Then why isn't Linux slow???
on
Why Windows is Slow
·
· Score: 2, Insightful
Suposedly Windows is slow since it has to support legacy hardware. But Linux supports more legacy hardware than Windows. So, by that logic, Linux should be slower than Windows... Since that is not the case, I don't think support for legacy hardware is the reason Windows is slow...
The DMCA specifically allows circumvention of security devices for the purpose of cryptogtaphy research.
Also, it is a stretch to imply that the purpose of any security mechanism in RFID is designed for the purpose of protecting someone's copyright. Hence, I think it would be hard to prosecute someone under the DMCA...
By posting a political view that is against that of the current administration, you have been identified as a terrorist sympathizer. Hence, you are no longer anonymous.
Do you trust the executive branch to not do this? Nixon performed wiretaps on reporters that wrote stories that he didn't like. That was one of the reasons he was impeached.
Sorry for your loss of freedom, but we have decided to go back to the system of having Kings that are above the law...
Well, actually quite a lot of people who use keyboards get sick all the time. There is a ton of evidence that when you get a cold or whatever, then you touch something, and then somebody else touches it, that that is the most common way for colds to spread. The thing is, most people probably don't touch other people's keyboards all that often. But I guess they can start a new commercial campaign about how we should always wash our hands before and after using the computer...
The distinction between feature and vunerability is fuzzy. The fact that Windows XP ships with a blank administrator password is a feature too. Many home users find passwords bothersome. But the feature making the machine vunerable to administrator level access with no password is a vunerability. The code placed in the Sony rootkit remover that allowed the web browser to execute arbitrary code remotely was a feature too. But the fact that it could be used to run arbitrary code was also a vunerability. Any backdoor into a system that is placed there intentionally is both a feature and a vunerability.
You ask why it is a bad thing if the time between the discovery of a security vunerability and the time to relase a patch is increasing. You ackowlegde that in the Linux world, patches are fixed much faster due to their development model. So why is it a big deal if hackers can own your systems for longer without a patch being availiable? Isn't it obvious? HACKERS CAN OWN YOUR SYSTEM FOR LONGER BECAUSE A PATCH IS NOT AVAILIABLE. That is what the big deal is. They can use whatever development model they want. Releasing shoddy patches is only one solution that is available to them. The fact that they are able to cut the time it takes to release a patch in half if a working exploit has been publically released shows that it is more a matter of what resources they want to bring to bear on the problem rather than the minimum time to release a good patch. Or another way of stating this is, they are 25% less concerned with getting patches out in a timely manner than they used to be. So, the importance of security at Microsoft is decreasing.
What is interesting to me is the number of new users to IM services fall for Bots that chat with them using a perl script or whatever. Now some of the worms using IM are chatting with the users first in order to work better:
GOTOs sometimes make the code *more* readable
on
Goto Leads to Faster Code
·
· Score: 4, Interesting
I like everyone else was trained *never* to use the dreaded goto statement. I'll grant that Pascal was more readable than Basic (with unlabeled gotos).
But, sometimes, it is actually better to use a goto to make the code more readable. The Linux Kernel, for example, uses gotos. I was pretty sceptical at first because it had been drilled into my head how unreadable code was with gotos in it. But, reading the code, I have to admitt is is much more readable for exception handeling, for example.
If the goto would not make your code more readable then don't use it. But, in the cases where it would avoid a bunch of sillyness trying to get out of a bunch of nested loops in case some error happened, then it makes a lot of sense.
Linus Torvalds (and others) explain the reasoning for this at:
Let's say you have a bunch of code to which you own the copyright to (code A), and then some other code (code B) which was released to you under the GPL. If you combine the two and release a product, then it has to be released under the GPL. If I get the combined product (including the source code) under the GPL, and I want to redistribute it, I have to do so under the GPL. However, you still own the copyright to the code you have originally developed (Code A). You didn't license that code to yourself under the GPL. You have an inherant right to distribute it under whatever license you want. That's why companies can start out with closed source products, and later decide to relase them under the GPL so long as they control the copyright.
There was a similar issue about code that IBM deleloped in the whole IBM SCO trial. Basically, IBM develops some code to which they own the copyright. Then, they port it into UNIX. Since they still own the copyright, they then port it into Linux. Just because they release the code under one license for OS/2, another license for UNIX, and yet a third license for Linux does not mean that they somehow have lost their copyright of the code. It just means that they have licensed people to use it, under certain, limited conditions.
The way I see it, sony is one of the major companies authorized to create DVD players and license people to do so, perhaps. They are distributing code in their rootkit that has the capability to decode DVDs. As soon as a court forces them to release the source code to it under the LGPL, then evryone should have a clear license from Sony to make DVD player software (if this wasn't settled a long tie ago...)
I'd be willing to pay more for the movie if it came with the source code to the root kit that they wanted to intall on my machine to enforce DRM in order for me to watch it...
Re:A Neat Pixar/Disney Story
on
Pixar For Sale?
·
· Score: 1
Disney used to have a lot more creative people before they got the brilliant idea that they should contract them from project to project instead of providing them with permanent jobs. If I was an animator, under those circumstances, I would certainly want to go work for someone else. Someone like say... Pixar.
-I haven't tried it, but I'm guessing that there is probably a telnet client on there.
-Ftp push technology is supported, to publish your hascii feed on your online webserver: that is implemented using a simple C code which wraps execution of your unix ftp client.
-It can output to an HTML page with a meta-refresh tag so that it is constantly updating the image.
So, then theoretically, people could even view your webcam with lynx!
P.S. I was mostly kidding about the ASCII webcam feature. But it would be pretty funny to support this, now wouldn't it...
Well, actually the resource fork was incredibly useful in the Macintosh Applications at the time. Remember that because all of the graphics, text strings, etc were in the resource fork of the application, most applications did not require an installer at all. You simply copied the application somewhere and ran it. To uninstall it, you just deleted it. That is pretty nice compared to having to have the mishmash of package managers and then other programs that install themselves without package managers and strew their files throughout your file system, made obscure changes to text files, etc.
Also, if you wanted to take an application and translate it to another language, for example, you could easily open it with a resource editor, like Resedit, and just edit the strings. You would just Put in the translated stings for the new language. Now you have a new version of your application for a new language. Likewise, you could easily replace all of the pictures, sounds, etc that an application used. All of this could be done without recompiling the application, and using a standard GUI based tool.
Whether or not the way they implemented the resource fork was the best possible way to go about it, I think storing it in the same file, in a standardized format, was a good design decision at the time for the reasons stated above. Now, as applications have become more complex, and are probably not going to be contained in a single executable anymore, and are likely going to have an installer, and an uninstaller, it would be nice to have a separate file containing all of the same information that was in the resouce fork of the application.
OK, so it has this service that sits around eating up all your CPU monitoring all your running programs, checking their names and file sizes and looking for something... What is it looking for? Illegally copied software perhaps? What is it going to do when it finds it? If that is not what it is looking for, then what is the point of collecting all that information? Where is that information logged? In the oct.sys file perhaps (since it seems to be growing in size in the two pictures in the article and have an updated time stamp)And if it is not going to use it for the purpose of reporting "pirated" software, then is it just logging it locally somewhere so that if you had a lot of copyright infringement going on then they would have some kind of log of your activities? Or, is there also a way for them to trigger a report somehow?
Will Sony now sue the author of the Article for violating the DMCA and reverse engineering their technology that was intended to protect their copyrights and trying to help people illegally copy their music? I'm not saying he did any of that, because he certainly didn't. But, I'm just wondering if Sony will try to take that position...
Microsoft is already doing this. They have every single application that you can run on a PC hosted remotely so that people can use it. And it is even on a distributed grid network. Some customers even have thousands of machines clustered together, and remotely manage them with gui-based client administration tools. The capability to add new clients to your existing cluster is already built in to all versions of Windows by default when they ship. I just wasn't aware that it was a feature...
Just because someone can constitutionally censor someone's speech, does not necessarily mean that it is the right thing to do. While it is true that private schools do not have to guarentee students the right to freedom of speech, from a Constitutional perspective, that doesn't necessarily mean that it is not a free speech issue. To put this in perspective, consider that until 1925 when the supreme court ruled on Gitlow v New York, states such as New York were free to restrict free speech any way they wanted, as the 1st ammendment only applied to the federal government. The solution may very well be to go to a different school. But, wouldn't it make more sense, for the sake of the parents, students, and teachers involved, to create a public outcry about the misguided policy? Doing so may convince the school administration that perhaps they may have went a bit too far. Everything that is legally permissable is not right. And everything that is wrong can not be settled with a lawsuit. For everything else, there's slashdot...
Rootkits are indeed designed to hide malware from the tools that are designed to show what applications, network connections, etc. are running. The article went on to explain this a bit more clearly, but it may have been a bit subtle. Yes, the purpose of a rootkit is to hide running processes from things like ps, and the windows task manager and such. But, the deal is that many Antivirus products include not only static pattern based detection algorithms that look for malware, but also behavior-based detection algortihms. As the article put it, "Adding a rootkit to a virus increases its chances of avoiding detection because modern antivirus applications do not just look for specific code, but incorporate behavioural analysis to catch worms." Because the malware detection tools (antivirus, rkhunter, etc.) are making system calls to a an operating system that has been compromised by a trojan, the trojan is able to hide the activities of the malware from the detection tools. So, any kind of behavioral analysis is likely to fail, unless it is based on something that the rootkit wasn't clever enough to hide.
Slashdot Mirror
Suposedly Windows is slow since it has to support legacy hardware. But Linux supports more legacy hardware than Windows. So, by that logic, Linux should be slower than Windows... Since that is not the case, I don't think support for legacy hardware is the reason Windows is slow...
The DMCA specifically allows circumvention of security devices for the purpose of cryptogtaphy research.
Also, it is a stretch to imply that the purpose of any security mechanism in RFID is designed for the purpose of protecting someone's copyright. Hence, I think it would be hard to prosecute someone under the DMCA...
Dear Mr. Anonymous Coward,
By posting a political view that is against that of the current administration, you have been identified as a terrorist sympathizer. Hence, you are no longer anonymous.
Do you trust the executive branch to not do this? Nixon performed wiretaps on reporters that wrote stories that he didn't like. That was one of the reasons he was impeached.
Sorry for your loss of freedom, but we have decided to go back to the system of having Kings that are above the law...
Sincerely,
Randy
Well, actually quite a lot of people who use keyboards get sick all the time. There is a ton of evidence that when you get a cold or whatever, then you touch something, and then somebody else touches it, that that is the most common way for colds to spread. The thing is, most people probably don't touch other people's keyboards all that often. But I guess they can start a new commercial campaign about how we should always wash our hands before and after using the computer...
The distinction between feature and vunerability is fuzzy. The fact that Windows XP ships with a blank administrator password is a feature too. Many home users find passwords bothersome. But the feature making the machine vunerable to administrator level access with no password is a vunerability. The code placed in the Sony rootkit remover that allowed the web browser to execute arbitrary code remotely was a feature too. But the fact that it could be used to run arbitrary code was also a vunerability. Any backdoor into a system that is placed there intentionally is both a feature and a vunerability.
You ask why it is a bad thing if the time between the discovery of a security vunerability and the time to relase a patch is increasing. You ackowlegde that in the Linux world, patches are fixed much faster due to their development model. So why is it a big deal if hackers can own your systems for longer without a patch being availiable? Isn't it obvious? HACKERS CAN OWN YOUR SYSTEM FOR LONGER BECAUSE A PATCH IS NOT AVAILIABLE. That is what the big deal is. They can use whatever development model they want. Releasing shoddy patches is only one solution that is available to them. The fact that they are able to cut the time it takes to release a patch in half if a working exploit has been publically released shows that it is more a matter of what resources they want to bring to bear on the problem rather than the minimum time to release a good patch. Or another way of stating this is, they are 25% less concerned with getting patches out in a timely manner than they used to be. So, the importance of security at Microsoft is decreasing.
What is interesting to me is the number of new users to IM services fall for Bots that chat with them using a perl script or whatever. Now some of the worms using IM are chatting with the users first in order to work better:
http://news.com.com/New%20IM%20worm%20chats%20wit
I like everyone else was trained *never* to use the dreaded goto statement. I'll grant that Pascal was more readable than Basic (with unlabeled gotos).
But, sometimes, it is actually better to use a goto to make the code more readable. The Linux Kernel, for example, uses gotos. I was pretty sceptical at first because it had been drilled into my head how unreadable code was with gotos in it. But, reading the code, I have to admitt is is much more readable for exception handeling, for example.
If the goto would not make your code more readable then don't use it. But, in the cases where it would avoid a bunch of sillyness trying to get out of a bunch of nested loops in case some error happened, then it makes a lot of sense.
Linus Torvalds (and others) explain the reasoning for this at:
http://kerneltrap.org/node/553
In short, there are both readability and efficiency reasons to use gotos.
Let's say you have a bunch of code to which you own the copyright to (code A), and then some other code (code B) which was released to you under the GPL. If you combine the two and release a product, then it has to be released under the GPL. If I get the combined product (including the source code) under the GPL, and I want to redistribute it, I have to do so under the GPL. However, you still own the copyright to the code you have originally developed (Code A). You didn't license that code to yourself under the GPL. You have an inherant right to distribute it under whatever license you want. That's why companies can start out with closed source products, and later decide to relase them under the GPL so long as they control the copyright.
There was a similar issue about code that IBM deleloped in the whole IBM SCO trial. Basically, IBM develops some code to which they own the copyright. Then, they port it into UNIX. Since they still own the copyright, they then port it into Linux. Just because they release the code under one license for OS/2, another license for UNIX, and yet a third license for Linux does not mean that they somehow have lost their copyright of the code. It just means that they have licensed people to use it, under certain, limited conditions.
According to http://crux.nu/doc/handbook.html
in the FAQ
"4. I heard CRUX was based on Slackware, is that true?
No, that's incorrect. CRUX was built from scratch and has never been based on any other Linux distribution."
The way I see it, sony is one of the major companies authorized to create DVD players and license people to do so, perhaps. They are distributing code in their rootkit that has the capability to decode DVDs. As soon as a court forces them to release the source code to it under the LGPL, then evryone should have a clear license from Sony to make DVD player software (if this wasn't settled a long tie ago...)
Maybe they were former SCO employees...
I'd be willing to pay more for the movie if it came with the source code to the root kit that they wanted to intall on my machine to enforce DRM in order for me to watch it...
Disney used to have a lot more creative people before they got the brilliant idea that they should contract them from project to project instead of providing them with permanent jobs. If I was an animator, under those circumstances, I would certainly want to go work for someone else. Someone like say... Pixar.
Actually, the big thing that was stolen was
#include
There are a bunch of lines like this that were copied literally right from UNIX into Linux.
I did some research and I think you could do it with this live-cd:
http://ascii.dyne.org/?info=description
-I haven't tried it, but I'm guessing that there is probably a telnet client on there.
-Ftp push technology is supported, to publish your hascii feed on your online webserver: that is implemented using a simple C code which wraps execution of your unix ftp client.
-It can output to an HTML page with a meta-refresh tag so that it is constantly updating the image.
So, then theoretically, people could even view your webcam with lynx!
P.S. I was mostly kidding about the ASCII webcam feature. But it would be pretty funny to support this, now wouldn't it...
Well, actually the resource fork was incredibly useful in the Macintosh Applications at the time. Remember that because all of the graphics, text strings, etc were in the resource fork of the application, most applications did not require an installer at all. You simply copied the application somewhere and ran it. To uninstall it, you just deleted it. That is pretty nice compared to having to have the mishmash of package managers and then other programs that install themselves without package managers and strew their files throughout your file system, made obscure changes to text files, etc.
Also, if you wanted to take an application and translate it to another language, for example, you could easily open it with a resource editor, like Resedit, and just edit the strings. You would just Put in the translated stings for the new language. Now you have a new version of your application for a new language. Likewise, you could easily replace all of the pictures, sounds, etc that an application used. All of this could be done without recompiling the application, and using a standard GUI based tool.
Whether or not the way they implemented the resource fork was the best possible way to go about it, I think storing it in the same file, in a standardized format, was a good design decision at the time for the reasons stated above. Now, as applications have become more complex, and are probably not going to be contained in a single executable anymore, and are likely going to have an installer, and an uninstaller, it would be nice to have a separate file containing all of the same information that was in the resouce fork of the application.
This would be really cool if it supporte ASCII based Video chat! Ofcourse that would probably require specialized clients and all...
OK, so it has this service that sits around eating up all your CPU monitoring all your running programs, checking their names and file sizes and looking for something... What is it looking for? Illegally copied software perhaps? What is it going to do when it finds it? If that is not what it is looking for, then what is the point of collecting all that information? Where is that information logged? In the oct.sys file perhaps (since it seems to be growing in size in the two pictures in the article and have an updated time stamp)And if it is not going to use it for the purpose of reporting "pirated" software, then is it just logging it locally somewhere so that if you had a lot of copyright infringement going on then they would have some kind of log of your activities? Or, is there also a way for them to trigger a report somehow?
Will Sony now sue the author of the Article for violating the DMCA and reverse engineering their technology that was intended to protect their copyrights and trying to help people illegally copy their music? I'm not saying he did any of that, because he certainly didn't. But, I'm just wondering if Sony will try to take that position...
I forgot, since the Universe is Turning Compatible, as I noted above, then the creator is in fact artifically Intelligent...
The Universe is apparently Turning Compatible. It has an infinite stack.
Microsoft is already doing this. They have every single application that you can run on a PC hosted remotely so that people can use it. And it is even on a distributed grid network. Some customers even have thousands of machines clustered together, and remotely manage them with gui-based client administration tools. The capability to add new clients to your existing cluster is already built in to all versions of Windows by default when they ship. I just wasn't aware that it was a feature...
Just because someone can constitutionally censor someone's speech, does not necessarily mean that it is the right thing to do. While it is true that private schools do not have to guarentee students the right to freedom of speech, from a Constitutional perspective, that doesn't necessarily mean that it is not a free speech issue. To put this in perspective, consider that until 1925 when the supreme court ruled on Gitlow v New York, states such as New York were free to restrict free speech any way they wanted, as the 1st ammendment only applied to the federal government. The solution may very well be to go to a different school. But, wouldn't it make more sense, for the sake of the parents, students, and teachers involved, to create a public outcry about the misguided policy? Doing so may convince the school administration that perhaps they may have went a bit too far. Everything that is legally permissable is not right. And everything that is wrong can not be settled with a lawsuit. For everything else, there's slashdot...
Rootkits are indeed designed to hide malware from the tools that are designed to show what applications, network connections, etc. are running. The article went on to explain this a bit more clearly, but it may have been a bit subtle. Yes, the purpose of a rootkit is to hide running processes from things like ps, and the windows task manager and such. But, the deal is that many Antivirus products include not only static pattern based detection algorithms that look for malware, but also behavior-based detection algortihms. As the article put it, "Adding a rootkit to a virus increases its chances of avoiding detection because modern antivirus applications do not just look for specific code, but incorporate behavioural analysis to catch worms." Because the malware detection tools (antivirus, rkhunter, etc.) are making system calls to a an operating system that has been compromised by a trojan, the trojan is able to hide the activities of the malware from the detection tools. So, any kind of behavioral analysis is likely to fail, unless it is based on something that the rootkit wasn't clever enough to hide.