Who decides when a package is "unmaintained" or "orphaned?"
For example, in January 1998 I converted Columbia MM (the best mailer I have ever used) to an autoconf framework for improved portability. I wrote to the MM maintainers and asked for permission to release my modified source, but was told only that they would be happy to incorporate my patches. I submitted my patches, but no new release has been issued.
I do not mean to denigrate the maintainers. It is extremely difficult to hold down a full-time job and maintain an open-source project on your personal time. I hold no animosity for anyone who cannot give 100% to both jobs.
But it still leaves me in a quandary. The official Columbia MM maintainers are still alive, are reachable, are responsive, but they don't seem to do anything. I would love to release my source, but cannot.
If anything, this has persuaded me, more than anything else, about the fundamental importance of the the right to fork that the GPL/BSD licenses guarantee.
First, there's a pretty grievous error in the inetd config line he gives which makes the server not run. I can't remember the entire line but remove the duplicate 'cvs' text.
That's interesting. What operating system are you running?
Here's the line that I think you're talking about:
The inetd implementations I'm familiar with would require both "/usr/local/bin/cvs" and "cvs" in that line. The first tells inetd where to find the binary, and the second is the first argument in the command-line invocation. If there are inetds floating around which choke on that line, you should definitely report it as a documentation bug.
Second, although I know it doesn't fit in with the theme of the book, there isn't much in the way of setting up CVS for commercial use. In my case, I want to have CVS controlling both some OS and commercial code. Setting up SSH access, multiple CVS servers, access control, etc are not covered very well, if at all.
I will venture a guess that Karl didn't cover those topics because he didn't think it necessary.:-) Setting up SSH access is trivial -- as long as someone has a shell account on the CVS server, they should be able to run "cvs -d myuserid@cvshost:/path/to/repository" to access the remote repository. It did not even occur to me that this needed to be documented.
If I were setting up a CVS server with projects that needed different levels of access control, I would probably put them into completely different repositories. Put your free code into/path/to/open and your closed code into/path/to/closed. Take away world-read permission and put them under ownership by different groups. Then, in order to view the closed repository, you must be in the closed user group. But you raise a good point that this would be a useful cookbook-style example.
Disclaimer: I was one of the technical reviewers for the book and so am not objective about its quality.:-)
I tend to like the disgruntled ex-boyfriend theory. The T&A photos are part of it. Would Rodona keep scanned GIFs of her own cheesecake pictures on her disk? Possibly, but unlikely. However, she or her boyfriend would certainly have the developed pictures sitting around. That's why someone with intimate access seems more believable.
But for all that, I didn't find the "hacking" story all that implausible, details or no details.
there are 95 icq logs, spanning over 2.5 megs, all of text. This is *51000* lines of text!
Not to mention a file of 200,000 addresses of "confirmed anti spammers" that should never be mailed. Since I found my own address on that list, I have reason to believe that they weren't just randomly generated.
To me this means that rather than supporting "gay marriage", we should oppose "straight marriage".
I could respect this point of view if the Libertarian Party were actively involved in an effort to dismantle or abolish marriage laws. To the best of my knowledge, it is not, which tells me that however uncomfortable the party is with the government getting involved in citizens' private lives, they're not so uncomfortable with the status quo that they're willing to oppose it.
I am looking forward to being proved wrong. Seriously. When I see the LP make a real, hard, practical, strong effort at supporting gay equality or a woman's right to an abortion, and not just pay lip service, I'll believe that they're something other than the "pro-gun, anti-tax" party. Until then, it's not surprising to me that politically biased filtering software likes the LP as much as the RNC.
equality under the law for gays, lesbians, and other sexual minorities (and for everyone else too) It would be nice if that were so. In reality, I have not found the Libertarian Party to be very enthusiastic about gay rights. In 1996, I approached the Libertarian Party of Illinois about endorsing same-sex marriage. They brought it up for a vote among party members and the motion was denied. So much for equality under the law.
This is what I mean: people who want to describe themselves as Libertarian like to talk a good game, but when the rubber meets the road they tend to retreat to comfortable conservative positions. Libertarians do not generally oppose "corporatism" -- on the contrary, they tend to support completely unrestrained free-market activity. To the extent that they support separation of church and state, that support does not usually extend to school prayer issues. And by your own admission, the fact that only "some" libertarians oppose the patent system only reinforces this point: why do not all libertarians oppose it, as an outrageous intrusion into individual liberty? Why is it not a fundamental part of the Libertarian Party platform?
Because the Libertarian Party is chiefly about economic liberty, with civil liberties as an afterthought, if they are addressed at all. It is not for nothing that they are often lampooned as the "Propertarian" party.
The Libertarian Party is not a "conservative" organization. Elimination of most of the government and its laws is hardly conservative.
What are you talking about? That is the classic "conservative" position: that the government's power should be "conserved" and used only when there is absolutely no alternative. Supposedly.
In practice, compare the Libertarian Party's positions on the following issues with, say, those of the Republican Party:
affirmative action
antidiscrimination laws
public schooling and mandatory K-12 education
gun control
antitrust laws
market regulation
That the Libertarian Party occasionally endorses causes that are traditionally characterized as "liberal," such as a woman's right to choose or narcotics decriminalization, only emphasizes the fact that on most issues, Libertarians are closely aligned with "conservative" issues. Whether you consider this a good thing or a bad thing, there is not much room to deny it.
Straight off, I get the message that this user is not in the appropriate group to su to root.
This is pretty common behavior on non-Linux machines and certainly did not originate with OpenBSD. In order to su root, you must be in the wheel group.
Linux does not require this because it uses the GNU version of su, which is intended specifically not to have this requirement. Here is an explanation for this decision:
Why GNU su does not support the wheel group (by Richard Stallman)
Sometimes a few of the users try to hold total power over all the rest. For example, in 1984, a few users at the MIT AI lab decided to seize power by changing the operator password on the Twenex system and keeping it secret from everyone else. (I was able to thwart this coup and give power back to the users by patching the kernel, but I wouldn't know how to do that in Unix.)
However, occasionally the rulers do tell someone. Under the usual su mechanism, once someone learns the root password who sympathizes with the ordinary users, he can tell the rest. The "wheel group" feature would make this impossible, and thus cement the power of the rulers.
I'm on the side of the masses, not that of the rulers. If you are used to supporting the bosses and sysadmins in whatever they do, you might find this idea strange at first.
I am trying to convince my superiors to let me start refusing mail based on ORBS and MAPS RBL queries, but denying a large volume of legitimate mail (as the case would be with AOL on the ORBS list)...
FYI, this would still be the case even if AOL were not in the ORBS database. ORBS lists quite a lot of servers that mostly deliver legitimate mail, sometimes on the basis of pretty obscure relay tests and often even if the relay is not actively being abused by spammers. The ORBS philosophy, as far as I can tell, is essentially that it's okay to throw out a few babies as long as you get rid of the bathwater.
I would put more trust in the MAPS RBL,DUL and RSS databases as more responsibly run systems: while not as aggressive as MAPS, much less likely to discard legitimate correspondence. For many sites, that is of paramount importance.
Bruce Taylor, chief counsel to the National Law Center for Children and Families in Fairfax, Va., disputed Haselton's study.... "I don't trust that Peacefire is telling the truth," Taylor said.
The National Law Center for Children and Families doesn't appear to be an arm of the U.S. Government. According to their Fil tering Memorandum of Law, they are a "non-profit educational organization."
It is true that two of their three senior counsel used to work in the Justice Department, and it is probable that Taylor's public opinion reflects the private opinion of other members of Justice. But it's inappropriate to regard this outburst as an official statement of policy of the U.S. Government.
It's not entirely clear to me exactly what's going on, apart from the fact that the InterNIC servers can't even seem to agree with each other about when the domain was created:
Time was when this sort of activity was called merely "collaborative," and even that was considered more than enough buzzword. I'm not sure why the "open source" label would be appropriate for something like TheBench.org, unless a red-hot IPO is in the offing.
If I own a CD, I can do anything I please with it, short of redistributing the music.... All of this is legal, provided I own the CDs that are the source material for the MP3s. It is no different than recording a CD onto a cassette tape so that you can listen to it in an old Walkman.
You would think so. For example, you would also think that if you legally purchased a DVD for your own private home use, you would have the right to operate that DVD with a computer running Linux, even if you have to write some software to support it. That makes sense, doesn't it?
Unfortunately, under the Digital Millenium Copyright Act, you do not have the right to do any of these things. Almost no forms of copying are still considered "fair use." If you access the data on the disc in just about any way that the publisher doesn't specifically authorize, you have infringed on their copyright.
Then someone got the bright idea to use UDP packets and backoff the transfer if something 'more important' needed to use the bandwidth. Couldn't the same be done with Napster? Make all MP3 downloads a "low-priority" transfer that drops as soon as someone else wants to use the bandwidth for "educational" purposes.
Can that, in fact, be done to any UDP connection? If so, I'm all ears. The exchange student who's living with us has been killing my uplink with the Internet Phone. It's great that she has a way to talk to her friends at home for free, but I'd really love a way to make the other end of the connection back off.
Even if I disconnect her machine from the network, the remote client keeps happily bombing me with UDP packets until the moron behind the keyboard gives up. My connection is totally saturated until they quit, making it impossible for me to get my work done. If there are any solutions, I'm listening.
This article is by now so old that no one will read this comment, but what the hell. Karma whore, etc.
Some of the articles that have been posted seem to miss the point. Several people suggested that this design goes against the principles of RISC. I am puzzled. The RISC philosophy is about maximizing efficiency by reducing CPU complexity. But this is memory management research, i.e. it proposes a new MMU design, not a new CPU. It is like suggesting that 3D accelerator boards are contrary to the principle of RISC design because they involve complex hardware. There's no contradiction in having a simplified CPU and complex off-chip hardware to back it up.
Others have suggested that there's no point to this work because a hardware implementation of malloc() and free() would run only marginally faster than their software counterparts. I suggest reading some of the publications on their Web site, particularly their Introduction to DMMX. They aren't merely trying to implement malloc() and free() in hardware, and the solution they describe would allocate and sweep the heap in constant time. If the scenario described in this paper is feasible, it could be pretty interesting stuff.
Check out HACKERS by Steven Levy to support this, but according to that book it was actually Bill Atkinson @ Apple who invented overlapping windows.
You're probably thinking of Insanely Great, also written by Levy. That book describes how Atkinson developed a new method for calculating overlapping regions after visiting PARC:
During the PARC visit, Atkinson was impressed that Smalltalk somehow ``knew'' how to show only the visually relevant information at any given millisecond. The irony is that Atkinson was mistaken -- the Alto used a much less elegant, and slower, method than clipping. But buoyed by what he thought was Smalltalk's existence proof of clipping, Atkinson kept hammering at a solution.... Eventually wave after wave of Atkinson's brainpower eroded the problem. He had set out to reinvent the wheel; actually he wound up inventing it. His solution dealt with a sophisticated use of algebra to calculate which ``regions'' of the window had to be drawn and remembered. (
Insanely Great, 1994, paperback p. 87)
It's a flawed book but is still very entertaining. Levy has a knack for capturing the excitement and spirit of hacking.
Much of the way the U.S. government works is due the difficulties in communication and travel when the U.S. was established in the 18th century. It would be pretty pathetic trying to get everyone in the country to mail in a vote on every issue when the letter could take a few weeks to get across the country. It was therefore considered more pragmatic to have representatives at every step in the process.
While that surely contributed to the representative system of democracy, it was hardly the only or even the main reason. Read the Federalist Papers some time. Federalist #10 argues at some length that direct democracy on a large scale inevitably amounts to mob rule. James Madison would be horrified at the suggestion that inefficient communications channels are the only reason for representative democracy.
But another useful trick, if there are certain machines you want to accept mail from and others that you don't, is to run sendmail under tcpd so that it obeys/etc/hosts.allow and/etc/hosts.deny, by adding this to/etc/inetd.conf:
Sendmail has supported this internally since 8.8 or 8.9, by means of/etc/mail/access.db. There are good instructions in the cf subdirectory in the source code, but the short version is that if you add the following to/etc/mail/access:
example.com REJECT 192.168.0 REJECT
and run makemap hash access < access, sendmail will automatically reject mail coming from example.com or the 192.68.0 network.
Sendmail's rules are a bit looser than tcpwrapper's rules; for example, doing this will reject mail with an envelope sender from example.com as well as mail coming from a host in the example.com rDNS space. And Jamie's points about centralization of access files are well taken. But you can basically do this in sendmail without using tcpwrappers, if necessary.
I feel one should blame the person who breaks the law not someone who innocently contributed to the possibility of the law being broken. To blame the owner of the cracked system used for a DoS attack is like blaming the owner of a stolen car for it's use in a bank robbery...
If a swimming pool has not been fenced up, and a child sneaks onto the property and drowns, the owner of the pool can be held partly liable. If you own a gun and neglect to lock it up or its ammunition, you can be held liable when someone steals the gun and kills someone with it.
This is known as the "attractive nuisance" principle. If you are responsible for some resource that presents an attractive nuisance to some miscreants, and you fail to take reasonable measures to secure it, you can wind up taking some of the heat for the damage they cause.
Computer security is so generally lousy that I'm reluctant to say that this principle should apply to system administrators in general. Not knowing the nature of this particular DoS attack, I'm particularly doubtful that it should qualify as an "attractive nuisance" -- for example, as far as I know there is no good way to prevent someone from launching a smurf attack from your network.
But the point is that it is a well-established principle that someone who maintains their property carelessly, in a way that facilitates theft or misuse, can in fact be held liable for negligence.
The JFS README file lists the following TODO items left to go:
JFS TODO list:
- JFS: - make READ fully operational - READ file - get write capabilities operational - MKDIR - CREATE file - WRITE file - RMDIR - RM - add support for hard and soft links, special files
That's a pretty broad definition of "mostly working." It does sound exciting, but I'm going to have to withhold judgement until file reading, writing, creation and removal have been made operational.
This technology doesn't sound applicable to video techniques. Minolta's FAQ indicates that "at least" six shots of an object are typically necessary to build a 3D image from it. It sounds like the camera takes 2D photographs from different angles, and Metastream's software interpolates from those photographs to determine the object's solid structure.
It sounds unlikely to be a useful technique to apply to video; you'd have to have six videocameras recording the same scene from different angles. I'm not even sure that the state of the art begins to touch the problems of recording video in three dimensions, storing the data, and playing it back.
I wouldn't hold my breath waiting for Quake environments built from this technology either. They're building a 3D model of an object based on external photographs; doing the same thing with internal photographs is a very different ballgame.
This is all good advice in general, but a lot of it is irrelevant to the ways that modern corporations keep tabs on us. Encrypting all of your data -- via PGP, IPsec, SSH, or what-have-you -- is a smart thing to do but doesn't really interfere with the traffic that marketers watch. It doesn't alter your demographic profile or your click-through trail.
Moreover, marketers are already using other tricks to find out who you are. DoubleClick tracks you with a cookie every time you load one of their images. You don't even need to click through the ads for them to know who you are.
A modified list, focusing on how to stay anonymous to corporate interests:
Use proxy servers when possible.
Use a dynamic IP address when possible.
Refuse cookies unless you know why they're being collected and agree with the reason. Clean out your cookie cache frequently.
Don't use your e-mail address for your anonymous FTP password. Better yet, don't tell your Web browser your e-mail address at all.
Don't turn on JavaScript or Java unless you specifically need them and trust the site that you are visiting. Even "secure" active technologies can be fooled into giving up some useful information about you.
Don't read e-mail with a Web browser or other HTML-aware client, for all the reasons mentioned above -- by reading your mail, you can be tracked via image hit logs, cookies, or JavaScript.
When purchasing goods online, use more than one credit card account. Use different addresses (e.g. a P.O. Box and your street address) if possible.
If you control your own domain, use different e-mail addresses for each contact you make. If you don't control mail for your domain, you may still be able to get away with keyworded addresses like twp+amazon@example.com or twp-cdnow@example.com, but these may not fool demographic analyzers.
It's not actually that easy. It is often difficult to get information that you need by registering a user account on a vendor's web site, or creating a big pile of cookies, or running some JavaScript applet, or doing something else to give up your identity. Tools like Cookie Monster and JunkBusters make it easier. But it's not easy.
The Infocom text adventures are written in a language called ZIL, Zork Interpreter Language. You may have noticed that each adventure game consisted of one moderately-sized executable and one or two enormous data files, and that the executable image for each game was usually identical to all the others. The executable is a Z-code interpreter that runs the ZIL program stored in the data files.
There are Z-code interpreters on the net that work pretty well. I own a copy of The Lost Treasures of Infocom (about a dozen of the classic games), and once upon a time ran a Z interpreter to play these games on my Linux box.
There is a wealth of information about Infocom at Peter Scheyen's Infocom Page. Apart from links to the Z-code interpreters and information on buying the classic games, there is a wonderful archive of historical and technical articles about Infocom. Check out especially How to Fit a Large Program Into a Small Machine, Marc Blank and Stu Galley's technical exposition on the design of the ZIL language and the Z-code interpreter. Great stuff.
Slashdot Mirror
Who decides when a package is "unmaintained" or "orphaned?"
For example, in January 1998 I converted Columbia MM (the best mailer I have ever used) to an autoconf framework for improved portability. I wrote to the MM maintainers and asked for permission to release my modified source, but was told only that they would be happy to incorporate my patches. I submitted my patches, but no new release has been issued.
I do not mean to denigrate the maintainers. It is extremely difficult to hold down a full-time job and maintain an open-source project on your personal time. I hold no animosity for anyone who cannot give 100% to both jobs.
But it still leaves me in a quandary. The official Columbia MM maintainers are still alive, are reachable, are responsive, but they don't seem to do anything. I would love to release my source, but cannot.
If anything, this has persuaded me, more than anything else, about the fundamental importance of the the right to fork that the GPL/BSD licenses guarantee.
First, there's a pretty grievous error in the inetd config line he gives which makes the server not run. I can't remember the entire line but remove the duplicate 'cvs' text.
/usr/local/bin/cvs cvs \
:-) Setting up SSH access is trivial -- as long as someone has a shell account on the CVS server, they should be able to run "cvs -d myuserid@cvshost:/path/to/repository" to access the remote repository. It did not even occur to me that this needed to be documented.
/path/to/open and your closed code into /path/to/closed. Take away world-read permission and put them under ownership by different groups. Then, in order to view the closed repository, you must be in the closed user group. But you raise a good point that this would be a useful cookbook-style example.
:-)
That's interesting. What operating system are you running?
Here's the line that I think you're talking about:
cvspserver stream tcp nowait root
--allow-root=/usr/local/newrepos pserver
The inetd implementations I'm familiar with would require both "/usr/local/bin/cvs" and "cvs" in that line. The first tells inetd where to find the binary, and the second is the first argument in the command-line invocation. If there are inetds floating around which choke on that line, you should definitely report it as a documentation bug.
Second, although I know it doesn't fit in with the theme of the book, there isn't much in the way of setting up CVS for commercial use. In my case, I want to have CVS controlling both some OS and commercial code. Setting up SSH access, multiple CVS servers, access control, etc are not covered very well, if at all.
I will venture a guess that Karl didn't cover those topics because he didn't think it necessary.
If I were setting up a CVS server with projects that needed different levels of access control, I would probably put them into completely different repositories. Put your free code into
Disclaimer: I was one of the technical reviewers for the book and so am not objective about its quality.
I tend to like the disgruntled ex-boyfriend theory. The T&A photos are part of it. Would Rodona keep scanned GIFs of her own cheesecake pictures on her disk? Possibly, but unlikely. However, she or her boyfriend would certainly have the developed pictures sitting around. That's why someone with intimate access seems more believable.
But for all that, I didn't find the "hacking" story all that implausible, details or no details.
Not to mention a file of 200,000 addresses of "confirmed anti spammers" that should never be mailed. Since I found my own address on that list, I have reason to believe that they weren't just randomly generated.
To me this means that rather than supporting "gay marriage", we should oppose "straight marriage".
I could respect this point of view if the Libertarian Party were actively involved in an effort to dismantle or abolish marriage laws. To the best of my knowledge, it is not, which tells me that however uncomfortable the party is with the government getting involved in citizens' private lives, they're not so uncomfortable with the status quo that they're willing to oppose it.
I am looking forward to being proved wrong. Seriously. When I see the LP make a real, hard, practical, strong effort at supporting gay equality or a woman's right to an abortion, and not just pay lip service, I'll believe that they're something other than the "pro-gun, anti-tax" party. Until then, it's not surprising to me that politically biased filtering software likes the LP as much as the RNC.
equality under the law for gays, lesbians, and other sexual minorities (and for everyone else too)
It would be nice if that were so. In reality, I have not found the Libertarian Party to be very enthusiastic about gay rights. In 1996, I approached the Libertarian Party of Illinois about endorsing same-sex marriage. They brought it up for a vote among party members and the motion was denied. So much for equality under the law.
This is what I mean: people who want to describe themselves as Libertarian like to talk a good game, but when the rubber meets the road they tend to retreat to comfortable conservative positions. Libertarians do not generally oppose "corporatism" -- on the contrary, they tend to support completely unrestrained free-market activity. To the extent that they support separation of church and state, that support does not usually extend to school prayer issues. And by your own admission, the fact that only "some" libertarians oppose the patent system only reinforces this point: why do not all libertarians oppose it, as an outrageous intrusion into individual liberty? Why is it not a fundamental part of the Libertarian Party platform?
Because the Libertarian Party is chiefly about economic liberty, with civil liberties as an afterthought, if they are addressed at all. It is not for nothing that they are often lampooned as the "Propertarian" party.
The Libertarian Party is not a "conservative" organization. Elimination of most of the government and its laws is hardly conservative.
What are you talking about? That is the classic "conservative" position: that the government's power should be "conserved" and used only when there is absolutely no alternative. Supposedly.
In practice, compare the Libertarian Party's positions on the following issues with, say, those of the Republican Party:
That the Libertarian Party occasionally endorses causes that are traditionally characterized as "liberal," such as a woman's right to choose or narcotics decriminalization, only emphasizes the fact that on most issues, Libertarians are closely aligned with "conservative" issues. Whether you consider this a good thing or a bad thing, there is not much room to deny it.
Straight off, I get the message that this user is not in the appropriate group to su to root.
This is pretty common behavior on non-Linux machines and certainly did not originate with OpenBSD. In order to su root, you must be in the wheel group.
Linux does not require this because it uses the GNU version of su, which is intended specifically not to have this requirement. Here is an explanation for this decision:
I am trying to convince my superiors to let me start refusing mail based on ORBS and MAPS RBL queries, but denying a large volume of legitimate mail (as the case would be with AOL on the ORBS list)...
FYI, this would still be the case even if AOL were not in the ORBS database. ORBS lists quite a lot of servers that mostly deliver legitimate mail, sometimes on the basis of pretty obscure relay tests and often even if the relay is not actively being abused by spammers. The ORBS philosophy, as far as I can tell, is essentially that it's okay to throw out a few babies as long as you get rid of the bathwater.
I would put more trust in the MAPS RBL, DUL and RSS databases as more responsibly run systems: while not as aggressive as MAPS, much less likely to discard legitimate correspondence. For many sites, that is of paramount importance.
What's different here are the 18 colorful keys lining the top of the keyboard, most of which have generic subject names like "travel" or "auction."
Eighteen control keys is good news. It means that at last we can have really useful Emacs keyboards.
"To spell-check, just hit Auctions-Travel-Q. If you want to spell check against a French dictionary, use Music-Auctions-Travel-Q instead."
Note: I am only partly joking.
When I visit http://foia.fbi.gov/alpha.htm, I get:
Freedom of what? Maybe I need to file a formal FOIA request in order to view the page.
What the US Govmnt thinks about anti-censorware:
... "I don't trust that Peacefire is telling the truth," Taylor said.
Bruce Taylor, chief counsel to the National Law Center for Children and Families in Fairfax, Va., disputed Haselton's study.
The National Law Center for Children and Families doesn't appear to be an arm of the U.S. Government. According to their Fil tering Memorandum of Law, they are a "non-profit educational organization."
It is true that two of their three senior counsel used to work in the Justice Department, and it is probable that Taylor's public opinion reflects the private opinion of other members of Justice. But it's inappropriate to regard this outburst as an official statement of policy of the U.S. Government.
It's not entirely clear to me exactly what's going on, apart from the fact that the InterNIC servers can't even seem to agree with each other about when the domain was created:
...
$ whois -h whois.networksolutions.com openssh.org
Registrant:
Open SSH Project (OPENSSH2-DOM)
Zaanstraat 250
AMSTERDAM, NL-1013 RZ
NL
Domain Name: OPENSSH.ORG
Record created on 04-Nov-1999.
$ whois -h whois.internic.net openssh.org
Domain Name: OPENSSH.ORG
Registrar: NETWORK SOLUTIONS, INC.
Whois Server: whois.networksolutions.com
Referral URL: www.networksolutions.com
Name Server: NS2.KYARITSU.COM
Name Server: NS1.KYARITSU.COM
Updated Date: 15-oct-1999
I give up.
Open source has reached cartooning, eh?
Time was when this sort of activity was called merely "collaborative," and even that was considered more than enough buzzword. I'm not sure why the "open source" label would be appropriate for something like TheBench.org, unless a red-hot IPO is in the offing.
If I own a CD, I can do anything I please with it, short of redistributing the music. ... All of this is legal, provided I own the CDs that are the source material for the MP3s. It is no different than recording a CD onto a cassette tape so that you can listen to it in an old Walkman.
You would think so. For example, you would also think that if you legally purchased a DVD for your own private home use, you would have the right to operate that DVD with a computer running Linux, even if you have to write some software to support it. That makes sense, doesn't it?
Unfortunately, under the Digital Millenium Copyright Act, you do not have the right to do any of these things. Almost no forms of copying are still considered "fair use." If you access the data on the disc in just about any way that the publisher doesn't specifically authorize, you have infringed on their copyright.
See the Slashdot story on the DeCSS injunction, or the text of the judge's ruling itself.
Then someone got the bright idea to use UDP packets and backoff the transfer if something 'more important' needed to use the bandwidth. Couldn't the same be done with Napster? Make all MP3 downloads a "low-priority" transfer that drops as soon as someone else wants to use the bandwidth for "educational" purposes.
Can that, in fact, be done to any UDP connection? If so, I'm all ears. The exchange student who's living with us has been killing my uplink with the Internet Phone. It's great that she has a way to talk to her friends at home for free, but I'd really love a way to make the other end of the connection back off.
Even if I disconnect her machine from the network, the remote client keeps happily bombing me with UDP packets until the moron behind the keyboard gives up. My connection is totally saturated until they quit, making it impossible for me to get my work done. If there are any solutions, I'm listening.
This article is by now so old that no one will read this comment, but what the hell. Karma whore, etc.
Some of the articles that have been posted seem to miss the point. Several people suggested that this design goes against the principles of RISC. I am puzzled. The RISC philosophy is about maximizing efficiency by reducing CPU complexity. But this is memory management research, i.e. it proposes a new MMU design, not a new CPU. It is like suggesting that 3D accelerator boards are contrary to the principle of RISC design because they involve complex hardware. There's no contradiction in having a simplified CPU and complex off-chip hardware to back it up.
Others have suggested that there's no point to this work because a hardware implementation of malloc() and free() would run only marginally faster than their software counterparts. I suggest reading some of the publications on their Web site, particularly their Introduction to DMMX. They aren't merely trying to implement malloc() and free() in hardware, and the solution they describe would allocate and sweep the heap in constant time. If the scenario described in this paper is feasible, it could be pretty interesting stuff.
Check out HACKERS by Steven Levy to support this, but according to that book it was actually Bill Atkinson @ Apple who invented overlapping windows.
You're probably thinking of Insanely Great, also written by Levy. That book describes how Atkinson developed a new method for calculating overlapping regions after visiting PARC:
It's a flawed book but is still very entertaining. Levy has a knack for capturing the excitement and spirit of hacking.
Much of the way the U.S. government works is due the difficulties in communication and travel when the U.S. was established in the 18th century. It would be pretty pathetic trying to get everyone in the country to mail in a vote on every issue when the letter could take a few weeks to get across the country. It was therefore considered more pragmatic to have representatives at every step in the process.
While that surely contributed to the representative system of democracy, it was hardly the only or even the main reason. Read the Federalist Papers some time. Federalist #10 argues at some length that direct democracy on a large scale inevitably amounts to mob rule. James Madison would be horrified at the suggestion that inefficient communications channels are the only reason for representative democracy.
But another useful trick, if there are certain machines you want to accept mail from and others that you don't, is to run sendmail under tcpd so that it obeys /etc/hosts.allow and /etc/hosts.deny, by adding this to /etc/inetd.conf:
/etc/mail/access.db. There are good instructions in the cf subdirectory in the source code, but the short version is that if you add the following to /etc/mail/access:
Sendmail has supported this internally since 8.8 or 8.9, by means of
example.com REJECT
192.168.0 REJECT
and run makemap hash access < access, sendmail will automatically reject mail coming from example.com or the 192.68.0 network.
Sendmail's rules are a bit looser than tcpwrapper's rules; for example, doing this will reject mail with an envelope sender from example.com as well as mail coming from a host in the example.com rDNS space. And Jamie's points about centralization of access files are well taken. But you can basically do this in sendmail without using tcpwrappers, if necessary.
I feel one should blame the person who breaks the law not someone who innocently contributed to the possibility of the law being broken. To blame the owner of the cracked system used for a DoS attack is like blaming the owner of a stolen car for it's use in a bank robbery...
If a swimming pool has not been fenced up, and a child sneaks onto the property and drowns, the owner of the pool can be held partly liable. If you own a gun and neglect to lock it up or its ammunition, you can be held liable when someone steals the gun and kills someone with it.
This is known as the "attractive nuisance" principle. If you are responsible for some resource that presents an attractive nuisance to some miscreants, and you fail to take reasonable measures to secure it, you can wind up taking some of the heat for the damage they cause.
Computer security is so generally lousy that I'm reluctant to say that this principle should apply to system administrators in general. Not knowing the nature of this particular DoS attack, I'm particularly doubtful that it should qualify as an "attractive nuisance" -- for example, as far as I know there is no good way to prevent someone from launching a smurf attack from your network.
But the point is that it is a well-established principle that someone who maintains their property carelessly, in a way that facilitates theft or misuse, can in fact be held liable for negligence.
JFS : Mostly working, from the sounds of it.
How's that again?
The JFS README file lists the following TODO items left to go:
JFS TODO list:
- JFS:
- make READ fully operational
- READ file
- get write capabilities operational
- MKDIR
- CREATE file
- WRITE file
- RMDIR
- RM
- add support for hard and soft links, special files
That's a pretty broad definition of "mostly working." It does sound exciting, but I'm going to have to withhold judgement until file reading, writing, creation and removal have been made operational.
This technology doesn't sound applicable to video techniques. Minolta's FAQ indicates that "at least" six shots of an object are typically necessary to build a 3D image from it. It sounds like the camera takes 2D photographs from different angles, and Metastream's software interpolates from those photographs to determine the object's solid structure.
It sounds unlikely to be a useful technique to apply to video; you'd have to have six videocameras recording the same scene from different angles. I'm not even sure that the state of the art begins to touch the problems of recording video in three dimensions, storing the data, and playing it back.
I wouldn't hold my breath waiting for Quake environments built from this technology either. They're building a 3D model of an object based on external photographs; doing the same thing with internal photographs is a very different ballgame.
This is all good advice in general, but a lot of it is irrelevant to the ways that modern corporations keep tabs on us. Encrypting all of your data -- via PGP, IPsec, SSH, or what-have-you -- is a smart thing to do but doesn't really interfere with the traffic that marketers watch. It doesn't alter your demographic profile or your click-through trail.
Moreover, marketers are already using other tricks to find out who you are. DoubleClick tracks you with a cookie every time you load one of their images. You don't even need to click through the ads for them to know who you are.
A modified list, focusing on how to stay anonymous to corporate interests:
It's not actually that easy. It is often difficult to get information that you need by registering a user account on a vendor's web site, or creating a big pile of cookies, or running some JavaScript applet, or doing something else to give up your identity. Tools like Cookie Monster and JunkBusters make it easier. But it's not easy.
The Infocom text adventures are written in a language called ZIL, Zork Interpreter Language. You may have noticed that each adventure game consisted of one moderately-sized executable and one or two enormous data files, and that the executable image for each game was usually identical to all the others. The executable is a Z-code interpreter that runs the ZIL program stored in the data files.
There are Z-code interpreters on the net that work pretty well. I own a copy of The Lost Treasures of Infocom (about a dozen of the classic games), and once upon a time ran a Z interpreter to play these games on my Linux box.
There is a wealth of information about Infocom at Peter Scheyen's Infocom Page. Apart from links to the Z-code interpreters and information on buying the classic games, there is a wonderful archive of historical and technical articles about Infocom. Check out especially How to Fit a Large Program Into a Small Machine, Marc Blank and Stu Galley's technical exposition on the design of the ZIL language and the Z-code interpreter. Great stuff.