VR Head gear has the same problem as watching to much TV or playing to many computer games does. It fucks up your ability to properly differentiate distance. Note that this problem is with young people who haven't fully trained their distance judgement circuits. Us older geeks who have already trained our distance judgement circuits have no problems. Apparently there is much more to distance judgement than the angle difference between the eyes. Focus plays a large part as well as motion of the object.
Cost will be a major driving force. For any method to work it will need to make it cost effective to just buy the original.
With the advent of very fast computers it is just not possible to make a copy protection scheme that will last for any duration. A means around the protection will always be found. Encryption is easy to break because the key needs to be on the player at some point, and at some point the raw digital data needs to be available. Due to both of these constraints it just isn't feasable to use copy protection to protect a work. There will always be a way around it.
Ease of use. If Joe Schmoe 50 IQ can't deal with it, it will fail.
Because of these constraints I feel low cost download will likely be the wave of the future.
I've just done a quick search on the web, but was not able to come up with an answer to my question: When two different manufacturers label their products as 802.11 complient, does this mean that I can use them together (as long as the frequency is the same, e.g. 2.4GHz)?
For the most part yes. There were a couple of open issues relating to the upper software layers (durring Spring 1999), but as for the hardware level they should be fully compatible. I haven't read the final spec to see if all the open issues were resolved or left open. And here is another one: When I buy a card in the US, will I be able to connect to lets say the European version?
I'm not positive on the answer to this, but I expect that the subset of frequencies to be different. I know it is between the US and Japan. Otherwise I think the hardware is the same. Now note that there is a couple of European groups working on other wireless lan standards.
When I go and setup my network at home I'm going to get cards that use the same chips in them. This is to squash all the possible compatibility issues as much as possible.
I did a survey from spring 99 that was aimed at robotics use. At that time I saw it as a good possibility. It can only have improved sense then. I eventually plan to use them for linking to my robot and a wearable computer.
Allowing the update of FLASH roms can be done is a safe manner. All it requires is some external signal not controlable through software. IE, a switch or jumper. Sadly in the name of cost effectiveness and the end user's inablility to find their way around the inside of a computer case safely. It will likley be a soft switch.
The way exec works is the new process overlays the old one, getting access to all it's open files. etc. Process A starts process B and grabs access to it's memory, then process B execs a privilaged program. Process A still has access to B's memory. It could then write new code/whatever into B's memory and take control of B to get it to do what it wants.
This is not a dificult problem to overcome, it should be able to be overcome with permitions checking at each access to a file. In this case when B changes ID to the privilaged ID the process space changes ownership. Then when A trys to write to B's process space it fails because of permitions. And yes you could optimize this to cut down the processing overhead by having exec type functions set a recheck perms flag on each call. The first file IO call for each open file would then recheck the perms on the file.
Nevermind of course, that for real prejects, the trade off in maintainability, portability, and extensibility is almost not worth any demonstrable performance gain anyway.
Some people just have no idea how true this is, and I've had to work with many like that.
But judges aren't. We need a laptop or computer that has a running LiViD on it for demonstration to the judge. Alternatly, make a video tape of a Linux box booting Linux, then go through the login process, Show the DVD, then insert it into the DVD drive and start a DVD playing.
By the time they are obligated to give it back your equipment and data are useless and out of date.
Make those backups and keep them off site. It's the minimum you should be doing anyways. Ever heard of fire, flood, and theft? Keep backups and keep a copy or two off site.
The other thing to do is make sure your restoration strategy works. It does no good to make a backup if you can't restore it. This includes having all the copies of the programs and OS you need for restoring. Also keep a copy of the hardware specs for your backup drive of choice. I know of one case where they had to buy three different tape drives before they found right type that could read the tapes. Keep them all safe and off site.
I made a couple of sugestions on dealing with ACs. One was to take any point used to moderate down an AC and recycle it back into the general pool of points to hand out to moderators either immediatly or after review of the posts by staff. It may be that a relatively consistant persentage of points are used to keep the AC abusers in check. That percentage could be automatically placed into the general available pool. Who knows if either would be implemented, but either would make it less effective to try to manipulate the system.
This dosen't surprise me one bit. Many programs use/tmp files rather badly. Most open them with world readability thus possibly disclosing contents. I'll admit even I have written scripts and programs that do poor file handling in the/tmp directory.
The other problem it is possible on many UNIX systems to delete files that you don't own in the/tmp directory. There are some UNIXes that don't allow this, but it creates an exception to the normal UNIX file handling rules.
Combining the poor file handling and being able to delete others files in/tmp one can do all sorts of exploits to gain root or access to others accounts.
This is still a drop in the bucket. It will help with the higher altitude data collection, and pilot forcasts. To really increase the amount of data collected, what is needed is the Handy Home Weather Station that automatically reports it's position (GPS coordinates) and current weather data directly to the national weather service every few minutes. If they were cheep enough (less than $200) and were easily hooked up to ethernet or called a local or 800 number to report in. An ideal unit would be one that is fully self contained and mounted on a mast above the house, has a remote display, and can be linked into the home network.
Re:Powered by Fairy Liquid
on
Digital Nose
·
· Score: 2
I wonder how many false positives would come from hunters, gun owners, and around the 4th of July...
Re:Broadband ISP's need different rules
on
@Home UDP Lifted
·
· Score: 2
The solution to this is to get all the distributions to make all forwarding type services opt in. That is forwarding services need to be explicitly enabled by the installer. This goes for any type of server, mail, news, IRC, ICQ, whatever. This isn't all that hard of task to do. It only takes some changes in the default configuration files, initial setup code, and documentation.
Now we just need someone Outside the US to design and make a PCI encryptor/decryptor board that supports blowfish. If I had the ability to program programible logic devices I'd think about doing this just for myself, but then I'm also in the US so if I did it, I couldn't easily post the design or export it. With current programible logic encryption rates over 1M bytes a second should be possible.
Features that would be good. Write only key space. Space for a number of key sets. The OS can moderate who can use which key sets. It would use PCI bursting to transfer data to and from it. It would also need to handle common block chaining modes.
I figure it could be done on one large FPGA or similar. It may require a bank of fast SRAM for buffer space, but I think it could be done without. The actual card size could be miniscule. No larger than the length of the PCI connector and about 40mm high. One could even support a number of different encryption/decryption methods. I'd like to see DES, Triple-DES, Blowfish, Two Fish, RSA and maybe a few others.
Who cares if it emails the surgen general, I'm more worried that it will notify X corp that I ate Y dinner at Z time. Just imagin the potential for marketing and harasment. "How about some pie to go with that dinner your having right now? You can pick some up at the local 7-11 down the street." It's bad enough that most stores can track your purchases if you use credit or debit cards to pay for them. Same goes for those store discount cards. Reminds me of Max Headroom.
Privacy is very important. Guard against it's abuse.
You write your representitives. Had written on paper is generally best, then typed letter and signed, then phone call. Lest best is email. Not sending a letter means you don't care and are ignoreable. Remember when you are writing this up, clearly state your opinion and support it. Also do it in a calm reasonable manner. Never use personal attacks either against your representitive or others. Who knows your representitive or one of the staff may like the perons you attacked and dis your letter.
There are people, and organizations out there, believe me, that actually get a warm, fuzzy feeling from having paid the proper amount, and licensed the proper software, and gotten all the proper revisions, so they can be really really legal and happy and hunky-dory and proper.
Like IBM trying to figure out how to license or pay for Apache.....snickers....
Someone who knows the hole story, please fill us in one it.
Actually software needs to be handled more like engineering. As someone who has worked on many projects over the years, the ones that were handled with practices closer to standard engineering pratices always ran smoother, and produced better software. You need the design reviews, you need the code reviews, and you need the structured planned out testing done by people working off of the design. Sometime look up best engineering pratices. Follow them when you write code.
One Positive thing I can see this law doing. Helping Open Source software. There will be a greater demand for OS products which don't have stupid licensing restrictions because of the stupid restrictions possible under UCITA.
No matter where you embed the key we can find it... If you further encrypt the key, we can still find it. We just need to go through another layer. Even if it isn't immediatly evident how the encryption is done, people talk. The randomness of the key will also help us to find it. Even if it is built into a chip. Chips can be reverse engineered. Obscurity just dosen't work. CSS is clear proof of that.
Well, it is up for further comment. Now is the time to speak up. Come up with your rational sugestions, and put them forth. Make sure you ground those sugestions in as much fact as you can. The cat may be out of the bag as far as encryption goes, but we need to get our US laws in line with the cat.
One thing I note is the relative and almost blanket exemption for E-Commerce and banking.
Principal character in that HARLIE is one of the main characters and the book would make no sense without its presence. The story fully revolves around HARLIE. No other book or story had gone that far before.
There is a third option. Tell the vender to support Oracle or Sybase as backends on non NT environments or lose your busisness. Put the upgrade on hold, and start looking for replacements. When you send the letter make sure it is signed by your cheif technical officer and CEO. Also send it to their CEO/president as well as your salesman. Give it some teeth.
My personal favorit AI is HARLIE or Human Analog Robot Life Imput Equivalents from "When Harlie Was One", a book by David Gerrold. It's the first AI to be a principal character in a book. David Gerrold did a rewite of it a number of years later and called it "When Harlie Was One Rel 2.0".
Sure HAL gets to a baddie twisted by his own makers commands, but HARLIE hacks the company mainframe and net just because he thinks it's just another part of him. After all what does a child do? Play in it's environment...
Slashdot Mirror
VR Head gear has the same problem as watching to much TV or playing to many computer games does. It fucks up your ability to properly differentiate distance. Note that this problem is with young people who haven't fully trained their distance judgement circuits. Us older geeks who have already trained our distance judgement circuits have no problems. Apparently there is much more to distance judgement than the angle difference between the eyes. Focus plays a large part as well as motion of the object.
Cost will be a major driving force. For any method to work it will need to make it cost effective to just buy the original.
With the advent of very fast computers it is just not possible to make a copy protection scheme that will last for any duration. A means around the protection will always be found. Encryption is easy to break because the key needs to be on the player at some point, and at some point the raw digital data needs to be available. Due to both of these constraints it just isn't feasable to use copy protection to protect a work. There will always be a way around it.
Ease of use. If Joe Schmoe 50 IQ can't deal with it, it will fail.
Because of these constraints I feel low cost download will likely be the wave of the future.
For the most part yes. There were a couple of open issues relating to the upper software layers (durring Spring 1999), but as for the hardware level they should be fully compatible. I haven't read the final spec to see if all the open issues were resolved or left open. And here is another one: When I buy a card in the US, will I be able to connect to lets say the European version?
I'm not positive on the answer to this, but I expect that the subset of frequencies to be different. I know it is between the US and Japan. Otherwise I think the hardware is the same. Now note that there is a couple of European groups working on other wireless lan standards.
When I go and setup my network at home I'm going to get cards that use the same chips in them. This is to squash all the possible compatibility issues as much as possible.
I did a survey from spring 99 that was aimed at robotics use. At that time I saw it as a good possibility. It can only have improved sense then. I eventually plan to use them for linking to my robot and a wearable computer.
Allowing the update of FLASH roms can be done is a safe manner. All it requires is some external signal not controlable through software. IE, a switch or jumper. Sadly in the name of cost effectiveness and the end user's inablility to find their way around the inside of a computer case safely. It will likley be a soft switch.
The way exec works is the new process overlays the old one, getting access to all it's open files. etc. Process A starts process B and grabs access to it's memory, then process B execs a privilaged program. Process A still has access to B's memory. It could then write new code/whatever into B's memory and take control of B to get it to do what it wants.
This is not a dificult problem to overcome, it should be able to be overcome with permitions checking at each access to a file. In this case when B changes ID to the privilaged ID the process space changes ownership. Then when A trys to write to B's process space it fails because of permitions. And yes you could optimize this to cut down the processing overhead by having exec type functions set a recheck perms flag on each call. The first file IO call for each open file would then recheck the perms on the file.
Can you say printing on the inside and outside...
Nevermind of course, that for real prejects, the trade off in maintainability, portability, and extensibility is almost not worth any demonstrable performance gain anyway.
Some people just have no idea how true this is, and I've had to work with many like that.
But judges aren't. We need a laptop or computer that has a running LiViD on it for demonstration to the judge. Alternatly, make a video tape of a Linux box booting Linux, then go through the login process, Show the DVD, then insert it into the DVD drive and start a DVD playing.
By the time they are obligated to give it back your equipment and data are useless and out of date.
Make those backups and keep them off site. It's the minimum you should be doing anyways. Ever heard of fire, flood, and theft? Keep backups and keep a copy or two off site.
The other thing to do is make sure your restoration strategy works. It does no good to make a backup if you can't restore it. This includes having all the copies of the programs and OS you need for restoring. Also keep a copy of the hardware specs for your backup drive of choice. I know of one case where they had to buy three different tape drives before they found right type that could read the tapes. Keep them all safe and off site.
I made a couple of sugestions on dealing with ACs. One was to take any point used to moderate down an AC and recycle it back into the general pool of points to hand out to moderators either immediatly or after review of the posts by staff. It may be that a relatively consistant persentage of points are used to keep the AC abusers in check. That percentage could be automatically placed into the general available pool. Who knows if either would be implemented, but either would make it less effective to try to manipulate the system.
This dosen't surprise me one bit. Many programs use /tmp files rather badly. Most open them with world readability thus possibly disclosing contents. I'll admit even I have written scripts and programs that do poor file handling in the /tmp directory.
The other problem it is possible on many UNIX systems to delete files that you don't own in the /tmp directory. There are some UNIXes that don't allow this, but it creates an exception to the normal UNIX file handling rules.
Combining the poor file handling and being able to delete others files in /tmp one can do all sorts of exploits to gain root or access to others accounts.
This is still a drop in the bucket. It will help with the higher altitude data collection, and pilot forcasts. To really increase the amount of data collected, what is needed is the Handy Home Weather Station that automatically reports it's position (GPS coordinates) and current weather data directly to the national weather service every few minutes. If they were cheep enough (less than $200) and were easily hooked up to ethernet or called a local or 800 number to report in. An ideal unit would be one that is fully self contained and mounted on a mast above the house, has a remote display, and can be linked into the home network.
I wonder how many false positives would come from hunters, gun owners, and around the 4th of July...
The solution to this is to get all the distributions to make all forwarding type services opt in. That is forwarding services need to be explicitly enabled by the installer. This goes for any type of server, mail, news, IRC, ICQ, whatever. This isn't all that hard of task to do. It only takes some changes in the default configuration files, initial setup code, and documentation.
Now we just need someone Outside the US to design and make a PCI encryptor/decryptor board that supports blowfish. If I had the ability to program programible logic devices I'd think about doing this just for myself, but then I'm also in the US so if I did it, I couldn't easily post the design or export it. With current programible logic encryption rates over 1M bytes a second should be possible.
Features that would be good. Write only key space. Space for a number of key sets. The OS can moderate who can use which key sets. It would use PCI bursting to transfer data to and from it. It would also need to handle common block chaining modes.
I figure it could be done on one large FPGA or similar. It may require a bank of fast SRAM for buffer space, but I think it could be done without. The actual card size could be miniscule. No larger than the length of the PCI connector and about 40mm high. One could even support a number of different encryption/decryption methods. I'd like to see DES, Triple-DES, Blowfish, Two Fish, RSA and maybe a few others.
Who cares if it emails the surgen general, I'm more worried that it will notify X corp that I ate Y dinner at Z time. Just imagin the potential for marketing and harasment. "How about some pie to go with that dinner your having right now? You can pick some up at the local 7-11 down the street." It's bad enough that most stores can track your purchases if you use credit or debit cards to pay for them. Same goes for those store discount cards. Reminds me of Max Headroom.
Privacy is very important. Guard against it's abuse.
You write your representitives. Had written on paper is generally best, then typed letter and signed, then phone call. Lest best is email. Not sending a letter means you don't care and are ignoreable. Remember when you are writing this up, clearly state your opinion and support it. Also do it in a calm reasonable manner. Never use personal attacks either against your representitive or others. Who knows your representitive or one of the staff may like the perons you attacked and dis your letter.
US House of representitives: clerkweb.house.gov
MN Government: www.leg.state.mn.us/leg/legdir.htm
Those are the two ones I have book marked. Can others fill in the rest or point to a site with them all indexed.
Like IBM trying to figure out how to license or pay for Apache. ....snickers....
Someone who knows the hole story, please fill us in one it.
Actually software needs to be handled more like engineering. As someone who has worked on many projects over the years, the ones that were handled with practices closer to standard engineering pratices always ran smoother, and produced better software. You need the design reviews, you need the code reviews, and you need the structured planned out testing done by people working off of the design. Sometime look up best engineering pratices. Follow them when you write code.
One Positive thing I can see this law doing. Helping Open Source software. There will be a greater demand for OS products which don't have stupid licensing restrictions because of the stupid restrictions possible under UCITA.
No matter where you embed the key we can find it... If you further encrypt the key, we can still find it. We just need to go through another layer. Even if it isn't immediatly evident how the encryption is done, people talk. The randomness of the key will also help us to find it. Even if it is built into a chip. Chips can be reverse engineered. Obscurity just dosen't work. CSS is clear proof of that.
Well, it is up for further comment. Now is the time to speak up. Come up with your rational sugestions, and put them forth. Make sure you ground those sugestions in as much fact as you can. The cat may be out of the bag as far as encryption goes, but we need to get our US laws in line with the cat.
One thing I note is the relative and almost blanket exemption for E-Commerce and banking.
Principal character in that HARLIE is one of the main characters and the book would make no sense without its presence. The story fully revolves around HARLIE. No other book or story had gone that far before.
There is a third option. Tell the vender to support Oracle or Sybase as backends on non NT environments or lose your busisness. Put the upgrade on hold, and start looking for replacements. When you send the letter make sure it is signed by your cheif technical officer and CEO. Also send it to their CEO/president as well as your salesman. Give it some teeth.
My personal favorit AI is HARLIE or Human Analog Robot Life Imput Equivalents from "When Harlie Was One", a book by David Gerrold. It's the first AI to be a principal character in a book. David Gerrold did a rewite of it a number of years later and called it "When Harlie Was One Rel 2.0".
Sure HAL gets to a baddie twisted by his own makers commands, but HARLIE hacks the company mainframe and net just because he thinks it's just another part of him. After all what does a child do? Play in it's environment...