No better reason than he liked to party too much? I see the study of History truly is dead.
And that was a Bad Thing. And the Venomous Bede did gyre and gimble in the wabe.
In all seriousness, the Lord of Marple (the area I grew up and also an area noted for visits by a murder mystery authoress) was the first signer of King Charles' death warrant. Apparently, it was not altogether a willing signature. Nor were others agreeable with the decision.
The leadership of King Charles was not great, but definitely nowhere near the pure evil of previous kings. The Puritans' chief cause - no matter what they claimed in Parliament - was that they wanted to impose their lifestyle on everybody and King Charles was the ultimate symbol of what they considered a decedent lifestyle. Whether it was is hard to say - history is written by the winners - but ultimately it came down to this. He wasn't "one of them" and had to go.
The OS I have in mind would leave yours alone and give me the UI I want, and give others the UI they want. I don't see the conflict. X is X is X, whether you run Gnome, KDE, FVWM2, Open Look, AfterStep or Motif. That's the beauty of it.
Because X ultimately handles the display, there would be nothing to stop someone adding a skinning layer to X to add the ability to control the look & feel, disrupting exactly nothing, not altering a single application or window manager.
It would mean that those who like their system the way it is would have the system exactly the way it is. It would not impact anybody's ability to choose a different WM or desktop environment. All it would do is give you the ability to tailor it IF you so chose.
You already have some of that. KDE and Gnome both allow a lot of customization. Not to the degree I'd like, but it's there. Indeed, the ability to pick a Window Manager at all is a significant piece of customization.
I doubt I'll ever write this mod, but if I did, it would merely be offering you the option of having more of what you already have - choice - with no obligation to either take the option or even take the offer. That's leaving something alone fairly, because it's then by choice and not by design.
And that came out in the UK in the mid-to-late 80s. Never did solve the anagram of the author's name. The DoD's "Orange Book" covers the topic in some depth, which is why computers that can carry classified data MUST be certified to B1 standard or better - or whatever the nearest Common Criteria protocol defines for mandatory access controls and protected space.
And that's the crux of it. If you have discretionary access controls (or no meaningful access controls at all) then you're as trusting as the person who leaves a spare key under the doormat. Under a totally trusting environment, that actually works very well and can improve efficiency. Where trust is unrealistic or inappropriate, you need better defenses.
I believe it has passed the point where most businesses should be using B1-comparable systems for as much as possible, and should use secure networking where practical.
IPSec for all traffic would be good. All web traffic over SSL would be excellent, Kerberos is good. SSH is good. Telnet is bad. Rsh/Rlogin is evil. Both easy-to-guess and impossible to remember passwords are diabolical. Wireless without 802.1x security or better is satanic. Unpatched computers that "don't matter" (and so never supervised or monitored) are so far beyond the deepest pits of Hades that they should be burned at the stake and their transistors scattered to the four corners of the world.
HOWEVER, it is important to remember that people do not think alike. What is consistant for one may not be for another. The "correct" UI is one where the applications describe what they'd like the UI to contain, with a skinning engine turning this description into something the user can actually use.
For example, plenty of Windows users will be quite happy by going to "file" to print or close an application. "Find" is under edit, not view. That's fine for people who think that way and for them it SHOULD be that way. The rest of the userbase shouldn't have to suffer for it, though.
Myself, I like visuals. The idea of dragging an application window to a printer, OR dragging the printer to the application windows, appeals to me. (To me, drag&drop needs to work by object, not by destination.)
"But writing all those interfaces would be massively overwhelming!" I'm not suggesting anyone does. Just provide a rational, consistant, standard skin that the majority can use, then provide a powerful enough engine that can handle application look&feel and drag&drop events not otherwise handled. Then write a simple UI editing engine. If people want their own UI, give them the tools to provide it.
"Most people wouldn't bother." Probably true, but the Open Source dictum is that some will, and that evolution will lead to superior interfaces.
"How does that benefit company X that sells products?" Easy enough. Every time you're about to release a next major version, look and see whether other skins are doing better than your default. If they are, switch. If that's how everyone sees your program anyway, it won't hurt anyone's ability to use it.
If the password needs to be temporarily stored, there are plenty of ways to store a password that are secure and fast. Besides, since you'll only ever actually check the password against a hashed value, it would be more logical to store the hash if you want the speed.
For debugging purposes, you MAY want to print out entered values. However, you don't do this in the main log. For a start, if you're debugging, you don't want to have to search through tonnes of text. You want to find the error fast. You therefore output the "routine" log to one file and the "debug" log to a different file.
Doesn't this just go back to the same problem though? No. First, debug logs don't need to be written to quickly, because debug sessions are going to be slow anyway. Therefore you can encrypt them or otherwise make them unreadable to the casual observer. In general, you want these to be sent to the maintainer as part of a bug report in the event of an install failure, so just pre-encrypt them with the maintainer's public PGP/GPG key.
A more "correct" solution would be to assign different debug levels to different levels of logging, where your maximum level logs absolutely ALL data entered by the user, but where distributed versions are issued with much more basic logging that excludes private information that isn't likely to be useful in debugging the problem anyway.
(The ideal solution is to have maintenance debugging for logging everything as a distinct patch to the basic distribution, so the basic distribution cannot - even accidentally - log everything. That way, users don't even have to put up with obscenely inflated binaries that have lots of debug stuff that will likely never be used, and maintainers don't ever have brown-paper-bag security scares.)
The main drawback is that although we do indeed know that genes have evolved in the past 10,000 years, it's not by very much. The bulk of modern societies are substantially younger. Britain was inhabited 15,000 years ago, but the current mixture of genes we call the English, for example, are a mere 940 years old. There would be precious little differentiation in a paltry thousand years. Certainly not enough to explain the peculiarities of the English.
(Well, having said that, I'm not sure that anything short of experiments by sadistic aliens from the planet XYZZY can explain the English, but that's another story...)
Likewise, many European nations are very young, in evolutionary terms, and spent most of the time invading each other, mixing the gene pools substantially. It's actually quite impressive that there is any "national trait" in appearance, all things considered. By all rights, that should have been totally eliminated through wars, raids, invasions and the occasional mass population migration.
I'm inclined to reverse the direction of the theory - that nations did not evolve people to fit the circumstance, but rather people evolved nations to fit their whims.
Under this theory, genetics is quite irrelevant. Rather, you start off with small bands of people espousing a specific philosophy or attitude, and that attracts like-minded people. The bands that become large enough become nations, the smaller bands become yokels to be scorned by the masses.
I do not believe that there is a "work-till-you-die" gene, for example. It's counter-productive. You end up doing less effective work, die younger and are unable to take full advantage of the skills and abilities of those who cannot physically work under such rigors. We can see that although American medicine is the best in the world, and American mental and physical healthcare is highly advanced, more people die in America from stress-related disorders (including stress-related addictions) than do so in any other technological civilization on the planet. From a purely evolutionary perspective, a more efficient, less militant work-ethic should be better adapted for survival.
Clearly, evolution isn't the determining factor in what civilization survives, or indeed becomes dominant. However, no civilization can become dominant without some advantage, and no civilization will maintain a philosophy that doesn't provide it with some payback.
America has a lot of resources, a lot of usable land, a lot of just about anything imaginable. Combine that with a rapid population growth, and you've the makings of a very respectable superpower. The payback then becomes obvious - with that much in hand, it is very easy to accrue both wealth and influence. Those factors alone are enough to describe American philosophies.
But American philosophies didn't evolve out of thin air. They came from the Puritans - known to the English as the Roundheads. The Puritans ruled England after seizing power in a military coup under the leadership of Oliver Cromwell, and beheading the King for no better reason than he liked to party too much. (The Royalists were known as the Cavaliers, from which we have inherited the term to be "cavalier".) After Cromwell himself was forced from power, the Puritans fled England for America, becoming the controlling force there.
The Puritans were a strange English sect and really didn't feature much in English history prior to the English Civil War. If genetics plays any role in culture or history, the Puritans evolved in exactly the wrong place and the wrong time. England, by that time, was becoming seriously sick with endless internal religious wars. Strangely, the Puritans managed to move to about the one country in the world that could handle them. This is simply not something genetics can do for you.
I am much more inclined to believe that there is nothing here that needs explaining genetically, that the genetic makeup o
And the habitable niches of a lot of living animals is extremely small. Due to urbanization and habitat destruction, there are only really two types of region left for animals - the virtually surrounded and the utterly remote.
Panda bears, polar bears, African elephants, all of the surviving Great Apes etc, fall into the former category. This makes the territory easy to explore. It also means that the region will likely be heavily surveyed by both corporations and environmentalists, each trying to win concessions to their perspective.
(Having said that, even well-studied populations aren't necessarily as well-understood as thought. At least one species of dolphin off the coast of New Zealand has turned out to really be two distinct species - drastically reducing the population of the first group. A group of Right Whales off the coast of Australia has also been demonstrated to really be multiple, genetically distinct species.)
Extremely remote locations aren't as well-studied. It's much harder to send undergraduates to remote islands around Papau New Guinea. No beer. Very remote locations are extremely difficult and expensive to study, so they generally aren't. This is where the bulk of "new species" and "rediscovered species" are found. These locations are generally under much less pressure, which means that amateur and semi-professional researchers are unlikely to take the time and effort to go - they're generally needed much more elsewhere.
Then, you've the problem of extremely small animals. The rediscovered woodpecker in North America is not the biggest bird on Earth, is highly mobile (duh!), blends in well with the environment, and is very probably terrified of people - the only people who go into that particular woodland being hunters. This rat-squirrel is likely smaller still, probably bleds in a lot better, and has had 11 million years of practice at running away.
Finally, numbers are very important. If you mis-count by 10 out of 1000 elephants, the number is basically still the same. If you mis-count by 10 the number of Yahtzee River dolphins (of which there are somewhere between 0 and 33 left), it is somewhat more significant. The scientists have not seen any of these rat-squirrels alive and only the one that was caught. As far as anyone is concerned, that may have been the last one alive - at present, we have no evidence to the contrary. If populations have been extremely low and highly localized, which is likely the case, then it was sheer chance that it was ever seen at all. See the story behind the discovery of the Wollemi Pine for other such discoveries.
(Numbers are absolutely critical when it comes to observing small species. It's easier to see one rhino from a mile off than ten dormice from a hundred feet, or a hundred fairy shrimp from five paces. As such, you need comparitively VAST numbers before you are likely to ever see anything at all.)
I don't completely trust the population counts (see my comments about genetically distinct species) but the observations I've seen would imply the counts may be far too high in some cases, NOT the other way round. There will unquestionably be more "living fossils" discovered over time, but the numbers will remain insignficant compared to the number of species that have genuinely been driven extinct - by "natural causes" or by human activity. This find ADDS to the urgency of efforts to save what there is, not the other way round.
(For a start, if its nearest cousin died off 11 million years ago, the population is likely genetically very similar, leaving it vulnerable to disease and genetic disorders. There is also no possibility of bolstering numbers through cross-breeding efforts - a rescue tactic used by some conservationists when "pure" populations are simply not possible any longer, as there's nothing left on Earth that will be even remotely close enough.)
Ballot boxes can be stuffed or go missing. When Republicans (or Democrats) collect votes - some places do collection - it's amazing how few of their opponent's votes seem to be present. (That last one is scary for England, as that's the system the two major parties are heavily pushing.)
My preferred system would be to have:
A computer record electronically a vote in as tamper-proof way as possible
A printed copy on tamper-proof paper that the voter can examine before placing in the ballot box
The ballot boxes should be under the control of neutral (or as neutral as possible) observers, not members of a political sect
Electronic records of every vote, NOT tallies
Each and every single paper ballot counted by hand
Some means of proving beyond all reasonable doubt (eg: by using randomly-assigned encryption keys or a random digital identifier) that exactly one vote corresponds to exactly one voter (ie: no vote that cannot be attributable to a known authentication token and no vote that can be attributed to an authentication token already used by another vote)
An EXACT match in tally between electronic and physical formats
The ability for outsiders to verify that claims of a 1:1 match between votes and tokens is genuine
The ability for outsiders to count the electronic votes and establish that the total alledged is the total present
That would give you a very high level of assurance, because you're not relying on one single path being free of corruption. It's not "perfect" in that if there is an error, you cannot know which path was the path that created that error. In order to have a failsafe system, you need 2/3rds + 1 of the paths to be trustable. (It's just a variation of the Byzantine General's Problem.) You need three wholly independent paths, then, as an absolute minimum just to have a chance of having a reliable system.
But all the reliability in the world for the voting system is useless if insufficient people vote. I would argue that 75% of the registered voters (or 50% of the population, whichever was greater) would probably be a reasonable minimum. If the minimum isn't reached, the polling stations should be kept open until the end of the day in which the minimum IS satisfied.
(In neither case is a person obligated to vote - democracy implies the choice to not vote. However, as non-voting is a choice made as part of the election, it should be recognized, not ignored as a passive "whatever".)
Oh, and all ballots should have the option "Re-Open For Nominations" as a choice. If this choice wins, the election should be abandoned and re-held, with the last round of candidates barred from standing in the re-run.
Such an overhaul of the system would unquestionably be detested and despised by most of the politicians, you'd be really hard-pressed to get the volunteers necessary, and it's unclear how voters would take to being held utterly responsible for their conduct.
(At present, many voters regard US elections as a senseless game with no meaning and no real consequence. They also regard politicians as corrupt, but have no interest in that corruption being eliminated. As all politicians are deemed corrupt, nobody really cares who wins. Politicians can rig ballots with impunity because it's expected of them. Only the corrupt become politicians because that's how the game is defined. They don't care, because they know apathy will guarantee them job security. The cure, then, would be to ensure that apathy guarantees nothing.)
But you sound right to me. Having said that, I would have absolutely no objection to IBM porting support for ultra-parallel RAID to Linux. In fact, there are probably a number of areas in the kernel that they could use their experience in parallel architectures to tighten up on.
Since GPFS is basically RAID on speed, it should be easy for IBM to write a wrapper for Linux that would allow you to read/write GPFS, without needing to port GPFS per-se. As IBM sells Linux-based machines, being able to access GPFS partitions would seem "obvious", but I could understand them wanting to keep the best-of-the-best for systems they make more money off of.
You're correct that it's like saying telephones shouldn't be used by businesses. Indeed, I'm rather surprised that telephones are still used for such transactions, when bugging telephones is not difficult and apparently quite common. The military use "STUs" (Secure Telephone Units) that use strong encryption - probably in a manner very similar to GnuPG - for all sensitive communication.
With the advent of VoIP, crypto chips that you can buy off the shelf, etc, it would neither be difficult nor unreasonable for businesses to support extremely secure lines of communication. Five, ten, years ago, it wasn't realistic to expect much in the way of particularly strong protection of communications. These days, the reverse holds true. It is no longer reasonable to expect businesses to maintain insecure lines of communication, simply because they always have done.
"Absolute security" is one of those terms that gets banded about by cryptoraphy experts but it has no clear definition. It's easy to show that an undefined goal can't be reached!
Let us start with a reasonable definition of "absolute security": The message, if intercepted, cannot be brute-forced, as it is impossible to distinguish between valid and invalid decryption attempts, AND the valid key cannot be intercepted or stolen, AND the message cannot be tampered with, AND the message must not be repudiatable.
Part 1 is easy to achieve. You use a strong compression algorithm to essentially pre-randomize the data. Part 2 uses a stored copy of a natural, totally random source as the key for a One Time Pad to encrypt the data. Part 3 is to use a public-key encryption system with partial decryption keys (ie: no one person has enough of a key to decrypt the message, but perhaps two together or three together would). The encryption mode (how the key shifts between blocks) needs to be authenticating and validating. NIST have specifications for such modes.
Now, if attacker A breaks into a person's house and lifts their partial key and the OTP, they can do what? The OTP will apply perfectly well to a corrupt message, so every possible attempt to break the public key will have equal likelihood of being correct, making it useless.
Is this far too much for a typical business? Sure. The question I answered was not whether it would be practical, but whether it would be possible. I believe I have demonstrated here that it would be possible, although I can think of no way to make it practical.
What, then, is practical? STU phones, or a reasonable facsimilie using a stream cipher and VoIP, along with virtually private messaging. ie: where some combination of strong authentication, strong validation, strong encryption, and VPN tunneling, is used to create an enviornment in which unauthorized individuals would find it impractical to identify the type of communication and would not likely be able to determine the contents within the meaningful lifetime of said contents.
If you can meet these criteria - and it shouldn't be hard - then security may not be "perfect" in an absolute sense, but the liklihood of an intercept or a false message would be so close to zero in the next 20-30 years that unless you're dealing with national secrets, this would give you as close to perfect security as you need.
NB: Since breaking into machines and installing keyloggers and event loggers is possible, I'm assuming both primary parties are using systems that are as hardened against direct attack as OpenBSD, and would meet a significant portion of the old Orange Book B3 standard.
Red Hat Enterprise 5 is being evaluated for the following: EAL 4 Augmented with ALC_FLR.3, Controlled Access Protection Profile (CAPP) Version 1.d, Labeled Security Protection Profile (LSPP) Version 1.b, Role Based Access Control Protection Profile (RBACPP) Version 1.0. There are probably hardening patches out there - not to mention some excellent crypto hardware - that can improve the results further. Two systems like that, at the end points, with the best encryption methods in public use, is simply not going to be on anyone's list of targets, which means that it is de-facto absolutely secure, even if it is not literally so.
It is true that 95% of users don't use GPG, but I'd regard that as a flaw in and of itself. Mind you, most e-mail programs (including, IIRC, thunderbird) don't support GPG, although some do support a limited range of digital certificates.
Does it make the e-mails less safe? No. First, the flaw is for adding material, not reading it. Second, it's for signing, not encryption per-se. It DOES mean that you cannot trust e-mail for commercially sensitive transactions, but nobody should be trusting e-mail for that anyway.
Does it affect routers or the infrastructure of the Internet? Only insofar as domain registrars never validate change requests properly. A carefully-crafted attack could use this to append a change-of-IP request to some ISP's routine request to a registrar, which means an attacker could create a phony DNS server for the express purpose of polluting the DNS namespace. If the registrar uses GPG's validation as proof of a legit request (and some are quite happy with a fax with no proof of origin at all) then it could have an impact.
Is this a likely scenario? No. The problem with lack of validation has been around for decades and has been used by cybersquatters and porn merchants, but never (as far as I know) for Black Hat activities. The lack of any significant effort has never been due to security. My best guess is that it's due to skript kiddies being clueless. Which is just as well. If demonstrable and simple exploits aren't being used to cause catastrophic levels of mayhem, then I think we're pretty safe against this somewhat more sophisticated vulnerability requiring (as you coorectly point out) a MitM attack.
...that they would have done better to use a different name for the enterprise edition and keep the goodwill name for themselves. Fedora Core isn't really a different distro - they just used the fedora name.
The big danger is that chopping and changing the brand name again will worsen the confusion, rather than clarify things. Those who have grown used to the Novell name may not be so happy with the SuSE name and may even reach the (incorrect) conclusion that it's a distribution fork. Remember, the enterprise market has been pumped up with the FUD that Linux is going to fork "some day".
The name-change to Novell was a Bad Idea (apologies to 1066 And All That), so it would seem that switching back to SuSE would be a Good Idea. There is also strong evidence that the Solaris/SunOS name-switching by Sun didn't kill the product line - although it definitely didn't help and was such a farce that it is still clearly remembered to this day.
Red Hat's method (Red Hat for the Enterprise, Fedora Core for the Real Users) is acceptable, though certainly not brilliant. It's one way of leveraging brand recognition for multiple brands. Works better in the car industry than the software industry, I suspect.
When investors talk about keeping a diverse portfolio, it's because they don't manage the projects and don't know the decisions being made that will make or break all of the investments any given company is making. So you hedge your bets and cover your back.
When companies start talking about keeping a diverse portfolio (ie: lots of totally unrelated product lines), what does that mean? Well, the "obvious" conclusion is that they're not confident enough in anything they're doing and are not confident in decisions that might make or break things for the company down the road. They're not consolidating, they're not buying in any technology or IP they don't have but could use (I can't see how they can use any of it, and what they can they probably have), so that leaves hedging their bets and covering their backs.
If Cisco think IP-enabled CCTV can possibly make enough of a difference to cover the cost of the investment AND believe that none of their own products could produce as much or better return for that same amount of money, I'd look a lot harder at alternatives.
(It doesn't mean I think Cisco will fold - they're far from doing that. It means I think Cisco have run out of ideas, which is generally a much worse place to be. You can always borrow money, but fresh, quality ideas are tougher to find.)
or an attempt at mod-point humour (the same way a funny post might be marked informative), or the user ate some of the crustacean and discovered it was hallucinogenic.
...with having a spare kidney growing instead of a stomach cell? If it works, it'll help make NHS food edible. If it doesn't, it'll replace the NHS food altogether.
I dislike UTF with a passion - it wasn't designed correctly in the first place and all subsequent versions (we're up to Unicode 5.0.0 beta2) are hacks to supplement deficiencies that should never have been allowed in in the first place.
Having said that, if we're going to use UTF, we might as well use it right. Otherwise, it is going to be an agonizing pain every time we have to step up a version. DNS issues, alone, will preclude frequent updates from a half-hearted update. For this reason, it would seem stupid to use UTF-8 or UTF-16. Those don't encode everything that need to be encoded, if we're to have a truly international system.
Based on the current definitions, we should be looking at UTF-32, BOM and version 5 of the Unicode specification. The Unicode FAQ talks a lot about how nobody needs more character sets than UTF-16 can support, but (a) they don't represent all languages, or even a reasonable set, because UTF-16 can't handle that many, (b) only the criminally insane don't provide room for inevitable expansion, and (c) DNS is far more constrained by efficient processing and reliability than by bandwidth, and UTF-32 is described by Unicode themselves as faster and simpler.
The problem with Unicode internationalization is that there are multiple ways of defining what is effectively the same character, which means that users will not be able to differentiate between strings the computer regards as different. This is important, when dealing with copyright, phishing, cybersquatting, etc.
(Unicode is also very poor at handling character sets that can't fit into a single block, is very inefficient - only the first 21 bits of a 32-bit UTF are meaningful according to Unicode, and is an encoding for a whole glyph - which means that it will make meaningless distinctions and won't make sensible relationships.)
The first step to true Internationalization is to burn the Unicode specification and replace it with something cohesive, extensible and logical. The second step is to have standard hardware work on the unit size directly, so that anything that logically worked fine with bytes on byte-based hardware will logically work fine UNMODIFIED on the new units, totally transparently. The encumbrance of UTF decoding doesn't make it any easier to use. Transparency is the key to universality.
(If I can't use the new encoding on an early copy of Mosaic, if I can't load the text file into a standard text editor and edit it directly, if I need vast numbers of supplementary libraries and conversion charts to get it to work, then it's not transparent and adoption is going to be a real pain. Updates are a headache for programmer and user alike.)
...by the effective ban on software research. If you publish a flaw and don't include data backing it, you'll likely be sued for defamation. If you DO include the data (however insignificant) you'll be sued for copyright infringement. The 9/11 case in the US shows that is you do know of a problem, but don't tell anyone, you'll be got that way, too. However, being willfully ignorant of a fault can also land you in court, if it causes harm.
Software researchers are the most impacted by this, as it's hard for a PhD to claim natural stupidity as a defense. It's expected of most end-users (even when that is unfair) so they can get away with it.
Which is why I was thinking that the small companies that don't do "routine" biotech but are simply scraping the edges for profit might have sufficient spare capacity to do the biotech research that the mainstream companies don't have the resources for. Oxford Ancestors, for example, is not exactly studying drugs or cancer, and do do their own DNA work, so must have at least some of the equipment you'd need.
I fully accept that they might not have the know-how, and for all I know might well be saturated with what work they do have, but it seems to me that archaeological DNA studies and genealogical DNA can only be so big of a market, which means they might well be interested in going where no biotech lab has gone before.
I also know it does, from time to time, get done - dolphins and whales around New Zealand and Australia have been studied genetically for a while - with the consequence that genetically distinct (but physiologically near-identical) species have been discovered from such work. I guess that it's examples like that that make me think that we could discover so much more through DNA analysis. If Australia and New Zealand can almost double the known species through such work, the potential impact of such studies elsewhere could be staggering.
Haddock! I orca get these sorts of things right. Of course, the good jokes on Slashdot are kippers, but you so rarely see replies to them - the other users just clam up. It krills the thread. There's nothing wrong with a hirsuta-ble pun. (Yay! First bad play on hairy lobster name!)
Is that many "blind" fish exist, trapped in underground lakes where eyes serve no purpose. Fish transported there don't become blind, it is only the fish that have been there countless generations. HOWEVER, they go blind by a membrane growing over the eye. The eye is still there and research (from what I understand) suggests that the eye is still fully functional.
Here, there is no eye, there is only a membrane. This suggests one of two possibilities. Either it has existed in conditions where light would serve no purpose for FAR longer than the "blind" fish - such that the eye has devolved completely, or it predates the evolution of the eye entirely.
This may be testable. It's believed this new crustacean is a new species, but the only real test for this would be to run a DNA test and compare it against known crustacean DNA types. This would also give a good indication of how ancient the species is, as we'd then know how much junk DNA there was and if/when it split off from any other known species.
Talking of DNA, there have been a lot of new species discovered recently, but I've not heard of much DNA work being done and there are still VERY few species in any of the online DNA databases I've seen. I can't help but feel that this is an area of work that isn't being utilized as much as it could be. Sure, it's not cheap, but the masses of DNA sequencing labs that have sprouted up for genealogical DNA work can't possibly be getting enough orders to keep running. There must surely be some way of tapping into existing resources that would bring the cost of the work down to affordable levels.
But, then, maybe not. Absolute production-line marker recognition of one Y chromosome and mDNA of a well-known species over a very narrow time-frame is relatively trivial compared to charting actual base-pairs and chromosomes over an unmapped type of DNA for a species of uncertain classification, where the nearest point of reference might be anywhere from very recent to a few hundred million years apart.
Even so, DNA research for species identification must surely be an area that could supplement the income of such labs, the equipment would only need to be able to do enough work to produce preliminary results of some sort, the promotional value can't hurt, and it would give researchers something more than "it looks really different" to go by.
And that was a Bad Thing. And the Venomous Bede did gyre and gimble in the wabe.
In all seriousness, the Lord of Marple (the area I grew up and also an area noted for visits by a murder mystery authoress) was the first signer of King Charles' death warrant. Apparently, it was not altogether a willing signature. Nor were others agreeable with the decision.
The leadership of King Charles was not great, but definitely nowhere near the pure evil of previous kings. The Puritans' chief cause - no matter what they claimed in Parliament - was that they wanted to impose their lifestyle on everybody and King Charles was the ultimate symbol of what they considered a decedent lifestyle. Whether it was is hard to say - history is written by the winners - but ultimately it came down to this. He wasn't "one of them" and had to go.
Because X ultimately handles the display, there would be nothing to stop someone adding a skinning layer to X to add the ability to control the look & feel, disrupting exactly nothing, not altering a single application or window manager.
It would mean that those who like their system the way it is would have the system exactly the way it is. It would not impact anybody's ability to choose a different WM or desktop environment. All it would do is give you the ability to tailor it IF you so chose.
You already have some of that. KDE and Gnome both allow a lot of customization. Not to the degree I'd like, but it's there. Indeed, the ability to pick a Window Manager at all is a significant piece of customization.
I doubt I'll ever write this mod, but if I did, it would merely be offering you the option of having more of what you already have - choice - with no obligation to either take the option or even take the offer. That's leaving something alone fairly, because it's then by choice and not by design.
And that's the crux of it. If you have discretionary access controls (or no meaningful access controls at all) then you're as trusting as the person who leaves a spare key under the doormat. Under a totally trusting environment, that actually works very well and can improve efficiency. Where trust is unrealistic or inappropriate, you need better defenses.
I believe it has passed the point where most businesses should be using B1-comparable systems for as much as possible, and should use secure networking where practical.
IPSec for all traffic would be good. All web traffic over SSL would be excellent, Kerberos is good. SSH is good. Telnet is bad. Rsh/Rlogin is evil. Both easy-to-guess and impossible to remember passwords are diabolical. Wireless without 802.1x security or better is satanic. Unpatched computers that "don't matter" (and so never supervised or monitored) are so far beyond the deepest pits of Hades that they should be burned at the stake and their transistors scattered to the four corners of the world.
For example, plenty of Windows users will be quite happy by going to "file" to print or close an application. "Find" is under edit, not view. That's fine for people who think that way and for them it SHOULD be that way. The rest of the userbase shouldn't have to suffer for it, though.
Myself, I like visuals. The idea of dragging an application window to a printer, OR dragging the printer to the application windows, appeals to me. (To me, drag&drop needs to work by object, not by destination.)
"But writing all those interfaces would be massively overwhelming!" I'm not suggesting anyone does. Just provide a rational, consistant, standard skin that the majority can use, then provide a powerful enough engine that can handle application look&feel and drag&drop events not otherwise handled. Then write a simple UI editing engine. If people want their own UI, give them the tools to provide it.
"Most people wouldn't bother." Probably true, but the Open Source dictum is that some will, and that evolution will lead to superior interfaces.
"How does that benefit company X that sells products?" Easy enough. Every time you're about to release a next major version, look and see whether other skins are doing better than your default. If they are, switch. If that's how everyone sees your program anyway, it won't hurt anyone's ability to use it.
For debugging purposes, you MAY want to print out entered values. However, you don't do this in the main log. For a start, if you're debugging, you don't want to have to search through tonnes of text. You want to find the error fast. You therefore output the "routine" log to one file and the "debug" log to a different file.
Doesn't this just go back to the same problem though? No. First, debug logs don't need to be written to quickly, because debug sessions are going to be slow anyway. Therefore you can encrypt them or otherwise make them unreadable to the casual observer. In general, you want these to be sent to the maintainer as part of a bug report in the event of an install failure, so just pre-encrypt them with the maintainer's public PGP/GPG key.
A more "correct" solution would be to assign different debug levels to different levels of logging, where your maximum level logs absolutely ALL data entered by the user, but where distributed versions are issued with much more basic logging that excludes private information that isn't likely to be useful in debugging the problem anyway.
(The ideal solution is to have maintenance debugging for logging everything as a distinct patch to the basic distribution, so the basic distribution cannot - even accidentally - log everything. That way, users don't even have to put up with obscenely inflated binaries that have lots of debug stuff that will likely never be used, and maintainers don't ever have brown-paper-bag security scares.)
(Well, having said that, I'm not sure that anything short of experiments by sadistic aliens from the planet XYZZY can explain the English, but that's another story...)
Likewise, many European nations are very young, in evolutionary terms, and spent most of the time invading each other, mixing the gene pools substantially. It's actually quite impressive that there is any "national trait" in appearance, all things considered. By all rights, that should have been totally eliminated through wars, raids, invasions and the occasional mass population migration.
I'm inclined to reverse the direction of the theory - that nations did not evolve people to fit the circumstance, but rather people evolved nations to fit their whims.
Under this theory, genetics is quite irrelevant. Rather, you start off with small bands of people espousing a specific philosophy or attitude, and that attracts like-minded people. The bands that become large enough become nations, the smaller bands become yokels to be scorned by the masses.
I do not believe that there is a "work-till-you-die" gene, for example. It's counter-productive. You end up doing less effective work, die younger and are unable to take full advantage of the skills and abilities of those who cannot physically work under such rigors. We can see that although American medicine is the best in the world, and American mental and physical healthcare is highly advanced, more people die in America from stress-related disorders (including stress-related addictions) than do so in any other technological civilization on the planet. From a purely evolutionary perspective, a more efficient, less militant work-ethic should be better adapted for survival.
Clearly, evolution isn't the determining factor in what civilization survives, or indeed becomes dominant. However, no civilization can become dominant without some advantage, and no civilization will maintain a philosophy that doesn't provide it with some payback.
America has a lot of resources, a lot of usable land, a lot of just about anything imaginable. Combine that with a rapid population growth, and you've the makings of a very respectable superpower. The payback then becomes obvious - with that much in hand, it is very easy to accrue both wealth and influence. Those factors alone are enough to describe American philosophies.
But American philosophies didn't evolve out of thin air. They came from the Puritans - known to the English as the Roundheads. The Puritans ruled England after seizing power in a military coup under the leadership of Oliver Cromwell, and beheading the King for no better reason than he liked to party too much. (The Royalists were known as the Cavaliers, from which we have inherited the term to be "cavalier".) After Cromwell himself was forced from power, the Puritans fled England for America, becoming the controlling force there.
The Puritans were a strange English sect and really didn't feature much in English history prior to the English Civil War. If genetics plays any role in culture or history, the Puritans evolved in exactly the wrong place and the wrong time. England, by that time, was becoming seriously sick with endless internal religious wars. Strangely, the Puritans managed to move to about the one country in the world that could handle them. This is simply not something genetics can do for you.
I am much more inclined to believe that there is nothing here that needs explaining genetically, that the genetic makeup o
Panda bears, polar bears, African elephants, all of the surviving Great Apes etc, fall into the former category. This makes the territory easy to explore. It also means that the region will likely be heavily surveyed by both corporations and environmentalists, each trying to win concessions to their perspective.
(Having said that, even well-studied populations aren't necessarily as well-understood as thought. At least one species of dolphin off the coast of New Zealand has turned out to really be two distinct species - drastically reducing the population of the first group. A group of Right Whales off the coast of Australia has also been demonstrated to really be multiple, genetically distinct species.)
Extremely remote locations aren't as well-studied. It's much harder to send undergraduates to remote islands around Papau New Guinea. No beer. Very remote locations are extremely difficult and expensive to study, so they generally aren't. This is where the bulk of "new species" and "rediscovered species" are found. These locations are generally under much less pressure, which means that amateur and semi-professional researchers are unlikely to take the time and effort to go - they're generally needed much more elsewhere.
Then, you've the problem of extremely small animals. The rediscovered woodpecker in North America is not the biggest bird on Earth, is highly mobile (duh!), blends in well with the environment, and is very probably terrified of people - the only people who go into that particular woodland being hunters. This rat-squirrel is likely smaller still, probably bleds in a lot better, and has had 11 million years of practice at running away.
Finally, numbers are very important. If you mis-count by 10 out of 1000 elephants, the number is basically still the same. If you mis-count by 10 the number of Yahtzee River dolphins (of which there are somewhere between 0 and 33 left), it is somewhat more significant. The scientists have not seen any of these rat-squirrels alive and only the one that was caught. As far as anyone is concerned, that may have been the last one alive - at present, we have no evidence to the contrary. If populations have been extremely low and highly localized, which is likely the case, then it was sheer chance that it was ever seen at all. See the story behind the discovery of the Wollemi Pine for other such discoveries.
(Numbers are absolutely critical when it comes to observing small species. It's easier to see one rhino from a mile off than ten dormice from a hundred feet, or a hundred fairy shrimp from five paces. As such, you need comparitively VAST numbers before you are likely to ever see anything at all.)
I don't completely trust the population counts (see my comments about genetically distinct species) but the observations I've seen would imply the counts may be far too high in some cases, NOT the other way round. There will unquestionably be more "living fossils" discovered over time, but the numbers will remain insignficant compared to the number of species that have genuinely been driven extinct - by "natural causes" or by human activity. This find ADDS to the urgency of efforts to save what there is, not the other way round.
(For a start, if its nearest cousin died off 11 million years ago, the population is likely genetically very similar, leaving it vulnerable to disease and genetic disorders. There is also no possibility of bolstering numbers through cross-breeding efforts - a rescue tactic used by some conservationists when "pure" populations are simply not possible any longer, as there's nothing left on Earth that will be even remotely close enough.)
My preferred system would be to have:
That would give you a very high level of assurance, because you're not relying on one single path being free of corruption. It's not "perfect" in that if there is an error, you cannot know which path was the path that created that error. In order to have a failsafe system, you need 2/3rds + 1 of the paths to be trustable. (It's just a variation of the Byzantine General's Problem.) You need three wholly independent paths, then, as an absolute minimum just to have a chance of having a reliable system.
But all the reliability in the world for the voting system is useless if insufficient people vote. I would argue that 75% of the registered voters (or 50% of the population, whichever was greater) would probably be a reasonable minimum. If the minimum isn't reached, the polling stations should be kept open until the end of the day in which the minimum IS satisfied.
(In neither case is a person obligated to vote - democracy implies the choice to not vote. However, as non-voting is a choice made as part of the election, it should be recognized, not ignored as a passive "whatever".)
Oh, and all ballots should have the option "Re-Open For Nominations" as a choice. If this choice wins, the election should be abandoned and re-held, with the last round of candidates barred from standing in the re-run.
Such an overhaul of the system would unquestionably be detested and despised by most of the politicians, you'd be really hard-pressed to get the volunteers necessary, and it's unclear how voters would take to being held utterly responsible for their conduct.
(At present, many voters regard US elections as a senseless game with no meaning and no real consequence. They also regard politicians as corrupt, but have no interest in that corruption being eliminated. As all politicians are deemed corrupt, nobody really cares who wins. Politicians can rig ballots with impunity because it's expected of them. Only the corrupt become politicians because that's how the game is defined. They don't care, because they know apathy will guarantee them job security. The cure, then, would be to ensure that apathy guarantees nothing.)
mad_scientist is completely compatible with the GPL, provided you load the wild_haircut and mismatched_socks modules first.
Since GPFS is basically RAID on speed, it should be easy for IBM to write a wrapper for Linux that would allow you to read/write GPFS, without needing to port GPFS per-se. As IBM sells Linux-based machines, being able to access GPFS partitions would seem "obvious", but I could understand them wanting to keep the best-of-the-best for systems they make more money off of.
With the advent of VoIP, crypto chips that you can buy off the shelf, etc, it would neither be difficult nor unreasonable for businesses to support extremely secure lines of communication. Five, ten, years ago, it wasn't realistic to expect much in the way of particularly strong protection of communications. These days, the reverse holds true. It is no longer reasonable to expect businesses to maintain insecure lines of communication, simply because they always have done.
"Absolute security" is one of those terms that gets banded about by cryptoraphy experts but it has no clear definition. It's easy to show that an undefined goal can't be reached!
Let us start with a reasonable definition of "absolute security": The message, if intercepted, cannot be brute-forced, as it is impossible to distinguish between valid and invalid decryption attempts, AND the valid key cannot be intercepted or stolen, AND the message cannot be tampered with, AND the message must not be repudiatable.
Part 1 is easy to achieve. You use a strong compression algorithm to essentially pre-randomize the data. Part 2 uses a stored copy of a natural, totally random source as the key for a One Time Pad to encrypt the data. Part 3 is to use a public-key encryption system with partial decryption keys (ie: no one person has enough of a key to decrypt the message, but perhaps two together or three together would). The encryption mode (how the key shifts between blocks) needs to be authenticating and validating. NIST have specifications for such modes.
Now, if attacker A breaks into a person's house and lifts their partial key and the OTP, they can do what? The OTP will apply perfectly well to a corrupt message, so every possible attempt to break the public key will have equal likelihood of being correct, making it useless.
Is this far too much for a typical business? Sure. The question I answered was not whether it would be practical, but whether it would be possible. I believe I have demonstrated here that it would be possible, although I can think of no way to make it practical.
What, then, is practical? STU phones, or a reasonable facsimilie using a stream cipher and VoIP, along with virtually private messaging. ie: where some combination of strong authentication, strong validation, strong encryption, and VPN tunneling, is used to create an enviornment in which unauthorized individuals would find it impractical to identify the type of communication and would not likely be able to determine the contents within the meaningful lifetime of said contents.
If you can meet these criteria - and it shouldn't be hard - then security may not be "perfect" in an absolute sense, but the liklihood of an intercept or a false message would be so close to zero in the next 20-30 years that unless you're dealing with national secrets, this would give you as close to perfect security as you need.
NB: Since breaking into machines and installing keyloggers and event loggers is possible, I'm assuming both primary parties are using systems that are as hardened against direct attack as OpenBSD, and would meet a significant portion of the old Orange Book B3 standard.
Red Hat Enterprise 5 is being evaluated for the following: EAL 4 Augmented with ALC_FLR.3, Controlled Access Protection Profile (CAPP) Version 1.d, Labeled Security Protection Profile (LSPP) Version 1.b, Role Based Access Control Protection Profile (RBACPP) Version 1.0. There are probably hardening patches out there - not to mention some excellent crypto hardware - that can improve the results further. Two systems like that, at the end points, with the best encryption methods in public use, is simply not going to be on anyone's list of targets, which means that it is de-facto absolutely secure, even if it is not literally so.
Does it make the e-mails less safe? No. First, the flaw is for adding material, not reading it. Second, it's for signing, not encryption per-se. It DOES mean that you cannot trust e-mail for commercially sensitive transactions, but nobody should be trusting e-mail for that anyway.
Does it affect routers or the infrastructure of the Internet? Only insofar as domain registrars never validate change requests properly. A carefully-crafted attack could use this to append a change-of-IP request to some ISP's routine request to a registrar, which means an attacker could create a phony DNS server for the express purpose of polluting the DNS namespace. If the registrar uses GPG's validation as proof of a legit request (and some are quite happy with a fax with no proof of origin at all) then it could have an impact.
Is this a likely scenario? No. The problem with lack of validation has been around for decades and has been used by cybersquatters and porn merchants, but never (as far as I know) for Black Hat activities. The lack of any significant effort has never been due to security. My best guess is that it's due to skript kiddies being clueless. Which is just as well. If demonstrable and simple exploits aren't being used to cause catastrophic levels of mayhem, then I think we're pretty safe against this somewhat more sophisticated vulnerability requiring (as you coorectly point out) a MitM attack.
...that they would have done better to use a different name for the enterprise edition and keep the goodwill name for themselves. Fedora Core isn't really a different distro - they just used the fedora name.
Oh, Java used to be branded Oak, when it was aimed at household appliances.
The big danger is that chopping and changing the brand name again will worsen the confusion, rather than clarify things. Those who have grown used to the Novell name may not be so happy with the SuSE name and may even reach the (incorrect) conclusion that it's a distribution fork. Remember, the enterprise market has been pumped up with the FUD that Linux is going to fork "some day".
The name-change to Novell was a Bad Idea (apologies to 1066 And All That), so it would seem that switching back to SuSE would be a Good Idea. There is also strong evidence that the Solaris/SunOS name-switching by Sun didn't kill the product line - although it definitely didn't help and was such a farce that it is still clearly remembered to this day.
Red Hat's method (Red Hat for the Enterprise, Fedora Core for the Real Users) is acceptable, though certainly not brilliant. It's one way of leveraging brand recognition for multiple brands. Works better in the car industry than the software industry, I suspect.
When companies start talking about keeping a diverse portfolio (ie: lots of totally unrelated product lines), what does that mean? Well, the "obvious" conclusion is that they're not confident enough in anything they're doing and are not confident in decisions that might make or break things for the company down the road. They're not consolidating, they're not buying in any technology or IP they don't have but could use (I can't see how they can use any of it, and what they can they probably have), so that leaves hedging their bets and covering their backs.
If Cisco think IP-enabled CCTV can possibly make enough of a difference to cover the cost of the investment AND believe that none of their own products could produce as much or better return for that same amount of money, I'd look a lot harder at alternatives.
(It doesn't mean I think Cisco will fold - they're far from doing that. It means I think Cisco have run out of ideas, which is generally a much worse place to be. You can always borrow money, but fresh, quality ideas are tougher to find.)
or an attempt at mod-point humour (the same way a funny post might be marked informative), or the user ate some of the crustacean and discovered it was hallucinogenic.
...if the bone cell has a top hat and tap-dances to Live And Let Die.
...with having a spare kidney growing instead of a stomach cell? If it works, it'll help make NHS food edible. If it doesn't, it'll replace the NHS food altogether.
Having said that, if we're going to use UTF, we might as well use it right. Otherwise, it is going to be an agonizing pain every time we have to step up a version. DNS issues, alone, will preclude frequent updates from a half-hearted update. For this reason, it would seem stupid to use UTF-8 or UTF-16. Those don't encode everything that need to be encoded, if we're to have a truly international system.
Based on the current definitions, we should be looking at UTF-32, BOM and version 5 of the Unicode specification. The Unicode FAQ talks a lot about how nobody needs more character sets than UTF-16 can support, but (a) they don't represent all languages, or even a reasonable set, because UTF-16 can't handle that many, (b) only the criminally insane don't provide room for inevitable expansion, and (c) DNS is far more constrained by efficient processing and reliability than by bandwidth, and UTF-32 is described by Unicode themselves as faster and simpler.
The problem with Unicode internationalization is that there are multiple ways of defining what is effectively the same character, which means that users will not be able to differentiate between strings the computer regards as different. This is important, when dealing with copyright, phishing, cybersquatting, etc.
(Unicode is also very poor at handling character sets that can't fit into a single block, is very inefficient - only the first 21 bits of a 32-bit UTF are meaningful according to Unicode, and is an encoding for a whole glyph - which means that it will make meaningless distinctions and won't make sensible relationships.)
The first step to true Internationalization is to burn the Unicode specification and replace it with something cohesive, extensible and logical. The second step is to have standard hardware work on the unit size directly, so that anything that logically worked fine with bytes on byte-based hardware will logically work fine UNMODIFIED on the new units, totally transparently. The encumbrance of UTF decoding doesn't make it any easier to use. Transparency is the key to universality.
(If I can't use the new encoding on an early copy of Mosaic, if I can't load the text file into a standard text editor and edit it directly, if I need vast numbers of supplementary libraries and conversion charts to get it to work, then it's not transparent and adoption is going to be a real pain. Updates are a headache for programmer and user alike.)
Software researchers are the most impacted by this, as it's hard for a PhD to claim natural stupidity as a defense. It's expected of most end-users (even when that is unfair) so they can get away with it.
...nobody broke into the box to read the statement.
I fully accept that they might not have the know-how, and for all I know might well be saturated with what work they do have, but it seems to me that archaeological DNA studies and genealogical DNA can only be so big of a market, which means they might well be interested in going where no biotech lab has gone before.
I also know it does, from time to time, get done - dolphins and whales around New Zealand and Australia have been studied genetically for a while - with the consequence that genetically distinct (but physiologically near-identical) species have been discovered from such work. I guess that it's examples like that that make me think that we could discover so much more through DNA analysis. If Australia and New Zealand can almost double the known species through such work, the potential impact of such studies elsewhere could be staggering.
Haddock! I orca get these sorts of things right. Of course, the good jokes on Slashdot are kippers, but you so rarely see replies to them - the other users just clam up. It krills the thread. There's nothing wrong with a hirsuta-ble pun. (Yay! First bad play on hairy lobster name!)
Here, there is no eye, there is only a membrane. This suggests one of two possibilities. Either it has existed in conditions where light would serve no purpose for FAR longer than the "blind" fish - such that the eye has devolved completely, or it predates the evolution of the eye entirely.
This may be testable. It's believed this new crustacean is a new species, but the only real test for this would be to run a DNA test and compare it against known crustacean DNA types. This would also give a good indication of how ancient the species is, as we'd then know how much junk DNA there was and if/when it split off from any other known species.
Talking of DNA, there have been a lot of new species discovered recently, but I've not heard of much DNA work being done and there are still VERY few species in any of the online DNA databases I've seen. I can't help but feel that this is an area of work that isn't being utilized as much as it could be. Sure, it's not cheap, but the masses of DNA sequencing labs that have sprouted up for genealogical DNA work can't possibly be getting enough orders to keep running. There must surely be some way of tapping into existing resources that would bring the cost of the work down to affordable levels.
But, then, maybe not. Absolute production-line marker recognition of one Y chromosome and mDNA of a well-known species over a very narrow time-frame is relatively trivial compared to charting actual base-pairs and chromosomes over an unmapped type of DNA for a species of uncertain classification, where the nearest point of reference might be anywhere from very recent to a few hundred million years apart.
Even so, DNA research for species identification must surely be an area that could supplement the income of such labs, the equipment would only need to be able to do enough work to produce preliminary results of some sort, the promotional value can't hurt, and it would give researchers something more than "it looks really different" to go by.