I can't find an article link for it, but with the lack of region coding here there have been recent problems where video stores have been parallel importing DVD's before the cinema releases.
Naturally this is just now beginning to cut into ticket sales, which I guess is one of the few down sides of not having region encoding. Not that people have more choice, but that the big screens might start disappearing in some smaller areas.
On the other hand, it might mean they'll start releasing movies immediately when they're available instead of this irritating profit maximising thing when they wait for the right season to come around. Sometimes we get films immediately or even a day before the U.S. because of the time zone differences. Other times we have to wait up to six months!
One of the biggest problems I had at entry level comp-sci was that in anticipation of not having to teach the hard stuff, a lot of the code was in pre-written libraries provided by the university.
I guess with C/C++ if the libraries were written well, they might be able to be cross-compiled. When I was doing it in 1997 we had to learn structured programming on macs running a version Think Pascal that had an irritating habit of locking up whenever you hit the wrong enter key.
A lot of the library was for things like opening up graphical windows, reading mouse positions/button clicks etc. We were writing very simple painting programs, and so on. So the actual coding we needed to do was very simple stuff, but at the same time we were able to make interesting things with it because the hard stuff was already done.
I ended up re-writing much of the library so I could do my coding at home in DOS on a PC. (I was using Borland Turbo Pascal at the time.) I just gave up when it came to the graphical routines and I did those assignments at the university.
Four years later I am a TA, and the first years are coding in java which makes things a lot easier. (Also they threw out the macs and they're all P3's running BSD, now.) As a marker it makes it a million times easier to work out people's code, too, because everyone's code looks relatively similar and I don't have to re-learn a structure every time.
Bulk first year marking usually means taking marks off for mistakes -- not rewarding marks for good ideas. There are exceptions, but typically (from me), high marks go to the assignments that are easiest to read, and that I don't spend more than a few minutes looking at. Specifically because I don't have to.
If the code isn't strightforward to read though, being able to simply go away and run it is really useful.
On the other hand I'm sure they could find a way to get more censorship laws passed, forcing ISP's to block something ambiguous like "services deemed by govco to be inappropriate and unnecessary."
Of course it would only be trackable and enforcable on centralised services like Napster.
===
the web isn't the answer to everything!
on
Online Voting?
·
· Score: 3
I know it's good for a lot of things, and maybe voting on small things can be one of them under certain circumstances. I don't think I'll ever believe that the net (as it is today) is anywhere near an ideal infrastructure for voting in major and important elections.
Even if all the encryption and validity and security and anonymity issues were worked out, there's nothing to guarantee that a neighbour hasn't walked into my home, pointed a gun in my face and ordered me to vote for someone.
The net could play a role in some areas, but allowing people to vote from places where the environment isn't controlled is a bad thing. Allow this and there's no way to guarantee that voters are voting at their own free will.
Nefarious activities of private corporations aside, the government is powerless to use any information obtained without the proper procedures in the case of a cable modem user.
I can see where you're coming from, I'm just not sure how it might hold up against good lawyers. (Although I'm not a lawyer myself.)
If a cable modem user posts a message to a public forum, can it be intercepted and used against that person? I could be missing something but personally I think it could. It's not as if anyone can't see it anyway.
So if a cable modem user posts a message that travels through a public arena (AKA the Internet), can it be intercepted and used against that person? Morally I'd say no, but technically since there's no attempt to indicate that it's not public because the Internet is a public and uncontrolled place.
How is a cable user routing something through the Internet any different from a cable user routing something through a public forum?
I don't think it's a matter of protecting privacy. The 4th Amendment prohibits unreasonable search and seizure in order to prevent government harassment of an individual. I doubt it has anything to do with the airing of dirty laundry -- though it's a nice bonus.
That's fair enough too and I definitely won't disagree with it. I just think that it's giving a false sense of security to people if they rely on legislation to protect their online privacy. I hope that relying on this type of restriction will only be a short term thing.
For one thing, the word 'unreasonable' is very subjective. Whether or not it's unreasonable for govco to monitor communications could easily depend on the context of their situation. The fact that the Internet is essentially a public forum (even though most normal people think of it as a private forum) doesn't help. A few years into the future, the net could be considered public by enough people that it wouldn't seem unusual in the slightest for anyone to read what you're intending to say in private.
Restrictions on cryptography (IMHO) are a much more fundamental right. Cryptography is what lets two individuals build a metaphorical wall around their conversation so they're no longer speaking in an open courtyard. It's also signalling a clear intention that you're intending to communicate privately, so irrespective of what happens in the future it's more likely to be considered 'unreasonable' for govco to start decrypting people's mail (without a warrent).
So far the major governments of the world have done a tremendous job of restricting the use of cryptgraphy so that it's infeasible for anyone to use it without many overheads. It's unrealistic just to tell someone to "use encryption", because the infrastructure for mass encryption has been inhibited in it's development.
What seems to be happening is that govco is still getting its way. People are more worried about governments monitoring their (essentially public) communications than they are about governments restricting the ability for people to have private conversations. As long as people aren't allowed to create their own privacy, any legislation that prevents listening in public could only be very weak.
Take a case where an FBI. agent wants to intercept real-time e-mail generated by a cable-modem user. Under section 551(h) of the Cable Act, the government has to secure a court order based on "clear and convincing evidence" that the target may be involved in a crime.
Maybe I'm almost on my own but doesn't anyone else think that expecting laws and legislation to protect people's privacy is a bit shallow? I don't like people reading my email, etc, but at the same time I think it's silly to expect that simply asking people not to will stop it from happening.
It's not even security by obscurity, it's obscurity by politeness. Even if government agencies can't monitor traffic, what about the rights of ISP's to monitor traffic passing through their system? Since the Internet is an open system, there's also not much guarantee that an ISP won't on-sell information to the government, anyway.
This is why I think Carnivore and various other privacy issues shouldn't be any more than an issue between an ISP and the government. There can be legislation to prevent governments from monitoring communications, but there's no clean way to enforce it. There's also no clean way to stop non-governement entities from intercepting information.
I think the more fundamental issue is government controls on the use and distribution of things like cryptography. Restrictions on this are a major reason why the privacy infrastructure of the net is hopeless right now, which is the reason why people are so concerned about the government monitoring their net-communications.
I think it's more than just slashdotted - it's slashdotted trying to run one of the much larger, badly-designed pages on the web through a cgi script.:)
Almost everyone assumes that Carnivore tracks e-mail - this may not be all. During the hearing suggestions and speculations covered a lot of TCP/IP protocols - from the near admission of the FBI that they have tracked ftp transfers, through the constant mentioning by the FBI pannelists that they look at packets, to the tracking of http requests, streaming media server connections, etc.
I can't deny that the whole thing bothers me in the short term, but every time I think about it I can't help but come to the conclusion that it shouldn't matter what carnivore does.
Fundamentally, people in all parts of the world should be able to do whatever they want with your traffic, and it shouldn't compromise the sender and receiver being able to get what they want. When it comes down to it, something like carnivore shouldn't be any more than an issue between the government and any given ISP that is being coerced into using it.
One of the most amazing things about the net is that it's a completely open system, and at the same time it's reliable. You can send a packet out into the wild and through clever development of end-to-end protocols, have a completely reliable conversation with someone on the other end. The storm in the middle might be dropping half the packets, but the protocols on each end can be designed to detect all this and compensate for it. That's one of the coolest things about the net, IMHO: surviving so well in an archaic system.
If people have to rely on something in the open system (beyond their control) to conform to imposed rules - such as not reading their transmissions - then the people aren't using the net properly. Where one person argues for the right to their privacy, another person can argue for the right to monitor traffic that passes through their system. As soon as rules are imposed on either of these people, it blocks possible directions that the whole thing can expand to in the future.
By trying to block carnivore we're grasping at straws. It's on the same level as security by obscurity: you can make a rule but you can't guarantee that anybody's going to listen to it. No-one foresaw in time that this might happen, and the infrastructure wasn't put in place to ensure we have as much end-to-end privacy as we have end-to-end reliability.
If privacy protocols and encryption don't get standardised and easy to use soon, the net community is going to be more or less crippled, relying on others to turn their back to get privacy. It's security by politeness, and to me that's even dumber than security by obscurity.
I think a lot of it comes down to personality. Different people (obviously, I guess) have different ways of coping and getting problems worked out.
Most people who I know tend to go for the attack coding binge type of approach. That is to come in stacked up with 16 hours worth of the high energy drink of their choice, and just sit there and code.
I've never found this to be very productive for myself because my mind doesn't work instantaneously on demand like that. What I tend to do is look at the problem so I know what I'm dealing with, then just ignore it for a few days. During this time an idea of how to do it just forms in my head, and if I can I'll probably scribble bits of it down on paper as soon as I have the opportunity.
Even then, I usually can't code it immediately. I wake up in the morning knowing what I want to have accomplished, and during that day it's virtually impossible for me to get very far past that point. If I manage to get the whole lot done in half an hour, I still can't get much further than that point. I'll just end up sitting around playing freeciv or something.
To make more progress means waking up again with a new goal in mind, knowing what I want to get done. Sometimes these goals take all day but they're usually not too big to take much longer. If they are, I just stop when I get tired and finishing it becomes the next day's goal.
So I guess my way of attacking the coding block that I get is to break it down into small day-by-day problems. If I can't think how to do something, I'll work on a different part of the project instead. Usually in the beginning I don't have any detailed idea how I'm going to do something, but as the bits build up and it takes some shape, it gets easier to see how to finish it off and what parts (if any) need to be recoded.
It probably wouldn't be much help if your mind works differently, though.
I can't exactly say I like snooping, but I don't think it's unnatural given what the Internet is.
The Internet is just a bunch of networks joined together with archaic unreliable agreements, carrying each other's traffic. It's impossible to tell what's going to happen to data once it's transmitted into the open system, and if people want to monitor the traffic passing through their system I don't think anyone can really complain about it. I do have a problem when governments coerce ISP's into letting them watch, but it even if they didn't it can't be relied upon that the ISP wouldn't simply choose to show the government what was in your email anyway.
The whole point is that by default the net is insecure, and the idea has always been that integrity and security have to be established at each end. To do otherwise is like talking in an open courtyard and assuming everyone will turn their backs, ignore you, and not talk over the top of you.
Right now we have some great end-end protocols for ensuring integrity (and I guess TCP is the most obvious), but it really irritates me that there are so many people out there who don't give a damn about the security part of it. (Probably because of the sudden explosion in people who aren't interested in what goes on behind the send button.)
Has anyone out there ever had any real success in convincing people (not just computer geeks) to use encryption automatically?
I was having a discussion a week or so ago on a mailing list about Carnivore and how to get around it by using encryption. Encrypting email between specific people is relatively easy (if you can convince them to use encryption), but the question came up about how we could easily encrypt list traffic.
The list structure is the common one where there's a central address that recieves mail and churns it out lots of times to everyone who's signed onto the list - but since people can subscribe and unsubscribe dynamically, posters don't know who is on the list at any given time.
The only obvious way I can think of doing this is if everyone encrypted their postings to the central list-server, which would in turn decrypt it and re-encrypt it maybe hundreds or thousands of times over for each person subscribed to the list. This doesn't seem very efficient and I'm not sure if there are any list servers out there that will do this, anyway. (Please yell out if you know of any.)
Does anyone know of any relatively efficient methods of running distributed mailing lists where all the traffic is encrypted? (Preferably something that's not very difficult to set up.)
I'm fully aware that people could just subscribe to the list, but I don't think it's as important because there might still be standard security steps like requiring authorisation before joining.
Having thought about it, it would at least make more sense to warn on hitting the submit button instead of on entering a secure session. It's the detail transmission itself that the user would need to be warned about, not simply entering a secure session.
It should be able to be a flawless transition for websites to go from unencrypted to secure sessions irrespective of whether obviously personal details are being transmitted back. Instead they can't do it cleanly because the browsers pop up automatic dialog boxes when they don't really have to.
Apparently, down-under the government is trying to pass a law that allows the ASIO (the australian version of the CIA) to let some G-men crackers break into any web site that breaks the law in order to shut them down.
Maybe I'm missing something and I don't want to provoke too much, but what is wrong with this?
If a person breaks the law, government agents (usually police) are authrised to break into that person's house to arrest them - usually for good reason. If a business is selling illegal goods that breaks the law, government agents are authorised to use force to sieze the goods so they can't be sold anymore.
If a website breaks the law, what is so exceptional about it that it should be a special case from these other examples?
As I said I'm not trying to provoke, but I think it's the laws that are being broken that should be targeted if someone has a problem, not the fact that government agents can be authorized to use sufficient force to stop it.
Otherwise what can they do? Ask nicely? The only alternative I can think of is to confiscate someone's computer and it sometimes frightens me the way they can actually do that. Of course if they destroy the property without a proper trial to confirm that it was actually breaking the law, that would be something bad.
I agree with you completely about using encryption. I don't really care too much about governments intercepting packets because it's no big secret that almost anyone can do so anyway, just as you say. (What I don't like is when governments tell me I'm not allowed to speak in a language until they know what it is. To me this is a very fundamental invasion of free speech.)
Besides governments though, there's at least one very simple thing that's holding it up.
By default, both Netscape and MSIE warn the user before entering a secure session. I can understand why it might warn when leaving a secure session, but I've never understood why it should warn on entering one. I think most people would be perfectly happy with an icon somewhere on the status bar to say if the session was currently secure.
I suppose this informative warning about encryption can be turned off, but I wonder how many web-media providers don't offer secure sessions by default because of how many potential viewers these popups that they can't switch off will turn away. If at all, they only offer it when collecting obviously personal information from people by which time customers have usually been ensnared into the site already.
===
10 mins and the account's disabled
on
Geek Flavor
·
· Score: 1
Was it locked out or did someone just change the password?:)
===
Re:Ha, only 3 minutes and already
on
Geek Flavor
·
· Score: 1
It came back as soon as someone finished modifying it. This is going to be slightly more interesting when it's settled down a bit. (If it lasts that long.)
It depends on your taste I guess. I've found a lot of shows are much more enjoyable in groups. I'm in a club at uni where we just sit around watching videos every so often (mostly SF and anime). It's much easier to spot the jokes and appreciate them when lots of other people are doing the same.
I haven't seen reboot for a while - last time I watched it on TV it looked relatively boring as far as the story was concerned. Then we watched an episode of it in a group and all the humour was a lot more funny.
..but then I'm recently addicted to Dragonball Z and Slayers - both of which are incredibly cheesy. The animation is.. well.. anime.. but they have some good and humourous writing though, which is why I enjoy watching them.:)
It caught me a bit by surprise because for a long time, we've had legislation that restricts various types of searching on databases - electronic or not. (This is in New Zealand, and I'm sure many other countries also.)
The flagship example is that phone companies aren't allowed to make directories searchable by phone number - by anyone outside the phone company, at least. (Similarly, a phone book can't be indexed by number.) I'm not sure of the specifics, but I think anyone who slapped their own reverse index on someone else's database would also be in trouble.
For the same sorts of privacy reasons, we're not allowed to use one organisations primary key as a primary key in a second organisation's database. Does the U.S. have something like this? It's annoying sometimes that I can't just use someone's IRD number (like a social security number) for a primary key, but there are important ethically based database synchronization reasons for why it's not allowed.
Governments monitoring my electronic communications isn't what bothers me. It's not as if it's hard to do, and it's not as if there aren't lots of other people who are also equipped to monitor anyone's communication if they wanted to.
What irritates me are government restrictions on people's efforts (such as encryption) to avoid being monitored. They're effectively saying that I can't speak in a language until they know what I'm saying.
"We think it's a fair balance between the needs of creditors and the customers," Toysmart attorney Harry Murphy said of the settlement.
The problem I have is that Toysmart and various others (with consent of the courts and the FTC) are selling what they shouldn't technically own. As a customer I would never have said that they can give my details to anyone else without my direct consent - irrespective of whatever conditions they put on it. They had restricted use of it for inside purposes only, and that's exactly what the privacy agreement said.
Creditors made the mistake of investing in Toysmart. They took the risk and it didn't pay off. They shouldn't be compensated by the loss of a third party.
Physical goods verses information shouldn't be treated differently. Can a company being liquidated sell it's employees home computers because they once did some company-related work on them? If not, how can it sell it's customers details simply because it has restricted access to them for use within the company?
From memory, one of the problems is that because the company no longer exists, any agreements it had are invalid.. or something like that. (Can anyone elaborate?) Perhaps model privacy agreements of the future should have a clause in them to specify that this can't happen. Otherwise I'll certainly think hard about giving any details away if the practice of selling databases becomes more common.
I agree - it's very subjective. I wouldn't go so far as to call the billions upon billions of ice particles orbiting the larger planets moons in themselves.
By the same reasoning, Pluto (and Charon) isn't really a planet. If it was discovered today, it would probably be labelled as a double asteroid. (For convenience, too. Think of all the literature that would have to be rewritten these days if another "planet" were discovered. It'd have to be quite a major planet to be categorised as one.)
Also because it was discovered before there was a well-embedded concept of asteroids, and also during a time (1930's) when many people assumed there must be another planet. For this reason it made it's place as one of the "nine" major planets.
This reasoning hasn't exactly reached moons yet. If it's orbiting a planet and bigger than a speck of dust, it gets labelled a moon.
Slashdot Mirror
I can't find an article link for it, but with the lack of region coding here there have been recent problems where video stores have been parallel importing DVD's before the cinema releases.
Naturally this is just now beginning to cut into ticket sales, which I guess is one of the few down sides of not having region encoding. Not that people have more choice, but that the big screens might start disappearing in some smaller areas.
On the other hand, it might mean they'll start releasing movies immediately when they're available instead of this irritating profit maximising thing when they wait for the right season to come around. Sometimes we get films immediately or even a day before the U.S. because of the time zone differences. Other times we have to wait up to six months!
===
One of the biggest problems I had at entry level comp-sci was that in anticipation of not having to teach the hard stuff, a lot of the code was in pre-written libraries provided by the university.
I guess with C/C++ if the libraries were written well, they might be able to be cross-compiled. When I was doing it in 1997 we had to learn structured programming on macs running a version Think Pascal that had an irritating habit of locking up whenever you hit the wrong enter key.
A lot of the library was for things like opening up graphical windows, reading mouse positions/button clicks etc. We were writing very simple painting programs, and so on. So the actual coding we needed to do was very simple stuff, but at the same time we were able to make interesting things with it because the hard stuff was already done.
I ended up re-writing much of the library so I could do my coding at home in DOS on a PC. (I was using Borland Turbo Pascal at the time.) I just gave up when it came to the graphical routines and I did those assignments at the university.
Four years later I am a TA, and the first years are coding in java which makes things a lot easier. (Also they threw out the macs and they're all P3's running BSD, now.) As a marker it makes it a million times easier to work out people's code, too, because everyone's code looks relatively similar and I don't have to re-learn a structure every time.
Bulk first year marking usually means taking marks off for mistakes -- not rewarding marks for good ideas. There are exceptions, but typically (from me), high marks go to the assignments that are easiest to read, and that I don't spend more than a few minutes looking at. Specifically because I don't have to.
If the code isn't strightforward to read though, being able to simply go away and run it is really useful.
===
Technically impossible? Sure.
On the other hand I'm sure they could find a way to get more censorship laws passed, forcing ISP's to block something ambiguous like "services deemed by govco to be inappropriate and unnecessary."
Of course it would only be trackable and enforcable on centralised services like Napster.
===
I know it's good for a lot of things, and maybe voting on small things can be one of them under certain circumstances. I don't think I'll ever believe that the net (as it is today) is anywhere near an ideal infrastructure for voting in major and important elections.
Even if all the encryption and validity and security and anonymity issues were worked out, there's nothing to guarantee that a neighbour hasn't walked into my home, pointed a gun in my face and ordered me to vote for someone.
The net could play a role in some areas, but allowing people to vote from places where the environment isn't controlled is a bad thing. Allow this and there's no way to guarantee that voters are voting at their own free will.
===
I can see where you're coming from, I'm just not sure how it might hold up against good lawyers. (Although I'm not a lawyer myself.)
If a cable modem user posts a message to a public forum, can it be intercepted and used against that person? I could be missing something but personally I think it could. It's not as if anyone can't see it anyway.
So if a cable modem user posts a message that travels through a public arena (AKA the Internet), can it be intercepted and used against that person? Morally I'd say no, but technically since there's no attempt to indicate that it's not public because the Internet is a public and uncontrolled place.
How is a cable user routing something through the Internet any different from a cable user routing something through a public forum?
===
That's fair enough too and I definitely won't disagree with it. I just think that it's giving a false sense of security to people if they rely on legislation to protect their online privacy. I hope that relying on this type of restriction will only be a short term thing.
For one thing, the word 'unreasonable' is very subjective. Whether or not it's unreasonable for govco to monitor communications could easily depend on the context of their situation. The fact that the Internet is essentially a public forum (even though most normal people think of it as a private forum) doesn't help. A few years into the future, the net could be considered public by enough people that it wouldn't seem unusual in the slightest for anyone to read what you're intending to say in private.
Restrictions on cryptography (IMHO) are a much more fundamental right. Cryptography is what lets two individuals build a metaphorical wall around their conversation so they're no longer speaking in an open courtyard. It's also signalling a clear intention that you're intending to communicate privately, so irrespective of what happens in the future it's more likely to be considered 'unreasonable' for govco to start decrypting people's mail (without a warrent).
So far the major governments of the world have done a tremendous job of restricting the use of cryptgraphy so that it's infeasible for anyone to use it without many overheads. It's unrealistic just to tell someone to "use encryption", because the infrastructure for mass encryption has been inhibited in it's development.
What seems to be happening is that govco is still getting its way. People are more worried about governments monitoring their (essentially public) communications than they are about governments restricting the ability for people to have private conversations. As long as people aren't allowed to create their own privacy, any legislation that prevents listening in public could only be very weak.
===
Maybe I'm almost on my own but doesn't anyone else think that expecting laws and legislation to protect people's privacy is a bit shallow? I don't like people reading my email, etc, but at the same time I think it's silly to expect that simply asking people not to will stop it from happening.
It's not even security by obscurity, it's obscurity by politeness. Even if government agencies can't monitor traffic, what about the rights of ISP's to monitor traffic passing through their system? Since the Internet is an open system, there's also not much guarantee that an ISP won't on-sell information to the government, anyway.
This is why I think Carnivore and various other privacy issues shouldn't be any more than an issue between an ISP and the government. There can be legislation to prevent governments from monitoring communications, but there's no clean way to enforce it. There's also no clean way to stop non-governement entities from intercepting information.
I think the more fundamental issue is government controls on the use and distribution of things like cryptography. Restrictions on this are a major reason why the privacy infrastructure of the net is hopeless right now, which is the reason why people are so concerned about the government monitoring their net-communications.
===
I think it's more than just slashdotted - it's slashdotted trying to run one of the much larger, badly-designed pages on the web through a cgi script. :)
===
I can't deny that the whole thing bothers me in the short term, but every time I think about it I can't help but come to the conclusion that it shouldn't matter what carnivore does.
Fundamentally, people in all parts of the world should be able to do whatever they want with your traffic, and it shouldn't compromise the sender and receiver being able to get what they want. When it comes down to it, something like carnivore shouldn't be any more than an issue between the government and any given ISP that is being coerced into using it.
One of the most amazing things about the net is that it's a completely open system, and at the same time it's reliable. You can send a packet out into the wild and through clever development of end-to-end protocols, have a completely reliable conversation with someone on the other end. The storm in the middle might be dropping half the packets, but the protocols on each end can be designed to detect all this and compensate for it. That's one of the coolest things about the net, IMHO: surviving so well in an archaic system.
If people have to rely on something in the open system (beyond their control) to conform to imposed rules - such as not reading their transmissions - then the people aren't using the net properly. Where one person argues for the right to their privacy, another person can argue for the right to monitor traffic that passes through their system. As soon as rules are imposed on either of these people, it blocks possible directions that the whole thing can expand to in the future.
By trying to block carnivore we're grasping at straws. It's on the same level as security by obscurity: you can make a rule but you can't guarantee that anybody's going to listen to it. No-one foresaw in time that this might happen, and the infrastructure wasn't put in place to ensure we have as much end-to-end privacy as we have end-to-end reliability.
If privacy protocols and encryption don't get standardised and easy to use soon, the net community is going to be more or less crippled, relying on others to turn their back to get privacy. It's security by politeness, and to me that's even dumber than security by obscurity.
===
I think a lot of it comes down to personality. Different people (obviously, I guess) have different ways of coping and getting problems worked out.
Most people who I know tend to go for the attack coding binge type of approach. That is to come in stacked up with 16 hours worth of the high energy drink of their choice, and just sit there and code.
I've never found this to be very productive for myself because my mind doesn't work instantaneously on demand like that. What I tend to do is look at the problem so I know what I'm dealing with, then just ignore it for a few days. During this time an idea of how to do it just forms in my head, and if I can I'll probably scribble bits of it down on paper as soon as I have the opportunity.
Even then, I usually can't code it immediately. I wake up in the morning knowing what I want to have accomplished, and during that day it's virtually impossible for me to get very far past that point. If I manage to get the whole lot done in half an hour, I still can't get much further than that point. I'll just end up sitting around playing freeciv or something.
To make more progress means waking up again with a new goal in mind, knowing what I want to get done. Sometimes these goals take all day but they're usually not too big to take much longer. If they are, I just stop when I get tired and finishing it becomes the next day's goal.
So I guess my way of attacking the coding block that I get is to break it down into small day-by-day problems. If I can't think how to do something, I'll work on a different part of the project instead. Usually in the beginning I don't have any detailed idea how I'm going to do something, but as the bits build up and it takes some shape, it gets easier to see how to finish it off and what parts (if any) need to be recoded.
It probably wouldn't be much help if your mind works differently, though.
===
I can't exactly say I like snooping, but I don't think it's unnatural given what the Internet is.
The Internet is just a bunch of networks joined together with archaic unreliable agreements, carrying each other's traffic. It's impossible to tell what's going to happen to data once it's transmitted into the open system, and if people want to monitor the traffic passing through their system I don't think anyone can really complain about it. I do have a problem when governments coerce ISP's into letting them watch, but it even if they didn't it can't be relied upon that the ISP wouldn't simply choose to show the government what was in your email anyway.
The whole point is that by default the net is insecure, and the idea has always been that integrity and security have to be established at each end. To do otherwise is like talking in an open courtyard and assuming everyone will turn their backs, ignore you, and not talk over the top of you.
Right now we have some great end-end protocols for ensuring integrity (and I guess TCP is the most obvious), but it really irritates me that there are so many people out there who don't give a damn about the security part of it. (Probably because of the sudden explosion in people who aren't interested in what goes on behind the send button.)
Has anyone out there ever had any real success in convincing people (not just computer geeks) to use encryption automatically?
===
I was having a discussion a week or so ago on a mailing list about Carnivore and how to get around it by using encryption. Encrypting email between specific people is relatively easy (if you can convince them to use encryption), but the question came up about how we could easily encrypt list traffic.
The list structure is the common one where there's a central address that recieves mail and churns it out lots of times to everyone who's signed onto the list - but since people can subscribe and unsubscribe dynamically, posters don't know who is on the list at any given time.
The only obvious way I can think of doing this is if everyone encrypted their postings to the central list-server, which would in turn decrypt it and re-encrypt it maybe hundreds or thousands of times over for each person subscribed to the list. This doesn't seem very efficient and I'm not sure if there are any list servers out there that will do this, anyway. (Please yell out if you know of any.)
Does anyone know of any relatively efficient methods of running distributed mailing lists where all the traffic is encrypted? (Preferably something that's not very difficult to set up.)
I'm fully aware that people could just subscribe to the list, but I don't think it's as important because there might still be standard security steps like requiring authorisation before joining.
===
Not that I'm aiming for free karma or anything, but here's the Reuters story on Yahoo. :)
===
There are heaps of open source clones out there that connect to the napster servers. Try a search on freshmeat.
===
I see your point then. (As in training people.)
Having thought about it, it would at least make more sense to warn on hitting the submit button instead of on entering a secure session. It's the detail transmission itself that the user would need to be warned about, not simply entering a secure session.
It should be able to be a flawless transition for websites to go from unencrypted to secure sessions irrespective of whether obviously personal details are being transmitted back. Instead they can't do it cleanly because the browsers pop up automatic dialog boxes when they don't really have to.
===
Maybe I'm missing something and I don't want to provoke too much, but what is wrong with this?
If a person breaks the law, government agents (usually police) are authrised to break into that person's house to arrest them - usually for good reason. If a business is selling illegal goods that breaks the law, government agents are authorised to use force to sieze the goods so they can't be sold anymore.
If a website breaks the law, what is so exceptional about it that it should be a special case from these other examples?
As I said I'm not trying to provoke, but I think it's the laws that are being broken that should be targeted if someone has a problem, not the fact that government agents can be authorized to use sufficient force to stop it.
Otherwise what can they do? Ask nicely? The only alternative I can think of is to confiscate someone's computer and it sometimes frightens me the way they can actually do that. Of course if they destroy the property without a proper trial to confirm that it was actually breaking the law, that would be something bad.
===
I agree with you completely about using encryption. I don't really care too much about governments intercepting packets because it's no big secret that almost anyone can do so anyway, just as you say. (What I don't like is when governments tell me I'm not allowed to speak in a language until they know what it is. To me this is a very fundamental invasion of free speech.)
Besides governments though, there's at least one very simple thing that's holding it up.
By default, both Netscape and MSIE warn the user before entering a secure session. I can understand why it might warn when leaving a secure session, but I've never understood why it should warn on entering one. I think most people would be perfectly happy with an icon somewhere on the status bar to say if the session was currently secure.
I suppose this informative warning about encryption can be turned off, but I wonder how many web-media providers don't offer secure sessions by default because of how many potential viewers these popups that they can't switch off will turn away. If at all, they only offer it when collecting obviously personal information from people by which time customers have usually been ensnared into the site already.
===
Was it locked out or did someone just change the password? :)
===
It came back as soon as someone finished modifying it. This is going to be slightly more interesting when it's settled down a bit. (If it lasts that long.)
actually.. probably it won't. :)
===
It depends on your taste I guess. I've found a lot of shows are much more enjoyable in groups. I'm in a club at uni where we just sit around watching videos every so often (mostly SF and anime). It's much easier to spot the jokes and appreciate them when lots of other people are doing the same.
I haven't seen reboot for a while - last time I watched it on TV it looked relatively boring as far as the story was concerned. Then we watched an episode of it in a group and all the humour was a lot more funny.
===
Doesn't the US have laws about reverse lookup?
It caught me a bit by surprise because for a long time, we've had legislation that restricts various types of searching on databases - electronic or not. (This is in New Zealand, and I'm sure many other countries also.)
The flagship example is that phone companies aren't allowed to make directories searchable by phone number - by anyone outside the phone company, at least. (Similarly, a phone book can't be indexed by number.) I'm not sure of the specifics, but I think anyone who slapped their own reverse index on someone else's database would also be in trouble.
For the same sorts of privacy reasons, we're not allowed to use one organisations primary key as a primary key in a second organisation's database. Does the U.S. have something like this? It's annoying sometimes that I can't just use someone's IRD number (like a social security number) for a primary key, but there are important ethically based database synchronization reasons for why it's not allowed.
===
Governments monitoring my electronic communications isn't what bothers me. It's not as if it's hard to do, and it's not as if there aren't lots of other people who are also equipped to monitor anyone's communication if they wanted to.
What irritates me are government restrictions on people's efforts (such as encryption) to avoid being monitored. They're effectively saying that I can't speak in a language until they know what I'm saying.
===
This is where I disagree the most.
From CNNfn:
The problem I have is that Toysmart and various others (with consent of the courts and the FTC) are selling what they shouldn't technically own. As a customer I would never have said that they can give my details to anyone else without my direct consent - irrespective of whatever conditions they put on it. They had restricted use of it for inside purposes only, and that's exactly what the privacy agreement said.
Creditors made the mistake of investing in Toysmart. They took the risk and it didn't pay off. They shouldn't be compensated by the loss of a third party.
Physical goods verses information shouldn't be treated differently. Can a company being liquidated sell it's employees home computers because they once did some company-related work on them? If not, how can it sell it's customers details simply because it has restricted access to them for use within the company?
From memory, one of the problems is that because the company no longer exists, any agreements it had are invalid.. or something like that. (Can anyone elaborate?) Perhaps model privacy agreements of the future should have a clause in them to specify that this can't happen. Otherwise I'll certainly think hard about giving any details away if the practice of selling databases becomes more common.
===
I agree - it's very subjective. I wouldn't go so far as to call the billions upon billions of ice particles orbiting the larger planets moons in themselves.
By the same reasoning, Pluto (and Charon) isn't really a planet. If it was discovered today, it would probably be labelled as a double asteroid. (For convenience, too. Think of all the literature that would have to be rewritten these days if another "planet" were discovered. It'd have to be quite a major planet to be categorised as one.)
Also because it was discovered before there was a well-embedded concept of asteroids, and also during a time (1930's) when many people assumed there must be another planet. For this reason it made it's place as one of the "nine" major planets.
This reasoning hasn't exactly reached moons yet. If it's orbiting a planet and bigger than a speck of dust, it gets labelled a moon.
===
What irritates me most about that letter is that it looks more like a typical disgruntled slashdot user blowing off steam.
The whole thing could be summarized in about one paragraph, but instead it just repeats the same old mozilla bashing over and over and over.
There was nothing actually useful or constructive in the letter at all. If I was involved in Mozilla development I wouldn't bother reading it.
===