I've assigned Wikipedia entries in my communication + technology class for several years now. It really opened students' eyes in terms of what wikipedia actually is. It's amazing how many don't understand that it is editable by anyone. They were fascinated by its possibilities as well as its potential pitfalls. My favorite was the student who came back a week after the assignment and said, "I entered some information and some moron came and deleted it!"
The real reason they haven't found us yet is there aren't enough aliens contributing spare computer cycles to the STI@Home project (Search for Terrestrial Intelligence). Come on, folks; if you're an alien and you have a computer connected to the internet, why let your home computer waste millions of CPU cycles running a screen saver when it could be analyzing STI data?
That killer extension is tabbed browsing. Sure, IE has it now, but it is way late in the game (even Safari was earlier, and it explicitly is disallowed by Apple's Human Interface Guidelines). And it was the killer extension that drove many to Firefox and mozilla. I still get "oh, cool!" from people who watch me use it and have never used it before. Sure, there was a commercial emacs that had this feature as far back as 1988, but when tabbed browsing first hit mainstream web browsers it was revolutionary, and IE has been taking a back seat to mozilla-based browsers (and to safari) ever since.
Don't use the scientology thing to put slashdot down for censorship. When Scientology threatened to sue, they did delete the post, but they then posted a frontpage story about being forced to take the post down that was basically an extended critique of Scientology, complete with a huge list of links to sources about the abuses of scientology, xenu.net links, etc., including links to the very material that they had been forced to remove. The offending material, of course, was reposted in another comment (probably several times over) in the new discussion. The net effect was not censorship at all but a huge expose against scientology that was probably seen by half a million readers. The offending material was removed from a single comment on slashdot where it probably would have been ignored, but links to the same material along with a coherent explanation of many of the things wrong with the church of scientology was posted to the front page where it was read and discussed publicly by a much larger audience than would have ever been exposed to it. It was a victory for free speech, and it's unfair to criticize slashdot for censorship based on that example.
A few years ago when Microsoft started pressing for "responsible disclosure", they were pretty much mocked and ridiculed by everybody.
They were mocked because they made a mockery of responsible disclosure by trying to keep the bugs they were informed of quiet rather than trying to fix them. I don't think there's much of an opinion shift; there never were that many people who advocated releasing exploits into the wild before informing the vendor as a courtesy. A few, sure, but always a minority. But it isn't a case of MS being treated differently from other vendors; it's a case of MS arrogantly assuming they don't have to respond like other vendors to serious problems in their software.
But honestly, if YOU were an alien, with this fantastic technology to fly hundreds of light years to visit another planet with life on it, would you just fly by some stuff then go home?
Of course not! I'd at least stop and mutilate some cattle first.
Meanwhile, there's Jack Bauer in "24" -- the guy goes 24 hours (dragged out over 24 episodes!) without ever using the can once. Then again, he never eats or drinks anything either, so I suppose there's nothing in his system to excrete.
And that is that the web browser is designed specifically to deal with html. New html security holes are dealt with by web browser patches on a regular basis (for the good browsers anyway). Email clients read html as an extra; their main function is to send and receive email -- hopefully they will be updated regularly too when new security threats arise, but it's more likely to be an afterthought. That's another reason why I'm a proponent of having clients do what they are supposed to do and then pass the other protocols on to other clients rather than trying to do everything within a client that was primarily designed for one protocol. Why have a web browser read email and an email program handling HTML?
The browser is designed for HTML and is configurable by the user (or the user's admin) -- you can say no java, etc. More importantly, the user has to take positive action -- click a link -- and to recognize that he/she is now going on the web to see something rather than looking at an email document stored locally as a file. You can also see where the nastiness is coming from if you land on a hostile script posted to a web page. Finally, you have a choice whether or not to click the link (and I usually don't). As long as the link is in plaintext (which is what I am advocating), you can see the address before you click on it, and you can decide whether it's worth the risk to see a photo of someone's dog you've never heard of. Embedded IMG tags and javascripts can be pretty nasty. Sure, these can be nasty in web browsers too, but at least you can make a reasoned decision before you wind up downloading some random script.
I don't see the point of taking security risks and wasting bandwidth on email that "looks nicer." You want a nice looking email, format it as a webpage, and send your friend a link to the web page. Or print it out and stick it in the post box. My email program is instructed to display all email as text only and if it is full of crappy html that isn't filtered out, I hope it wasn't an important email because I deleted it. But I shouldn't have to bother; this junk should be filtered out at the server level and I'm glad the DoD at least recognizes that email security is more important than how nice it looks. I only wish my university would do the same:) Don't get me wrong, I love html, but it's not made for pretty-ing up email. It's made for hyper-text, which email should not be. Most email programs allow you to follow links that are part of an email message pretty easily, so what's wrong with sending the link to your browser?
Put the pictures on a web page and send your friends a link to the web page. I can't stand getting pictures via email. If you must show me a photo of your new kid, put it on a website and send me the link. I still won't look at it, but I'll respond telling you how cute he/she is and we will both feel better. As for bulleted lists,
* what * the * hell * is * wrong * with * asterisks?
They are just going into hiding. They have a secret lair under the ice where they will wait out global warming, patiently sharpening their tools, for they know that when the icecaps melt and humanity is thrown into chaos, that's when their day will come.
And I, for one, will welcome our Eudyptulan overlords!
It is not a "technical trick" offered as a way to "stop the behavior"; it's something built into the very software. If you don't like what the protocol does, don't use it. If you're going to use it, read the manual. The point is, the "behavior" in question is simply linking, the very purpose of the Web. I realize you think my HTTP comment was a joke, but you appear to have missed the point again -- if you don't want your document to be available to people using HTTP, don't make it available via HTTP. Making it available and then suing someone for linking to it is just moronic.
This is boilerplate contract for employment with the CIA or NSA or other US intelligence organizations. The US courts have consistently weaseled out of deciding such cases on strictly first amendment grounds, falling back on contract law (see Snepp or see Marchetti, Agee) when there is a dispute between a former govt employee with access to government secrets and the government about publication. The Supreme Court has said it is ok for the government to enforce a contract requiring prior review of publications even though it's an obvious prior restraint. And it is routine for such authors to submit their work to the CIA (or whatever agency they worked for) before being allowed to publish it. While this is considered justified as a means of protecting classified information, it has clearly been abused in the past to restrain information that is critical or embarrassing to the government. (I don't particularly like that situation, but that's where the common law currently stands on the issue, and it's not likely to change for the better in the near future).
What is strange in this case is not the prior publication review but the fact that Leverett's article was cleared by the CIA, who found it revealed nothing classified, and that the White House then prevented publication anyway. That is an unjustified prior restraint, IMHO, and it would be interesting to see how the courts deal with this situation.
Slashdot Mirror
I've assigned Wikipedia entries in my communication + technology class for several years now. It really opened students' eyes in terms of what wikipedia actually is. It's amazing how many don't understand that it is editable by anyone. They were fascinated by its possibilities as well as its potential pitfalls. My favorite was the student who came back a week after the assignment and said, "I entered some information and some moron came and deleted it!"
Isn't that what Citizendium is supposed to become?
Canadian pr0n?!
The real reason they haven't found us yet is there aren't enough aliens contributing spare computer cycles to the STI@Home project (Search for Terrestrial Intelligence). Come on, folks; if you're an alien and you have a computer connected to the internet, why let your home computer waste millions of CPU cycles running a screen saver when it could be analyzing STI data?
aalib lets you play movies using ascii art. An aalib flash player would actually be pretty cool....
That killer extension is tabbed browsing. Sure, IE has it now, but it is way late in the game (even Safari was earlier, and it explicitly is disallowed by Apple's Human Interface Guidelines). And it was the killer extension that drove many to Firefox and mozilla. I still get "oh, cool!" from people who watch me use it and have never used it before. Sure, there was a commercial emacs that had this feature as far back as 1988, but when tabbed browsing first hit mainstream web browsers it was revolutionary, and IE has been taking a back seat to mozilla-based browsers (and to safari) ever since.
Don't use the scientology thing to put slashdot down for censorship. When Scientology threatened to sue, they did delete the post, but they then posted a frontpage story about being forced to take the post down that was basically an extended critique of Scientology, complete with a huge list of links to sources about the abuses of scientology, xenu.net links, etc., including links to the very material that they had been forced to remove. The offending material, of course, was reposted in another comment (probably several times over) in the new discussion. The net effect was not censorship at all but a huge expose against scientology that was probably seen by half a million readers. The offending material was removed from a single comment on slashdot where it probably would have been ignored, but links to the same material along with a coherent explanation of many of the things wrong with the church of scientology was posted to the front page where it was read and discussed publicly by a much larger audience than would have ever been exposed to it. It was a victory for free speech, and it's unfair to criticize slashdot for censorship based on that example.
This is North Korea; wouldn't the rabbit say "an-nyeong-ha-se-yo"?
So "Sanskrit" means "without krit", right?
They don't give the nobel peace prize for "attempted chemistry"!
(apologies to sideshow bob)
Try repairing the permissions and then reset the Reality Distortion Field.
It's not that Walmart is suddenly "good" for selling compact fluorescent bulbs.
It's that compact fluorescent bulbs are now irredeemably evil.
Another slashdot dupe; this article was posted in 1984.
Meanwhile, there's Jack Bauer in "24" -- the guy goes 24 hours (dragged out over 24 episodes!) without ever using the can once. Then again, he never eats or drinks anything either, so I suppose there's nothing in his system to excrete.
And that is that the web browser is designed specifically to deal with html. New html security holes are dealt with by web browser patches on a regular basis (for the good browsers anyway). Email clients read html as an extra; their main function is to send and receive email -- hopefully they will be updated regularly too when new security threats arise, but it's more likely to be an afterthought. That's another reason why I'm a proponent of having clients do what they are supposed to do and then pass the other protocols on to other clients rather than trying to do everything within a client that was primarily designed for one protocol. Why have a web browser read email and an email program handling HTML?
The browser is designed for HTML and is configurable by the user (or the user's admin) -- you can say no java, etc. More importantly, the user has to take positive action -- click a link -- and to recognize that he/she is now going on the web to see something rather than looking at an email document stored locally as a file. You can also see where the nastiness is coming from if you land on a hostile script posted to a web page. Finally, you have a choice whether or not to click the link (and I usually don't). As long as the link is in plaintext (which is what I am advocating), you can see the address before you click on it, and you can decide whether it's worth the risk to see a photo of someone's dog you've never heard of. Embedded IMG tags and javascripts can be pretty nasty. Sure, these can be nasty in web browsers too, but at least you can make a reasoned decision before you wind up downloading some random script.
Uhhh, no they're not. At least, they don't have to be, and the email program shouldn't allow them to be.
I don't see the point of taking security risks and wasting bandwidth on email that "looks nicer." You want a nice looking email, format it as a webpage, and send your friend a link to the web page. Or print it out and stick it in the post box. My email program is instructed to display all email as text only and if it is full of crappy html that isn't filtered out, I hope it wasn't an important email because I deleted it. But I shouldn't have to bother; this junk should be filtered out at the server level and I'm glad the DoD at least recognizes that email security is more important than how nice it looks. I only wish my university would do the same :) Don't get me wrong, I love html, but it's not made for pretty-ing up email. It's made for hyper-text, which email should not be. Most email programs allow you to follow links that are part of an email message pretty easily, so what's wrong with sending the link to your browser?
Put the pictures on a web page and send your friends a link to the web page. I can't stand getting pictures via email. If you must show me a photo of your new kid, put it on a website and send me the link. I still won't look at it, but I'll respond telling you how cute he/she is and we will both feel better. As for bulleted lists,
* what
* the
* hell
* is
* wrong
* with
* asterisks?
They are just going into hiding. They have a secret lair under the ice where they will wait out global warming, patiently sharpening their tools, for they know that when the icecaps melt and humanity is thrown into chaos, that's when their day will come.
And I, for one, will welcome our Eudyptulan overlords!
It is not a "technical trick" offered as a way to "stop the behavior"; it's something built into the very software. If you don't like what the protocol does, don't use it. If you're going to use it, read the manual. The point is, the "behavior" in question is simply linking, the very purpose of the Web. I realize you think my HTTP comment was a joke, but you appear to have missed the point again -- if you don't want your document to be available to people using HTTP, don't make it available via HTTP. Making it available and then suing someone for linking to it is just moronic.
This is boilerplate contract for employment with the CIA or NSA or other US intelligence organizations. The US courts have consistently weaseled out of deciding such cases on strictly first amendment grounds, falling back on contract law (see Snepp or see Marchetti, Agee) when there is a dispute between a former govt employee with access to government secrets and the government about publication. The Supreme Court has said it is ok for the government to enforce a contract requiring prior review of publications even though it's an obvious prior restraint. And it is routine for such authors to submit their work to the CIA (or whatever agency they worked for) before being allowed to publish it. While this is considered justified as a means of protecting classified information, it has clearly been abused in the past to restrain information that is critical or embarrassing to the government. (I don't particularly like that situation, but that's where the common law currently stands on the issue, and it's not likely to change for the better in the near future).
What is strange in this case is not the prior publication review but the fact that Leverett's article was cleared by the CIA, who found it revealed nothing classified, and that the White House then prevented publication anyway. That is an unjustified prior restraint, IMHO, and it would be interesting to see how the courts deal with this situation.