basic rocketry and engineering. This tech will be almost immediately available, the companies and scientists who develop it aren't just going to sock it away in a jar in the backyard.
There's no time like the present, I see no compelling reason to procrastinate. While we don't have the knowledge or tools to do it now, we will develop the tools and hopefully learn the wisdom and there is no reason not to start. I don't see us putting a man on Mars in 10 years, like the Moon program, something a little safer and more methodical is called for. I still don't see compelling reasons not to start, the problems we have now in completing such a program will have to be solved in the creation of the program.
PS: This is great, a real Slashdot story, with real debate. I was starting to get disenchanted with the whole Slashdot experience lately. And no silly talk of statues.
Slashdot Mirror
Of course, you should NEVER EVER leave a box logged in as root and leave the sight of the terminal. Personally I am in favor of changing the text color of a terminal window logged in as root, or putting all root logins on a seperate desktop with "Be careful you are logged in as ROOT" in 3 foot high red letters on the background.
No, actually you are wrong. Open source means that the end user always has the power, your example of sending suggestions to the developer does not fit this description because it relies on the _developer_ making the final decision. With Open Source you can always take the code and run with it, although that _would_apply to a web page since I can just save the images and HTML, change and post to my own server, copyright issues notwithstanding.
Ahhh Myrinet, the choice for a Quaking generation.
I agree with you up until your last sentance, religious "morality" has no place in the US Government. The Government's business is protecting your basic human rights, the form of morality you choose is up to you and should not be dictated by the Government.
In fact, around here, there is some small debate about same-sex marriges. My personal view is that the Government should get out of the Christian marrige business. Put forth a standard "marrige" contract and allow any two+ parties to sign it, it will be legally binding and both parties will have agreed to the terms, making "divorce" a thing of the past.
Of someone is found in breach of contract then they can just follow the agreed upon procedure for that case. It would also allow people with different moral views to codify, and make binding, their views, on paper. If my religion required women to wear long black cloaks and cover their faces, I could write it into the contract and the other party would be free to sign or not sign it.
That is true freedom.
Or the other possibility is that over time, and several elections, the third party manages to beat out its next competetor and then the race is _really_ on. Look what happened to the Whigs in the mid 1800's, they got replaced pretty quickly by a small third party called the Republicans.
And that's why the US Government is not supposed to be a Democracy, it is supposed to be a Constitutional Republic. The idea is that you elect competant leaders who have to follow many hard and fast laws in the execution of their official duty. The laws run the country and the people maintain and enforce the laws. The laws can be changed with some difficulty so that you have some flexability without degenerating into a dictatorship or mob rule (which is what democracy really is anyway).
I personally think the only thing that has kept this country around for 200+ years (IIRC the longest government currently in existance!) is laws that prevent idiots from doing too much damage and a few great and visionary leaders who have tried to change the laws for the better. Contrast to the Soviet Union which degenerated into a petty dictatorship pretty quickly, because they didn't have the oversight of strong laws.
Just my $0.02 (Thinking about putting in a write-in vote myself, silence is completely non-productive)
This is similar to the reason that none of the Windows machines (baring Win98) report uptimes in excess of 49 days. Their numbering syscall stops at that point (and caused the kernel to crash in Win95). Apparently there is annother facility to get this information but the Windows uptimed is not using it.
>I'd have gone out and bought UT if they'd released the source to their networking code - now THAT needs some serious improvement! (It blows chunkss compared to even the original Quake 1 - I get better gameplay over a modem with Q1 than I do with UT on a cable modem!)
Maybe you are thinking of the origional Unreal? My experience with UT is completely different, the computer that I run it on (not my own) is a PII450 with a 56K Winmodem, and no 3d card (ATI RagePro). I have no problem and the gameplay online is very smooth, the same cannot be said for Q2 on the same machine which is unplayable online. UT does not appear to be sensitive to the winmodem or the V.90 protocol which have caused problems with programs that require low latency connections.
YYMV
The BSDs are no more compatable with one annother than any other Unix OS, or Linux. They are as fundementally different as Linux is to Solaris or HP-UX or SCO.
While it is true that changes can get distributed between the different OSs it is not too much different than the code exchange between Linux and *BSD. Certainly not the same as the difference between RedHat and Caldera or Debian or SuSE, they can easily run each others binaries, use the same libraries, etc. The only main difference between distros is the default configuration and file locations.
What we need to do is convince all these MTV people that there is a dire emergency, Y2K, Asteroids, GoodTimes, Etc. and that they all need to pile into spaceships for their own safety. Let them colonize Mars, it's cold there ya know. This would work as long as the joy didn't kill us, or that Asteroid didn't actually come.
I'm not so sure that the finger protocol is so inherently insecure (except for giving out user information). As I understand it the origional finger daemon was horrendously insecure and riddled with bugs. I am no so sure that applies to the current fingerd incarnation.
While this would be a neat hack, requiring ISPs to fiddle with their DNS settings would probably cause more trouble than its worth (some ISPs can barely turn DNS on). An easier solution would be to add a talk/finger plugin to Jabber, and sync up with the IETF IMPP protocol work. Just have the Jabber server at your ISP proxy for the dialed up user.
> Another benefit people here are glossing over. The police prefer to PREVENT crimes. Is it better to catch a criminal, or have a guard walk up right before the crime convincing the guy to move on. Remember, most crime is committed not hardened criminals, but by opportunist. These cameras will be most effective on the latter.
The police should not make it their goal to prevent all crime, they would have to implement a police state to accomplish this.
I disagree that most crime is amateur or opportunist in nature, from my experience 95% of crime is caused by 5% of the population, people who just can't catch a clue.
The difference here is that footage is being gathered, and analyzed without any consent on your part. Especially since they are for cases where a crime has not _actually_ been committed yet.
> Now if you were Martha Stewart doing doing a Kung-Fu move or picking her nose and the guard kept the recording and sold the footage to CBS for a prime time broadcast, I'm sure she wouldn't appreciate it. Her audience was the bar, not the world.
So how is it that Martha Stewart deserves her privacy but other people don't? Did she _assume_ that she was only being seen by the others in the bar?
If I am alone should I _assume_ that there is no one with a camera watching me, recording everything for posterity. I don't think I am asking too much here.
Of course if the cop actually _acted_ on the presumption that they were about to rob the bank, but had actually not done so they would be completely, undefendably, morally wrong. The police's job is not to prevent crime but to clean up the aftermath, find the responsible parties, etc. Nearly any overt act of prevention is an affront to your liberty and should not be tolerated. Put annother way, thinking about a crime and actually committing one are two different things, you should not be able to be jailed/harassed for just thinking. Unless of course you want the Thought Police protecting "Women and Children" from "deviants and perverts".
The problem is that you can't trust any device you plug this thing into. You can't be sure that the ATM or Kiosk that you plug this thing into isn't scamming your password/PIN even if it is on an encrypted connection to the card (it has to read keyboard input from somewhere). That means that the only way to trust the device is to have the UI on the device, anything else could be compromised, when you cannot trust the Kiosk/ATM software.
This is very similar to the way Konquerer handles cookies. It gives you the two options of: Always/Never/Just-This-Once Accept/Reject/Ask. This works on a per domain basis, and I believe that wildcards are allowed but I don't know how far that support goes (regexp, yeah). So I can say Always-Reject-* but Always-Ask-slashdot.org, or Always-Ask-*, Always-Reject-doubleclick.net, Always-Accept-slashdot.org. The possibilities are endless.
Oh, goody, an intelligent counter-argument instead of saying "Ooohh, SmartCard bad,bad,bad" without providing any evidence or showing any thought on the matter.
Now, continuing, this is a great idea, one that I have had myself. When I think of this I think of FORTEZZA cards or SecurID. That is what they sould be based on. They should be a repository for a strong private key, just like carrying your PGP/GPG key on a floppy. All data on the card would be encrypted and would require a passphrase from yourself to access it. Integrating this in the PalmPilot form factor with a real UI would be perfect, it would allow you to manage/edit the data as well as control ACLs on it. Similar work is being done for the Palm by GNU.
The main idea though is that YOU would create the database on the card, YOU would control the access to the information and YOU would be able to tailor what information gets sent to who. You trust the device, not the card reader (for it can be easily subverted) and encrypt all stored and transmitted data. Ideally you would have encryption keys for each place you visit and want to exchange data with so that even the reader and any go-between doesn't see the plaintext.
This is a Great idea!
PS: It would also HAVE to run an Open Source, verifiably secure OS, and open, verifibly secure protocols. OpenBSD is a start.
One thing is to think in the long term, and make this a one-way mission. That solves several of your problems because they would never have to be subjected to 1G again. Mars gravity is lower so rotation on a spacecraft can be less without causing critical health problems. It also solves some of the fuel problems because you don't necessarialy need enough to go back to Earth. This kind of mission is not something to be taken lightly, obviously, and would have to come of years, nay decades, of thought an preparation.
I am all for space exploration but I have to agree with your point. I think it would be a good idea to really get the Russians on board for this one. They are used to making miracles out of virtually nothing, space probes from toothpicks-and-chewing gum, McGyver style. They could really help the economy of NASA, and it would prevent them from starving at home on the pittanc that Russia can now afford for space. In Russia every dollar that goes to space is annother teacher that doesn't get paid, a disgruntled military officer who has to beg for change, annother child who goes hungry. We have the wealth to support this, they do not.
SEX, in space, that is what we needed. We could send all the alsscan.com nymphos through astronaut training, yeah baby. I hear that an astronaut couple have already asked to be the first to shag in space "for scientific research". Yeah right, they just watched Moonraker too many times (Why wasn't there a space sex scene in the last Austin Powers movie?)
pointless rant
The entire DoD budget is only a small fraction, say 25-35%, of the Federal budget. The vast majority of money is spent on welfare, Social Security, pork-barel programs, etc. Having just come from the military I can tell you that it is not flushed with money. What money we do have we spend on deployments like Somalia, West Africa, Bosnia ($$), Iraq, and the half a dozen other places we have a military presence. There is not enough people to even do the bare minimum of work and standards have fallen as a result. Training is inadequite(sp) and support personnel are non-existant, you should see how our LAN was run--it would turn your stomach and make your skin crawl. Everyone basically has to fend for themselves.
There is a universal government tendancy to believe that they aren't spending "real money". People feel no compunction on over-spending on frivilous stuff, like decorative remodeling. The budgetary process is critically flawed as well with the (in)famous theory that you MUST spend your entire budget or the money will be taken away and next year's budget reduced. This is probably the worst possible thing.
/pointless rant
Heck, I blew that much on Public Radio. Got to make sure I have something decent to listen to on the way to work, Top-40 radio and know-nothing DJs don't cut it.
>I reject this argument for defense spending. DoD love to point at defense research spinoffs and quote the "trickle-down effect" of research. This is quite insane. Instead of investing billions into military research in the hope that a hundred million worth will trickle down to ordinary consumers, why not invest the billions in non-military research in the first place?
I disagree, I don't believe that the trickle-down effect of DoD researched tech is only worth "a hundred million", while spending is in the billions. I would argue the reverse, that spending is in the billions but the rewards are in the hundreds of billions. DoD funding is often a good excuse for hackers and geeks (TM) to develop really cool tech. Because they don't have marketroids trying to push a product out a door, it is a hackers paradise. Yes, this can be abused, the hackers can go for all cool without any redeeming substance, but this is the exception not the rule. Unlike acedemia though, there is a definate goal, a challenge to meet. What I am saying is that there are actually plusses to military research as opposed to non-military, and not an overwhelming complement of minuses.
A Mars program would require research funded in areas like closed systems ecology, recycling, energy efficiency, alternate fuels, manufacturing, materials research, telecommunications, and your basic rocketry and engineering. This tech will be almost immediately available, the companies and scientists who develop it aren't just going to sock it away in a jar in the backyard.
There's no time like the present, I see no compelling reason to procrastinate. While we don't have the knowledge or tools to do it now, we will develop the tools and hopefully learn the wisdom and there is no reason not to start. I don't see us putting a man on Mars in 10 years, like the Moon program, something a little safer and more methodical is called for. I still don't see compelling reasons not to start, the problems we have now in completing such a program will have to be solved in the creation of the program.
PS: This is great, a real Slashdot story, with real debate. I was starting to get disenchanted with the whole Slashdot experience lately. And no silly talk of statues.