Guilty as charged. This is a public forum and I have transmitted no data to it that I consider sensitive. I assume that my Slashdot password may be compromised - that may let you impersonate me here but it won't get you into my bank or my paypal account, or my personal computer for that matter.
The hoopla about physical access security obscures the point that *all* internet traffic and most intranet traffic is viewable by others. It is a good idea to assume that all your networks are open and to use VPN, ssh, etc. to secure your data. And *never* send plain-text passwords.
If you lock your data down under this assumption (that all network traffic may be intercepted) the impetus for clunky and insecure wireless access restrictions is much diminished.
It is intuitively appealing to believe that the problem with mobile phones is the use of your hands. It isn't. A number of studies have shown that there is no difference in accident rates between users of hand-held and hands-free phones.
A second point is that the risk of using a cell phone, perhaps a factor of 4, is less than other risks we consider acceptable, like driving at night, or driving in bad weather, or driving unecessary distances.
For that matter, it may be that pulling over to use a phone is more risky than using it while driving. First, there is the risk of the act itself and of parking at the side of the road. Second, the same studies noted above show that risk persists for 10-15 minutes after the phone conversation is terminated. So the driver pulling back into traffic or otherwise manoevering in an unfamiliar situation may be at extreme risk.
Several comments have suggested MandrakeMove as an
alternative. It failed for me in an annoying way.
On my P2-300 with an ATI Mach-somethingorother, it
booted up, X11 failed to start, and then it quit!
The message as to why it failed scrolled off the
screen, and it didn't leave me in command-line mode
or anything useful.
OK, so maybe it can't figure out my video card
but why can't it come up in VGA, or at least
command-line, mode?
I'm still dowloading PC Linux on my laptop. I'll
let you know this afternoon: (a) if PC Linux works on my P2 and (b) if MandrakeMove works on my laptop.
I use an ancient BSD program called sysline for monitoring my email. When email arrives, I see the sender's name, the subject, and as much of the text as fits in a one-line window. And if I choose not to read the mail a single asterisk appears at the right side of the window until I do.
I am able to triage incoming mail in approximately 2 seconds. If the message is short like "call home" or "meeting in 5 minutes" I can absorb it without opening my mail client. If it is longer I can almost always determine whether or not it would be useful for me to interrupt what I'm doing to read it.
This interface is in direct contrast to an alert box that demands your intervention in order to make it go away, or to a single flag that tells you nothing about the content of the message.
This interface gives me the same immediacy as an instant message or a telephone call, but is far less intrusive. I can easily handly a couple of hundred emails a day, but that meay phone or IMs would drive me nuts.
I'm not sure why this program has fallen into disuse, replace by inferior user interfaces.
I would be more impressed if the article were to concentrate on the novel aspects of wheel motors.
Diesel-electric technology has been used to power locomotives for 60 years. D-E locomotives have no
mechanical transmission and the motors drive the axles directly. This electric transmission
affords good efficiency, a very wide range of torque conversion, and allows the engine to operate
within its optimal RPM range. Almost all of the
efficiency benefits that this article attributes
to the wheel motor
can be had by this 60-year-old design.
There's also nothing new about regenerative
braking, though it isn't practical for locomotives.
The real novelty here is that the motor turns with the wheel, rather than being stationary and transmitting
its torque through a half-shaft. The benefit is
the elimination of these half-shafts and a couple
of CV joints. The cost is huge size and tremendous unsprung weight of the motors, plus
significant engineering challenges of running high-current wires across a sprung connection,
and the concern about competition with the
brakes for the limited space
and heat-dissipation
capacity of the wheel area.
Have a look at the rear wheels of the bus in the
photo. They're HUGE - the bus has obviously been
modified to fit them.
In summary, the only novelty in this design is
in transmitting the power the last 2 feet to the
wheels. A conventional design would use half-shafts and CV joints while this design uses high-current electrical transmission. It may be that the engineering challenges of the latter can be overcome, but I remain to be convinced that there's any overall advantage. The company's interests would be better served by an article with more restrained hyperbole.
Quite inadvertently, I have made round trips from Toronto to Boston and from Toronto to Chicago with a big screwdriver (12 inch shaft) in my laptop bag.
I was shocked to discover it at the gate on the last leg of my second trip. Since I'd already cleared security I kept it.
That's 4/4 security checks (2 Canadian, 2 U.S.) that failed.
Not that I'm so worried. I believe it no longer fruitful to commandeer a plane with hand tools. Surprise and the doctrine of "give them what they want" were essential components of the 9-11 attacks. Both are now absent.
Rob Enderle makes more media pronouncements than just about any other analyst. In general he has no expertise and no information on which to base his statements.
I would completely discount any report that uses him as a source.
Don't take my word for it. Use Google and judge his veracity and competence for yourself.
Under the terms of discovery, the discloser may label certain parts "confidential." If challenged the onus is on the discloser to justify the confidentiality.
The transcript of the court session is public and this standard protective order is the only thing mentioned. I am quite certain there was no further side-deal with the magistrate.
While I would not put it past SCO to label everything confidential, that would be an abuse of the process. I doubt the magistrate would allow it.
Stowell's announcement is just SCO's usual disingeniuty in reporting the facts. Remember that this is the person who claimed the judge "flipped a coin" in deciding to rule in favour of IBM's motion to compel discovery.
What store in Calgary was that? What software was
installed? How many units did they have? How much extra hardware (mouse, keyboard, modem, monitor...)
to make it a useful system?
I'm prepared to be educated, but i don't see any
substantial supply of usefully configured cheap used
computers for the masses.
You overestimate the skill and initiative of a large segment of the population.
Do you really expect the average person to be able to find a cheap, serviceable used computer, and configure (let alone modify) it to meet their needs?
Perhaps now that surplus 300-400 MHz computers are common, they will become available in thrift stores, configured so that people can just take them home and use them. But we're not there yet, AFIK.
I went to the SUN site yesterday and did not notice that the free download was for single-CPU systems only. On my return today, I see parts of the site is unresponsive (is SUN/.-ed?).
Anyway, if there is no SMP support I wasted a fair amount of emotional energy that could have been saved had SUN made this restriction more clear.
I'm not sure that I'm so keen anyway. I have a big Ultra-SPARC and many Linux systems. For the most part I find that I have grown to prefer the Linux environment. But I have a few memory management issues with Linux SMP and was going to investigate Solaris as a solution. At $250, forget it.
(Also, 2.6 kernel appears to cure my memory management problems, and I still have BSD to try.)
As far as I know the Windows "Upgrade" packs are no different from the "Standard." The only difference is the licensing - you are supposed to use the Upgrade edition only to replace an existing Windows OS. Both allow you to do either a "clean install" or an "upgrade." (I know this is the case for the Windows 2000 upgrade I purchased - your mileage may vary.)
I agree that upgrading an existing system yields a somewhate non-standard configuration, but I've done it with reasonable success. It is your only option if you don't have the media and/or the time to reinstall all your software.
As an aside, I should mention that XP has an option to emulate older operating systems like 2000 and Win98 on a per-exe basis. This can be very useful for spoofing setup programs that check the OS version before installing. SPSS 11 and VisualAge C++ are two such programs.
Hey, I use mutt, but wives, parents, children, etc. want Windoze solutions. They seem pretty happy with Mozilla, except when their profile disappears. Can you explain in a sentence or two why such users would want a stand-alone mail app?
I used mail as an example, only. The entire profile disappears - bookmarks, browser preferences, and so on.
Aside: It seems that Outlook trumps Outlook Express in the Microsoft pecking order, if it happens to be installed.
Your experience would be consistent with mine. As I mentioned, Update routinely sets the default mailer to Outlook, and I have to reset it using the DOJ-mandated tool. So it could be that the tool is messing me up rather than the update. But it is still a consequence of the update, and still evil.
If indeed the tool is the culprit, it may be easier than I had originally thought to reproduce the problem, and hence build a case against Microsoft. At least a case against their software. Proving intent would be another matter.
Microsoft update routinely resets "program access and defaults." Most annoying, but not what this note is about.
On three occasions, with two different users, I have observed that Netscape/Mozilla profiles have disappeared following Microsoft update. Just a concidence? Perhaps, but after the third occurrence I have become suspicious.
Because Microsoft update is an opaque process, there's no way I can even attempt to 'reproduce the problem' as I would normally do in similar circumstances.
So I'll ask/.: have others had problems with Netscape/Mozilla profiles disappearing, and do they appear to be correlated with Microsoft Updates?
SCO's press release served its purpose. Search Google News for "SCO" and you will see headlines like "SCO attacked by Linux folk." The real news - that SCO lost in court and that SCO's financials are starting to smell - is completely pushed aside by the DOS headlines.
I have about 15 dual-processor machines with 1-2 GB that didn't work at all well with 2.4.x kernel. The memory management was simply crap. Forking a couple of copies of the program below consistently put the system into a permanent comatose state. (Search for 'kswapd problems' for discussion and ineffective patches.)
On the other hand 2.6.test11 works beautifully. For me, the 2.4 kernel is history.
int i; int k; char *j;
main(){
for (i=1;i2000000000;i*=2) {
printf("%d\n",i); fflush(stdout);
j = (char *)malloc(i);
printf("-- %d\n",j); fflush(stdout);
if (j == NULL) break;
for (k=0;ki;k++) j[k] = 1;
}
return 0; }
The Bayes filter in SA 2.6 works very well but unfortunately is not well-suited to site-wide learning.
-- casual readers may skip the following details
In an attempt to mitigate this, SA makes an unfortunate mistake in its unsupervised learning algorithm - it uses a different set of rules for training than it uses for marking mail as spam or not. So you can easily have email marked as spam but have the system trained as non-spam (or vice versa). This introduces systematic bias into the learning so that spam detection can get worse in the long run. As a further attempt to mitigate this problem, the learner uses a higher spam threshold, so many spams that are correctly marked do not contribute to the learning process. There is no way to set the SA configuration parameters to eliminate these biases (setting the learn threshold does *not* do it).
--- end of gory details
It is not too difficult to set up SA for personalized learning. Just pipe your mail to the following command:
spamassassin -e
If the return code is 0 (non-spam) also pipe the mail to
sa-learn --ham --single
If the return code is 1 (spam) pipe to
sa-learn --spam --single
If you do this you are guaranteed that the statistics recorded in your personal bayes db correspond exactly to the judgements made by SA.
In addition to this you must correct SA when it makes a mistake, by piping the message to sa-learn again with the right flag. You may be able to set up a macro in your mail reader to do this.
This isn't as easy to set up as it should be, but it is *very* effective.
In the last year I've received 20,000 non-spam and over 100,000 spam messages & viruses (30,000 if you eliminated the "Cumulative Update" messages, which SA caught just fine.) About 100 spams have gotten through (a couple a week) and about 10 false positives have occurred. All of the false positives have been 'weird' - advertising, automatic responses, or web pages that were forwarded to me. As far as I know (and I do check periodically) I've had no false positives in the last 50,000 spams.
My preliminary analysis indicates that personalized learning reduces both false negatives and false positives by a factor of ten. I'll report more systematic analysis in due course.
Slashdot Mirror
Guilty as charged. This is a public forum and I have transmitted no data to it that I consider sensitive. I assume that my Slashdot password may be compromised - that may let you impersonate me here but it won't get you into my bank or my paypal account, or my personal computer for that matter.
I agree 100%.
The hoopla about physical access security obscures the point that *all* internet traffic and most intranet traffic is viewable by others. It is a good idea to assume that all your networks are open and to use VPN, ssh, etc. to secure your data. And *never* send plain-text passwords.
If you lock your data down under this assumption (that all network traffic may be intercepted) the impetus for clunky and insecure wireless access restrictions is much diminished.
It is intuitively appealing to believe that the problem with mobile phones is the use of your hands. It isn't. A number of studies have shown that there is no difference in accident rates between users of hand-held and hands-free phones.
Here's one reference
A second point is that the risk of using a cell phone, perhaps a factor of 4, is less than other risks we consider acceptable, like driving at night, or driving in bad weather, or driving unecessary distances.
For that matter, it may be that pulling over to use a phone is more risky than using it while driving. First, there is the risk of the act itself and of parking at the side of the road. Second, the same studies noted above show that risk persists for 10-15 minutes after the phone conversation is terminated. So the driver pulling back into traffic or otherwise manoevering in an unfamiliar situation may be at extreme risk.
On my P2-300 with an ATI Mach-somethingorother, it booted up, X11 failed to start, and then it quit! The message as to why it failed scrolled off the screen, and it didn't leave me in command-line mode or anything useful.
OK, so maybe it can't figure out my video card but why can't it come up in VGA, or at least command-line, mode?
I'm still dowloading PC Linux on my laptop. I'll let you know this afternoon: (a) if PC Linux works on my P2 and (b) if MandrakeMove works on my laptop.
I am able to triage incoming mail in approximately 2 seconds. If the message is short like "call home" or "meeting in 5 minutes" I can absorb it without opening my mail client. If it is longer I can almost always determine whether or not it would be useful for me to interrupt what I'm doing to read it.
This interface is in direct contrast to an alert box that demands your intervention in order to make it go away, or to a single flag that tells you nothing about the content of the message.
This interface gives me the same immediacy as an instant message or a telephone call, but is far less intrusive. I can easily handly a couple of hundred emails a day, but that meay phone or IMs would drive me nuts.
I'm not sure why this program has fallen into disuse, replace by inferior user interfaces.
Diesel-electric technology has been used to power locomotives for 60 years. D-E locomotives have no mechanical transmission and the motors drive the axles directly. This electric transmission affords good efficiency, a very wide range of torque conversion, and allows the engine to operate within its optimal RPM range. Almost all of the efficiency benefits that this article attributes to the wheel motor can be had by this 60-year-old design.
There's also nothing new about regenerative braking, though it isn't practical for locomotives.
The real novelty here is that the motor turns with the wheel, rather than being stationary and transmitting its torque through a half-shaft. The benefit is the elimination of these half-shafts and a couple of CV joints. The cost is huge size and tremendous unsprung weight of the motors, plus significant engineering challenges of running high-current wires across a sprung connection, and the concern about competition with the brakes for the limited space and heat-dissipation capacity of the wheel area.
Have a look at the rear wheels of the bus in the photo. They're HUGE - the bus has obviously been modified to fit them.
In summary, the only novelty in this design is in transmitting the power the last 2 feet to the wheels. A conventional design would use half-shafts and CV joints while this design uses high-current electrical transmission. It may be that the engineering challenges of the latter can be overcome, but I remain to be convinced that there's any overall advantage. The company's interests would be better served by an article with more restrained hyperbole.
Quite inadvertently, I have made round trips from
Toronto to Boston and from Toronto to Chicago with
a big screwdriver (12 inch shaft) in my laptop bag.
I was shocked to discover it at the gate on the
last leg of my second trip. Since I'd already
cleared security I kept it.
That's 4/4 security checks (2 Canadian, 2 U.S.)
that failed.
Not that I'm so worried. I believe it no
longer fruitful to commandeer a plane with hand
tools. Surprise and the doctrine of "give them
what they want" were essential components of the
9-11 attacks. Both are now absent.
One of the bases for IBM's countersuit is that SCO has illegally distributed IBM's copyright material, contrary to the GPL.
This claim was the impetus for McBride's blather about GPL and the constitution.
Rob Enderle makes more media pronouncements than just about any other analyst. In general he has no expertise and no information on which to base his statements.
I would completely discount any report that uses him as a source.
Don't take my word for it. Use Google and judge his veracity and competence for yourself.
Under the terms of discovery, the discloser may
label certain parts "confidential." If challenged
the onus is on the discloser to justify the
confidentiality.
The transcript of the court session is public and
this standard protective order is the only thing
mentioned. I am quite certain there was no
further side-deal with the magistrate.
While I would not put it past SCO to label
everything confidential, that would be an abuse
of the process. I doubt the magistrate would
allow it.
Stowell's announcement is just SCO's usual
disingeniuty in reporting the facts. Remember
that this is the person who claimed the judge
"flipped a coin" in deciding to rule in favour of
IBM's motion to compel discovery.
My fingers are way too fast this morning. I meant to say: mouse and keyboard are included, as you
said.
Sorry, scratch mouse & monitor above. You did say they were included.
I'm prepared to be educated, but i don't see any substantial supply of usefully configured cheap used computers for the masses.
You overestimate the skill and initiative of a large segment of the population.
Do you really expect the average person to be able to find a cheap, serviceable used computer, and configure (let alone modify) it to meet their needs?
Perhaps now that surplus 300-400 MHz computers are common, they will become available in thrift stores, configured so that people can just take them home and use them. But we're not there yet, AFIK.
I went to the SUN site yesterday and did not notice that the free download was for single-CPU systems only. On my return today, I see parts of the site is unresponsive (is SUN /.-ed?).
Anyway, if there is no SMP support I wasted a fair amount of emotional energy that could have been saved had SUN made this restriction more clear.
I'm not sure that I'm so keen anyway. I have a big Ultra-SPARC and many Linux systems. For the most part I find that I have grown to prefer the Linux environment. But I have a few memory management issues with Linux SMP and was going to investigate Solaris as a solution. At $250, forget it.
(Also, 2.6 kernel appears to cure my memory management problems, and I still have BSD to try.)
As far as I know the Windows "Upgrade" packs are no different from the "Standard." The only difference is the licensing - you are supposed to use the Upgrade edition only to replace an existing Windows OS. Both allow you to do either a "clean install" or an "upgrade." (I know this is the case for the Windows 2000 upgrade I purchased - your mileage may vary.)
I agree that upgrading an existing system yields a somewhate non-standard configuration, but I've done it with reasonable success. It is your only option if you don't have the media and/or the time to reinstall all your software.
As an aside, I should mention that XP has an option to emulate older operating systems like 2000 and Win98 on a per-exe basis. This can be very useful for spoofing setup programs that check the OS version before installing. SPSS 11 and VisualAge C++ are two such programs.
It is -17C (1F) in Thunder Bay at this moment. Predicted low: -22.
Near the border? And you probably think it is warm there, too.
It is 311 km from TB to Duluth. You have to buy a lot of CDRs to pay for your gas. Even at $0.49/CDR.
History repeats itself. In August, www.sco.com was a yo-yo for many days.
Hey, I use mutt, but wives, parents, children, etc. want Windoze solutions. They seem pretty happy with Mozilla, except when their profile disappears. Can you explain in a sentence or two why such users would want a stand-alone mail app?
I used mail as an example, only. The entire profile disappears - bookmarks, browser preferences, and so on.
Aside: It seems that Outlook trumps Outlook Express in the Microsoft pecking order, if it happens to be installed.
Your experience would be consistent with mine. As I mentioned, Update routinely sets the default mailer to Outlook, and I have to reset it using the DOJ-mandated tool. So it could be that the tool is messing me up rather than the update. But it is still a consequence of the update, and still evil.
If indeed the tool is the culprit, it may be easier than I had originally thought to reproduce the problem, and hence build a case against Microsoft. At least a case against their software. Proving intent would be another matter.
Microsoft update routinely resets "program access and defaults." Most annoying, but not what this note is about.
/.: have others had problems with Netscape/Mozilla profiles disappearing, and do they appear to be correlated with Microsoft Updates?
On three occasions, with two different users, I have observed that Netscape/Mozilla profiles have disappeared following Microsoft update. Just a concidence? Perhaps, but after the third occurrence I have become suspicious.
Because Microsoft update is an opaque process, there's no way I can even attempt to 'reproduce the problem' as I would normally do in similar circumstances.
So I'll ask
SCO's press release served its purpose. Search Google News for "SCO" and you will see headlines like "SCO attacked by Linux folk." The real news - that SCO lost in court and that SCO's financials are starting to smell - is completely pushed aside by the DOS headlines.
I have about 15 dual-processor machines with 1-2 GB that didn't work at all well with 2.4.x kernel. The memory management was simply crap. Forking a couple of copies of the program below consistently put the system into a permanent comatose state. (Search for 'kswapd problems' for discussion and ineffective patches.)
On the other hand 2.6.test11 works beautifully. For me, the 2.4 kernel is history.
int i; int k; char *j;
main(){
for (i=1;i2000000000;i*=2) {
printf("%d\n",i); fflush(stdout);
j = (char *)malloc(i);
printf("-- %d\n",j); fflush(stdout);
if (j == NULL) break;
for (k=0;ki;k++) j[k] = 1;
}
return 0;
}
The Bayes filter in SA 2.6 works very well but unfortunately is not well-suited to site-wide learning.
-- casual readers may skip the following details
In an attempt to mitigate this, SA makes an unfortunate mistake in its unsupervised learning algorithm - it uses a different set of rules for training than it uses for marking mail as spam or not. So you can easily have email marked as spam but have the system trained as non-spam (or vice versa). This introduces systematic bias into the learning so that spam detection can get worse in the long run. As a further attempt to mitigate this problem, the learner uses a higher spam threshold, so many spams that are correctly marked do not contribute to the learning process. There is no way to set the SA configuration parameters to eliminate these biases (setting the learn threshold does *not* do it).
--- end of gory details
It is not too difficult to set up SA for personalized learning. Just pipe your mail to the following command:
spamassassin -e
If the return code is 0 (non-spam) also pipe the mail to
sa-learn --ham --single
If the return code is 1 (spam) pipe to
sa-learn --spam --single
If you do this you are guaranteed that the statistics recorded in your personal bayes db correspond exactly to the judgements made by SA.
In addition to this you must correct SA when it makes a mistake, by piping the message to sa-learn again with the right flag. You may be able to set up a macro in your mail reader to do this.
This isn't as easy to set up as it should be, but it is *very* effective.
In the last year I've received 20,000 non-spam and over 100,000 spam messages & viruses (30,000 if you eliminated the "Cumulative Update" messages, which SA caught just fine.) About 100 spams have gotten through (a couple a week) and about 10 false positives have occurred. All of the false positives have been 'weird' - advertising, automatic responses, or web pages that were forwarded to me. As far as I know (and I do check periodically) I've had no false positives in the last 50,000 spams.
My preliminary analysis indicates that personalized learning reduces both false negatives and false positives by a factor of ten. I'll report more systematic analysis in due course.