Whatever. You're only renting everything anyway. You only think you own it. Licenses only piss you off because you own it in recurring payments. Not much different from a concert seat.
That's right, it won't work. You have to vote with your feet, or in this case, your electronic feet. If you are in charge of a DNS server, push to have it updated to block their slimy wildcarding. So what if Verisign changes something to get around the latest patch? BIND and friends will update again. Who is more likely to get tired of this game faster, the suits who have to go out to a three hour lunch and don't want to hear about how crappy their latest decision was, or the out of work hacker with a terminal in his face and caffeine flowing to the tips of his coding fingers? I worry that this will lead to a fractured mess of DNS versions and someone will come along with a worm to take advantage of coding mistakes made in a hurry to counter each move. That could be a good thing in that it would force everyone to bump up to the latest Verisign blocking version.
Remember, it's a free market, so Verisign can do as they will within the limits of the law. They'll just have to deal with more work now to counter each move we make. Hey, on the bright side, it might mean more jobs for programmers and admins if they decide to continue with this. Good luck Verisign!
My install complained about header and library mismatches. Since I had to do it, I'm just reminding folks to do contrib/findssl.sh in their openssh distribution to make sure that things are what they seem if they run into this problem. It's a good quick troubleshoot. From my install, it looks like I have a lot of stuff laying around that should no longer be there, but which the previous version unfortunately relies on. Time to mess with LD_LIBRARY_PATH and friends.
chewbacca:/home/src/openssh-3.7p1# contrib/findssl.sh Searching for OpenSSL header files. which: no locate in (/usr/local/src/mh/bin:/usr/local/sbin:/sbin:/usr/ sbin:/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin:/opt/bin:/o pt/teTeX/bin:/opt/kde2/bin:/op t/redmondlinux/bin :/usr/local/samba/bin:/usr/local/rrdtool-1.0.39/bin) 0x0090700fL/home/src/openssl-0.9.7/crypto/opensslv.h 0x00907 00fL/home/src/openssl-0.9.7/include/openssl/opensslv.h 0x0090702fL/home/src/openssl-0.9.7b/crypto/opensslv.h 0x0090 702fL/home/src/openssl-0.9.7b/include/openssl/opensslv. h 0x0090702fL/usr/local/ssl/include/openssl/opensslv.h 0x00906 00fL/usr/include/openssl/opensslv.h
Searching for OpenSSL shared library files. which: no locate in (/usr/local/src/mh/bin:/usr/local/sbin:/sbin:/usr/ sbin:/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin:/opt/bin:/o pt/teTeX/bin:/opt/kde2/bin:/op t/redmondlinux/bin :/usr/local/samba/bin:/usr/local/rrdtool-1.0.39/bin) 0x0090702fL/home/src/openssl-0.9.7b/libcrypto.so.0.9.7 0x009 0702fL/home/src/openssl-0.9.7b/libcrypto.so.0 0x0090702 fL/home/src/openssl-0.9.7b/libcrypto.so 0x0090605fL/usr/local/ssl/lib/libcrypto.so.0.9.6 0x0090702fL/usr/local/ssl/lib/libcrypto.so.0 0x0090702fL/usr/local/ssl/lib/libcrypto.so 0x0090702fL/usr/local/ssl/lib/libcrypto.so.0.9.7 0x0090600fL/usr/lib/libcrypto.so.0 0x0090600fL/usr/lib/libcrypto.so.0.9.6 0x0090600fL/usr/lib/libcrypto.so
Searching for OpenSSL static library files. which: no locate in (/usr/local/src/mh/bin:/usr/local/sbin:/sbin:/usr/ sbin:/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin:/opt/bin:/o pt/teTeX/bin:/opt/kde2/bin:/op t/redmondlinux/bin :/usr/local/samba/bin:/usr/local/rrdtool-1.0.39/bin) 0x0090700fL/home/src/openssl-0.9.7/libcrypto.a 0x0090702fL/home/src/openssl-0.9.7b/libcrypto.a 0x0090702fL/usr/local/ssl/lib/libcrypto.a 0x0090600fL/usr/lib/libcrypto.a chewbacca:/home/src/openssh- 3.7p1#
Speaking of which, it looks like others have joined the bandwagon. Take a look at http://www.catse.cx. This is not as heinous as.cx is perfectly right in administering their own domain and this really is more along the lines of a service, but it's still pretty gray. Verisign's move is just plain slimy.
(To review, the idea for our compulsory licensing system is this: we tax Internet connections and CD/DVD burners a small amount and send the money to the artists. In exchange, they let us download their songs and movies off the Internet. The problem is how to decide which artists should get the money without losing privacy, accuracy, or security.)
since the whole argument from artists right now is that they are not seeing any of the tax money being attached to CD burners and CD-Rs.
Thanks for the warning. I'll install right now since that sounds completely secure and stable. And I'm sure lsh doesn't come with its own set of problems to be exploited in the future.
OpenSSH has been very good to me, so I'm just going to patch it all up to 3.7pl1 and move on, just like I do with MS stuff and any other software made by us slightly evolved apes. I don't need to go and load some buggier crap on my network and learn how to apply bandaids over a new system just because it is the spotlighted darling of the moment for GNU.
And they say that in some Southern US English dialects where the words are more slurred together, there are tetrathongs. From reading a few Googled articles, tripthongs seem to be more common in Asia languages, and less common in Latin.
Taxing VoIP is a bad precedent. VoIP is just another set of internet protocols and that gives everyone the foot in the door they need to tax email, https business transactions, etc.
Chances are that behind most firewalls you are not going to encounter NAT'd and non-NAT'd systems that are going to mix. Sure as hell I'm not loading this crap on the non-NAT'd systems on a DMZ. Non-NAT'd systems anywhere else is just poor planning. So all those network will be islands where this stuff is unusable. Don't expect home users to figure out that they need a non-NAT system in order to get this to work; they think NAT is something you use bugspray on.
In fact, going with servers is exactly what is going to give us quality and quick-install access to the service. I'm still looking at services like Vonage that provide a box and a lower monthly cost. I don't want to have to rely on some bozo down the street to help my call go through. I don't think this is the answer.
Sorry, what does the DMCA have to do with stopping people from trading music files from commercial CDs that they have not paid for? Blame yourself for being a friggin thief.
Not to mention that the space around our sun is already pretty damn radioactive to begin with, so I think you are correct in your estimate of that caution being exaggerated. There be dragons.
Why have the user remember a password? I use a Safeword Silver 2000 token fob to log into the company. I don't know what the next hex password is going to be, and becuase it changes every time I use it, only the fob and the server know what it is. If I lose it, who cares, it gets disabled and replaced. This, or course, requires that applications know to ask the Safeword Server for authentication, so it is not available everywhere, but can be cross-platform.
Rainbow Tech makes these for their ikey and Sentinel products. You can use these for authentication as well as storing files. The problem remains that they are not 100% compatible with what's out there. If you don't have a screen to see what's on the fob, you then require an LCD screen. At that point you're talking about a PDA. I understand RSA Security has modules for PDAs
I'd rather get the $12.99 CD with the case and liner. I rip it anyway for my Audiotron, but I carry the CD in the car since I can't play MP3s there yet. I fully expect the CD to die out in favor of digital-onlyu versions, with DVDs eventually to follow once 1TB disks become common in every computer.
One day soon you will be able to download music for $0.00 because the content will only be worth $0.00. Artists need to eat, too, and no matter if they are already rich, you are not entitled to that which you have not paid for if it has a price tag.
If the free market brings the price down to $7.99, so be it, but don't insult the artists you are clamoring for by saying their work is worth $0.00. If it is only worth $0.00 why are you wasting your precious time on it? Go experience something worth more.
I begin to wonder who would have an interest in bringing down an infrastructure like email. Maybe not terrorists, but another crop of anarchists. Still, it is almost ridiculous that we put such an economic importance on something so unsecure. Everything else has to be locked down by all sorts of wrappers and authentication, but this we find acceptable. Time to lock the doors before all the horses get out.
a) trusted CAs to take care of certificate revokations on individuals in a timely fashion, and
b) teaching people to revoke CA certificates in a timely fashion and learning about that in the first place.
I think "a" is more likely to happen than "b" in the near future. Trusting "b" might be better left to the ISP. If there is a way for the ISPs to filter mail based on cert content, then this can work well. Do we know whether "a" is true?
I think bigger spammers are more likely to be legislated away once the smaller once have faded due to technical/economic combinations. Because of their size, their operations are less likely to be mobile, easier to find, easier to audit, and thus stop.
I've noticed that oh so many of the products that were once free have begun charging for Pro versions of their software. I foresee a time where we will have GAIM and GAIM-Pro with GAIM still being open source, but GAIM-Pro being enabled by a for-pay plugin with closed source. The only question is what type of pay model would be used to cover development...a fund for supporting GAIM developers, a licensing fund, a pizza slush fund, a pizza and slushies fund?
Slashdot Mirror
Whatever. You're only renting everything anyway. You only think you own it. Licenses only piss you off because you own it in recurring payments. Not much different from a concert seat.
That's right, it won't work. You have to vote with your feet, or in this case, your electronic feet. If you are in charge of a DNS server, push to have it updated to block their slimy wildcarding. So what if Verisign changes something to get around the latest patch? BIND and friends will update again. Who is more likely to get tired of this game faster, the suits who have to go out to a three hour lunch and don't want to hear about how crappy their latest decision was, or the out of work hacker with a terminal in his face and caffeine flowing to the tips of his coding fingers? I worry that this will lead to a fractured mess of DNS versions and someone will come along with a worm to take advantage of coding mistakes made in a hurry to counter each move. That could be a good thing in that it would force everyone to bump up to the latest Verisign blocking version.
Remember, it's a free market, so Verisign can do as they will within the limits of the law. They'll just have to deal with more work now to counter each move we make. Hey, on the bright side, it might mean more jobs for programmers and admins if they decide to continue with this. Good luck Verisign!
My install complained about header and library mismatches. Since I had to do it, I'm just reminding folks to do contrib/findssl.sh in their openssh distribution to make sure that things are what they seem if they run into this problem. It's a good quick troubleshoot. From my install, it looks like I have a lot of stuff laying around that should no longer be there, but which the previous version unfortunately relies on. Time to mess with LD_LIBRARY_PATH and friends.
/ sbin:/bin: /usr/bin:/usr/local/bin:/usr/X11R6/bin:/opt/bin:/o pt/teTeX/bin:/opt/kde2/bin:/opn :/usr/local/samba/bin:/usr/local /rrdtool-1.0.39/bin) /home/src/openssl-0.9.7/crypto/opensslv.h7 00fL /home/src/openssl-0.9.7/include/openssl/opensslv.h /home/src/openssl-0.9.7b/crypto/opensslv.h0 702fL /home/src/openssl-0.9.7b/include/openssl/opensslv. h /usr/local/ssl/include/openssl/opensslv.h6 00fL /usr/include/openssl/opensslv.h
/ sbin:/bin: /usr/bin:/usr/local/bin:/usr/X11R6/bin:/opt/bin:/o pt/teTeX/bin:/opt/kde2/bin:/opn :/usr/local/samba/bin:/usr/local /rrdtool-1.0.39/bin) /home/src/openssl-0.9.7b/libcrypto.so.0.9.79 0702fL /home/src/openssl-0.9.7b/libcrypto.so.02 fL /home/src/openssl-0.9.7b/libcrypto.soL /usr/local/ssl/lib/libcrypto.so.0.9.6L /usr/local/ssl/lib/libcrypto.so.0 /usr/local/ssl/lib/libcrypto.so /usr/local/ssl/lib/libcrypto.so.0.9.7L /usr/lib/libcrypto.so.0 /usr/lib/libcrypto.so.0.9.6 /usr/lib/libcrypto.so
/ sbin:/bin: /usr/bin:/usr/local/bin:/usr/X11R6/bin:/opt/bin:/o pt/teTeX/bin:/opt/kde2/bin:/opn :/usr/local/samba/bin:/usr/local /rrdtool-1.0.39/bin) /home/src/openssl-0.9.7/libcrypto.a /home/src/openssl-0.9.7b/libcrypto.a /usr/local/ssl/lib/libcrypto.a /usr/lib/libcrypto.a- 3.7p1#
chewbacca:/home/src/openssh-3.7p1# contrib/findssl.sh
Searching for OpenSSL header files.
which: no locate in (/usr/local/src/mh/bin:/usr/local/sbin:/sbin:/usr
t/redmondlinux/bi
0x0090700fL
0x0090
0x0090702fL
0x009
0x0090702fL
0x0090
Searching for OpenSSL shared library files.
which: no locate in (/usr/local/src/mh/bin:/usr/local/sbin:/sbin:/usr
t/redmondlinux/bi
0x0090702fL
0x00
0x009070
0x0090605f
0x0090702f
0x0090702fL
0x0090702fL
0x0090600f
0x0090600fL
0x0090600fL
Searching for OpenSSL static library files.
which: no locate in (/usr/local/src/mh/bin:/usr/local/sbin:/sbin:/usr
t/redmondlinux/bi
0x0090700fL
0x0090702fL
0x0090702fL
0x0090600fL
chewbacca:/home/src/openssh
Speaking of which, it looks like others have joined the bandwagon. Take a look at http://www.catse.cx. This is not as heinous as .cx is perfectly right in administering their own domain and this really is more along the lines of a service, but it's still pretty gray. Verisign's move is just plain slimy.
since the whole argument from artists right now is that they are not seeing any of the tax money being attached to CD burners and CD-Rs.
Thanks for the warning. I'll install right now since that sounds completely secure and stable. And I'm sure lsh doesn't come with its own set of problems to be exploited in the future.
e /openssh-3.7p1.tar.gz needs the updated OpenSSL http://www.openssl.org/source/openssl-0.9.7b.tar.g z
OpenSSH has been very good to me, so I'm just going to patch it all up to 3.7pl1 and move on, just like I do with MS stuff and any other software made by us slightly evolved apes. I don't need to go and load some buggier crap on my network and learn how to apply bandaids over a new system just because it is the spotlighted darling of the moment for GNU.
Don't forget that compiling your own OpenSSH ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portabl
And they say that in some Southern US English dialects where the words are more slurred together, there are tetrathongs. From reading a few Googled articles, tripthongs seem to be more common in Asia languages, and less common in Latin.
Taxing VoIP is a bad precedent. VoIP is just another set of internet protocols and that gives everyone the foot in the door they need to tax email, https business transactions, etc.
Chances are that behind most firewalls you are not going to encounter NAT'd and non-NAT'd systems that are going to mix. Sure as hell I'm not loading this crap on the non-NAT'd systems on a DMZ. Non-NAT'd systems anywhere else is just poor planning. So all those network will be islands where this stuff is unusable. Don't expect home users to figure out that they need a non-NAT system in order to get this to work; they think NAT is something you use bugspray on.
In fact, going with servers is exactly what is going to give us quality and quick-install access to the service. I'm still looking at services like Vonage that provide a box and a lower monthly cost. I don't want to have to rely on some bozo down the street to help my call go through. I don't think this is the answer.
Sorry, what does the DMCA have to do with stopping people from trading music files from commercial CDs that they have not paid for? Blame yourself for being a friggin thief.
Give it a couple of months until Ad-Aware is updated and then install and scan.
Not to mention that the space around our sun is already pretty damn radioactive to begin with, so I think you are correct in your estimate of that caution being exaggerated. There be dragons.
China is about to break your little theory next month.
No, you said:
which pretty much sounds like you admire those words regardless of what you think of her. Blech.
Why have the user remember a password? I use a Safeword Silver 2000 token fob to log into the company. I don't know what the next hex password is going to be, and becuase it changes every time I use it, only the fob and the server know what it is. If I lose it, who cares, it gets disabled and replaced. This, or course, requires that applications know to ask the Safeword Server for authentication, so it is not available everywhere, but can be cross-platform.
Rainbow Tech makes these for their ikey and Sentinel products. You can use these for authentication as well as storing files. The problem remains that they are not 100% compatible with what's out there. If you don't have a screen to see what's on the fob, you then require an LCD screen. At that point you're talking about a PDA. I understand RSA Security has modules for PDAs
And you consider Courtney Love someone to idolize for her quotes? Think about that for a bit.
I'd rather get the $12.99 CD with the case and liner. I rip it anyway for my Audiotron, but I carry the CD in the car since I can't play MP3s there yet. I fully expect the CD to die out in favor of digital-onlyu versions, with DVDs eventually to follow once 1TB disks become common in every computer.
So the artists are better off with $0 than $1? How stupid are you?
One day soon you will be able to download music for $0.00 because the content will only be worth $0.00. Artists need to eat, too, and no matter if they are already rich, you are not entitled to that which you have not paid for if it has a price tag.
If the free market brings the price down to $7.99, so be it, but don't insult the artists you are clamoring for by saying their work is worth $0.00. If it is only worth $0.00 why are you wasting your precious time on it? Go experience something worth more.
I begin to wonder who would have an interest in bringing down an infrastructure like email. Maybe not terrorists, but another crop of anarchists. Still, it is almost ridiculous that we put such an economic importance on something so unsecure. Everything else has to be locked down by all sorts of wrappers and authentication, but this we find acceptable. Time to lock the doors before all the horses get out.
This involves:
a) trusted CAs to take care of certificate revokations on individuals in a timely fashion, and
b) teaching people to revoke CA certificates in a timely fashion and learning about that in the first place.
I think "a" is more likely to happen than "b" in the near future. Trusting "b" might be better left to the ISP. If there is a way for the ISPs to filter mail based on cert content, then this can work well. Do we know whether "a" is true?
I think bigger spammers are more likely to be legislated away once the smaller once have faded due to technical/economic combinations. Because of their size, their operations are less likely to be mobile, easier to find, easier to audit, and thus stop.
And the URL for that is http://www.thawte.com/html/COMMUNITY/.
Get yourself a free Thawte community cert. This doesn't scale for large organizations, but for a very small org it can work.
I've noticed that oh so many of the products that were once free have begun charging for Pro versions of their software. I foresee a time where we will have GAIM and GAIM-Pro with GAIM still being open source, but GAIM-Pro being enabled by a for-pay plugin with closed source. The only question is what type of pay model would be used to cover development...a fund for supporting GAIM developers, a licensing fund, a pizza slush fund, a pizza and slushies fund?