Your points are good, especially those about traffic analysis. However, they appear only serve to further weaken the argument of the person I was replying to.
In many ways, the 'net is a far less anonymous place than the 'real world'. In the real world I can still send a letter w/o a return address (or even with a bogus return address). If I am careful to avoid leaving fingerprints on it, it is difficult for the recipient to tell much more than what zip code it was mailed from. It would be virtually impossible for someone (or even a gov't agency) to watch every person depositing mail into every public mail recepticle all the time. In the real world I can still make a call from a public pay phone using coins and/or a calling card (if necessary) that I can purchase with cash at a place like Wal-Mart. If I am careful not to leave fingerprints on the phone, and I do something like record a message in someone else's voice or with a voice synthesizer, it is virtually impossible to tell who made the call.
The preceeding examples haven't caused the real world to come to an end, so I see little reason why what little anonymity we have on the 'net is a bad thing.
Forgive me for not taking criticism on posting from an AC very seriously. Who are you to say what I can and can't post? Who are you to speak for everyone else on what is a valid contribution and what isn't?
I can comment on things I know little about too. I choose not to.
Personally, I think you just did. How do you know what I know little or a lot about?
If you don't like what I have to say or how I say it, then get moderator points and moderate me down. Oh, too bad, then I could just get a new account or post as an AC.
Well, XML may be an open standard, but who knows, what I'd like to put into the DTD for my Format?
You've raised a valid point. XML does provide a lot of room for proprietarization of DTD. The real question there is will Microsoft be open about how they implement that? I am not really very optimistic there.
However, HTML is supposed to be an open standard, and it certainly hasn't stopped Microsoft from implementing proprietary tags in their implementation (to be fair, Netscape has also done so). I think it is entirely likely that we will see Microsoft try to do some significant 'embrace and extend' with both HTML and XML.
Then we need to do away entirely with anonymnity on the 'net.
We need to insure that total anonymity on the net is available forever. Cryptography will make that possible.
and it will help people shut out spam
Getting rid of spam won't be that easy. We don't have anonymity in the world of telephones, and we still get telemarketing calls. We don't have anonymity in the postal system and we still get bombarded with junk mail.
and get rid of the creepy nature of the 'net as it now stands
Creepy? Err... what 'net are you on?
It will also make people accountable for what they say in public online, just as we're accountable for what we say in public in the real world.
I read that as 'it will have the same chilling effect on free speech that we see in the real world'. Just as it is possible to circumvent public accountability in the real world, it will continue to happen online.
These are good things.
These are at best pipe dreams. At worst, they will lead to big-brotherism.
Maybe what we need to do is allow people like you that are afraid of somehow, possibly, being offended by something to just filter out anything that is anonymous. But why prevent the rest of us who think that a few Anonymous Cowards out there might occasionally have something worthwhile to say from listening if we want?
Since StarOffice has a programming script, I don't see why it also won't be vulnerable to macro viruses.
Its not just having a scripting language in the product that causes the problem. It is allowing the scripts to automatically run on opening the document for one. It is also how much outside the "sandbox" of the application the scripting language is allowed to do. Scripting languages in applications are nothing new (for example JavaScript in browsers), however VBA in Microsoft Office basically has total access to the entire Windows machine, which is a problem in a highly networked world.
Even in a Linux environment such a virus could cause a lot of damage.
Perhaps, but only likely if someone runs their office suite as root, or some other similar user-related security hole. In general, it is users that are the biggest weakness in security.
That depends on your needs. I don't really have a need to be 'fully MSOffice compliant'. I find StarOffice to be usable for my needs, other than being a little bit hungry on the resource requirements side (which is a fully MSOffice compliant feature). For that matter, between different versions of MSOffice, they are often only one directionally compliant.
Of course, of computers are "doomed to failure in the long run", we'd still be using Altairs & 4040 cpu's (or valves) if it didn't.
Well, that is true, but then again, when doom came to those products, the companies quit building and selling them.
But then no-one has said they will develop the Classic hardware, but they will support it as long as it is feasible.
Actually I've seen more than a few Amiga fans suggest that (at least as an interim step) they more-or-less reintroduce the 'classic' hardware with a few hot-rod type features. Personally I don't think that would be a very commercially viable thing to do since it is unlikely anyone other than a few Amiga diehards would buy one. Especially given the retooling costs, I don't think that they could be built at a reasonable price and still have enough features and performance to be competitive with current PC clone and/or Mac hardware.
Also, there are several Amiga companies working on PPC systems (although IMHO the early "PowerUP" cards are rather poor), with 68k emulation & porting parts of the OS to PPC.
That sort of approach would have made sense to do around the time that Apple made their 68K->PPC transition, but it seems a little late in the game to do it now.
There really is no reason to buy a 3C509 anything today unless you find one in a used parts bin for $10 or something, at least not if you want to put it in a machine adequate for running NT. For any decent machine, something like a Bay Networks NetGear FA310TX, which is PCI, 10/100 and fast, can be had in quantity one at local computer retailers for $30. I've got three of those cards, and I'm very happy with all of them. I can't personally vouch for how well they do under NT as I don't use any Microsoft OSes at home, but Linux finds and runs happily with them.
I was also amused to see that they are running Red Hat 4.2. Assuming they got that detail correct:)
A lot of people don't run recent distributions on production machines because they don't want to tinker with a working system (one can certainly debate the wisdom of that). Another thing to consider is the lead time between when stories are written and published. When it comes to webified versions, there is sometimes a lag between when the online version appears and the print version (to help keep the paper circulation going I guess).
Wow, they find cheap technicians. Around here (only about 3 hours from KC) you can't touch a decent tech for less than about $45-$50k. That also doesn't figure in benefits or expenses (a computer, a phone, a desk, etc) related to having an employee. The salary is just one factor (albiet a large one) in the cost of an employee.
Here is a question. Supposing the opposite problem happens... Instead of forgetting the password, what happens if too many people (like a former employee for instance) knows what the password is... If its burned into PROM, how do I change it? Can I? If so, how many times before the PROM is full? This would seem to be a serious enough problem to make this 'feature' unusable even if you don't worry about losing/forgetting passwords.
Just one nit to pick... the Amiga isn't tightly coupled with NTSC/PAL at all.
Many of the custom chips in the 'classic' Amigas are built to operate on frequencies derived from NTSC/PAL signals that don't make sense if you are running with a PC style video card. This is true even for things like the Zorro bus timing, sound and floppy disk control.
Many Amiga users with graphics cards haven't seen an Amiga chipset screenmode in years.
One of the few niche markets that the Amiga was moderately successful in was video production, where NTSC/PAL video modes make sense. Unfortunately for Amiga, as I point out, NTSC/PAL are going to get phased out in favor of HDTV in the next few years so that will be a dying market.
Heck, the Draco Amiga clone didn't even have all that hardware.
And how compatible was it with the typical hardware-hammering software of the 'classic' Amiga period?
The Amiga does indeed have a few problems with being held back by legacy concerns, but graphics/display isn't one of them.
Unfortunately for the Amiga, if you are going to use a graphics chipset designed for a x86 PC clone as most of the Amiga video cards do, you lose one of the major differentiators of the Amiga hardware, which was all of the video coprocessors. Also unfortunately for the Amiga, its custom video hardware isn't all that impressive compared to the current state of the art in the x86 PC world.
I think perhaps the argument with fewer 'maybe's is more likely to be correct.
The classic Amiga is doomed in the long run by its tight coupling with NTSC/PAL video and custom hardware tied to that legacy. NTSC and PAL are soon going to be dead as they are replaced by HDTV. The Amiga is also aflicted by goofy hardware driven by compromises Commodore made to be 'cheap' that only made sense in the 80's (like the bizare floppy drive hardware), but don't make sense today. And also by the essentially dead (68K, RIP) processor architecture it was tied to. A lot of these things could have been overcome if someone had been working continuously on them (as Apple overcame many of the same problems -- proprietary floppy->standard and 68K->PPC). Unfortunately for Amiga, they essentially stood still from about 1993 until recently. Six years is practically three lifetimes in the computer business.
Wow...the "curse of the Amiga" takes yet another victim.
Hmmm... I am not sure who is victim and who is villan here, according to what some people have said about this guy.
Even if they were to bring product to market today, would anyone have enough faith in the company to purchase it?
No way. I never trusted Commodore enough to buy anything from them. I trusted Escom even less. I've been wondering if Amiga will somehow end up killing Gateway since they bought the corpse of Amiga.
Somewhere, Mehdi Ali is laughing at all of this...
Laughing while he counts his ill-gotten gains, no doubt. On the other hand, hindsight being what it is, I don't see that things would have been that much different in the long run had Commodore and Escom had less incompetent and/or corrupt management.
After I got past the fact that the CD-ROM drive that worked with FreeBSD did NOT work with RH Linux. The CDROM was a 1xspeed Apple
I don't know what you were doing wrong, but the 1x speed Apple (CD-150) has worked flawlessly with every Linux kernel I've tried since 0.99pl7, and with at least three different types of SCSI card (Adaptec, Future Domain and NCR/Symbios). I don't know how could it not work, its a pretty bog simple SCSI-1 Sony mechanism. As for 3Com support, the 3C905 is most definitely supported under Linux, and has been for a long time. I know of quite a number of people who use that type of card with Linux in machines that are running 24x7. Personally I prefer the Bay Networks NetGear FA310TX (especially at 1/2 the price), but the 3C905 is in general a reliable if not stellar performer with Linux. Are you sure that the card didn't just fail? If so, its kinda a stretch to blame that on Linux. Intel EtherExpress Pro's on the other hand, I have heard of more problems with (bus mastering arbitration problems mostly) -- and those problems affect even MS-DOS/Windows.
I've not tried FreeBSD recently, but I tried NetBSD recently only to find it difficult to get a WD8013 card to work that autodetects fine under Linux. The supported hardware lists for the *BSD's are also much shorter than Linux and I don't know how you can dispute that. I'm not saying that Linux's hardware support is perfect, but it seems to be more comprehensive than the *BSDs right now.
Just because it isn't documented doesn't mean that it is impossible. At any rate, it still doesn't prevent moving the hard drive to another machine that can be compromised and then returning it. Also if the case is non-proprietary, motherboards are relatively cheap these days (under $100 for most of them).
There's an easy way to prevent someone from ever booting to a floppy drive on a server - take out the floppy drive. I've run my main server for years with no floppy drive in it.
But unless you physically lock the machine up, or do something radical like fill the floppy drive connector with epoxy, you really can't prevent someone from opening the box and hooking up a floppy drive and resetting the CMOS memory...
The MUST be an option to NOT boot from a floppy. I can hardly believe that Linux has no way of letting you do this. Just set it in BIOS if all else fails.
Its a hardware problem. Linux can't do anything to fix that, and neither can anything else. If you have physical access to the machine you can override anything (including BIOS passwords, by resetting the CMOS memory (either a jumper or shorting the battery momentarily)). Even if no floppy is connected, you can open the machine and hook one up. Or you can remove the hard drive the passwd or shadow file is on, hook it up to another machine and change the files.
Unless you physically lock the machine up, it is not secure.
Slashdot Mirror
Your points are good, especially those about traffic analysis. However, they appear only serve to further weaken the argument of the person I was replying to.
In many ways, the 'net is a far less anonymous place than the 'real world'.
In the real world I can still send a letter w/o a return address (or even with a bogus return address). If I am careful to avoid leaving fingerprints on it, it is difficult for the recipient to tell much more than what zip code it was mailed from. It would be virtually impossible for someone (or even a gov't agency) to watch every person depositing mail into every public mail recepticle all the time.
In the real world I can still make a call from a public pay phone using coins and/or a calling card (if necessary) that I can purchase with cash at a place like Wal-Mart. If I am careful not to leave fingerprints on the phone, and I do something like record a message in someone else's voice or with a voice synthesizer, it is virtually impossible to tell who made the call.
The preceeding examples haven't caused the real world to come to an end, so I see little reason why what little anonymity we have on the 'net is a bad thing.
Please don't add "most likely" comments.
Actually, that was "more likely".
You've contributed nothing when you do so.
Forgive me for not taking criticism on posting from an AC very seriously. Who are you to say what I can and can't post? Who are you to speak for everyone else on what is a valid contribution and what isn't?
I can comment on things I know little about too. I choose not to.
Personally, I think you just did. How do you know what I know little or a lot about?
If you don't like what I have to say or how I say it, then get moderator points and moderate me down. Oh, too bad, then I could just get a new account or post as an AC.
Thank you for getting me to smile!
Well, I am glad that someone enjoyed that comment, obviously some moderator didn't, as that post got marked down a point... Ah well.
Well, XML may be an open standard, but who knows, what I'd like to put into the DTD for my Format?
You've raised a valid point. XML does provide a lot of room for proprietarization of DTD. The real question there is will Microsoft be open about how they implement that? I am not really very optimistic there.
However, HTML is supposed to be an open standard, and it certainly hasn't stopped Microsoft from implementing proprietary tags in their implementation (to be fair, Netscape has also done so). I think it is entirely likely that we will see Microsoft try to do some significant 'embrace and extend' with both HTML and XML.
Then we need to do away entirely with anonymnity on the 'net.
We need to insure that total anonymity on the net is available forever. Cryptography will make that possible.
and it will help people shut out spam
Getting rid of spam won't be that easy. We don't have anonymity in the world of telephones, and we still get telemarketing calls. We don't have anonymity in the postal system and we still get bombarded with junk mail.
and get rid of the creepy nature of the 'net as it now stands
Creepy? Err... what 'net are you on?
It will also make people accountable for what they say in public online, just as we're accountable for what we say in public in the real world.
I read that as 'it will have the same chilling effect on free speech that we see in the real world'. Just as it is possible to circumvent public accountability in the real world, it will continue to happen online.
These are good things.
These are at best pipe dreams. At worst, they will lead to big-brotherism.
Maybe what we need to do is allow people like you that are afraid of somehow, possibly, being offended by something to just filter out anything that is anonymous. But why prevent the rest of us who think that a few Anonymous Cowards out there might occasionally have something worthwhile to say from listening if we want?
Since StarOffice has a programming script, I don't see why it also won't be vulnerable to macro viruses.
Its not just having a scripting language in the product that causes the problem. It is allowing the scripts to automatically run on opening the document for one. It is also how much outside the "sandbox" of the application the scripting language is allowed to do. Scripting languages in applications are nothing new (for example JavaScript in browsers), however VBA in Microsoft Office basically has total access to the entire Windows machine, which is a problem in a highly networked world.
Even in a Linux environment such a virus could cause a lot of damage.
Perhaps, but only likely if someone runs their office suite as root, or some other similar user-related security hole. In general, it is users that are the biggest weakness in security.
isn't XML (already) supported as a standard file format in Office 2000?
Microsoft's semi-proprietary almost-XML, more likely.
isn't fully MSOffice compliant == unusable
That depends on your needs. I don't really have a need to be 'fully MSOffice compliant'. I find StarOffice to be usable for my needs, other than being a little bit hungry on the resource requirements side (which is a fully MSOffice compliant feature). For that matter, between different versions of MSOffice, they are often only one directionally compliant.
Of course, of computers are "doomed to failure in the long run", we'd still be using Altairs & 4040 cpu's (or valves) if it didn't.
Well, that is true, but then again, when doom came to those products, the companies quit building and selling them.
But then no-one has said they will develop the Classic hardware, but they will support it as long as it is feasible.
Actually I've seen more than a few Amiga fans suggest that (at least as an interim step) they more-or-less reintroduce the 'classic' hardware with a few hot-rod type features. Personally I don't think that would be a very commercially viable thing to do since it is unlikely anyone other than a few Amiga diehards would buy one. Especially given the retooling costs, I don't think that they could be built at a reasonable price and still have enough features and performance to be competitive with current PC clone and/or Mac hardware.
Also, there are several Amiga companies working on PPC systems (although IMHO the early "PowerUP" cards are rather poor), with 68k emulation & porting parts of the OS to PPC.
That sort of approach would have made sense to do around the time that Apple made their 68K->PPC transition, but it seems a little late in the game to do it now.
There really is no reason to buy a 3C509 anything today unless you find one in a used parts bin for $10 or something, at least not if you want to put it in a machine adequate for running NT. For any decent machine, something like a Bay Networks NetGear FA310TX, which is PCI, 10/100 and fast, can be had in quantity one at local computer retailers for $30. I've got three of those cards, and I'm very happy with all of them. I can't personally vouch for how well they do under NT as I don't use any Microsoft OSes at home, but Linux finds and runs happily with them.
I was also amused to see that they are running Red Hat 4.2. Assuming they got that detail correct :)
A lot of people don't run recent distributions on production machines because they don't want to tinker with a working system (one can certainly debate the wisdom of that). Another thing to consider is the lead time between when stories are written and published. When it comes to webified versions, there is sometimes a lag between when the online version appears and the print version (to help keep the paper circulation going I guess).
at an average salary of around $40,000 a year
Wow, they find cheap technicians. Around here (only about 3 hours from KC) you can't touch a decent tech for less than about $45-$50k. That also doesn't figure in benefits or expenses (a computer, a phone, a desk, etc) related to having an employee. The salary is just one factor (albiet a large one) in the cost of an employee.
Now, now... You forget that Hemos also failed grade school geography as well as spelling and english... :-)
BTW -- No offense intended Hemos, I am just kidding.
Damnit, hit submit at the wrong time.
Here is a question. Supposing the opposite problem happens... Instead of forgetting the password, what happens if too many people (like a former employee for instance) knows what the password is... If its burned into PROM, how do I change it? Can I? If so, how many times before the PROM is full? This would seem to be a serious enough problem to make this 'feature' unusable even if you don't worry about losing/forgetting passwords.
What an incredibly poor design. Reminds me why I make a point of not buying IBM hardware. :-)
Still dead, you say? Ahh, but that's what Transmeta's really working on!
:-)
They'd be better off calling the 'Psychic Fraud^h^h^heinds Network then.
Just one nit to pick... the Amiga isn't tightly coupled with NTSC/PAL at all.
Many of the custom chips in the 'classic' Amigas are built to operate on frequencies derived from NTSC/PAL signals that don't make sense if you are running with a PC style video card. This is true even for things like the Zorro bus timing, sound and floppy disk control.
Many Amiga users with graphics cards haven't seen an Amiga chipset screenmode in years.
One of the few niche markets that the Amiga was moderately successful in was video production, where NTSC/PAL video modes make sense. Unfortunately for Amiga, as I point out, NTSC/PAL are going to get phased out in favor of HDTV in the next few years so that will be a dying market.
Heck, the Draco Amiga clone didn't even have all that hardware.
And how compatible was it with the typical hardware-hammering software of the 'classic' Amiga period?
The Amiga does indeed have a few problems with being held back by legacy concerns, but graphics/display isn't one of them.
Unfortunately for the Amiga, if you are going to use a graphics chipset designed for a x86 PC clone as most of the Amiga video cards do, you lose one of the major differentiators of the Amiga hardware, which was all of the video coprocessors. Also unfortunately for the Amiga, its custom video hardware isn't all that impressive compared to the current state of the art in the x86 PC world.
Maybe they should hire Gil Amelio.
:-)
Hey, Gil is still available I think.
He can hire on an original Amiga founder, get dumped, and the other fella can take over as iCEO...
Except of course that Jay Miner is still dead... Who else could they get?
I think perhaps the argument with fewer 'maybe's is more likely to be correct.
The classic Amiga is doomed in the long run by its tight coupling with NTSC/PAL video and custom hardware tied to that legacy. NTSC and PAL are soon going to be dead as they are replaced by HDTV. The Amiga is also aflicted by goofy hardware driven by compromises Commodore made to be 'cheap' that only made sense in the 80's (like the bizare floppy drive hardware), but don't make sense today. And also by the essentially dead (68K, RIP) processor architecture it was tied to.
A lot of these things could have been overcome if someone had been working continuously on them (as Apple overcame many of the same problems -- proprietary floppy->standard and 68K->PPC). Unfortunately for Amiga, they essentially stood still from about 1993 until recently. Six years is practically three lifetimes in the computer business.
Wow...the "curse of the Amiga" takes yet another victim.
Hmmm... I am not sure who is victim and who is villan here, according to what some people have said about this guy.
Even if they were to bring product to market today, would anyone have enough faith in the company to purchase it?
No way. I never trusted Commodore enough to buy anything from them. I trusted Escom even less. I've been wondering if Amiga will somehow end up killing Gateway since they bought the corpse of Amiga.
Somewhere, Mehdi Ali is laughing at all of this...
Laughing while he counts his ill-gotten gains, no doubt. On the other hand, hindsight being what it is, I don't see that things would have been that much different in the long run had Commodore and Escom had less incompetent and/or corrupt management.
After I got past the fact that the CD-ROM drive that worked with FreeBSD did NOT work with RH Linux. The CDROM was a 1xspeed Apple
I don't know what you were doing wrong, but the 1x speed Apple (CD-150) has worked flawlessly with every Linux kernel I've tried since 0.99pl7, and with at least three different types of SCSI card (Adaptec, Future Domain and NCR/Symbios). I don't know how could it not work, its a pretty bog simple SCSI-1 Sony mechanism.
As for 3Com support, the 3C905 is most definitely supported under Linux, and has been for a long time. I know of quite a number of people who use that type of card with Linux in machines that are running 24x7. Personally I prefer the Bay Networks NetGear FA310TX (especially at 1/2 the price), but the 3C905 is in general a reliable if not stellar performer with Linux. Are you sure that the card didn't just fail? If so, its kinda a stretch to blame that on Linux.
Intel EtherExpress Pro's on the other hand, I have heard of more problems with (bus mastering arbitration problems mostly) -- and those problems affect even MS-DOS/Windows.
I've not tried FreeBSD recently, but I tried NetBSD recently only to find it difficult to get a WD8013 card to work that autodetects fine under Linux. The supported hardware lists for the *BSD's are also much shorter than Linux and I don't know how you can dispute that. I'm not saying that Linux's hardware support is perfect, but it seems to be more comprehensive than the *BSDs right now.
Just because it isn't documented doesn't mean that it is impossible. At any rate, it still doesn't prevent moving the hard drive to another machine that can be compromised and then returning it. Also if the case is non-proprietary, motherboards are relatively cheap these days (under $100 for most of them).
There's an easy way to prevent someone from ever booting to a floppy drive on a server - take out the floppy drive. I've run my main server for years with no floppy drive in it.
But unless you physically lock the machine up, or do something radical like fill the floppy drive connector with epoxy, you really can't prevent someone from opening the box and hooking up a floppy drive and resetting the CMOS memory...
Bail out of there while the getting is good. Sounds like the new IT manager there is a PHB of the worst variety.
The MUST be an option to NOT boot from a floppy. I can hardly believe that Linux has no way of letting you do this. Just set it in BIOS if all else fails.
Its a hardware problem. Linux can't do anything to fix that, and neither can anything else. If you have physical access to the machine you can override anything (including BIOS passwords, by resetting the CMOS memory (either a jumper or shorting the battery momentarily)). Even if no floppy is connected, you can open the machine and hook one up. Or you can remove the hard drive the passwd or shadow file is on, hook it up to another machine and change the files.
Unless you physically lock the machine up, it is not secure.