An engineer, a mathematician, and a physicist are riding a train through Scotland.
The engineer looks out the window, sees a black sheep, and exclaims, "Hey! They've got black sheep in Scotland!"
The mathematician looks out the window and corrects the engineer, "Strictly speaking, all we know is that there's at least one black sheep in Scotland."
The physicist looks out the window and corrects the mathematician, "On one side."
The idea that authorship is a tangible thing has been around for at least 1500 years. The concept that the right to control copying is also a tangible thing came somewhat later when technology intervened to make large-scale duplication at little cost somewhat accessible to the masses - but even that was over 500 years ago with Gutenberg.
To the Internet generation this somehow seems newly quaint. A book can be copied in a click, and carried in essentially no physical space, so does that change the rules?
It can't, because ease of copying and carrying wasn't the principle in the first place. The principle is that the author and publisher are in control of their works. If we're willing to take that away based on convenience, because the publisher or the author hasn't done what we wanted them to do, that's no different from downloading a current best seller or an expensive limited edition.
As to what I'd do given my own morals and ethics: if I'm going to violate the principle, I'm not going to rationalize it to anyone else because I'm not going to TELL anyone else.
I don't remember exactly when I registered this account. I think I did it simply to customize the page, so it could have been a while between registration and my initial post in early 1999.
I logged in today for the first time in at least a year, just to see my ID number and chime into this branch.
PE: identify, investigate, and kill processes you don't know to be safe. Turn on the Image Path column, use the built-in google and strings searches. Worst outcome from over-aggression here is the system crashes. Restart and try again.
Mercilessly delete the directories that hosted the spyware, if you can, or just the apparently related files if you can't delete the directory.
Oops, some of those files were in use. Figure out what's using them (PE's dll/handle search), kill it, then try the deletion again. And again, and again. Why do those files keep coming back?;-)
* EXPERT LEVEL TRICK: NTFS Permissions. Apply as appropriate and repeate above as needed.
* WEENIE LEVEL TRICK: WinZip anything you're unsure about deleting into an archive with full path info.
Got 'em all? Use Autoruns to clean up the startup triggers.
When I got back into day-to-day admin work a couple years ago, it would take me a couple of hours to work through this, starting with AdAware and Spybot S&D, doing full scans, rebooting when prompted, etc. Now, using just those two utils, I can get a system to be functionally spyware-free in about half an hour. I use AdAware and Spybot only to clean up the non-functional traces, after the utility approach has successfully stopped the live malware.
I can never keep up with what Harlan Ellison is available from what publisher at any given time.
The Dangerous Visions series, edited by Ellison, is a great collection of late 60's/early 70's speculative fiction (not necessarily SF) stories by authors whom you should know.
The series is worth a read on its own, and has been out of print for a long time, so it qualifies as an answer to the original question. The first volume was released last year in a 35th anniversary edition available in all the usual places, so it shouldn't take a long search to find a copy.
Everybody in the collection wrote something else that's worth reading. A lot of that good stuff is also out-of-print. Find someone you like in DV and then hunt down the longer gems...
No answer, but...
on
Rear View LCD?
·
· Score: 2, Insightful
Do you really need to be able to identify letters in a regular rear view mirror? They look all wombly to me.
Anyway, most of the signs around here have the letters on the front.
They've got a good set of sample movies and TV news coverage on their site (MPEG and Real Player formats).
I was skeptical (doesn't animation like this require a shutter of some sort?). The simulations are hokey, but the TV clips show in in action more or less.
AMD's having a so-so day at the NYSE. But what's this?? a 40K volume spike and a $0.15 bump at about 1:30 EST (right after this story was posted)? Followed by a drop of all those gains? Looks like this was a $12K joke.
I wonder if the similar rise and fall at 10:30 corresponds to the first appearance of this story...
This trick is actually another case of Microsoft being Microsoft. They didn't innovate it, they embraced and extended it.
Big Tobacco did it over the last few decades. It works like this:
Hire nearly every legal and research firm in the country, getting all the top players by name. It doesn't matter what they're asked to do - in fact, the more trivial it is the better...
"Good day Mr. Senior Partner for Anti Trust. We's appreciate hearing your opinion on the anti-trust implications of the lead story in today's Post - in the sports section."
"The World Series has no anti-trust implications for Microsoft."
"Thanks for your time."
Once the big names all had Microsoft (henceforth to be known as "The Defendant") on their vitae, they were morally and professionally forbidden from playing a significant role in "The Prosecution", formerly known as "the public interest".
(I'll resist trying to figure out who is "not too bright here...)
Look, the actual documentation for this rollup clearly states you need IE 5.5 SP2 or IE 6. You simply cannot start at the address El Reg posted without encountering:
System Requirements
This update applies to:
Internet Explorer 5.5 SP2
Internet Explorer 6
RTFM, perhaps. Or should someone do it for you?
And if you haven't found SP2 yet, it isn't hard to locate. From within IE, click "Help" and select "Online Support". You get a page at Microsoft with a "Support Menu" on the left. Does the heading "Find & Download Software" suggest anything to you?
But that makes me wonder - if you have IE and haven't done anything to check for updates since at least AUGUST (when SP2 was posted), why are you trying to install a day 0 patch in the first place?
now - if there was a wireless version that worked in the bathroom, they'd be millionaires right now
Oh but there is...
I got a Symbol 1502 keychain scanner for the cost of shipping from "VAR Reseller" magazine. Got the SDKs from Symbol's site, and now I'm scanning wherever I feel like it.
Turns out, I don't feel like it much. Could be 'cause it wasn't free (as in beer) so there hasn't been a groundswell of hackerly support, and I'm on my own figuring out how to hook it into existing databases.
Could be 'cause there just plain isn't all that much I want to scan in the bathroom.
(I -did- figure out that a buddy's dorky bar-code tattoo is the UPC off a box of tampons...)
How perfect of USA Today to think that we've forgotten the astronauts just because their writers aren't paying attention.
I guess $20M doesn't buy much more than the same 15 minutes anything else gets you - yeah, Dennis Tito counts as a famous astronaut.
But spend a little time poking around SpaceFacts. Scan any one of the comprehensive lists of space people and see just how few names have ever been well-known.
Fame is the exception, as usual. USA Today forgot that. As usual...
AFAIK, Win3.x isn't in widespread use as an Internet client, and the 32-bit executables that could carry these signatures wouldn't work so hot in a 16-bit environment. No, I don't know if adding Win32 qualifies Win3.x to get spoofed by this (but I doubt it), but that still wouldn't put Win3.x "in widespread use".
Likewise, an executable written for Win9x or later wouldn't be a good vector for harmful activity on a Mac or Linux, and it's a really long shot to come up with a malicious executable signed by MS but targetted at non-MS OS's. It could happen, but it won't.
It's a big deal because if you're supporting a few thousand PC's with some version of a Microsoft home page, or with a bunch of auto-update or additional resource features that hit MS web sites, you're getting calls about this. If you've planned to set up and test a bunch of new machines today, you'll think something is wrong with the Internet connection.
Even if you don't give a rat's ass about MS - the company, if you don't give a rat's ass about its users, they're never going to care about you or anything you care about either.
Remember the stories about the expired passport.com domain (the heart of MS's access management for Hotmail, MSN, and a lot of other heavily used services) that was renewed by a third party, someone who doesn't otherwise use MS stuff?
I develop JS intensive pages for an online commerce server that I didn't write - so it's not exactly by my choice. There have been countless times when I've first tested something in IE, where it worked, and then tested it in NS, where it didn't.
Upon closer examiniation of my work, I usually find that NS has more strictly interpreted my code and discovered problems it couldn't figure out how to correct, while IE made enough assumptions to deliver the page, regardless of how those assumptions might change what I intended.
Either approach cuts both ways. I don't want to write code that's wrong, but I don't want my code rejected if it -is- wrong somehow.
The silver lining is that I've only rarely written code that works in NS but causes errors in IE.
The biggest difference between this reason "Netscape sucks" and the other cited reasons (bad CSS support, etc.) is that the other reasons show how NS fails when you do things correctly, while this one either shows how NS fails when you fail, or, as with this site, requires that you correctly implement code written specifically to dodge NS.
What the stupid default password in Pirahna "proved" was that system security is an active pursuit, not a passive one. The flaw in the fish only bit people who never changed the password, even when instructed to during installation, never mind on a regular basis as many standard system security practices recommend.
Yes, by all means, do "your own damn auditing", but don't waste your time by doing so before you have an actual policy of secure practices in place to audit.
And be really careful about calling in an outside auditor. You won't get your money's worth if you and your system aren't ready, and you might wind up paying contractor rates to fix really stupid things - anyone who needed an outside auditor to find and fix the Pirahna flaw shouldn't be trusted to carry their own money, let alone their company's.
Unlike the Y2K problem, I've never actually seen code which would stumble on this one. I've always wondered if this started out as a joke among Y2K warriors ("don't worry about Y2K, we'll never make it past the 9999 bug"), which got sucked up by the mainstream media in the hysteria, much like virii hoaxen sometimes do.
Today is 090999, not 9999, and not 999999. Software which codes the date in a MMDDYY format must keep leading zeros internally, and only trim them for display. Or, software which trims the leading zeros must keep the MM, DD, and YY fields completely distinct, and only show them together for (again) display.
If dates were handled as badly as it would take to choke on 9/9/99, date handling would probably have failed within a month of the first run.
Umm, these aren't REG keys. They're labels for offsets in a DLL. The words don't appear in the DLL either, but because of the NT4SP5 patch they were "leaked".
The article says they were overloaded because: The massive response led SETI@home to allocate most of its computing power to the Web servers that handled the software downloads.
So, they didn't recruit mirror sites in advance. They instead got into the business of distributing software, not pumping out WUs.
And they're about to update the client software. Here's hoping they don't repeat the mistake.
Ok, now that I have an excuse...
on
Slashdot Updates
·
· Score: 1
Ah, who needs an excuse around here.
I added the HTML below to my user space, and now I've got as much Weather in Hell as I can handle. Plus, it follows me all over/.
Rats. I can't post HTML samples - they either hide or don't get promoted to the right characters. Substitute wisely...
[center][A HREF="http://www.brunching.com/toys/toy-hellweathe r.html"][IMG SRC="http://www.brunching.com/images/hellweather.g if" BORDER=0 ALT="The Weather in Hell"][/A][/center]
(Okay, I checked the international list and there's no match there either. I'd hope the best lawyers on the ISLAND would be wise enough be listed in the standard directory. No I'm not, I just work at a firm.)
Slashdot Mirror
An engineer, a mathematician, and a physicist are riding a train through Scotland.
The engineer looks out the window, sees a black sheep, and exclaims, "Hey! They've got black sheep in Scotland!"
The mathematician looks out the window and corrects the engineer, "Strictly speaking, all we know is that there's at least one black sheep in Scotland."
The physicist looks out the window and corrects the mathematician, "On one side."
The idea that authorship is a tangible thing has been around for at least 1500 years. The concept that the right to control copying is also a tangible thing came somewhat later when technology intervened to make large-scale duplication at little cost somewhat accessible to the masses - but even that was over 500 years ago with Gutenberg.
To the Internet generation this somehow seems newly quaint. A book can be copied in a click, and carried in essentially no physical space, so does that change the rules?
It can't, because ease of copying and carrying wasn't the principle in the first place. The principle is that the author and publisher are in control of their works. If we're willing to take that away based on convenience, because the publisher or the author hasn't done what we wanted them to do, that's no different from downloading a current best seller or an expensive limited edition.
As to what I'd do given my own morals and ethics: if I'm going to violate the principle, I'm not going to rationalize it to anyone else because I'm not going to TELL anyone else.
I don't remember exactly when I registered this account. I think I did it simply to customize the page, so it could have been a while between registration and my initial post in early 1999.
I logged in today for the first time in at least a year, just to see my ID number and chime into this branch.
Process Explorer and Autoruns from Sysinternals.
PE: identify, investigate, and kill processes you don't know to be safe. Turn on the Image Path column, use the built-in google and strings searches. Worst outcome from over-aggression here is the system crashes. Restart and try again.
Mercilessly delete the directories that hosted the spyware, if you can, or just the apparently related files if you can't delete the directory.
Oops, some of those files were in use. Figure out what's using them (PE's dll/handle search), kill it, then try the deletion again. And again, and again. Why do those files keep coming back? ;-)
* EXPERT LEVEL TRICK: NTFS Permissions. Apply as appropriate and repeate above as needed.
* WEENIE LEVEL TRICK: WinZip anything you're unsure about deleting into an archive with full path info.
Got 'em all? Use Autoruns to clean up the startup triggers.
When I got back into day-to-day admin work a couple years ago, it would take me a couple of hours to work through this, starting with AdAware and Spybot S&D, doing full scans, rebooting when prompted, etc. Now, using just those two utils, I can get a system to be functionally spyware-free in about half an hour. I use AdAware and Spybot only to clean up the non-functional traces, after the utility approach has successfully stopped the live malware.
The previous story was about NASA's scramjet, while this one is about Wired's story about it.
Totally different, see?
... and check out where the additional reporting came from:
roblimo
So, if it's a baseless rumor it's fine to put it here, but once the fact are checked then the real story goes somewhere else?
The Dangerous Visions series, edited by Ellison, is a great collection of late 60's/early 70's speculative fiction (not necessarily SF) stories by authors whom you should know.
The series is worth a read on its own, and has been out of print for a long time, so it qualifies as an answer to the original question. The first volume was released last year in a 35th anniversary edition available in all the usual places, so it shouldn't take a long search to find a copy.
Everybody in the collection wrote something else that's worth reading. A lot of that good stuff is also out-of-print. Find someone you like in DV and then hunt down the longer gems...
Do you really need to be able to identify letters in a regular rear view mirror? They look all wombly to me.
Anyway, most of the signs around here have the letters on the front.
They've got a good set of sample movies and TV news coverage on their site (MPEG and Real Player formats).
I was skeptical (doesn't animation like this require a shutter of some sort?). The simulations are hokey, but the TV clips show in in action more or less.
AMD's having a so-so day at the NYSE. But what's this?? a 40K volume spike and a $0.15 bump at about 1:30 EST (right after this story was posted)? Followed by a drop of all those gains? Looks like this was a $12K joke.
I wonder if the similar rise and fall at 10:30 corresponds to the first appearance of this story...
Hope the SEC thinks this stuff is funny.
This trick is actually another case of Microsoft being Microsoft. They didn't innovate it, they embraced and extended it.
Big Tobacco did it over the last few decades. It works like this:
Hire nearly every legal and research firm in the country, getting all the top players by name. It doesn't matter what they're asked to do - in fact, the more trivial it is the better...
Once the big names all had Microsoft (henceforth to be known as "The Defendant") on their vitae, they were morally and professionally forbidden from playing a significant role in "The Prosecution", formerly known as "the public interest".
(I'll resist trying to figure out who is "not too bright here...)
Look, the actual documentation for this rollup clearly states you need IE 5.5 SP2 or IE 6. You simply cannot start at the address El Reg posted without encountering:
RTFM, perhaps. Or should someone do it for you?
And if you haven't found SP2 yet, it isn't hard to locate. From within IE, click "Help" and select "Online Support". You get a page at Microsoft with a "Support Menu" on the left. Does the heading "Find & Download Software" suggest anything to you?
But that makes me wonder - if you have IE and haven't done anything to check for updates since at least AUGUST (when SP2 was posted), why are you trying to install a day 0 patch in the first place?
now - if there was a wireless version that worked in the bathroom, they'd be millionaires right now
Oh but there is...
I got a Symbol 1502 keychain scanner for the cost of shipping from "VAR Reseller" magazine. Got the SDKs from Symbol's site, and now I'm scanning wherever I feel like it.
Turns out, I don't feel like it much. Could be 'cause it wasn't free (as in beer) so there hasn't been a groundswell of hackerly support, and I'm on my own figuring out how to hook it into existing databases.
Could be 'cause there just plain isn't all that much I want to scan in the bathroom.
(I -did- figure out that a buddy's dorky bar-code tattoo is the UPC off a box of tampons...)
How perfect of USA Today to think that we've forgotten the astronauts just because their writers aren't paying attention.
I guess $20M doesn't buy much more than the same 15 minutes anything else gets you - yeah, Dennis Tito counts as a famous astronaut.
But spend a little time poking around SpaceFacts. Scan any one of the comprehensive lists of space people and see just how few names have ever been well-known.
Fame is the exception, as usual. USA Today forgot that. As usual...
AFAIK, Win3.x isn't in widespread use as an Internet client, and the 32-bit executables that could carry these signatures wouldn't work so hot in a 16-bit environment. No, I don't know if adding Win32 qualifies Win3.x to get spoofed by this (but I doubt it), but that still wouldn't put Win3.x "in widespread use".
Likewise, an executable written for Win9x or later wouldn't be a good vector for harmful activity on a Mac or Linux, and it's a really long shot to come up with a malicious executable signed by MS but targetted at non-MS OS's. It could happen, but it won't.
Lee.
So I guess it didn't remind you as much as you thought...
"So they lost their DNS for a few hours.
It's a big deal because if you're supporting a few thousand PC's with some version of a Microsoft home page, or with a bunch of auto-update or additional resource features that hit MS web sites, you're getting calls about this. If you've planned to set up and test a bunch of new machines today, you'll think something is wrong with the Internet connection.
Even if you don't give a rat's ass about MS - the company, if you don't give a rat's ass about its users, they're never going to care about you or anything you care about either.
Remember the stories about the expired passport.com domain (the heart of MS's access management for Hotmail, MSN, and a lot of other heavily used services) that was renewed by a third party, someone who doesn't otherwise use MS stuff?
Funny thing is:
I develop JS intensive pages for an online commerce server that I didn't write - so it's not exactly by my choice. There have been countless times when I've first tested something in IE, where it worked, and then tested it in NS, where it didn't.
Upon closer examiniation of my work, I usually find that NS has more strictly interpreted my code and discovered problems it couldn't figure out how to correct, while IE made enough assumptions to deliver the page, regardless of how those assumptions might change what I intended.
Either approach cuts both ways. I don't want to write code that's wrong, but I don't want my code rejected if it -is- wrong somehow.
The silver lining is that I've only rarely written code that works in NS but causes errors in IE.
The biggest difference between this reason "Netscape sucks" and the other cited reasons (bad CSS support, etc.) is that the other reasons show how NS fails when you do things correctly, while this one either shows how NS fails when you fail, or, as with this site, requires that you correctly implement code written specifically to dodge NS.
What the stupid default password in Pirahna "proved" was that system security is an active pursuit, not a passive one. The flaw in the fish only bit people who never changed the password, even when instructed to during installation, never mind on a regular basis as many standard system security practices recommend.
Yes, by all means, do "your own damn auditing", but don't waste your time by doing so before you have an actual policy of secure practices in place to audit.
And be really careful about calling in an outside auditor. You won't get your money's worth if you and your system aren't ready, and you might wind up paying contractor rates to fix really stupid things - anyone who needed an outside auditor to find and fix the Pirahna flaw shouldn't be trusted to carry their own money, let alone their company's.
Unlike the Y2K problem, I've never actually seen code which would stumble on this one. I've always wondered if this started out as a joke among Y2K warriors ("don't worry about Y2K, we'll never make it past the 9999 bug"), which got sucked up by the mainstream media in the hysteria, much like virii hoaxen sometimes do.
Today is 090999, not 9999, and not 999999. Software which codes the date in a MMDDYY format must keep leading zeros internally, and only trim them for display. Or, software which trims the leading zeros must keep the MM, DD, and YY fields completely distinct, and only show them together for (again) display.
If dates were handled as badly as it would take to choke on 9/9/99, date handling would probably have failed within a month of the first run.
Umm, these aren't REG keys. They're labels for offsets in a DLL. The words don't appear in the DLL either, but because of the NT4SP5 patch they were "leaked".
The article says they were overloaded because:
The massive response led SETI@home to allocate most of its computing power to the Web servers that handled the software downloads.
So, they didn't recruit mirror sites in advance. They got into the business of distributing software, not pumping out WUs.
And they're about to update the client software. Here's hoping they don't repeat the mistake.
The article says they were overloaded because: The massive response led SETI@home to allocate most of its computing power to the Web servers that handled the software downloads.
So, they didn't recruit mirror sites in advance. They instead got into the business of distributing software, not pumping out WUs.
And they're about to update the client software. Here's hoping they don't repeat the mistake.
Ah, who needs an excuse around here.
/.
e r.html"][IMG SRC="http://www.brunching.com/images/hellweather.g if" BORDER=0 ALT="The Weather in Hell"][/A][/center]
I added the HTML below to my user space, and now I've got as much Weather in Hell as I can handle. Plus, it follows me all over
Rats. I can't post HTML samples - they either hide or don't get promoted to the right characters. Substitute wisely...
[center][A HREF="http://www.brunching.com/toys/toy-hellweath
Didn't know.
But when did Canada secede?
(Okay, I checked the international list and there's no match there either. I'd hope the best lawyers on the ISLAND would be wise enough be listed in the standard directory. No I'm not, I just work at a firm.)