Slashdot Mirror


User: Todd+Knarr

Todd+Knarr's activity in the archive.

Stories
0
Comments
3,572
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 3,572

  1. Re:This is where NT admins have it good :) on Monitoring What Files Your Applications Leave Behind? · · Score: 2

    True, but then on Unix all the configuration's on the filesystem anyway. Usually all you want in the end's a list of what changes the program made. Detailed step-by-step traces are useful only rarely, in debugging arcane problems. If I need more detail than Tripwire gives by default, I usually just diff the new files against a CD-RW backup from just before the install ( yes, I'm spoiled by being able to quickly back up my configuration that way ).

  2. Re:This is where NT admins have it good :) on Monitoring What Files Your Applications Leave Behind? · · Score: 1

    Hate to say it, but we do have that. It's called Tripwire. Been on Sourceforge since 1998, and I can recall mention of it back for years before that. Thing's a lifesaver when it comes to detecting anything messing with system directories.

  3. Re:How these licenses actually work on Launchcast Sued · · Score: 1

    Looks to me like the "interactivity" restriction isn't present in the rules. Thought: if adjusting the playlist based on what the listeners want isn't allowed by the statutory license even if that's not mentioned in the rules, then what about conventional radio stations that adjust their playlist based on what their listeners want ( eg. lots of listeners told them they don't want Gangsta Rap, so the station doesn't play any Gangsta Rap songs )? This would pretty much kill the use of ratings, wouldn't it?

  4. Re:RTFP on TiVo Granted PVR Patents · · Score: 1

    The fact that it does something that wasn't done before isn't enough to make it patentable. It has to do something that wasn't done before, that's original enough that a competent practitioner in that field wouldn't think of it immediately. VCRs exist. Every feature they're claiming on the TiVo is already standard in every streaming-audio/video editing package out there. Making a VCR based around standard computer storage instead of a tape isn't exactly an incredible leap, especially not after things like the Rio did it for audio-only applications.

    Face it, not every invention is patentable. Yes, this means there's things the business types can't lock up and monopolize. Life's tough, deal.

  5. Re:RTFP on TiVo Granted PVR Patents · · Score: 1

    You can't do random-access while recording with a VCR because it's not physically possible to do that with tape. But every method of storing data on a computer has pretty much allowed it, and I fail to see how allowing the sort of access to the data files that's been standard for 30+ years is original either.

  6. Re:RTFP on TiVo Granted PVR Patents · · Score: 1

    I'd say this is a bad patent though. What they describe is exactly a VCR, except that the VCR splits the audio and video before encoding instead of encoding before splitting. That's because of the mechanics of the way things are stored, though, and follows directly from those mechanics so it's hardly novel or original. Oh, and a VCR uses magnetic tape and doesn't compress the signal, but then the idea of compressing data for storage has been around for decades ( SEA ARC, anyone? ) and everyone's done it for storing any kind of audio or video since the beginning. I'm afraid I don't consider making a VCR using a hard drive instead of tape and MPEG-1 video and audio instead of NTSC video and audio particularly original.

    But they'll probably win any challenges because nobody'll challenge it based on those grounds.

  7. Re:Implications on First Legal Test of the GPL · · Score: 1

    Both of them. Option #1 you state is the LGPL. Option #2 is the GPL. That's why the LGPL was created, to allow option #1. In this case the author considered the LGPL and decided against using specifically to prevent option #1 from being the case.

  8. Re:Macromedia opt-in? on Above.net Blackholes, Unblackholes Macromedia · · Score: 1

    Then you need to find another company to work for, because MM is wide-open to being accessory to harrassment. Nowhere in that sequence does it do anything to prevent person A from filling out the forms with person B's information. You need step 4: contact that address entered in steps 1 or 2 and get a reply from them authorizing the subscription before sending. Without this, MM is being negligent.

  9. Re:Macromedia opt-in? on Above.net Blackholes, Unblackholes Macromedia · · Score: 1

    She never did register her real e-mail address. The harrasser registered it for her, and since the lists never confirmed that the person at that address wanted to register, she's getting several hundred pieces of spam every day.

  10. Macromedia opt-in? on Above.net Blackholes, Unblackholes Macromedia · · Score: 1

    Macromedia uses opt-in? Is this double-confirmation opt-in, or is it the "We'll tell you that your name was added and start bombarding you with spam unless and until you navigate our 37-step process for removing your name." style of pseudo-opt-in? If it's the latter, which I suspect it is, then I've no sympathy for Macromedia at all, seeing as a friend of mine is being harrassed by someone using the second "opt-in" method.

  11. Re:twit on Amazon Tries to Turn a Profit · · Score: 2

    And JIT from the publisher's warehouse doesn't work, because the publishers don't want to carry inventory either ( they get taxed on it too heavily ). They try to print not much more than they will have immediate orders for, so if you depend on their inventory you're likely to get "Sorry, that book's out of print." when you call them 4 weeks later asking for more copies.

  12. Re:Point me to an alternative on Red Hat: Who Needs Netscape? · · Score: 1

    What problems obtaining the JVM? First time I hit a page that needed Java, it gave me the get-a-plugin dialog, which took me through the install steps and gave me Java just like it should've. Or you could go directly to Netscape's plug-ins page and download and install it and any other plug-ins you want in one fell swoop, if you don't want to wait.

  13. Re:Point me to an alternative on Red Hat: Who Needs Netscape? · · Score: 2

    Mozilla 0.9:

    • Handles Javascript correctly: check. May not handle non-Javascript or non-DOM extensions, but then it shouldn't.
    • Handles Java: check for JVM 1.3.
    • Shockwave/Flash plugins run: check.
    • RealPlayer plugin runs: dunno, I don't use Real. I've heard people say it runs right now, though.
    • Launch speed: about 10 seconds on a K6-3 400.
    • Debug messages: don't see them in any of my windows. They do log to the session error file or to the browser error log depending on how I set the launcher up, which is usually what I want.
  14. Re:More Editorializing! on MS VP Speech Online · · Score: 1

    However, interesting question. If forking in open source software is so much of a risk, where are all the forked open-source projects? Where are all the forks in Sendmail, BIND, Apache, PHP, Perl, Linux, gcc...? The qualities that MS is naming as causing the risks of forking in reality tend to act to keep forks from happening. Forks happen when the needs of the users diverge from the path the prime developers want to take. In OSS, if this happens the user community will migrate fairly quickly to the branch that meets their needs and the other ones will wither away. The only time this doesn't happen is when there is an actual need for two sets of different functionality that cannot coexist in a single version, in which case you want a fork if you're a user.

    The Windows 9x/NT/2000/XP situation isn't equivalent to forking. It's equivalent to having your choice of Sendmail, Qmail and Postfix available as mail-transport agents. Completely different pieces of software that do roughly the same thing. Except that I can pull Sendmail and replace it with Qmail and all my mail client programs will continue to work with it.

  15. Re:They're called signed downloads, fellas... on Kurt Seifried On The Danger Of Binary RPMs · · Score: 2

    That's one of the points. You know it hasn't been tampered with since it was signed, but you've no assurance that someone didn't unpack it, trojan it, repack it and sign it with their certificate ( which happens to look very similar to the one that should be on it, perhaps even being in the right company name ). Nor does it give you any assurance that the server you got it from wasn't compromised and not only the packages altered but the certificates and signatures/fingerprints on the server as well. You end up having to go obtain the packages and the certificates to verify them directly from the original author to get those assurances, and do it over an untamperable connection with verification of the sender's identity ( not a certificate, actual out-of-band verifiable proof of identity ), at which point you don't need a digital signature on the package for either authentication of source or detection of tampering.

  16. Re:This is absurd! on The Lone Guns Against Spam · · Score: 2

    Well, if you're sending mail to people who have already bought from you and indicated they want more news and info from you, you aren't a spammer. However, it sounds more like you're sending mail to people who haven't bought anything from you, attempting to convince them to become customers, whether they've asked for you to contact them or not. Which is the definition of a spammer. Note that spamming until they ask you to stop is still spamming, so the 'reply to get off my list' doesn't change things one bit. Especially seeing as the laws usually used to justify that have never been signed into law.

    So, flat-out: do you send mail to people who haven't contacted you first asking for you to send them information and/or news?

  17. Re:They're called signed downloads, fellas... on Kurt Seifried On The Danger Of Binary RPMs · · Score: 2

    Only one problem: having the package be signed doesn't tell you anything about how safe it is to install it. All it tells you is that the package was built by the person who claims to have built it. It doesn't tell you whether you can trust the person who built it not to have trojaned it, or even whether the person actually is the person they claim to be ( see the recent obtaining of official Microsoft certificates from Verisign by parties not affiliated with Microsoft for an example ). Given that, signatures on the binary RPMs are completely inadequate for security ( just as signatures on ActiveX components are completely inadequate for security ), and if you do the things needed to make them secure then you wind up not needing the original binary RPM at all anyway.

  18. Re:Licensing - Leasing - what's the diff? on Why 2002 Will Be Better Than 2001 · · Score: 2

    Main difference is that software leasing would be leasing directly from the maker. Basically instead of buying a software package you buy the right to use it for a year, then buy another when the year's up. If you don't pay, you lose the software. If you do pay, you presumably get the most recent version, and usually updated versions at various times during the year.

  19. Leasing software? Problem. on Why 2002 Will Be Better Than 2001 · · Score: 4

    Rob, I think software leasing will, if it catches on at all, last only a short time. There's one fundamental difference between leasing a car and leasing software: with a car you know what you're getting and what you'll get when the lease runs out. The car won't change on you for the life of the lease, and when the lease runs out you'll get to pick which car you want to lease again and won't be in the position of having the car company decide they'd rather you used station wagons instead of limos.

    Compare that to leasing software. Take a look at the havoc that comes when you upgrade critical parts of an OS. Linux is less obnoxious when it comes to kernel and libc upgrades than Windows is when you jump versions, but it's still a headache and you don't do it to production servers quickly if you value your business's stability. Yet most software leases include provisions for automatic, unannounced updates of exactly that sort. RedHat's better about that in that you can avoid the update if you want, but I doubt Microsoft's leasing plan will let you continue to run 98 or NT4, no matter how well they work for you.

    Software leasing may eventually work, but before it does it's going to have to not be designed as a revenue generator for the software companies and not have automatic upgrades and such added in to the basic concept.

  20. Re:get those fingers ready to mod me down. on Supremes Hear Case of Publisher Piracy · · Score: 3

    Use. When I dub a CD onto a cassette to play in the car, it's for my use only. The publishers aren't converting the articles for their own use, they're converting them to make and sell copies in a format not covered by the original contract. They weren't given the right under those contracts to sell copies in electronic form, so they've no more right to do it than I have to distribute copies of their CD.

  21. Re:So if I'm an independent... on RIAA Wants Opt-In Filtering For Napster · · Score: 1

    Actually that would be the best thing the RIAA could do for the rest of us. If they do that, and prohibit you from letting Napster distribute your music even though you have a legal right to authorize Napster to distribute it... can you say "restraint of trade lawsuit"? I knew you could.

  22. Information revealed on Earthlink's Extra HTTP Header · · Score: 2

    Actually I don't think the Earthlink header reveals too much unpleasant. In any browser that has Javascript active, any Web page out there can pull out the same information. The only thing they can't is the POP ID, and they can infer that from the IP address you're using if they want to. I don't like that they're sending the info without saying they are, but the info itself isn't particularly distressing. Maybe we need something like P3P but working the other way, telling you what information your browser is going to send and making sure that matches your preferences before sending it?

  23. Re:Enough bits? on Earthlink's Extra HTTP Header · · Score: 2

    I think they're referring not to just the number of bits but to the amount of variation ( or lack thereof ) between different headers for that number of bits. Sure you've got 192 bits, but they don't change enough between different user's browsers to be usably unique. Compart that to MS GUIDs, that vary drastically from one system to another.

  24. Predict a pseudo-random-number generator? on TCP Weakness No False Alarm? · · Score: 2

    This sounds an awful lot like he's saying that, given the information you can sniff over the net, you can predict the next number the PRNG used by the TCP stack will produce. I'm pretty sure that's true, if the stack's using a poor PRNG, and the only fix is to use a better PRNG. I don't see how his fixes affect this, though. Crypto algorithms that are worth anything basically attempt to produce an output string that is indistinguishable from random numbers if you don't have the key, which is the same goal that a good PRNG tries for. So exactly how does his fix differ from switching to a better PRNG? And how can it help systems that already have good PRNGs in them? As for adding in an administrative passphrase, sorry but that's likely to reduce the randomness thanks to the penchant of humans to pick memorable ( and thus non-random ) phrases.

  25. Re:This is ridiculous on Spammers Face Jail Time · · Score: 3

    You miss the point. Sure, I can not open that mail. Problem is, it's already cost my ISP money for bandwidth and disk space to handle the incoming spam, and me money for space to store it in my inbox and bandwidth to download it, before I have the opportunity to not open it. To solve the problem I need to keep the mail from leaving the spammer's system in the first place.

    As for saving me from spam, let me give you the magnitude of the problem: about 50% of my e-mail is spam, after applying filters to it. That's a lot of spam.