Forget the machines, the ballots, whatever. My voting experience scared me and I don't even have to mention electronic voting.
I arrived as a Non-partison voter. Three people manned the booths. I waited in line to get my electronic voter card, and the person in front of me was asked "what affiliation are you?" They responded "neutral". OK, so that sounds like me, I guess that's what I'll say (I didn't know to say specifically "non-partisan"). My turn comes up, I'm asked what affiliant and I say "neutral" too.
I put in my card, and of course the ballot screen is in plain view of everyone, but whatever I don't really care (yet). My choices come up, and I was dumbfounded. I didn't recognize any of the names, I couldn't make any choices or anything. I scanned the screen thoroughly -- the eballots themselves are simple but the interface obfuscates certain important things -- and finally noticed at the top that it said "Natural Party Ballot." Holy shit, they gave me the wrong ballot!
But wait a second, they gave the person in front of me the wrong ballot too, then! And sure enough, that person had already gotten themselves 3 screens deep into an electronic keyboard to try and type "Kerry" (I could see her screen, bogus) because none of the choices allowed her to.
Summary: the guy who gave me my voter cards must be a moron. Oh my god, this can't be an isolated occurrence. But wait, there's more.
I finally get my card settled and go vote. This time I recognize some of the names, but again I couldn't vote on the democratic primary. What gives? I flip open my voter booklet and on the second or third page it stated something to the effect of: "non-partisan voters can vote in 3 of the 7 party primaries, just request a ballot to do so".
So I requested the ballot. Moron #1 had no idea what I was talking about, asked me if I'd voted, I said "yes of course but" and he cut me off and said "well then you're done." No I'm not, look right here in YOUR BOOKLET, SEE? "Gee, I don't know anything about that." OK, done with you, let's try door #2.
The second guy was a little bit more intelligent but still had no idea. "But it's right here in the voter registration booklet, and the details take up this entire page, how can you guys not know what this is?" He still had no idea, but at least he had the good sense to ask person #3.
Person #3, the youngest of the three, was outside taking a cell phone call and came back in to help me. She at least was willing to consider that I and my voter pamphlet might be right. Rummage rummage rummage, shuffle shuffle, oh, the directions state he can vote a paper ballot. Moron #1 insists "we ain't got any", starts looking around. A short period of chaos ensues, the line stops moving forward. A box under Moron #1 contains something; he insists they aren't ballots. Person 2 gets the box, Person 3 opens it and whoa! Look at that, paper ballots.
But they're still uncertain, and it's freaking me out. Well, they reason, I must be allowed to fill out a paper ballot if that's what the booklet says. Huh??????? You guys don't *know*? WTF?
I fill out the paper ballot and hand it back to the 3rd person, who seemed the most intelligent and most aware of what was going on of the three. Of course, she took the ballot from me and folded it, put it in a corner and that's the last I saw of it. It didn't go into a box, it didn't go into any safe place. Who knows what its eventual fate might be.
Now listen, I understand that the electronic voting systems have vulnerabilities and problems and (for the most part) whackjob morons designing them. But you know what? After my experience today I am *really* more concerned about the process, the training, and the people.
They're volunteers, and man thank you, the world could use more of a helping hand in general. But they were soooo ignorant! Where did my paper ballot go? Was that even the right ballot to fill out? And the electronic one? WTF happened to
Because there are portions of the MySQL code that are just painful to look at.
Take for instance the part that takes as input the key index size and calculates internal buffer sizes. The option's size is an unsigned long long, but they cast it to an unsigned long all over the place, do in-place bitshifting on the cast (and cause it to wrap -- try specifying 4G for your key index sometime and you'll get 0), and the quality of code in that case is just painfully horrible to look at or even figure out what it's doing.
I could only shudder to think what the quality of the commercial product looked like, in comparison. Hell, I'll have nightmares if I consider the quality of MySQL++ as a comparison..
The utility of any one language is irrelevant here; the point is that proclaiming the unviability of C and C++ while failing to recognize the obvious -- a colossal amount of software written in C and C++ comprise almost every major portion of all modern OSes today -- is just, quite plainly, asinine and grossly ignorant.
As much respect as I have for the project and its developers, his broad, sweeping statement to the effect of C/C++ is no longer a viable language is really telling of his ignorance and lack of perspective. Which is too bad, since there are other points he makes that are useful lessons.
To claim the fundamental implementations of all modern OSes (Windows, almost every single UNIX, Linux, and the plethora of other OSes) to be "no longer viable" is way beyond reproach: it's just plain idiotic, and does significant damage to the credibility of his other points.
Unfortunately, my that-was-ridiculously-stupid meter flew off the scale when I read that point, so I stopped reading right there.
I'm not sure why everyone is saying PHP and Apache 2.0 aren't compatible when in a non-prefork MPM. I use the threadpool (worker thread) MPM in Apache 2.0.45 and have PHP 4.3.1, SSL 0.9.7b, MySQL 4.0.11, and Oracle 9i 9.2.0 all compiled in, and have experienced NO problems whatsoever.
Understanding the MPM stuff is still hazy, like how to tweak the process/thread limits like I did in 1.3.x. It would be nice if someone would write up a document specifically about these (beyond the documentation already available at Apache's website). I am not yet comfortable that I've been able to sufficiently apply slashdot-effect experiences/lessons to my 2.x configuration as I have with my 1.3.x configuration.
--jordan
2nd attempt at a Napster Movie
on
Napster: The Movie
·
· Score: 4, Informative
Keep in mind this is the second attempt and producing a Napster movie.
Starz Pictures had already written a script, and I believed was seeking directors when apparently they just ran out of cash. Bummer.
In any case, keep your eyes peeled for the book too, which should be out in the Spring!
This is a common problem most easily managed by a human, not automated tools like CVS. On a per-tree, per-branch or even per-module basis, each chunk has a person responsible for managing changes to the tree, which I traditionally call the "Patch Master". This alleviates the common problem of multiple patches wiping each other out, as described.
Patches are either sent directly to the patch master, diff'd against a base or branch, or are committed on a per-developer branch, after which the patch master is notified either by built-in CVS mechanism or email. In both cases, it is the Patch Master's responsibility to merge changes from diff or from branches. Merging is a tedious process, but this alleviates the productivity problems affecting everyone on the devteam, limiting it to just one person and allowing everyone else to progress with further development.
Some people complain that having one person manage patches does not scale (i.e. "Linus does not scale"), but what I'm suggesting is a more collaborative, distributed, team-oriented approach -- perhaps you have a team of 10 developers with 5 "modules" in active development; each module is assigned a "team lead" as patch master and they are responsible for managing commits.
The simplest explanation is usually the most likely one.
Is anyone surprised by this outcome? Was anyone actually watching during the dot-com meltdown? Hey, let's give away our client and fund our company on ad revenue alone. Yeah, right.
Since when did NTBugTraq become reputable by anyone's hand OTHER than the moderator, Russ Cooper? Is anyone actually reading NTBugTraq? How does a history of a moderator editing other people's posts, a moderator who uses the list as his own personal battleground, how did NTBugTraq all of a sudden become so reputable?
And Russ Cooper himself? Uhm, what background does he have that makes him reputable? TruSecure, a front organization created by him with little background? What research has Russ contributed to the security community? Where is his experience that proves he knows what he's talking about?
No one can argue with numbers, and I'm not arguing that statistics can be manipulated out of context to prove just about any assertion, but reputable? Give me a break. Russ Cooper is a flaming idiot. Just read his posts about w00w00 to his own list recently, and ask yourself if he doesn't sound like a clown.
Preposterous.
on
P2P in 2001
·
· Score: 5, Informative
P2P is an abstract model for communication between 2 or more points. It exists in our phone switching networks (~100 years), Internet (~25 years), most common network-based software (~20 years), etc. Does your company use sendmail, or maybe even Exchange? SMTP is a P2P transport. Perhaps you read news? NNTP is a P2P transport.
The notion that Napster (or any other file sharing system) can lay claim to any part of the P2P phenomenon, aside from raising awareness, is absolutely ridiculous. The notion that P2P is just now starting to gain a foothold in businesses is fiendeshly drug-induced.
The hype still continues. Ignorance pervades. What they really mean is "distributed", and even then most reporters are still talking out of their asses.
It does work, there's no debating that. The reason is because SPAMers are not yet up against mainstream technophile-type people; the mindless masses still aren't smart enough to use a procmail filter or anything else. In terms of numbers of people reached, the numbers are still in their favor to not even bother modifying their algorithms.
However, that will change, and so will Razor. Quite soon, in fact, Razor will have a real "fuzzy" match algorithm. Note, not like the bogus "fuzzy" match system that DCC employs, which isn't fuzzy at all but is rather a normalized MD5 (still unique).
The comment made in the submission states that Razor is gnutella-like. That is BS too; if anything, it's Napster-like. Razor is a centralized, collaborative filtering system. One could argue that Razor's master servers are distributed and that the entire system is therefore not fully centralized, but this will change shortly to a master/slave model, which will allow the introduction of a reputation management system.
Similar to DCC, yes. Matter of fact, same idea. But, the "fuzziness" of DCC's "fuzzy" hash is BS; it's still an MD5. All DCC tries to do is normalize the message before MD5'ing. That isn't fuzzy.
I happen to know of one organization that has decided to convert almost all their desktop systems to Gnome+StarOffice, wherever possible. I think the plan is to have one or two Win* boxen, to act as conversion stations when having to send electronic documents to the outside world, but the overall plan is to dump Windows because of licensing cost issues.
Regardless of what that article says, the costs are very real and companies are definitely considering it. Perhaps one or two cases may have been misinterpreted, but by and large the case for converting to Linux has not been mispresented.
--jordan
Searches still proxy through Netscape
on
Netscape 6.2
·
· Score: 1
I just changed my default search site to google from Netscape, and was quite annoyed to see my search still get sent through netscape before being redirected to google.
Slashdot Mirror
silly AOL, will they ever listen?
http://www.darkridge.com/~jpr5/src/icopy.pl
Specify a search pattern and it will copy from the iPod to a specified destination any song whose Title, Album, or Artist matches the search string.
--jordan
Get set, ready, go!
--jordan
Forget the machines, the ballots, whatever. My voting experience scared me and I don't even have to mention electronic voting.
I arrived as a Non-partison voter. Three people manned the booths. I waited in line to get my electronic voter card, and the person in front of me was asked "what affiliation are you?" They responded "neutral". OK, so that sounds like me, I guess that's what I'll say (I didn't know to say specifically "non-partisan"). My turn comes up, I'm asked what affiliant and I say "neutral" too.
I put in my card, and of course the ballot screen is in plain view of everyone, but whatever I don't really care (yet). My choices come up, and I was dumbfounded. I didn't recognize any of the names, I couldn't make any choices or anything. I scanned the screen thoroughly -- the eballots themselves are simple but the interface obfuscates certain important things -- and finally noticed at the top that it said "Natural Party Ballot." Holy shit, they gave me the wrong ballot!
But wait a second, they gave the person in front of me the wrong ballot too, then! And sure enough, that person had already gotten themselves 3 screens deep into an electronic keyboard to try and type "Kerry" (I could see her screen, bogus) because none of the choices allowed her to.
Summary: the guy who gave me my voter cards must be a moron. Oh my god, this can't be an isolated occurrence. But wait, there's more.
I finally get my card settled and go vote. This time I recognize some of the names, but again I couldn't vote on the democratic primary. What gives? I flip open my voter booklet and on the second or third page it stated something to the effect of: "non-partisan voters can vote in 3 of the 7 party primaries, just request a ballot to do so".
So I requested the ballot. Moron #1 had no idea what I was talking about, asked me if I'd voted, I said "yes of course but" and he cut me off and said "well then you're done." No I'm not, look right here in YOUR BOOKLET, SEE? "Gee, I don't know anything about that." OK, done with you, let's try door #2.
The second guy was a little bit more intelligent but still had no idea. "But it's right here in the voter registration booklet, and the details take up this entire page, how can you guys not know what this is?" He still had no idea, but at least he had the good sense to ask person #3.
Person #3, the youngest of the three, was outside taking a cell phone call and came back in to help me. She at least was willing to consider that I and my voter pamphlet might be right. Rummage rummage rummage, shuffle shuffle, oh, the directions state he can vote a paper ballot. Moron #1 insists "we ain't got any", starts looking around. A short period of chaos ensues, the line stops moving forward. A box under Moron #1 contains something; he insists they aren't ballots. Person 2 gets the box, Person 3 opens it and whoa! Look at that, paper ballots.
But they're still uncertain, and it's freaking me out. Well, they reason, I must be allowed to fill out a paper ballot if that's what the booklet says. Huh??????? You guys don't *know*? WTF?
I fill out the paper ballot and hand it back to the 3rd person, who seemed the most intelligent and most aware of what was going on of the three. Of course, she took the ballot from me and folded it, put it in a corner and that's the last I saw of it. It didn't go into a box, it didn't go into any safe place. Who knows what its eventual fate might be.
Now listen, I understand that the electronic voting systems have vulnerabilities and problems and (for the most part) whackjob morons designing them. But you know what? After my experience today I am *really* more concerned about the process, the training, and the people.
They're volunteers, and man thank you, the world could use more of a helping hand in general. But they were soooo ignorant! Where did my paper ballot go? Was that even the right ballot to fill out? And the electronic one? WTF happened to
because this is hardly a first, last edition of WIRED wrote all about it.
--jordan
Because there are portions of the MySQL code that are just painful to look at.
Take for instance the part that takes as input the key index size and calculates internal buffer sizes. The option's size is an unsigned long long, but they cast it to an unsigned long all over the place, do in-place bitshifting on the cast (and cause it to wrap -- try specifying 4G for your key index sometime and you'll get 0), and the quality of code in that case is just painfully horrible to look at or even figure out what it's doing.
I could only shudder to think what the quality of the commercial product looked like, in comparison. Hell, I'll have nightmares if I consider the quality of MySQL++ as a comparison..
--jordan
You obviously missed my point.
The utility of any one language is irrelevant here; the point is that proclaiming the unviability of C and C++ while failing to recognize the obvious -- a colossal amount of software written in C and C++ comprise almost every major portion of all modern OSes today -- is just, quite plainly, asinine and grossly ignorant.
Perhaps you didn't notice I said "OS implementation" and not "kernel". Do a ps aux on a Linux box sometime and see if you can figure out what I meant.
As much respect as I have for the project and its developers, his broad, sweeping statement to the effect of C/C++ is no longer a viable language is really telling of his ignorance and lack of perspective. Which is too bad, since there are other points he makes that are useful lessons.
To claim the fundamental implementations of all modern OSes (Windows, almost every single UNIX, Linux, and the plethora of other OSes) to be "no longer viable" is way beyond reproach: it's just plain idiotic, and does significant damage to the credibility of his other points.
Unfortunately, my that-was-ridiculously-stupid meter flew off the scale when I read that point, so I stopped reading right there.
I'm not sure why everyone is saying PHP and Apache 2.0 aren't compatible when in a non-prefork MPM. I use the threadpool (worker thread) MPM in Apache 2.0.45 and have PHP 4.3.1, SSL 0.9.7b, MySQL 4.0.11, and Oracle 9i 9.2.0 all compiled in, and have experienced NO problems whatsoever.
Understanding the MPM stuff is still hazy, like how to tweak the process/thread limits like I did in 1.3.x. It would be nice if someone would write up a document specifically about these (beyond the documentation already available at Apache's website). I am not yet comfortable that I've been able to sufficiently apply slashdot-effect experiences/lessons to my 2.x configuration as I have with my 1.3.x configuration.
--jordan
Keep in mind this is the second attempt and producing a Napster movie.
Starz Pictures had already written a script, and I believed was seeking directors when apparently they just ran out of cash. Bummer.
In any case, keep your eyes peeled for the book too, which should be out in the Spring!
--jordan
What's REALLY interesting is I've heard that NAI/McAfee have been in acquisition discussions with Symantec.
So, Symantec buys SecurityFocus, NAI busy Symantec, and boom, overnight you have a huge amalgam of one-stop Security and Anti-Virus.
Jeez, kinda scary. No?
--jordan
SpamNet is the name of our Windows solution -- You can still use the system on *nix by downloading the Razor2 agents and SDK.
--jordan
This is a common problem most easily managed by a human, not automated tools like CVS. On a per-tree, per-branch or even per-module basis, each chunk has a person responsible for managing changes to the tree, which I traditionally call the "Patch Master". This alleviates the common problem of multiple patches wiping each other out, as described.
Patches are either sent directly to the patch master, diff'd against a base or branch, or are committed on a per-developer branch, after which the patch master is notified either by built-in CVS mechanism or email. In both cases, it is the Patch Master's responsibility to merge changes from diff or from branches. Merging is a tedious process, but this alleviates the productivity problems affecting everyone on the devteam, limiting it to just one person and allowing everyone else to progress with further development.
Some people complain that having one person manage patches does not scale (i.e. "Linus does not scale"), but what I'm suggesting is a more collaborative, distributed, team-oriented approach -- perhaps you have a team of 10 developers with 5 "modules" in active development; each module is assigned a "team lead" as patch master and they are responsible for managing commits.
--jordan
SMTP is P2P. HTTP is P2P. NNTP is P2P. The internet? P2P. Our nationwide telephone switching system? Woops, P2P too.
You mean fully distributed, not P2P. And I don't think anyone claims it, except for Gnutella and its variants.
--jordan
Is anyone surprised by this outcome? Was anyone actually watching during the dot-com meltdown? Hey, let's give away our client and fund our company on ad revenue alone. Yeah, right.
And what of all the conspiracy theorists? Guess they'll just have to remove their foot from their mouth . Oh, and maybe these guys too
--jordan
Since when did NTBugTraq become reputable by anyone's hand OTHER than the moderator, Russ Cooper? Is anyone actually reading NTBugTraq? How does a history of a moderator editing other people's posts, a moderator who uses the list as his own personal battleground, how did NTBugTraq all of a sudden become so reputable?
And Russ Cooper himself? Uhm, what background does he have that makes him reputable? TruSecure, a front organization created by him with little background? What research has Russ contributed to the security community? Where is his experience that proves he knows what he's talking about?
No one can argue with numbers, and I'm not arguing that statistics can be manipulated out of context to prove just about any assertion, but reputable? Give me a break. Russ Cooper is a flaming idiot. Just read his posts about w00w00 to his own list recently, and ask yourself if he doesn't sound like a clown.
--jordan
I wrote the paper a year ago, moron.
--jordan
P2P is an abstract model for communication between 2 or more points. It exists in our phone switching networks (~100 years), Internet (~25 years), most common network-based software (~20 years), etc. Does your company use sendmail, or maybe even Exchange? SMTP is a P2P transport. Perhaps you read news? NNTP is a P2P transport.
The notion that Napster (or any other file sharing system) can lay claim to any part of the P2P phenomenon, aside from raising awareness, is absolutely ridiculous. The notion that P2P is just now starting to gain a foothold in businesses is fiendeshly drug-induced.
The hype still continues. Ignorance pervades. What they really mean is "distributed", and even then most reporters are still talking out of their asses.
--jordan
It does work, there's no debating that. The reason is because SPAMers are not yet up against mainstream technophile-type people; the mindless masses still aren't smart enough to use a procmail filter or anything else. In terms of numbers of people reached, the numbers are still in their favor to not even bother modifying their algorithms.
However, that will change, and so will Razor. Quite soon, in fact, Razor will have a real "fuzzy" match algorithm. Note, not like the bogus "fuzzy" match system that DCC employs, which isn't fuzzy at all but is rather a normalized MD5 (still unique).
--jordan
The comment made in the submission states that Razor is gnutella-like. That is BS too; if anything, it's Napster-like. Razor is a centralized, collaborative filtering system. One could argue that Razor's master servers are distributed and that the entire system is therefore not fully centralized, but this will change shortly to a master/slave model, which will allow the introduction of a reputation management system.
Keep your eyes peeled.
--jordan
Similar to DCC, yes. Matter of fact, same idea. But, the "fuzziness" of DCC's "fuzzy" hash is BS; it's still an MD5. All DCC tries to do is normalize the message before MD5'ing. That isn't fuzzy.
--jordan
Nuff said.
--jordan
I happen to know of one organization that has decided to convert almost all their desktop systems to Gnome+StarOffice, wherever possible. I think the plan is to have one or two Win* boxen, to act as conversion stations when having to send electronic documents to the outside world, but the overall plan is to dump Windows because of licensing cost issues.
Regardless of what that article says, the costs are very real and companies are definitely considering it. Perhaps one or two cases may have been misinterpreted, but by and large the case for converting to Linux has not been mispresented.
--jordan
I just changed my default search site to google from Netscape, and was quite annoyed to see my search still get sent through netscape before being redirected to google.
Spying assholes.
--jordan