I wanted a little more speed from my Columbia Data Products 50lb lugable, and swapped out the 8088 (@ 4.7mhz) for an NEC V20 (@ 8/10mhz?). It worked, and I was happy...for a week or so! (Yes, it's not overclocking...but a brain transplant. Cheap at the time too!)
> He said: "I would like to know what services states I don't live in are going to offer me."
How is his product going to be shipped -- by air drop? I bet he uses the roads in your customer's state.
My comments below are limited to the U.S.A., though I'd like to hear what other countries are doing.
I agree you have a point. It's a complex issue that likely will be handled by local politicians and beurocrats -- the people who are pressured to tax by the demands of paying for government services we do use. The higher the profile, the less likely you'll hear the politicians talk about new taxes.
Getting back to your point, do all governmential entities -- including towns and counties -- deserve a 'value added tax' for providing the physical corridor to the final customer. You can bet that's going to be one of the arguments!
The things that can't be shipped -- services -- will also be a sticking point.
We can't avoid it. There will be additional taxes to cover the actual and imaginary loss that these local governmental groups see -- and they will get thier take. The only question is when.
To avoid seeming like they are responsible for the taxes, it will not be enacted on a federal level anytime soon. Taxes will probably at the seller's site and probably at a special higher rate...under the reasoning that since the state/locality is loosing to other states they have to make it up.
Supposedly Internet sales are dwarfed by catalog sales. If this is true, why all the fuss at the moment? Is this true?
Having said that, does anyone know how the taxes are handled on catalog purchased world-wide? All I seem to see are notes on the purchase forms that say things like "if you live in X, add 6% sales tax".
You're gonna ruin the whole fun of the Internet for those who you tell these rules to.
Not necessarily true. If you want to add/comment on a specifc rule, go right ahead. "Rules are for fools to follow, and the wise to use as guides."
Who the hell is going to expect email?
You do. If you get email, it tends to follow a pattern. If you recieved a message about "NEW MONEY MAKING DEAL! $$$" from an email address you use for either chatting with a friend, or as a web site contact only, your expectations will be different.
Well, since you're posting on slashdot as a logged in user, you're obviously hypocritical on this one.
I am? That's kinda harsh.
The advice I give to others isn't detailed -- most people won't follow that. To handle/., you can either login each time or login with cookies enabled, save the necessary/. cookie, and then make the file read only.
Why not instead tell them to run something like junkbusters that'll actually let them control what cookies they want instead of just blindly and across-the-board killing them all?
I use Junkbuster. Handy tool. Most people won't go through the hassles...however minor.
Obviously we can't trust users, crackers, or corporations to keep things safe. If a service is available in the browser or the OS, it will be abused and the user -- who is responsible -- will only get confused when things go wrong. They are to blame for not doing something, but we all know they won't do anything till it's too late.
What's left? Patch the browser using a binary editor or other tools. Here are some things to do to get started. But, what to patch? (I had a list of 6 places to patch, but can't find it on this machine...maybe the one at home.)
To give you an idea, a quick check of main netscape binary (Linux) shows 200+ points where Java Script functions might be patched, let alone Java;
So, there are more valid reasons to turn off Active-X. Big surprise. The fact that a corporation -- sleezy or not -- does this is no surprise. Staples keeps sending me spam, and they should know better...there's always Office Depot!
On a practical note, here's what I keep telling the people;
1. Turn off these everywhere...
HTML (except the browser)
Java
Java Script
Active-X
VBA or macro features
Anything similar to the above
2. Cookies - Delete it and recreate a new unreadable cookies file.
3. Never open any message unless you...
Know the person sending it
Expect the message
4. Move all mail to a Spam/Suspect/Trash folder automatically if the mail doesn't pass these two rules at a minimum...
It's from a known and trusted person or mailing list
It's addressed to one of your valid mail addresses; it's not from a mailing list
5. Remove all personally identifying comments from programs that have net access (Netcape's Mail Identity page,...)
6. Don't give out your email address unless it's REALLY NECESSARY.
7. Use different email addresses for different types of mail; business, personal,....
8. If you have to give out an email address for one-time use, tag it;/. asks, use something like slashdot_yanky@hotmail.com or some such (or better yet, get your own domain and mail server...quite handy!)
The best way to handle this is a firewall with filters. Remember, Procmail For Security and good ipchain rules are your friends!
-L port:host:hostport Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side. This works by allocating a socket to listen to port on the local side, and whenever a connection is made to this port, the connection is forwarded over the secure channel, and a connection is made to host:hostport from the remote machine. Port forwardings can also be spec- ified in the configuration file. Only root can forward privileged ports.
-R port:host:hostport Specifies that the given port on the remote (server) host is to be forwarded to the given host and port on the local side. This works by allocat- ing a socket to listen to port on the remote side, and whenever a connection is made to this port, the connection is forwarded over the secure channel, and a connection is made to host:hostport from the local machine. Port forwardings can also be speci- fied in the configuration file. Privileged ports can be forwarded only when logging in as root on the remote machine.
Add tuneling, and I think your points are easily addressed.
One: Q: "Where does a wise man hide a fish?" A: "In the ocean".
If your ocean is big enough, that's wise advice...for non-digital devices, and as long as you no longer want the fish.
Two: It seems highly unlikely that NSA or (insert your favorite bogeyman here) can break correctly-used publicly available encryption with reasonable key size (e.g. >=2048 bit for public key, or >=128 bits for symmetric).
Your idea should be very effective, if done right.
Here are a set of "rules" that could be used in conjunction with a proxy to moderate a web site in a public library;
Don't filter "adult" users or younger people who have been allowed access by a parent/guardian.
Log all data retrieved from a web site.
Keyword and pattern match 'suspect' sites/pages.
Have a real, live, human check the 'suspect' pages.
If sensitive/offensive, tag the page with a set of labels and/or levels.
Submit the tags to an organization that maintains the database of all tagged sites.
Intentional mis-labeling -- to censor political views or because of excessive prudishness -- will revoke previous entries by that person in the database without review.
(The last item will give a level of checks and ballences to prevent zealous groups or individuals from forcing an agenda.)
In the case of grade school (pre-college), the students would be told that it's OK to innocently bring up a page. Since what they read will be tracked *individually*, don't do it intentionally. If a pattern of pages that deal with inappropriate content are pulled up, they can be added to the local list, submitted, and/or the *individual* can get a preverbial "note to the parrents".
The idea here is to provide an open, public, and *distributed* method of using a proxy...and one that could be taylored to "community standards" without pestering 100% of normal people.:)
Problems, gripes, call me an idiot, but it seems like this problem is not too hard to solve reasonably...without giving up all the rights the bigots want to have us give up.
OR... Windows2000 doesn't work with a bunch of games. They test this BEFORE releasing it, fix it, and don't need to put out a patch the day after release.
Ever worked on a retail product? With a deadline?
Not to defend MS too much -- I agree they should have spent more time on it -- but this is the reality of retail software projects; the deadline never slips unless even the managers can't be convinced it's 'good enough' -- and they have the nerve to say that to thier boss(es).
So there's hardware in the display to decrypt it. So what? Some of us have the ablity to pull apart the display and separate the components.
What if the commodity chips thatdrive the display also do the decoding? Unless you rip that chip apart, and can seperate it into pieces, it's not going to matter.
Having said that, there may be seperate decode/display chips in some units, but I doubt that they will be very common due to economies of scale.
Since a normal program in the Unix world uses files as input, output, status, as well as storage (/dev/lp0,/proc/sound, even/dev/null and in-memory kernel structures...), the fact that DeCSS dumps things to files doesn't matter. Any normal program does that.
Additionally, if the source were available under GPL, it could be modified for any use...good or bad...and make no mistake making *personal* backups is a good use.
Slashdot Mirror
I wanted a little more speed from my Columbia Data Products 50lb lugable, and swapped out the 8088 (@ 4.7mhz) for an NEC V20 (@ 8/10mhz?). It worked, and I was happy...for a week or so! (Yes, it's not overclocking...but a brain transplant. Cheap at the time too!)
> He said: "I would like to know what services states I don't live in are going to offer me."
How is his product going to be shipped -- by air drop? I bet he uses the roads in your customer's state.
My comments below are limited to the U.S.A., though I'd like to hear what other countries are doing.
I agree you have a point. It's a complex issue that likely will be handled by local politicians and beurocrats -- the people who are pressured to tax by the demands of paying for government services we do use. The higher the profile, the less likely you'll hear the politicians talk about new taxes.
Getting back to your point, do all governmential entities -- including towns and counties -- deserve a 'value added tax' for providing the physical corridor to the final customer. You can bet that's going to be one of the arguments!
The things that can't be shipped -- services -- will also be a sticking point.
We can't avoid it. There will be additional taxes to cover the actual and imaginary loss that these local governmental groups see -- and they will get thier take. The only question is when.
To avoid seeming like they are responsible for the taxes, it will not be enacted on a federal level anytime soon. Taxes will probably at the seller's site and probably at a special higher rate...under the reasoning that since the state/locality is loosing to other states they have to make it up.
Supposedly Internet sales are dwarfed by catalog sales. If this is true, why all the fuss at the moment? Is this true?
Having said that, does anyone know how the taxes are handled on catalog purchased world-wide? All I seem to see are notes on the purchase forms that say things like "if you live in X, add 6% sales tax".
You're gonna ruin the whole fun of the Internet for those who you tell these rules to.
Not necessarily true. If you want to add/comment on a specifc rule, go right ahead. "Rules are for fools to follow, and the wise to use as guides."
Who the hell is going to expect email?
You do. If you get email, it tends to follow a pattern. If you recieved a message about "NEW MONEY MAKING DEAL! $$$" from an email address you use for either chatting with a friend, or as a web site contact only, your expectations will be different.
[rest of rant deleted]
Is this necessary?
Well, since you're posting on slashdot as a logged in user, you're obviously hypocritical on this one.
I am? That's kinda harsh.
The advice I give to others isn't detailed -- most people won't follow that. To handle /., you can either login each time or login with cookies enabled, save the necessary /. cookie, and then make the file read only.
Why not instead tell them to run something like junkbusters that'll actually let them control what cookies they want instead of just blindly and across-the-board killing them all?
I use Junkbuster. Handy tool. Most people won't go through the hassles...however minor.
Obviously we can't trust users, crackers, or corporations to keep things safe. If a service is available in the browser or the OS, it will be abused and the user -- who is responsible -- will only get confused when things go wrong. They are to blame for not doing something, but we all know they won't do anything till it's too late.
What's left? Patch the browser using a binary editor or other tools. Here are some things to do to get started. But, what to patch? (I had a list of 6 places to patch, but can't find it on this machine...maybe the one at home.)
To give you an idea, a quick check of main netscape binary (Linux) shows 200+ points where Java Script functions might be patched, let alone Java;
strings netscape | grep "JS_" | wc -l
On a practical note, here's what I keep telling the people;
1. Turn off these everywhere...
HTML (except the browser)
Java
Java Script
Active-X
VBA or macro features
Anything similar to the above
2. Cookies - Delete it and recreate a new unreadable cookies file.
3. Never open any message unless you...
Know the person sending it
Expect the message
4. Move all mail to a Spam/Suspect/Trash folder automatically if the mail doesn't pass these two rules at a minimum...
It's from a known and trusted person or mailing list
It's addressed to one of your valid mail addresses; it's not from a mailing list
5. Remove all personally identifying comments from programs that have net access (Netcape's Mail Identity page, ...)
6. Don't give out your email address unless it's REALLY NECESSARY.
7. Use different email addresses for different types of mail; business, personal, ....
8. If you have to give out an email address for one-time use, tag it; /. asks, use something like slashdot_yanky@hotmail.com or some such (or better yet, get your own domain and mail server...quite handy!)
The best way to handle this is a firewall with filters. Remember, Procmail For Security and good ipchain rules are your friends!
#man ssh
-L port:host:hostport
Specifies that the given port on the local (client)
host is to be forwarded to the given host and port
on the remote side. This works by allocating a
socket to listen to port on the local side, and
whenever a connection is made to this port, the
connection is forwarded over the secure channel,
and a connection is made to host:hostport from the
remote machine. Port forwardings can also be spec-
ified in the configuration file. Only root can
forward privileged ports.
-R port:host:hostport
Specifies that the given port on the remote
(server) host is to be forwarded to the given host
and port on the local side. This works by allocat-
ing a socket to listen to port on the remote side,
and whenever a connection is made to this port, the
connection is forwarded over the secure channel,
and a connection is made to host:hostport from the
local machine. Port forwardings can also be speci-
fied in the configuration file. Privileged ports
can be forwarded only when logging in as root on
the remote machine.
Add tuneling, and I think your points are easily addressed.
One: Q: "Where does a wise man hide a fish?" A: "In the ocean".
If your ocean is big enough, that's wise advice...for non-digital devices, and as long as you no longer want the fish.
Two: It seems highly unlikely that NSA or (insert your favorite bogeyman here) can break correctly-used publicly available encryption with reasonable key size (e.g. >=2048 bit for public key, or >=128 bits for symmetric).
Agreed...for now.... :)
It's not a mirror of the same thing; from what little I was able to read from the original link, the two aren't even similar.
Can two different video cards be used in multi-headed mode?
How many video cards can be used in the same system?
Your idea should be very effective, if done right.
Here are a set of "rules" that could be used in conjunction with a proxy to moderate a web site in a public library;
Don't filter "adult" users or younger people who have been allowed access by a parent/guardian.
Log all data retrieved from a web site.
Keyword and pattern match 'suspect' sites/pages.
Have a real, live, human check the 'suspect' pages.
If sensitive/offensive, tag the page with a set of labels and/or levels.
Submit the tags to an organization that maintains the database of all tagged sites.
Intentional mis-labeling -- to censor political views or because of excessive prudishness -- will revoke previous entries by that person in the database without review.
(The last item will give a level of checks and ballences to prevent zealous groups or individuals from forcing an agenda.)
In the case of grade school (pre-college), the students would be told that it's OK to innocently bring up a page. Since what they read will be tracked *individually*, don't do it intentionally. If a pattern of pages that deal with inappropriate content are pulled up, they can be added to the local list, submitted, and/or the *individual* can get a preverbial "note to the parrents".
The idea here is to provide an open, public, and *distributed* method of using a proxy...and one that could be taylored to "community standards" without pestering 100% of normal people. :)
Problems, gripes, call me an idiot, but it seems like this problem is not too hard to solve reasonably...without giving up all the rights the bigots want to have us give up.
OR... Windows2000 doesn't work with a bunch of games. They test this BEFORE releasing it, fix it, and don't need to put out a patch the day after release.
Ever worked on a retail product? With a deadline?
Not to defend MS too much -- I agree they should have spent more time on it -- but this is the reality of retail software projects; the deadline never slips unless even the managers can't be convinced it's 'good enough' -- and they have the nerve to say that to thier boss(es).
So there's hardware in the display to decrypt it. So what? Some of us have the ablity to pull apart the display and separate the components.
What if the commodity chips thatdrive the display also do the decoding? Unless you rip that chip apart, and can seperate it into pieces, it's not going to matter.
Having said that, there may be seperate decode/display chips in some units, but I doubt that they will be very common due to economies of scale.
...he's the first person I've seen posting that gets it.
As for 'encrypting to the speakers' can you say 'DVD-Audio'?
OpenBIOS including link to 'Linux BIOS'
Since a normal program in the Unix world uses files as input, output, status, as well as storage (/dev/lp0, /proc/sound, even /dev/null and in-memory kernel structures...), the fact that DeCSS dumps things to files doesn't matter. Any normal program does that.
Additionally, if the source were available under GPL, it could be modified for any use...good or bad...and make no mistake making *personal* backups is a good use.