I've recently been brainstorming about a P2P encrypted backup system. It would create automatic, encrypted backups using something like FreeNet or OceanStore to distribute redundant, encrypted backup fragments on other people's computers (and vice versa). I know P2P and security are almost oxymorons, but I think it could work securely.
Are there projects like this already? Or applications like it built on top of existing "overlay networks" like FreeNet?
Even if the US standard of living is reduced, I have to believe that the greatly increased competition (of companies and individuals) will accelerate technology growth. Won't companies and workers (around the world) work harder to innovate if there are 10x the number of competitors? Maybe US companies and workers have grown complacent. Where are all those fair-weather libertarians now?
As for an Open box getting owned, not surprising. The final step in a secure OS, is knowing how to maintain it, and miantaining Open is no picnic,
Doesn't that defeat the the purpose? If OpenBSD is more difficult to maintain than FreeBSD, isn't that a security problem? If security is difficult to use, users will either not use it or misconfigure it. Then your security features are pointless..
If all unsolicated commercial emails included "ADV:" in the subject lines, then most users, ISPs, and email programs would automatically delete those easily identifiable emails. That is not fair for those of us who are just trying to make a living sending unsolicated commercial emails!
Having had to test GUI apps before, I think a useful approach is to separate the GUI ("View") and the data ("Model"). Automating GUI tests is a bitch and the tests are very fragile if anything in the GUI changes. If possible, design a command-line version of the app that includes everything but the GUI. The command-line version can be scripted to perform automated input/output tests. If your real app is a COM object, your command-line version could even be a simple app that loads the app COM object.
This application design is not a "natural design" a developer would choose on their own, but I think using a test-driven process it can really improve the app's modularity.
The 'big titlebars' thing is a myth. Somehow, the larger antialiased system font used in Aqua (Lucida Grande 12pt) makes people think the window bars are bigger, but not so. Booting classic real quick will show you that they're the same size.
I think he meant that Windows XP had "big titlebars", not Mac OS X. Windows XP's default theme has enormous title bars.
My biggest problem with the Windows XP theme is the rounded window "corners". Often times, an IE window looks maximized, but because of the few missing pixels on the rounded edge, I end up hitting the X/Close button of the IE window *below* the top-most window.:-\
I agree. Most of the CDs I have bought over the past few years are bands that I discovered on Napster/Kazaa/Soulseek, not MTV or commercial radio. There is a (small?) demand for music that is not being met by MTV or commercial radio. There is a market opportunity here for someone to make $$$!
Bootlegging wasn't a crime in the 70s? Don't you remember that episode of "What's Happening?" where Rerun hides the (enormous) cassette recorder in his jacket to bootleg the Doobie Brothers concert ? He got cold busted!
I don't know why certificate revocation was off by default. I think that it was not expected to be used often (certificates are rarely revoked), but having it on by default would force millions of IE users to frequently ping Verisign's servers. People are already paranoid enough that Microsoft software "phones home". Plus that would cost Verisign big bandwidth costs.
You can verify that certificate revocation is off by default by looking in IE's Tools\Internet Options\Advanced menu. Under the Security section, there is an option called "Check for server certificate revocation (requires restart)".
I used to work on Microsoft's Public Key Cryptography QA team. We worked with Verisign to create fake certificates to test IE's SSL and Authenticode signed downloads. When we were done testing, someone on our QA team called Verisign customer service and said, "hi, I work on Microsoft's QA team. We are done using those fake certificates for our tests. Can you please revoke (cancel) them?"
Without any further verification, the Verisign customer service agent pushed a button and canceled the real Microsoft certificate, the one used to sign all of Microsoft's downloads, device drivers, and CDs. oops. Luckily, no one pays attention to Verisign's CRL (Certificate Revocation Lists) because certificate revocation is off by default in IE. Since no one really used the CRL, Verisign was able to the remove Microsoft from the CRL and reinstate the Microsoft certificate after a couple days.
So when you "trust" Verisign, think hard about what that really means..
I don't EVER want to hear anyone driving a fat gas hog complaining about gasoline prices.
I would like to hope that the "Free" Market will sort this out. Perhaps expensive gasoline prices will eventually persuade prospective SUV customers to buy something more fuel-efficient or SUV makers will increase the fuel efficiency. I heard that GM (?) was creating a gas/electic hybrid SUV that got "better" gas mileage, but I think that project has been axed..
Do you remember which WinCE API caused that problem? I program for WinCE and I have found it to more reliable than my Windows desktop computer. Except for Pocket IE (PIE). PIE sucks eggs.
I remember back in '95 when my Accelerated Content Internet Daemon (ACID) was cool, but most people recommended that you not handle more than 1-2 hits every 8-12 hours.
The FreeBSD team is not recommending 5.0 to the general public. I have read that they plan to declare 5.1 as the "real" public release. They admit that more testing is needed.
Slashdot Mirror
I've recently been brainstorming about a P2P encrypted backup system. It would create automatic, encrypted backups using something like FreeNet or OceanStore to distribute redundant, encrypted backup fragments on other people's computers (and vice versa). I know P2P and security are almost oxymorons, but I think it could work securely.
Are there projects like this already? Or applications like it built on top of existing "overlay networks" like FreeNet?
Even if the US standard of living is reduced, I have to believe that the greatly increased competition (of companies and individuals) will accelerate technology growth. Won't companies and workers (around the world) work harder to innovate if there are 10x the number of competitors? Maybe US companies and workers have grown complacent. Where are all those fair-weather libertarians now?
As for an Open box getting owned, not surprising. The final step in a secure OS, is knowing how to maintain it, and miantaining Open is no picnic,
Doesn't that defeat the the purpose? If OpenBSD is more difficult to maintain than FreeBSD, isn't that a security problem? If security is difficult to use, users will either not use it or misconfigure it. Then your security features are pointless..
If all unsolicated commercial emails included "ADV:" in the subject lines, then most users, ISPs, and email programs would automatically delete those easily identifiable emails. That is not fair for those of us who are just trying to make a living sending unsolicated commercial emails!
Did you ever test how loud the air horn actually was on the receiving side? That would be very interesting to know.. :)
Call him and offer to change his long distance service.
In the Soviet Union, long distance services changes you! (actually, long distance "slamming" happens in the US too)
how do they get cleaned up?
anti smart dust smart dust.
Having had to test GUI apps before, I think a useful approach is to separate the GUI ("View") and the data ("Model"). Automating GUI tests is a bitch and the tests are very fragile if anything in the GUI changes. If possible, design a command-line version of the app that includes everything but the GUI. The command-line version can be scripted to perform automated input/output tests. If your real app is a COM object, your command-line version could even be a simple app that loads the app COM object.
This application design is not a "natural design" a developer would choose on their own, but I think using a test-driven process it can really improve the app's modularity.
because everything on the Interweb is true.
because all teachers are commies.
The 'big titlebars' thing is a myth. Somehow, the larger antialiased system font used in Aqua (Lucida Grande 12pt) makes people think the window bars are bigger, but not so. Booting classic real quick will show you that they're the same size.
:-\
I think he meant that Windows XP had "big titlebars", not Mac OS X. Windows XP's default theme has enormous title bars.
My biggest problem with the Windows XP theme is the rounded window "corners". Often times, an IE window looks maximized, but because of the few missing pixels on the rounded edge, I end up hitting the X/Close button of the IE window *below* the top-most window.
I agree. Most of the CDs I have bought over the past few years are bands that I discovered on Napster/Kazaa/Soulseek, not MTV or commercial radio. There is a (small?) demand for music that is not being met by MTV or commercial radio. There is a market opportunity here for someone to make $$$!
Bootlegging wasn't a crime in the 70s? Don't you remember that episode of "What's Happening?" where Rerun hides the (enormous) cassette recorder in his jacket to bootleg the Doobie Brothers concert ? He got cold busted!
I don't know why certificate revocation was off by default. I think that it was not expected to be used often (certificates are rarely revoked), but having it on by default would force millions of IE users to frequently ping Verisign's servers. People are already paranoid enough that Microsoft software "phones home". Plus that would cost Verisign big bandwidth costs.
You can verify that certificate revocation is off by default by looking in IE's Tools\Internet Options\Advanced menu. Under the Security section, there is an option called "Check for server certificate revocation (requires restart)".
I used to work on Microsoft's Public Key Cryptography QA team. We worked with Verisign to create fake certificates to test IE's SSL and Authenticode signed downloads. When we were done testing, someone on our QA team called Verisign customer service and said, "hi, I work on Microsoft's QA team. We are done using those fake certificates for our tests. Can you please revoke (cancel) them?"
Without any further verification, the Verisign customer service agent pushed a button and canceled the real Microsoft certificate, the one used to sign all of Microsoft's downloads, device drivers, and CDs. oops. Luckily, no one pays attention to Verisign's CRL (Certificate Revocation Lists) because certificate revocation is off by default in IE. Since no one really used the CRL, Verisign was able to the remove Microsoft from the CRL and reinstate the Microsoft certificate after a couple days.
So when you "trust" Verisign, think hard about what that really means..
I don't know any of my friend's numbers anymore, I just know how to say their names.
but what if you can't remember your friends' names?
What exactly is "sick" about the name Jamcracker? It's not like the name was "Crack Jammer" (and even that does not really mean anything).
I don't EVER want to hear anyone driving a fat gas hog complaining about gasoline prices.
I would like to hope that the "Free" Market will sort this out. Perhaps expensive gasoline prices will eventually persuade prospective SUV customers to buy something more fuel-efficient or SUV makers will increase the fuel efficiency. I heard that GM (?) was creating a gas/electic hybrid SUV that got "better" gas mileage, but I think that project has been axed..
Respect the Federal system, and butt the fuck out.
Really, And when was the last time California respected the Federal Government ban on Medical Marijuana? Anyways
By "Federal system", he meant that each state within the federation of states can make its own laws.
Do you remember which WinCE API caused that problem? I program for WinCE and I have found it to more reliable than my Windows desktop computer. Except for Pocket IE (PIE). PIE sucks eggs.
I remember back in '95 when my Accelerated Content Internet Daemon (ACID) was cool, but most people recommended that you not handle more than 1-2 hits every 8-12 hours.
Don't forget, "hold on, we're about to go through a tunnel.. hello??!"
Don't forget Boong-Ga Boong-Ga (spank 'em) , the Japanese spanking-themed video game.
Do you have a link with more info about "Minimalist Python"? Google does not show anything related to such a project.
The FreeBSD team is not recommending 5.0 to the general public. I have read that they plan to declare 5.1 as the "real" public release. They admit that more testing is needed.