First, I don't have any children. Second, trust but verify. Children make mistakes - that's how they learn. As their parent and legal guardian, it's my job to minimize the impact of those mistakes and hopefully help them learn. Third, when my children start paying for the Internet connection which, by the way, is not a necessity, then they'll have the right to decide how they're going to use it. I pay for it, so I get to set and enforce the ground rules.
I'm not saying spy on their every move, but if I see little Johnny running off to the hate speech sites or little Jenny running off to findasugardaddy.com, I have a vested interest in what is going on. It would be bad parenting of me not to find out.
you can get your connection hijacked by only one party at a given time
Buh? Follow the bouncing ball here, kids:
Crime syndicate wants to get into the online fraud business but doesn't want to be directly involved in the actual identity theft. Sets up a man-in-the-middle network, MitM's self-signed certificates. Backhauls this connection into a private network where they charge for access to information for a fee. Criminals sign up and syphon this information for their own use. It's known good! Crime syndicate walks away with millions of dollars Criminals have known good information Your information, credit, and bank accounts have been compromised. Simply because you wanted four less clicks in your browser.
Repeat after me the holy incantation: Security is not a checkbox, it is a process. Security is not absolute. Security is only as good as the weakest chain. Encryption protects payload to whomever has the key. Authentication tells me who I am talking to. Without encryption, anyone can see my data in the clear. Without authentication, anyone can see my data by tricking me with a fake key. I will verify my endpoints and their keys. I will complain when I cannot do so. Woe be to any man who does not do so as first connect may bring the wrath of MitM. It doesn't matter how scrambled my bits are if the bad guys can unscramble them. It's twice as bad when my software lies to me and gives me the illusion of security. Heed the advice of the Prophet Schneier!
it is easy to be indignant and force stuff upon people, saying 'it is the right thing', while working on an open source project part time, from a secure, corporate level information technology job.
In all seriousness, fuck you. No, really, fuck you. I am a graduate student. My only support comes from the part time job that I have to pay my tuition and my bills, and a grant for my research. I research computer security. To say what you have said shows zero understanding of computer security, encryption, user behavior, and accountability. Go suck a big fat one. </flame>
'security professionals' do not build the web, or do they constitute the market, or the people.
This is the ultimate problem with your post. Before I tear it a new asshole (and I'm going to tear it a new asshole - nothing personal, but I hate posts that masquerade ignorance as wisdom), know that the reason that Mozilla is doing this is because security professionals, by and large, do not build the web and are not the majority of the people. This is why they are so picky about security. I have spoken to security professionals and the overwhelming consensus is that accepting self-signed certificates by default is bad. Very bad. Break the whole security and user trust in SSL bad. If user trust in SSL is broken, then we have ultimately failed.
there are a LOT of community websites (that cater to thousands of people, the smallest one), small businesses, their customers, vpn users, a lot of people that are going to be hurt by this overly self righteous move.
Community websites can walk users through installing the proper certificate instead of relying on users to override a secure default for certificates. They can teach the users about the importance of verifying certificate fingerprints (to avoid a man-in-the middle). If they release software, they can bundle their certificate with the software. If there are small businesses, they can install their CA on their user's machines. This then becomes a non-issue. In a secure setup, these entities will generate a self-signed root CA certificate (like any other CA), push that to their users, and then sign the certificate for their website with this CA certificate (thus providing the ability to revoke the encrypting certificate should it become compromised and allow certificate updates/refreshes completely hands-off of the client). <flame mode="on">If you knew anything about SSL, anything at all, you would know this. Instead you assume, and make yourself look like the twit you are. Users hurt by this policy? It's the same policy (a bit more stringent, but the same policy) that the other browsers have.</flame>
one thinks it seems right for you, and therefore it is probably right for others. of course, all the while clueless about how many people, businesses, organizations and communities use self signed certs throughout the web, just because their isolated position.
If they used the certificates securely, understood how SSL worked, and did research, this would be a non-issue. I am not clueless about how people use SSL. I am saying that they are using it wrong, and Mozilla is doing the right thing here. Here's a roadmap for anyone who cares to learn about how to do this properly:
Talk to someone who understands SSL, preferably a reputable security professional. I can't speak for the rest of my profession, but I do a first consultation for free because I feel that it's my responsibility as a professional to make sure that people, non-profits, and small businesses are just as secure as the big boys.
They will tell you the pros and cons of going with a CA that is trusted by the OS and by the browser by default. They do not, generally, get a kickback for this. They are doing their job. Consider CAcert. It's
For this problem to be solved, the most popular F/OSS browser(s) must accept self-signed certificates. If Mozilla is unwilling to change their policies, it would be worth the effort of trying to create a *more popular* fork with full SSL functionality.
This shows a lacking understanding of computer security practice. Self-signed certificates are something that 90% of users need to be wary of because if you allow them by default, phishing sites will use them to their advantage and steal data, and Mozilla will be blamed for it because they'd be the only one to not warn about self-signed certificates. This is why people are warned and this is why there's already and override procedure in place so if you're one of the 10% of the users impacted by it, you can work around it.
This article seems like an attempt to insert drama where recognized security professionals already have agreed that this is best practice. Wait until CAcert is in Mozilla, and if it gets special treatment by not being treated the same as all of the other CAs, then you'll have something.
If the purpose of the Firehose is to vet articles, it's not doing a good job.
We pay Russian Licensing Societies [ed: ROMS and FAIR, the societies authorized under Russian law to grant rights to use intellectual property for the industry that they were established, regardless of the copyright holder's approval of these societies to do so - ROMS and FAIR are for music, see the AllOfMP3 FAQ for more] 15% for all music. The Russian Licensing Societies will in turn pay the copyright owners, not necessarily the artists. Despite no legal requirement to do so, we are currently considering paying original performing artists 5%, regardless of who owns the copyright to the underlying work.
They follow the laws as required in Russia when it comes to compensating copyright holders for their work. Now, about the music industry's refusal to accept payments from ROMS:
IFPI refused to receive money from the Russian royalty collecting entity ROMS (Russian Organization on Collective Management of Rights of Authors and Other Rightholders in Multimedia, Digital Networks & Visual Arts). Although ROMS operates within the law, IFPI insists that the only entity which could act on behalf of the labels and other rightholders and collect royalties is the Russian branch of IFPI (RPA - Russian Phonographic Association) and refuses to accept anything from ROMS.
Therefore, if they claim that they're not getting a cut from AllOfMP3, then they don't understand Russian law or are lying.
I go with AllOfMP3, now under a new name (that we dare not speak!). They offer all music in MP3 format using LAME or bladeenc in CBR or VBR modes. They offer a lot of music (I'd say about 35-40% on average for the stuff I listen to and 100% of the new stuff they add) in FLAC, Monkey's Audio, MPC, WMA, Ogg Vorbis, MP3, raw WAV, and probably a few formats that I'm forgetting. It's all DRM free, and $0.02/MB for downloading. Oh, and it works on any OS with a web browser that accepts cookies, and works outside of the United States. (Pair Firefox with DownThemAll for the downloads page and you've got your music downloading app.)
IANAL, but from what I've read they're legal in the US (they pay their licensing body fees). They're good, and the content industry hates them. They tried to pay the artists, but the body representing the artists rejected it.
Senator Obama:
Because of the miserable failure that George W Bush has been, I have been placing the candidates for this presidential election under strict scrutiny. Until yesterday, I was proud to tell my friends that I supported Barack Obama for President of the United States. Now, I fear that my interests and your interests are not aligned and I can no longer lend you my support.
Yesterday, while you did vote for the Dodd amendment, you failed to support a filibuster, and you failed to vote against the revised FISA bill that does for the telecom companies who have implemented surveillance against the American people what Gerald Ford did for Nixon.
Being President of the United States means sometimes taking an unpopular stance on an issue despite the outcry of the public. It sometimes means thinking in the long term instead of the short, 24-hour sound-bite news cycle. What you have done today is embolden the elements of the government that tapped Dr. Martin Luther King, Jr. and handed them a fresh set of excuses to listen to the phone calls and Internet traffic of the American people.
Maybe things work differently in Washington. Maybe the FBI, CIA, NSA, and the president have sworn to Representatives and Senators not to listen to their calls. Maybe the Republicans have sworn to the Democrats not to sabotage them like in the '70s during Watergate. Out in America, away from the halls of power, what protection does the citizen have against those who would gladly violate their expectation of privacy? Might I remind you that the president that suggested this bill also lied to start a war, approved the torture of innocent civilians, and believes himself to be above the law.
What you did today was sell The People down the river for political capital. I hope you are proud of yourself. I am not proud of you. You are no different than any other politician, using the politics of fear to get what you want. The only sort of Hope you offer is False Hope - the worst kind because by the time it is identified as such, it is too late.
A humble citizen,
MasterOfMagic (I put my actual name, but I'm not going to post it here)
Or would you trust the guy in the truck because he showed you a self-signed document saying: "I am authorised to do what I'm doing. Signed: me."
The Internet is not something that you just dump something on! It's not a big truck! It's a series of tubes! Ever see those tubes at the bank! It has to be safe!
No, he's just not upgrading until all of the pieces are there instead of half-assing it. The "authors" he's talking about are the authors of the extensions, so it looks like he's being reasonable about this. It is the fault of the authors of extensions that their extensions don't work in Firefox 3. Nowhere does he blame the Firefox devs for this.
If you have root access on a Linux machine, they can't do anything short of removing your physical workstation to keep you from installing, or even compiling, your own software. I think the NSA would disagree with you...
Anyone who compares a company like Virgin to the Nazi war machine is someone who has lost perspective.
There's a difference between Virgin cutting off your Internet connection and fascism. If Virgin cuts off your Internet connection, you do (in the UK) have other options. If they cut off enough people because this is as widespread as thought, then those people can band together and start their own ISP. That is the nature of free enterprise. Or, if you're smart, you use a VPN or encryption when you pull down your copyright infringing tracks. Encryption is not outlawed, and if they have massive numbers of their customers canceling, refusing to use Virgin branded services, and writing a letter informing the company as to why, this policy could go away quickly. Again, I agree that this is bad, and action must be taken to prevent other ISPs from doing this. Punishing ISPs by canceling service is a good way. Writing letters is a good way. Comparing Virgin to Nazis lets Virgin portray its opponents not as level-headed, logically minded people, but rabid loonies with an agenda to push and things to hide.
In governments controlled by fascists, the people aren't able to band together and change the government. People who try to change it get slaughtered. You do a disservice to those who work to bring change in such repressive regimes by comparing getting booted because you couldn't avoid downloading the latest Christina Agulara track after two warnings to being brutally slaughtered and buried in a mass grave in the middle of nowhere because you wanted to speak your mind. You look like a fool by comparing not being able to check Slashdot to being exterminated in Auschwitz.
I don't need a lecture from you on perspective, thank you very much. With all due respect, you still have much to learn from your father.
Virgin's Nazi-esque You were winning up until here. Now you have lost. Seriously, brutally repressing people, murdering them by the millions, starting wars of aggression with your neighbors, and wreaking havoc and destruction all over the world is the same as disconnecting somebody because they are suspected of violating copyright? Wow, talk about loss of perspective.
I agree with the rest of your points: Virgin shouldn't do this (though they're servicing the UK, so it's legal, and even if they were doing this in the US, they're not acting as an agent of the state so this would likely pass Constitutional muster), people should switch providers, and they should send a message to the company by canceling all of their services and writing letters explaining why they're canceling their service.
Then show me. Show me the evidence. See, logic and arguments work where the person advocating the point of view has to demonstrate to someone unconvinced that they are right. They do this by appealing to logic and evidence. I understand your logic, but I am unconvinced. Show me your evidence, and you might just convince me.
Bonus: captcha word is 'quixotic', as in tilting at windmills.
It's not that much more difficult to build a computer on your own. You get to pick the parts which means you can build Linux compatibility. You don't have to pay for Windows. It's really that simple.
No, the reasoning is just fine. According to the story, God punished Onan for not having sex with his sister-in-law. That's not in dispute here. What is in dispute is whether God can create life. If God can create life absent sex (which Christians must believe to be Christian, otherwise they can't believe in Jesus), why would God need to have a meat-puppet do His bidding?
The Christian belief is that God and only God can grant life or take it.
I appreciate Christians calling my penis and my girlfriend's womb along with my shotgun "God". It's a real ego boost. Excuse us while we go and enjoy some coitus instead of this overly religious and anti-intellectual wankfest.
Entitlement Complex in Open Source Software
on
X Power Tools
·
· Score: 3, Insightful
Then hire (and more importantly pay) a mechanic to fix it. A mechanic doesn't do what he does out of the goodness of his heart and because he likes other people. He wouldn't be able to pay his bills if he did that. You are not entitled to free car service just because you are you, just like you are not entitled to free and open source software changes on your whim.
If you know him personally or if it's a side project or it interests him enough, he may do it for free. That's his choice as to how to spend his time. However, the vast majority of programmers in the open source community think that X works. They aren't interested in pursuing an alternative, at least not for free. I'll bet if you offer to pay their salary, their interest would be piqued. I'll bet if you had the skills to write one on your own, you could do it and attract some mindshare. Now, and this is key, sitting around on Slashdot and bitching about it won't solve the problem.
Do it yourself because you are interested, hire someone else to do it, or accept that the vast majority of open source development is done because it's in the best interests of the person working on a particular project, and right now, the consensus amongst open source developers is that the X Window System works.
To rebuild a Debian package from a source (as opposed to a binary) repository: apt-get source <pacakge-name> cd <pacakge-dir indicated in the output from apt-get source> dpkg-buildpackage -rfakeroot
Done. The process will spit out a deb you can install with dpkg. There are a few open source projects (mplayer, vlc, quakeforge) that add the debian directory in their mainline source. After extracting a source tarball from them, you can run this command in the root of their source tree and get.debs.
This has the nice benefit of also checking to see if you have the proper build dependencies to build the package as the package creator saw fit. You can hack the debian/rules and debian/control file to customize how the package is built (debian/rules is a shell script and debian/control follows a standard format). You can override this dependency check with a command line switch to dpkg-buildpacakge.
Some of us "little bastards" had teachers and school districts that thought learning was more important than technology. We did have computers in school as kids, but they were for one thing and one thing only - typing up assignments. That was the extent that my elementary and high school educated the school body about computers, and yes, our library had card catalog drawers. I still use them whenever they're present at the libraries I go to.
More on point, I agree with your general conclusion - things are good now and technology only buys you so much. Who cares if you can search an encyclopedia a millisecond faster? When the vast majority of computer time is spent on email and word processing and web browsing, how much computer power do you really need? If a story is compelling, how many pixels do you need to convey this? Can you do it in text and let someone's imagination take over, or do you need 4x anti-aliased 1080p graphics to make it compelling?
The increases in computing power right now buy us UI improvements and make things easier for the user, a field that computer scientists pawned off on human-interaction specialists. What we need is a breakthrough on the computer science side of the fence. The problem here is that genuinely new ideas are hard to synthesize. The low hanging fruit (though I hate to call the last 60 years of computer science that) has been picked. We need a Copernicus, a Galileo, a Da Vinci, and a Isaac Newton to help us go on any further. We need someone to stand on the shoulders of giants. Unfortunately, software patents have stunted our intellectual growth in ways that will probably make our grandchildren shudder.
KP and ST were needed for sentinel values due to the in-band signaling nature of the old MF long distance system. KP1 is not key punch, but key pulse. You send it after a supervision wink before you enter routing codes or destination numbers. Very important if you wanted to get into the art of tandem stacking or if you wanted to do anything with a bluebox at all. After putting in the routing codes or destination number, you would send ST.
There were two KPs, KP1 and KP2. KP1 was used for making domestic calls. KP2 was for international calls.
Slashdot Mirror
First, I don't have any children. Second, trust but verify. Children make mistakes - that's how they learn. As their parent and legal guardian, it's my job to minimize the impact of those mistakes and hopefully help them learn. Third, when my children start paying for the Internet connection which, by the way, is not a necessity, then they'll have the right to decide how they're going to use it. I pay for it, so I get to set and enforce the ground rules.
I'm not saying spy on their every move, but if I see little Johnny running off to the hate speech sites or little Jenny running off to findasugardaddy.com, I have a vested interest in what is going on. It would be bad parenting of me not to find out.
Defcon is wonderful, and it's by the same people that do Uplink and Darwinia, and like their other games, comes in Windows, Mac, and Linux versions.
you can get your connection hijacked by only one party at a given time
Buh? Follow the bouncing ball here, kids:
Crime syndicate wants to get into the online fraud business but doesn't want to be directly involved in the actual identity theft.
Sets up a man-in-the-middle network, MitM's self-signed certificates.
Backhauls this connection into a private network where they charge for access to information for a fee.
Criminals sign up and syphon this information for their own use. It's known good!
Crime syndicate walks away with millions of dollars
Criminals have known good information
Your information, credit, and bank accounts have been compromised.
Simply because you wanted four less clicks in your browser.
Repeat after me the holy incantation:
Security is not a checkbox, it is a process.
Security is not absolute.
Security is only as good as the weakest chain.
Encryption protects payload to whomever has the key.
Authentication tells me who I am talking to.
Without encryption, anyone can see my data in the clear.
Without authentication, anyone can see my data by tricking me with a fake key.
I will verify my endpoints and their keys. I will complain when I cannot do so.
Woe be to any man who does not do so as first connect may bring the wrath of MitM.
It doesn't matter how scrambled my bits are if the bad guys can unscramble them.
It's twice as bad when my software lies to me and gives me the illusion of security.
Heed the advice of the Prophet Schneier!
Thank you, I'll be here all day.
<flame mode="on">
In all seriousness, fuck you. No, really, fuck you. I am a graduate student. My only support comes from the part time job that I have to pay my tuition and my bills, and a grant for my research. I research computer security. To say what you have said shows zero understanding of computer security, encryption, user behavior, and accountability. Go suck a big fat one.
</flame>
This is the ultimate problem with your post. Before I tear it a new asshole (and I'm going to tear it a new asshole - nothing personal, but I hate posts that masquerade ignorance as wisdom), know that the reason that Mozilla is doing this is because security professionals, by and large, do not build the web and are not the majority of the people. This is why they are so picky about security. I have spoken to security professionals and the overwhelming consensus is that accepting self-signed certificates by default is bad. Very bad. Break the whole security and user trust in SSL bad. If user trust in SSL is broken, then we have ultimately failed.
Community websites can walk users through installing the proper certificate instead of relying on users to override a secure default for certificates. They can teach the users about the importance of verifying certificate fingerprints (to avoid a man-in-the middle). If they release software, they can bundle their certificate with the software. If there are small businesses, they can install their CA on their user's machines. This then becomes a non-issue. In a secure setup, these entities will generate a self-signed root CA certificate (like any other CA), push that to their users, and then sign the certificate for their website with this CA certificate (thus providing the ability to revoke the encrypting certificate should it become compromised and allow certificate updates/refreshes completely hands-off of the client). <flame mode="on">If you knew anything about SSL, anything at all, you would know this. Instead you assume, and make yourself look like the twit you are. Users hurt by this policy? It's the same policy (a bit more stringent, but the same policy) that the other browsers have.</flame>
If they used the certificates securely, understood how SSL worked, and did research, this would be a non-issue. I am not clueless about how people use SSL. I am saying that they are using it wrong, and Mozilla is doing the right thing here. Here's a roadmap for anyone who cares to learn about how to do this properly:
As mentioned on the Firehose comments page about this article (http://tech.slashdot.org/comments.pl?sid=634651&cid=24461415):
If the purpose of the Firehose is to vet articles, it's not doing a good job.
From their website:
They follow the laws as required in Russia when it comes to compensating copyright holders for their work. Now, about the music industry's refusal to accept payments from ROMS:
Therefore, if they claim that they're not getting a cut from AllOfMP3, then they don't understand Russian law or are lying.
I go with AllOfMP3, now under a new name (that we dare not speak!). They offer all music in MP3 format using LAME or bladeenc in CBR or VBR modes. They offer a lot of music (I'd say about 35-40% on average for the stuff I listen to and 100% of the new stuff they add) in FLAC, Monkey's Audio, MPC, WMA, Ogg Vorbis, MP3, raw WAV, and probably a few formats that I'm forgetting. It's all DRM free, and $0.02/MB for downloading. Oh, and it works on any OS with a web browser that accepts cookies, and works outside of the United States. (Pair Firefox with DownThemAll for the downloads page and you've got your music downloading app.)
IANAL, but from what I've read they're legal in the US (they pay their licensing body fees). They're good, and the content industry hates them. They tried to pay the artists, but the body representing the artists rejected it.
Senator Obama: Because of the miserable failure that George W Bush has been, I have been placing the candidates for this presidential election under strict scrutiny. Until yesterday, I was proud to tell my friends that I supported Barack Obama for President of the United States. Now, I fear that my interests and your interests are not aligned and I can no longer lend you my support. Yesterday, while you did vote for the Dodd amendment, you failed to support a filibuster, and you failed to vote against the revised FISA bill that does for the telecom companies who have implemented surveillance against the American people what Gerald Ford did for Nixon. Being President of the United States means sometimes taking an unpopular stance on an issue despite the outcry of the public. It sometimes means thinking in the long term instead of the short, 24-hour sound-bite news cycle. What you have done today is embolden the elements of the government that tapped Dr. Martin Luther King, Jr. and handed them a fresh set of excuses to listen to the phone calls and Internet traffic of the American people. Maybe things work differently in Washington. Maybe the FBI, CIA, NSA, and the president have sworn to Representatives and Senators not to listen to their calls. Maybe the Republicans have sworn to the Democrats not to sabotage them like in the '70s during Watergate. Out in America, away from the halls of power, what protection does the citizen have against those who would gladly violate their expectation of privacy? Might I remind you that the president that suggested this bill also lied to start a war, approved the torture of innocent civilians, and believes himself to be above the law. What you did today was sell The People down the river for political capital. I hope you are proud of yourself. I am not proud of you. You are no different than any other politician, using the politics of fear to get what you want. The only sort of Hope you offer is False Hope - the worst kind because by the time it is identified as such, it is too late. A humble citizen, MasterOfMagic (I put my actual name, but I'm not going to post it here)
No, he's just not upgrading until all of the pieces are there instead of half-assing it. The "authors" he's talking about are the authors of the extensions, so it looks like he's being reasonable about this. It is the fault of the authors of extensions that their extensions don't work in Firefox 3. Nowhere does he blame the Firefox devs for this.
NewYorkCountryLawyer has been kidnapped by RIAA ninjas.
Are you a bad enough dude to rescue NewYorkCountryLawyer?
There's a difference between Virgin cutting off your Internet connection and fascism. If Virgin cuts off your Internet connection, you do (in the UK) have other options. If they cut off enough people because this is as widespread as thought, then those people can band together and start their own ISP. That is the nature of free enterprise. Or, if you're smart, you use a VPN or encryption when you pull down your copyright infringing tracks. Encryption is not outlawed, and if they have massive numbers of their customers canceling, refusing to use Virgin branded services, and writing a letter informing the company as to why, this policy could go away quickly. Again, I agree that this is bad, and action must be taken to prevent other ISPs from doing this. Punishing ISPs by canceling service is a good way. Writing letters is a good way. Comparing Virgin to Nazis lets Virgin portray its opponents not as level-headed, logically minded people, but rabid loonies with an agenda to push and things to hide.
In governments controlled by fascists, the people aren't able to band together and change the government. People who try to change it get slaughtered. You do a disservice to those who work to bring change in such repressive regimes by comparing getting booted because you couldn't avoid downloading the latest Christina Agulara track after two warnings to being brutally slaughtered and buried in a mass grave in the middle of nowhere because you wanted to speak your mind. You look like a fool by comparing not being able to check Slashdot to being exterminated in Auschwitz. I don't need a lecture from you on perspective, thank you very much. With all due respect, you still have much to learn from your father.
Seriously, brutally repressing people, murdering them by the millions, starting wars of aggression with your neighbors, and wreaking havoc and destruction all over the world is the same as disconnecting somebody because they are suspected of violating copyright? Wow, talk about loss of perspective.
I agree with the rest of your points: Virgin shouldn't do this (though they're servicing the UK, so it's legal, and even if they were doing this in the US, they're not acting as an agent of the state so this would likely pass Constitutional muster), people should switch providers, and they should send a message to the company by canceling all of their services and writing letters explaining why they're canceling their service.
Then show me. Show me the evidence. See, logic and arguments work where the person advocating the point of view has to demonstrate to someone unconvinced that they are right. They do this by appealing to logic and evidence. I understand your logic, but I am unconvinced. Show me your evidence, and you might just convince me. Bonus: captcha word is 'quixotic', as in tilting at windmills.
This one has screaming Linux fangirls and fanboys throwing their panties and bras on stage at your feet. And something about going to 11. Petrified.
It's not that much more difficult to build a computer on your own. You get to pick the parts which means you can build Linux compatibility. You don't have to pay for Windows. It's really that simple.
No, but your winner for thinking of it first.
I'm old-school. Thinnet for me, thanks.
but what if I like bondage? What would the Internet be without a little (okay, well, a lot) of bondage?!
Then hire (and more importantly pay) a mechanic to fix it. A mechanic doesn't do what he does out of the goodness of his heart and because he likes other people. He wouldn't be able to pay his bills if he did that. You are not entitled to free car service just because you are you, just like you are not entitled to free and open source software changes on your whim.
If you know him personally or if it's a side project or it interests him enough, he may do it for free. That's his choice as to how to spend his time. However, the vast majority of programmers in the open source community think that X works. They aren't interested in pursuing an alternative, at least not for free. I'll bet if you offer to pay their salary, their interest would be piqued. I'll bet if you had the skills to write one on your own, you could do it and attract some mindshare. Now, and this is key, sitting around on Slashdot and bitching about it won't solve the problem.
Do it yourself because you are interested, hire someone else to do it, or accept that the vast majority of open source development is done because it's in the best interests of the person working on a particular project, and right now, the consensus amongst open source developers is that the X Window System works.
To rebuild a Debian package from a source (as opposed to a binary) repository:
.debs.
apt-get source <pacakge-name>
cd <pacakge-dir indicated in the output from apt-get source>
dpkg-buildpackage -rfakeroot
Done. The process will spit out a deb you can install with dpkg. There are a few open source projects (mplayer, vlc, quakeforge) that add the debian directory in their mainline source. After extracting a source tarball from them, you can run this command in the root of their source tree and get
This has the nice benefit of also checking to see if you have the proper build dependencies to build the package as the package creator saw fit. You can hack the debian/rules and debian/control file to customize how the package is built (debian/rules is a shell script and debian/control follows a standard format). You can override this dependency check with a command line switch to dpkg-buildpacakge.
Some of us "little bastards" had teachers and school districts that thought learning was more important than technology. We did have computers in school as kids, but they were for one thing and one thing only - typing up assignments. That was the extent that my elementary and high school educated the school body about computers, and yes, our library had card catalog drawers. I still use them whenever they're present at the libraries I go to.
More on point, I agree with your general conclusion - things are good now and technology only buys you so much. Who cares if you can search an encyclopedia a millisecond faster? When the vast majority of computer time is spent on email and word processing and web browsing, how much computer power do you really need? If a story is compelling, how many pixels do you need to convey this? Can you do it in text and let someone's imagination take over, or do you need 4x anti-aliased 1080p graphics to make it compelling?
The increases in computing power right now buy us UI improvements and make things easier for the user, a field that computer scientists pawned off on human-interaction specialists. What we need is a breakthrough on the computer science side of the fence. The problem here is that genuinely new ideas are hard to synthesize. The low hanging fruit (though I hate to call the last 60 years of computer science that) has been picked. We need a Copernicus, a Galileo, a Da Vinci, and a Isaac Newton to help us go on any further. We need someone to stand on the shoulders of giants. Unfortunately, software patents have stunted our intellectual growth in ways that will probably make our grandchildren shudder.
KP and ST were needed for sentinel values due to the in-band signaling nature of the old MF long distance system. KP1 is not key punch, but key pulse. You send it after a supervision wink before you enter routing codes or destination numbers. Very important if you wanted to get into the art of tandem stacking or if you wanted to do anything with a bluebox at all. After putting in the routing codes or destination number, you would send ST.
There were two KPs, KP1 and KP2. KP1 was used for making domestic calls. KP2 was for international calls.