especially that there are laws on the books, copies of which average citizens may not posess
Not my assertion, but how about John Gilmore's efforts to reveal the Show ID to Fly requirement that apparently is a law we're not allowed to see. Bearing in mind that it's quite easy for conspiracy theorists to purport nonexistant secret laws, this at least has the appearance of one that does.
As for barring reading of laws to be voted on, I cannot cite a blatent example of such. However, the Patriot Act was voted on several hours after a new version was printed (running several hundred pages). It is not clear that there was full understanding of the updated text prior to the vote (this is still a subject of debate).
All that would give Linux a clearance comparable to the old B2 or B1 levels, which would be more than adequate for most classified networks.
Erm, TCSEC (Orange Book) applies to stand-alone computers only. Once it's connected to a network, the rating no longer applies. The Red book covers networking. Both have been superceeded by the Common Critera, which can address a computer in a networked environment.
What if you were to do all the above, and then do a line-by-line full coding audit with formal validation? IBM has something like 10,000 Linux coders. There are 50,000,000 lines of code. Assuming you could do the audit at no more than 10 lines a day, it would take 100 days to audit the kernel to this degree. For a real bare-bones box, it would probably take about the same to do the user-space stuff.
Unfortunately, IBM is not a certified evaluation lab (CCTL), so the 10,000 Linux folks would not be able to conduct such a source code audit. The main reason that such reviews have not been done is the incredible cost of the undertaking. For commercial products like Solaris, there is a vendor with a stake who will pay for it. For Linux, no one had stepped up to do so.
Parts are one thing, but I'm always stretched looking for test equipment. Scopes, probes, meters, function generators, etc. That's the stuff that really burns the budget, and takes up SPACE.
In our haste to lambaste anything that Microsoft does, and any kind of DRM initiative, let's look a little closer at this rumored proposal.
Microsoft appears to have offered DRM to the music industry, in exchange for which the music industry must include additional content over unprotected media. This appears to be a move by Microsoft to spread the winnings around the table, if only a little. Here's how I see it:
. Microsoft gets its own DRM technology approved by the industry, and with control of the main PC platform establishes it as the de-facto standard.
. The music industry gets a widely-deployed DRM technology to stem what it sees as an erosion of its marketplace.
. Consumers who purchase DRM-enabled media instead of standard media would get additional content not available elsewhere.
I think this move should be acknowledged by the digirati as a small step towards a real solution, though not the final one. It appears Microsoft is attempting to exact a concession from the music industry on behalf of consumers. (Of course, it would be more heroic to suffer a cost themselves, but Microsoft is anything but financially stupid.)
Now for some problems with the alleged proposal:
. DRM is DRM, and some of us don't want any of it.
. If you must have DRM, an open standard would be preferred.
. It's likely only a matter of time before the DRM is broken, bringing the music industry back to square one.
. Additional content for our troubles is a nice touch - make it worthwhile (like videos of all the tracks, lyrics, Bio's, discographies, Lo-Fi non-DRM MP3's for portable devices, etc.).
But let's not just hammer the participants out of reflex. Slashdot may be a mob, but we're supposed to be a smart mob.
What it means is that you can't quite trust MD5 to guarantee that you got exactly, bit-for-bit, what you think you got.
You never could. It merely said that it was unlikely for you to be getting something else. The difficulty of arranging such a situation just got easier. Not easy. Not trivial. Just easier. Probably by the same factor it got easier over the past four years due to Moore's law increases. Eventually this will become a real issue, and we should be prepared for that, much the same way we don't use plain DES any more.
The Garmin iQue mates a GPS with Garmin's mapping and routing software with a Palm PDA. There's now a slightly cheaper 3200 model with a smaller screen (I'd suggest the 3600).
Cheap, too, at ~US$450, compared to what you'd have to pay to assemble this yourself.
Yes, it outputs standard NMEA 4800 baud. Purchase a serial cable for your handset to get the data out.
Someone said that they put the GPS antenna on the back. Perhaps on older units, I don't know. On current and future units it's a helical antenna in the iDen antenna's base.
They don't get their fix from the cell network (though they can get some location "help" from them) - they do a warm start every time you turn them (the GPS feature) on, which is why it takes 1-2 minutes to get a fix.
As someone else mentioned, GPS data is available to other J2ME applications, if loaded.
Try The Seven Habits of Highly Effective People. You will either find a way to become indispensible to your boss (amplifying their strengths, compensating for their weakness), or develop an approach to work with them with confidence and integrity, despite their behavior.
Either way, they will no longer rule your existance, because their behavior will not dictate your response - your own values will.
The way you phrased the problem indicates you're already on the right track. Good luck.
Erm, our current understanding via Einstein's general theory of relativity is that gravity waves move AT the speed of light. Among other things, this avoids causality problems. Some efforts have been (and are being) made to prove this, and early indicators are that this is so, though we await conclusive testing.
This, unfortunately, is SO not true any longer. I can tell you the names of 13 machines to take out, after which most of the 'net won't function. Care to guess what they are?
As soon as commercial interests hit the 'net, it's ability to survive substantial damage and continue functioning began to disappear.
I'm sure there are tons of online user ids, the biggest being passport and yahoo.
Yes, and I have several ID's on each service. Some even under my own name. That's the issue that is at question. Whether it needs to be resolved or not I leave as an excersize for the student.
The issue with tape (and it's the only solution for serious data backup, not to mention legal compliance) is not the capacity, it's the speed.
Large data volumes simply take too long to read and write. The writing can be mitigated by snapping off dataset copies or an interim disk-to-disk stage before tape (and I'm talking SAN-level here, not half a terabyte on a single machine), but what happens to your disaster plan (or business plan!) when it takes you 72 hours to restore your five terabytes of data?
To play in this game pretty much requires SAN snapshots and geographically diverse near-realtime replication - something the top vendors can do, at exhorbitant costs. There's definitely room at the bottom for a startup to eat someone's lunch here, and several are trying (Avamar, 3par, etc.).
Hackers, by Stephen Levy Applied Cryptography, Bruce Schneier Gödel, Escher, Bach: An Eternal Golden Braid, Douglas R. Hofstadter Seven Habits Of Highly Effective People, Stephen R. Covey
Another reason that SCSI drives perform better in RAID arrays is that SCSI permits out-of-order I/O request execution.
If a read request goes out to drive 3 and waits for rotational latency, the channel is not blocked. Another request for a read on drive 1 can be executed and satisfied while still waiting on drive 3.
IDE performs blocking I/O, so everything would have to wait until drive 3's read was complete. I don't know if this also applies to SATA.
How about encrypting the data on your hard disk? Even Windows lets you do that now, built-in.
It's transparent when you log in to use it, but maintenance staff can't read it.
There are no guarantees, but it certainly raises the bar.
How about "erase"? IIRC, airline black boxes have a button that the pilot can hit on his way out of the cockpit to erase the voice recorder after a successful landing...
Incorrect. You may be thinking of something else. There is a circuit-breaker than can be pulled to stop the recorders. The recorders are endless-loop, erasing themselves as they go. Wire or tape recorders typically store 30 minutes of data/voice. Digital recorders can store more, but erase on the same principle (FIFO).
In addition to the CVR (cockpit voice recorder) and FDR (flight data recorder), modern aircraft also have computer controlled systems like FADEC (full authority digital engine control) which record and store their own data. Much of this data is transmitted in realtime to ground support engineering for analysis.
This was due to a peculiarity of U.S. trade restrictions - that a completed vehicle had a much higher tariff on it than did shipping the parts and assembling them in-country.
Slashdot Mirror
Not my assertion, but how about John Gilmore's efforts to reveal the Show ID to Fly requirement that apparently is a law we're not allowed to see. Bearing in mind that it's quite easy for conspiracy theorists to purport nonexistant secret laws, this at least has the appearance of one that does.
As for barring reading of laws to be voted on, I cannot cite a blatent example of such. However, the Patriot Act was voted on several hours after a new version was printed (running several hundred pages). It is not clear that there was full understanding of the updated text prior to the vote (this is still a subject of debate).
Erm, TCSEC (Orange Book) applies to stand-alone computers only. Once it's connected to a network, the rating no longer applies. The Red book covers networking. Both have been superceeded by the Common Critera, which can address a computer in a networked environment.
What if you were to do all the above, and then do a line-by-line full coding audit with formal validation? IBM has something like 10,000 Linux coders. There are 50,000,000 lines of code. Assuming you could do the audit at no more than 10 lines a day, it would take 100 days to audit the kernel to this degree. For a real bare-bones box, it would probably take about the same to do the user-space stuff.
Unfortunately, IBM is not a certified evaluation lab (CCTL), so the 10,000 Linux folks would not be able to conduct such a source code audit. The main reason that such reviews have not been done is the incredible cost of the undertaking. For commercial products like Solaris, there is a vendor with a stake who will pay for it. For Linux, no one had stepped up to do so.
Not a bad idea, though.
Anyone have a good suggestion for test gear?
Looks like I need to spend a few years building up an immunity to iocane powder
"That's INCONCEIVABLE!"
"I do not think that means what you think it means."
Microsoft appears to have offered DRM to the music industry, in exchange for which the music industry must include additional content over unprotected media. This appears to be a move by Microsoft to spread the winnings around the table, if only a little. Here's how I see it:
. Microsoft gets its own DRM technology approved by the industry, and with control of the main PC platform establishes it as the de-facto standard.
. The music industry gets a widely-deployed DRM technology to stem what it sees as an erosion of its marketplace.
. Consumers who purchase DRM-enabled media instead of standard media would get additional content not available elsewhere.
I think this move should be acknowledged by the digirati as a small step towards a real solution, though not the final one. It appears Microsoft is attempting to exact a concession from the music industry on behalf of consumers. (Of course, it would be more heroic to suffer a cost themselves, but Microsoft is anything but financially stupid.)
Now for some problems with the alleged proposal:
. DRM is DRM, and some of us don't want any of it.
. If you must have DRM, an open standard would be preferred.
. It's likely only a matter of time before the DRM is broken, bringing the music industry back to square one.
. Additional content for our troubles is a nice touch - make it worthwhile (like videos of all the tracks, lyrics, Bio's, discographies, Lo-Fi non-DRM MP3's for portable devices, etc.).
But let's not just hammer the participants out of reflex. Slashdot may be a mob, but we're supposed to be a smart mob.
You never could. It merely said that it was unlikely for you to be getting something else. The difficulty of arranging such a situation just got easier. Not easy. Not trivial. Just easier. Probably by the same factor it got easier over the past four years due to Moore's law increases. Eventually this will become a real issue, and we should be prepared for that, much the same way we don't use plain DES any more.
Erm, the trick is to both have non-repudiation AND anonymity.
Cheap, too, at ~US$450, compared to what you'd have to pay to assemble this yourself.
Someone said that they put the GPS antenna on the back. Perhaps on older units, I don't know. On current and future units it's a helical antenna in the iDen antenna's base.
They don't get their fix from the cell network (though they can get some location "help" from them) - they do a warm start every time you turn them (the GPS feature) on, which is why it takes 1-2 minutes to get a fix.
As someone else mentioned, GPS data is available to other J2ME applications, if loaded.
Either way, they will no longer rule your existance, because their behavior will not dictate your response - your own values will.
The way you phrased the problem indicates you're already on the right track. Good luck.
It's also available for purchase as a DVD set for purchase, and I can highly recommend it.
Erm, I think all of Asimov's robot stories showed the problems with the three (four) laws. Wasn't that the point?
Erm, our current understanding via Einstein's general theory of relativity is that gravity waves move AT the speed of light. Among other things, this avoids causality problems. Some efforts have been (and are being) made to prove this, and early indicators are that this is so, though we await conclusive testing.
See the following reference.
A keystroke logger could easily be wired in, or simply plugged in the back... waiting for you to enter your credentials.
If you can't trust the computing platform, all bets are off.
This, unfortunately, is SO not true any longer. I can tell you the names of 13 machines to take out, after which most of the 'net won't function. Care to guess what they are?
As soon as commercial interests hit the 'net, it's ability to survive substantial damage and continue functioning began to disappear.
Yes, and I have several ID's on each service. Some even under my own name. That's the issue that is at question. Whether it needs to be resolved or not I leave as an excersize for the student.
Large data volumes simply take too long to read and write. The writing can be mitigated by snapping off dataset copies or an interim disk-to-disk stage before tape (and I'm talking SAN-level here, not half a terabyte on a single machine), but what happens to your disaster plan (or business plan!) when it takes you 72 hours to restore your five terabytes of data?
To play in this game pretty much requires SAN snapshots and geographically diverse near-realtime replication - something the top vendors can do, at exhorbitant costs. There's definitely room at the bottom for a startup to eat someone's lunch here, and several are trying (Avamar, 3par, etc.).
Hackers, by Stephen Levy
Applied Cryptography, Bruce Schneier
Gödel, Escher, Bach: An Eternal Golden Braid, Douglas R. Hofstadter
Seven Habits Of Highly Effective People, Stephen R. Covey
Philosophy:
Atlas Shrugged, Ayn Rand
If a read request goes out to drive 3 and waits for rotational latency, the channel is not blocked. Another request for a read on drive 1 can be executed and satisfied while still waiting on drive 3.
IDE performs blocking I/O, so everything would have to wait until drive 3's read was complete. I don't know if this also applies to SATA.
How about encrypting the data on your hard disk? Even Windows lets you do that now, built-in. It's transparent when you log in to use it, but maintenance staff can't read it. There are no guarantees, but it certainly raises the bar.
And I second the education vs. training comment.
Incorrect. You may be thinking of something else. There is a circuit-breaker than can be pulled to stop the recorders. The recorders are endless-loop, erasing themselves as they go. Wire or tape recorders typically store 30 minutes of data/voice. Digital recorders can store more, but erase on the same principle (FIFO).
In addition to the CVR (cockpit voice recorder) and FDR (flight data recorder), modern aircraft also have computer controlled systems like FADEC (full authority digital engine control) which record and store their own data. Much of this data is transmitted in realtime to ground support engineering for analysis.
This was due to a peculiarity of U.S. trade restrictions - that a completed vehicle had a much higher tariff on it than did shipping the parts and assembling them in-country.
Actually, it was about 22 hours . Amusingly, the project was called Deep Crack.