it seems to me that when the supreme court finally got around to racially intergrating public schools, the legalleese included the term "in due time," which some schools interperted as "years from now." these schools managed to keep intergration on the bottom of their to-do lists for a very long time.
You don't think the DOJ has learned from these tactics? Quoting from the Proposed Final Judgement:
cc. "Timely Manner": disclosure of APIs, Technical Information and Communications Interfaces in a timely manner means, at a minimum, publication on a web site accessible by ISVs, IHVs, and OEMs at the earliest of the time that such APIs, Technical Information, or Communications Interfaces are (1) disclosed to Microsoft's applications developers, (2) used by Microsoft's own Platform Software developers in software released by Microsoft in alpha, beta, release candidate, final or other form, (3) disclosed to any third party, or (4) within 90 days of a final release of a Windows Operating System Product, no less than 5 days after a material change is made between the most recent beta or release candidate version and the final release.
Note that those four conditions are OR'ed, which means no later than anyone at MS has used them, and when you're within 90 days of a final release of a new version of Windows, 5 days after they've changed (whether anyone's used them or not).
Would you prefer to pay for content than to view ads? Because content-oriented sites including/.) rely on ads to make money. Otherwise they will have to charge money for subscriptions -- or fold up shop and go home! Advertisers (tv, web, etc) are doing you a favor by letting you view things for free
Just ignore the ads if you want, but don't ruin it for the rest of us by blocking out the advertisers that are paying for you to receive content for free -- because if too many start it will be the end of free content sites on the web. Or worse -- they will require special plugins to ensure ad views -- which will obviously be Windows only.
You know what, the web used to have a lot of very hight quality content on it -- and absolutely no ads. Maybe you weren't around back then, but you could actually find things with search engines like Yahoo and AltaVista. It was the power of that web that made me boggle at the possibilities.
Now we've got a lot more stuff. Amazon, portals, news sites, and (of course)/. Some of this is good, and some of it isn't. But keep this in mind: not everything has to make money. Maybe huge corporations have to make money at everything. And I know that web space doesn't come free. But if I pay my ISP $XXX a month, I get some web space and I can put up whatever I want. Maybe I put it up because I care about it, or think others might.
This is the kind of stuff I'd rather have. Stuff that people actually care about and do because they love. I'd rather read a website written by real people than a corporation any day.
Given that you cite Principles Underlying Intervention from the DOE/DOJ for your criteria for early warning signs, do you plan on following the Principles Underlying Intervention from the same report?
Of particular interest are the following:
Inform parents and listen to them when early warning signs are observed.
Maintain confidentiality and parents' rights to privacy.
Develop the capacity of staff, students, and families to intervene.
I'm assuming here that everyone here is basically well-intentioned. That no one is intentionally setting out to run roughshod over anybody's rights. My question is: Isn't there a better way to do this? Instead of treating kids like they are criminals who need to be turned in by paid anonymous informants, couldn't we do something about the sources of their problems instead? I know that it's probably more expensive (and not as easy to take credit for "doing something") to make pschological counseling available. But isn't that the solution? I think that having counseling available, and letting the parents and the kids know that it is, will go a long way to fixing this. And I'm not talking about the "Here's some Ritalin/Prozac/Zoloft now go be a good kid" kind of counseling either. That does no one, least of all the kids, any good. Maybe that's not the answer. But my point is, having kids turn each other in for fun and profit sounds like a part of the problem, and not a part of the solution. It all boils down to the fact that we've got some emotionally and psychologically disturbed kids out there, and pitting them against each other doesn't seem like it will get any of them any help. -- -Esme
From the press release (all that's at the site, really):
Building on our strengths as a software company, X-Box will offer game developers a powerful platform and game enthusiasts an incredible experience,? said Bill Gates, chairman and chief software architect at Microsoft. ?We want X-Box to be the platform of choice for the best and most creative game developers in the world.?
You've gotta love the chutzpah of M$ talking about their "strengths" in software. I was playing their N64 monster truck game last week, and it actually crashed! (I had joked about it earlier because the friend who rented it knows my anti-M$ leanings... and then it happened -- the first time I've ever seen a console crash.)
If you make a copy, that is theft - pure and simple - you have taken something which is not yours. You can try and hide your actions by cloaking it in phrases like 'making a backup', or it 'they won't notice' or whatever, but there can be no argument that it is theft.
Actually, I disagree.
Here's where some of that good ol' free software philosophy comes in handy.
If you have a car, and I take it from you, that's theft (because I have taken something, you have lost something). If I take money from you, ditto.
But if you have a song, or a movie, or some source code, or a binary, and I make a copy of it, this is not theft. You have lost nothing, you still have your song, movie, code, etc.
Now, you can argue that artists, record labels, and movie studios have the right to profit off of their works. But it's not the same as theft: you haven't helped them, but you haven't hurt them either.
What I would like (maybe I should go over to mozilla.org and see if I can suggest it formally...) is to be prompted for cookies and foreign host calls. The prompt should be:
foo.com would like to set a cookie "id=qqeruilskfjafj1905817843"
Always allow this host to set cookies
Allow this time
Deny this time
Never allow this host to set cookies
Same thing for foreign host calls:
foo.com would like to access "http://bar.org/cgi-bin/trojan-horse.cgi?id=qqerui lskfjafj1905817843&page=foo.com"
Always allow foo.com to access any foreign host
Always allow foo.com to access bar.org
Allow this time
Deny this time
Never allow foo.com to access bar.org
Never allow foo.com to access any foreign host
Never allow any host to access bar.org
After that, it would never bug you about that decision again, if you used any of the Always or Never options. The problem with current browsers is that they don't let you set policies, they only let you make the decision every time. That's not real privacy protection, because no one is going to be able to actually make intelligent decisions when faced with the barrage of cookies and remote-host calls made in a typical web page today.
What I want is the ability to specify the sites I want to be able to use cookies (I don't want to have to login to my.yahoo.com every time I check the news), and damn the rest (I would rather be anonymous when I'm browsing through books & movies at amazon, thank you).
You don't have to like it, but the simple fact of the matter is that the GPL is a serious impediment to a lot of good, honest open source work. You can't blame the BSD people for wanting to make a free Unix.
Before we get too wrapped up in how much "good, honest open source work" the GPL has prevented, let's not get forget about that the different licenses serve very different purposes, and serve them well.
BSD is about getting code reused, not reinventing the wheel, and and maximum flexibility for all uses commercial or otherwise.
GPL is about keeping software free and encouraging contribution back to the community.
By the same token as you might not like that the GPL hinders companies (prevents them from closing source or making other restrictions), an author might not like the fact the BSD allows that. And in the final analysis, the coder is the one who has the right to make that call, not you, me, or anyone else.
In my ever so humble opinion, the LGPL addresses most of the freeness problems in the GPL, and really should be used a lot more. However, I still suspect that even that's not free enough for BSD, and I'm not going to argue with them, because they're trying to do as much good for the world as they can. There are more axes of dissent here than meets the eye.
I'm not sure I agree that the GPL has any "freeness problems" that need fixing, so much as a very different idea about what's important, and which freedoms they want to protect. Not everybody's freedoms can be protected all of the time, and a choice has to be made.
Don't get me wrong, I see a lot of good in both licenses. In fact, it pains me that there isn't more work being done to reconcile the different priorities embodied in the licenses to reach a consensus.
Most importantly, I think that we should all remember that both licenses are designed to do good things, preserve freedom, and make the world a better place. Isn't that what this is all about?
I'm the sysadmin for the PCASSO Project, which also handles medical information over the web. Our system is different: we do lab results, operative notes, demographics, and an audit trail. The next step in our development would be to implement messaging and/or multimedia.
If you take a look at our website and our publications, I think you will agree that the security strategy that the development team implemented is quite rigorous. We do three-factor auth (user/password, digital cert, challenge-response), and use non-anonymous SSL, so that both the server and the client have to be authenticated by digital cert. We also use Java for the client, instead of just a web browser, so we can protect the client enviroment a little more against trojan horses and to make the digital certs easier.
I can understand why you wouldn't want to do certs. They're difficult, require that you use something other than plain web pages, and require a time-delay to mail or pick up in person. But a simple challenge-response system shouldn't be that hard to implement.
The other main thing you should think about, and that PCASSO spent a lot of effort on, is the server security. We used a B2-rated OS (Trusted DG/UX) and implemented MAC labels in the database and OS. This is harder than using a standard OS and not labeling (the former sysadmin and I have an article in the October issue of SysAdmin magazine about some of the things we dealt with), but is far more secure.
An even better one is putting in the site's own abuse@ address. If they have one, they'll get the joy of spamming themselves; if they don't, it'll bounce. Nobody gets hurt but the jerks.:)
One better, so you don't even have to bother with figuring out who is going to start sending the spam: just use postmaster@127.0.0.1
I recently installed OpenBSD on my home machine, and after spending about three weeks trying to get various things to work, I decided I'd be better off with Linux.
Before I began, I made a list of programs/functionality that I needed, both for the server tasks (FTP, Telnet, WWW, SSH, IP Masquerading, etc.) and as a workstation (running WordPerfect, Netscape, playing MP3s, etc). And as I got things to work, I crossed them off my list.
The good news was that a lot of things worked right out of the box (or straight from the ports tree). Getting bash, trn, X, ssh, NAT, and basic networking was a piece of cake. Unlike the experience of the author of the article, the install handled my NIC and cable-modem-dhcp setup automatically (unlike Linux where I had to use a non-standard dhcp program and another program to "login" to my Road Runner accoutn).
But after the initial install and setup, there were several things that didn't work for me, and I didn't really get them working satisfactorily:
Printing. I've got a HP Laserjet, and the basic printing works fine. Ghostscript rips PS to PCL just fine under Linux and OpenBSD. But under Linux, RedHat comes with an, IMHO, awesome magic filter. Just type 'lpr foo' and it'll figure out what foo is and Do The Right Thing. I spent a lot of time trying to write a magic filter for OpenBSD, and never really got it to work as well (mostly because some of the image and text-processors either wouldn't work, or because file gives the wrong answer for some image types).
Linux emulation. Everybody seems to say that the Linux emul under OpenBSD is the eighth wonder of the world, but my mileage definitely varied. I can't say that I really got acceptable results for anything, much less everything. And this is a show-stopper for me. If I can't run Linux binaries (and as long as there are basically no OpenBSD binaries), OpenBSD is not an option for me. I need some kind of word processor like Star Office or WordPerfect, for example.
Sound. I never got sound working, and I couldn't find a damn thing about it on the net.
Compiling. After a few futile attempts, I learned that the ports tree is the way to go. But if there isn't a port of something (say Apache with PHP and mod_perl), it's a pain in the neck to try to get it to build. Maybe it's me (in fact, I'm sure it's me), and maybe other people can get it to build just fine, but it's beyond my skills. With Linux, someone else has already done everything I've ever thought of and put up a step-by-step website. So if I run into trouble, I'm ususally just a google-search away from getting it done.
One thing I'll say though, it gives me a newfound appreciation for the smooth Linux installs. It took me a few times though to get the OpenBSD install to take. Mostly because the whole disklabel thing was new to me, and I figured out that the a slice was root, and that the c slice was the whole disk. But I didn't get that the b slice was swap, so my/usr didn't work until I figured that out.
Also, it reminded me that Linux on the desktop does work, if you've got a certain ammount of technical knowledge. My Netscape doesn't crash. I can play MP3's and use a word processor and spreadsheet (Gnumeric). The network configuration and IP masquerading isn't as cool as OpenBSD's, but it does work.
She said a similar event in San Diego drew about 40 computer sellers who wanted to see if their software was legit, and ``the vast majority was counterfeit.'
Honesty compels me to admit skepticism. But I'll set it aside for long enough to ask the obvious questions:
Where are commputer sellers getting MS software, under circumstances that they wouldn't be sure it was legit? Surely not from MS. From middleman distributors? If so, and if "the vast majority" of what they're selling is counterfeit, and if they're selling it openly enough that 40 computer sellers in one town can get hooked up for a steady supply... then why isn't the FBI all over the racket?
Don't know about where you live, but here in San Diego, there are hundreds of tiny little PC shops. I was getting a hamburger at some place in Kearny Mesa (part of town where most of them are located), and there were like five shops in one strip mall.
Sure, some of the big ones get their MS products from big, reputable distributors like Ingram Micro, et al. But if you're a tiny little PC maker, and you're looking at various distributors, and somebody's selling Office for $10 less, don't you think you'd try to cut corners?
Take this to its extreme, and since MS products prices keep staying the same (or going up) as PC prices keep diving, it gets more and more important to having the lowest price to get the best deal on MS products from your distributor.
Particularly when you're a little mom-and-pop store and less money for MS products means more money in your pocket, I can really understand why you'd want to get the best deal, even when you thought your distributor might not be on the up-and-up. If you could plausibly say that you thought they were legit, and they delivered everything on time, why not?
Add to this the fact that the shops that were using reputable distributors, and those that weren't suspicious about the too-good-to-be-true prices, and it's surprising that all of those who went to check weren't getting fakes.
For example, I'm the sysadmin for a project called PCASSO (Patient-Centered Access to Secure Systems Online), which is led by Dixie Baker at SAIC and Dan Masys at UCSD. The basic idea is secure access for providers and patients over the net. We're currently at the end of a three-year grant, and are in the middle of a field test with a few hundred providers and a few dozen patients at a local university medical group.
And the whole focus of the project was security. It was designed from the ground up with HIPAA in mind. A little bit of detail is available at our website, but the basics are:
Server runs B2-class DG/UX and Trusted Oracle 7, and MAC labels are implemented both in the database and in the OS.
The client is a Java applet, so it can't damage the client env. No plaintext identifiers exist in the client env, and input is done using a graphical keyboard so the keypresses can't be captured.
Multi-factor auth: username and password, plus challenge-response, plus digital cert. And, our SSL is not the usual anonymous kind, so both the client and the server have to prove who they are.
Role-based access controls, so patients can't see patient-deniable data, and providers can see only their own patients' records (with provisions for emergencies, of course).
There was an article in SysAdmin magazine (no fulltext online, unfortunately:( ) last month where the previous sysadmin and I discussed some of our experiences with the system and with the users' reactions. Basically, doing things right is a pain, and some users (mostly the providers who are used to easy and unlimited access) hate the multi-factor auth. We'll have a better idea of what the patients think once we've gotten a critical mass and done some surveys.
Jon, I usually find your articles to be very thought-provoking, though I am usually deeply ambivalent about your positions and opionions, per se.
Not this time, however. This one missed the mark by so far that I could only see one kernel of truth:
But some of the fault lies in the way our institutions - education, politics, media - deal with technology. We're trapped between two useless states - alarm and euphoria.
You're dead on here. Watching the nighly news as a ping-pong game between big media alarm and marketing machine euphoria can be quite entertaining.
And in case you haven't figured it out yet, this piece is part of the problem.
Maybe next week's installment will deliver the euphoric antidote to this week's alarm. Maybe not. Who cares?
autorun is an absolute BAD IDEA from a security point of view. running email attachment programs with a single (or double, for that matter) click is also one of the major reasons why Windows is BAD for the newbie user.
I think that autorun is an acceptable security for convenience trade-off, iff a Java-like set of permissions is used. That is, unsigned autorunners can't do anything that could harm your system (read files, delete files, send stuff out over the network, etc). Signed autorunners present their credentials in a standardized format where the user can either grant or deny permission to do things. The real problem with windows is not the ease-of-running programs, but the boneheaded approach to security permissions that allows unsigned, untrusted programs to run without permission or warning.
In fact, I think a RPM-like format that also included the ability to autolaunch a graphical install program (like the windows world has) would be very nice. Sure, it would be nice to be able to read the Makefile or do a make -n. But really, we're talking about newbies here. Do you think they can read source code? Do you think that they can read a Makefile?
I don't think so. And regardless of why Linus started working on this OS eight years ago, Linux is now the best hope for bringing real, Free, software to the masses. Continually complaining that every user-interface improvement is a bastardization or a security hole does not help things.
If you're worried that it'll be a huge security hole, don't use it. Last time I checked, most software was distributed as RPMs, DEBs, and tarballs. Adding another format (or changing one), isn't going to stop this. And if you're worried about the security holes in commercial software when they won't let you see the source, don't use it. Or try to get them to open the source. But a few user-interface improvements to the installation process doesn't change your options here.
autorun is an absolute BAD IDEA from a security point of view. running email attachment programs with a single (or double, for that matter) click is also one of the major reasons why Windows is BAD for the newbie user.
I think that autorun is an acceptable security for convenience trade-off, iff a Java-like set of permissions is used. That is, unsigned autorunners can't do anything that could harm your system (read files, delete files, send stuff out over the network, etc). Signed autorunners present their credentials in a standardized format where the user can either grant or deny permission to do things.
In fact, I think a RPM-like format that also included the ability to autolaunch a graphical install program (like the windows world has) would be very nice. Sure, it would be nice to be able to read the Makefile or do a make -n. But really, we're talking about newbies here. Do you think they can read source code? Do you think that they can read a Makefile?
I don't think so. And regardless of why Linus started working on this OS eight years ago, Linux is now the best hope for bringing real, Free, software to the masses. Continually complaining that every user-interface improvement is a bastardization or a security hole does not help things.
If you're worried that it'll be a huge security hole, don't use it. Last time I checked, most software was distributed as RPMs, DEBs, and tarballs. Adding another format (or changing one), isn't going to stop this. And if you're worried about the security holes in commercial software when they won't let you see the source, don't use it. Or try to get them to open the source. But a few user-interface improvements to the installation process doesn't change your options here.
We might as well just be done with it and start using the IPA. The only problems we'd have then are dialectal variations in pronunciation (e.g., my wife (a ling grad student) has a book called 'a course in phonetics' which has the IPA representation of both the American and British standard pronunciations, and it's surprising how many differences there are).
Fox allowing only 1 screen/theater?
on
Star Wars Tidbits
·
· Score: 1
I think you've got this confused.
I heard (on Ent. Tonight) that Fox sent out some regulations, and one of them was that the theatres had to show Menace on the largest theatre they had. So if they've got one theatre that's big and a bunch of small ones, then they'd only be able to show it on one screen. But if they've got several large theatres, they could show it on all of them.
One more point about the Apache performance claim:
Remember that article a few weeks ago by noted MS partisan Ziff-Davis that showed that Apache kicked NT's butt for web throughput, and for Samba, NT's native language?
Guess this guy couldn't be bothered to actually check to see which product was better before spouting off about it.
One more point about the Apache performance claim: Remember that article a few weeks ago by noted MS partisan Ziff-Davis that showed that Apache kicked NT's butt for web throughput, and for Samba, NT's native language? Guess this guy couldn't be bothered to actually check to see which product was better before spouting off about it.
Slashdot Mirror
You don't think the DOJ has learned from these tactics? Quoting from the Proposed Final Judgement:
Note that those four conditions are OR'ed, which means no later than anyone at MS has used them, and when you're within 90 days of a final release of a new version of Windows, 5 days after they've changed (whether anyone's used them or not).
Sounds like a good definition of "timely" to me.
-Esme
You know what, the web used to have a lot of very hight quality content on it -- and absolutely no ads. Maybe you weren't around back then, but you could actually find things with search engines like Yahoo and AltaVista. It was the power of that web that made me boggle at the possibilities.
Now we've got a lot more stuff. Amazon, portals, news sites, and (of course) /. Some of this is good, and some of it isn't. But keep this in mind: not everything has to make money. Maybe huge corporations have to make money at everything. And I know that web space doesn't come free. But if I pay my ISP $XXX a month, I get some web space and I can put up whatever I want. Maybe I put it up because I care about it, or think others might.
This is the kind of stuff I'd rather have. Stuff that people actually care about and do because they love. I'd rather read a website written by real people than a corporation any day.
-Esme
Of particular interest are the following:
--
-Esme
I'm assuming here that everyone here is basically well-intentioned. That no one is intentionally setting out to run roughshod over anybody's rights. My question is: Isn't there a better way to do this? Instead of treating kids like they are criminals who need to be turned in by paid anonymous informants, couldn't we do something about the sources of their problems instead? I know that it's probably more expensive (and not as easy to take credit for "doing something") to make pschological counseling available. But isn't that the solution? I think that having counseling available, and letting the parents and the kids know that it is, will go a long way to fixing this. And I'm not talking about the "Here's some Ritalin/Prozac/Zoloft now go be a good kid" kind of counseling either. That does no one, least of all the kids, any good. Maybe that's not the answer. But my point is, having kids turn each other in for fun and profit sounds like a part of the problem, and not a part of the solution. It all boils down to the fact that we've got some emotionally and psychologically disturbed kids out there, and pitting them against each other doesn't seem like it will get any of them any help. -- -Esme
From the press release (all that's at the site, really):
You've gotta love the chutzpah of M$ talking about their "strengths" in software. I was playing their N64 monster truck game last week, and it actually crashed! (I had joked about it earlier because the friend who rented it knows my anti-M$ leanings... and then it happened -- the first time I've ever seen a console crash.)
--
-Esme
Actually, I disagree.
Here's where some of that good ol' free software philosophy comes in handy.
If you have a car, and I take it from you, that's theft (because I have taken something, you have lost something). If I take money from you, ditto.
But if you have a song, or a movie, or some source code, or a binary, and I make a copy of it, this is not theft. You have lost nothing, you still have your song, movie, code, etc.
Now, you can argue that artists, record labels, and movie studios have the right to profit off of their works. But it's not the same as theft: you haven't helped them, but you haven't hurt them either.
--
-Esme
This is almost exactly what I want.
What I would like (maybe I should go over to mozilla.org and see if I can suggest it formally...) is to be prompted for cookies and foreign host calls. The prompt should be:
foo.com would like to set a cookie "id=qqeruilskfjafj1905817843"
Same thing for foreign host calls:
foo.com would like to access "http://bar.org/cgi-bin/trojan-horse.cgi?id=qqerui lskfjafj1905817843&page=foo.com"
After that, it would never bug you about that decision again, if you used any of the Always or Never options. The problem with current browsers is that they don't let you set policies, they only let you make the decision every time. That's not real privacy protection, because no one is going to be able to actually make intelligent decisions when faced with the barrage of cookies and remote-host calls made in a typical web page today.
What I want is the ability to specify the sites I want to be able to use cookies (I don't want to have to login to my.yahoo.com every time I check the news), and damn the rest (I would rather be anonymous when I'm browsing through books & movies at amazon, thank you).
-Esme
Before we get too wrapped up in how much "good, honest open source work" the GPL has prevented, let's not get forget about that the different licenses serve very different purposes, and serve them well.
BSD is about getting code reused, not reinventing the wheel, and and maximum flexibility for all uses commercial or otherwise.
GPL is about keeping software free and encouraging contribution back to the community.
By the same token as you might not like that the GPL hinders companies (prevents them from closing source or making other restrictions), an author might not like the fact the BSD allows that. And in the final analysis, the coder is the one who has the right to make that call, not you, me, or anyone else.
I'm not sure I agree that the GPL has any "freeness problems" that need fixing, so much as a very different idea about what's important, and which freedoms they want to protect. Not everybody's freedoms can be protected all of the time, and a choice has to be made.
Don't get me wrong, I see a lot of good in both licenses. In fact, it pains me that there isn't more work being done to reconcile the different priorities embodied in the licenses to reach a consensus.
Most importantly, I think that we should all remember that both licenses are designed to do good things, preserve freedom, and make the world a better place. Isn't that what this is all about?
--
-Esme
I'm the sysadmin for the PCASSO Project, which also handles medical information over the web. Our system is different: we do lab results, operative notes, demographics, and an audit trail. The next step in our development would be to implement messaging and/or multimedia.
If you take a look at our website and our publications, I think you will agree that the security strategy that the development team implemented is quite rigorous. We do three-factor auth (user/password, digital cert, challenge-response), and use non-anonymous SSL, so that both the server and the client have to be authenticated by digital cert. We also use Java for the client, instead of just a web browser, so we can protect the client enviroment a little more against trojan horses and to make the digital certs easier.
I can understand why you wouldn't want to do certs. They're difficult, require that you use something other than plain web pages, and require a time-delay to mail or pick up in person. But a simple challenge-response system shouldn't be that hard to implement.
The other main thing you should think about, and that PCASSO spent a lot of effort on, is the server security. We used a B2-rated OS (Trusted DG/UX) and implemented MAC labels in the database and OS. This is harder than using a standard OS and not labeling (the former sysadmin and I have an article in the October issue of SysAdmin magazine about some of the things we dealt with), but is far more secure.
--
-Esme
One better, so you don't even have to bother with figuring out who is going to start sending the spam: just use postmaster@127.0.0.1
--
-Esme
I recently installed OpenBSD on my home machine, and after spending about three weeks trying to get various things to work, I decided I'd be better off with Linux.
Before I began, I made a list of programs/functionality that I needed, both for the server tasks (FTP, Telnet, WWW, SSH, IP Masquerading, etc.) and as a workstation (running WordPerfect, Netscape, playing MP3s, etc). And as I got things to work, I crossed them off my list.
The good news was that a lot of things worked right out of the box (or straight from the ports tree). Getting bash, trn, X, ssh, NAT, and basic networking was a piece of cake. Unlike the experience of the author of the article, the install handled my NIC and cable-modem-dhcp setup automatically (unlike Linux where I had to use a non-standard dhcp program and another program to "login" to my Road Runner accoutn).
But after the initial install and setup, there were several things that didn't work for me, and I didn't really get them working satisfactorily:
One thing I'll say though, it gives me a newfound appreciation for the smooth Linux installs. It took me a few times though to get the OpenBSD install to take. Mostly because the whole disklabel thing was new to me, and I figured out that the a slice was root, and that the c slice was the whole disk. But I didn't get that the b slice was swap, so my /usr didn't work until I figured that out.
Also, it reminded me that Linux on the desktop does work, if you've got a certain ammount of technical knowledge. My Netscape doesn't crash. I can play MP3's and use a word processor and spreadsheet (Gnumeric). The network configuration and IP masquerading isn't as cool as OpenBSD's, but it does work.
--
-Esme
http://gort.ucsd.edu/escowles/
Don't know about where you live, but here in San Diego, there are hundreds of tiny little PC shops. I was getting a hamburger at some place in Kearny Mesa (part of town where most of them are located), and there were like five shops in one strip mall.
Sure, some of the big ones get their MS products from big, reputable distributors like Ingram Micro, et al. But if you're a tiny little PC maker, and you're looking at various distributors, and somebody's selling Office for $10 less, don't you think you'd try to cut corners?
Take this to its extreme, and since MS products prices keep staying the same (or going up) as PC prices keep diving, it gets more and more important to having the lowest price to get the best deal on MS products from your distributor.
Particularly when you're a little mom-and-pop store and less money for MS products means more money in your pocket, I can really understand why you'd want to get the best deal, even when you thought your distributor might not be on the up-and-up. If you could plausibly say that you thought they were legit, and they delivered everything on time, why not?
Add to this the fact that the shops that were using reputable distributors, and those that weren't suspicious about the too-good-to-be-true prices, and it's surprising that all of those who went to check weren't getting fakes.
-Esme
Some medical records are already online.
For example, I'm the sysadmin for a project called PCASSO (Patient-Centered Access to Secure Systems Online), which is led by Dixie Baker at SAIC and Dan Masys at UCSD. The basic idea is secure access for providers and patients over the net. We're currently at the end of a three-year grant, and are in the middle of a field test with a few hundred providers and a few dozen patients at a local university medical group.
And the whole focus of the project was security. It was designed from the ground up with HIPAA in mind. A little bit of detail is available at our website, but the basics are:
There was an article in SysAdmin magazine (no fulltext online, unfortunately :( ) last month where the previous sysadmin and I discussed some of our experiences with the system and with the users' reactions. Basically, doing things right is a pain, and some users (mostly the providers who are used to easy and unlimited access) hate the multi-factor auth. We'll have a better idea of what the patients think once we've gotten a critical mass and done some surveys.
Jon, I usually find your articles to be very thought-provoking, though I am usually deeply ambivalent about your positions and opionions, per se.
Not this time, however. This one missed the mark by so far that I could only see one kernel of truth:
You're dead on here. Watching the nighly news as a ping-pong game between big media alarm and marketing machine euphoria can be quite entertaining.
And in case you haven't figured it out yet, this piece is part of the problem.
Maybe next week's installment will deliver the euphoric antidote to this week's alarm. Maybe not. Who cares?
-Esme
--
Esme Cowles
http://gort.ucsd.edu/escowles/
I think that autorun is an acceptable security for convenience trade-off, iff a Java-like set of permissions is used. That is, unsigned autorunners can't do anything that could harm your system (read files, delete files, send stuff out over the network, etc). Signed autorunners present their credentials in a standardized format where the user can either grant or deny permission to do things. The real problem with windows is not the ease-of-running programs, but the boneheaded approach to security permissions that allows unsigned, untrusted programs to run without permission or warning.
In fact, I think a RPM-like format that also included the ability to autolaunch a graphical install program (like the windows world has) would be very nice. Sure, it would be nice to be able to read the Makefile or do a make -n. But really, we're talking about newbies here. Do you think they can read source code? Do you think that they can read a Makefile?
I don't think so. And regardless of why Linus started working on this OS eight years ago, Linux is now the best hope for bringing real, Free, software to the masses. Continually complaining that every user-interface improvement is a bastardization or a security hole does not help things.
If you're worried that it'll be a huge security hole, don't use it. Last time I checked, most software was distributed as RPMs, DEBs, and tarballs. Adding another format (or changing one), isn't going to stop this. And if you're worried about the security holes in commercial software when they won't let you see the source, don't use it. Or try to get them to open the source. But a few user-interface improvements to the installation process doesn't change your options here.
I think that autorun is an acceptable security for convenience trade-off, iff a Java-like set of permissions is used. That is, unsigned autorunners can't do anything that could harm your system (read files, delete files, send stuff out over the network, etc). Signed autorunners present their credentials in a standardized format where the user can either grant or deny permission to do things.
In fact, I think a RPM-like format that also included the ability to autolaunch a graphical install program (like the windows world has) would be very nice. Sure, it would be nice to be able to read the Makefile or do a make -n. But really, we're talking about newbies here. Do you think they can read source code? Do you think that they can read a Makefile?
I don't think so. And regardless of why Linus started working on this OS eight years ago, Linux is now the best hope for bringing real, Free, software to the masses. Continually complaining that every user-interface improvement is a bastardization or a security hole does not help things.
If you're worried that it'll be a huge security hole, don't use it. Last time I checked, most software was distributed as RPMs, DEBs, and tarballs. Adding another format (or changing one), isn't going to stop this. And if you're worried about the security holes in commercial software when they won't let you see the source, don't use it. Or try to get them to open the source. But a few user-interface improvements to the installation process doesn't change your options here.
We might as well just be done with it and start using the IPA. The only problems we'd have then are dialectal variations in pronunciation (e.g., my wife (a ling grad student) has a book called 'a course in phonetics' which has the IPA representation of both the American and British standard pronunciations, and it's surprising how many differences there are).
I heard (on Ent. Tonight) that Fox sent out some regulations, and one of them was that the theatres had to show Menace on the largest theatre they had. So if they've got one theatre that's big and a bunch of small ones, then they'd only be able to show it on one screen. But if they've got several large theatres, they could show it on all of them.
Remember that article a few weeks ago by noted MS partisan Ziff-Davis that showed that Apache kicked NT's butt for web throughput, and for Samba, NT's native language?
Guess this guy couldn't be bothered to actually check to see which product was better before spouting off about it.
One more point about the Apache performance claim: Remember that article a few weeks ago by noted MS partisan Ziff-Davis that showed that Apache kicked NT's butt for web throughput, and for Samba, NT's native language? Guess this guy couldn't be bothered to actually check to see which product was better before spouting off about it.