IIRC Clifford Stoll maintained contact with his managers about what he was doing. He was not forbidden to continue a particular line of enquiry. That seems very different from this case.
Added to which, it seems that Mr.Carpenter and his wife are beneficiaries of the "new security regime" with him landing a plum post with the neocon's new "Dept of Homeland Security" and his wife now
a White House fellow working as a special assistant to top-ranking government officials.
Take note too of the special attention paid to the fact that Bruce Held [Sandia's chief of counterintelligence]. was a CIA officer, and remember that the CIA and all the associated apparatus of oldboys are under attack from the neocons because they wouldn't suppport the Bush administration's contention that Iraq had WMDs.
I smell a big stinky rat that just popped out of the sewer with this story. I can't help remembering the Wen Ho Lee story which waved the flag of patriotism to persecute a "foreigner" and think that if the USA is worried about foreigners stealing information then they should look to the Israelis
At best this is an unclear story, at worst it's a move by the neocons to ratchet up tension against China. Probably it's a way at having a go at some non-neocon security establishment likely loyal to the Democrats.
Do we have any confidence that this cracker or his associates in the FBI and Army are not part of some retarded counter-intelligence plot to manufacture tension between the US and China? I realise that this sounds like conspiracy nut ranting, but given the complete lack of information available to any member of the public all we have are unsupportable conspiracy theories with partial information leaked to us by spooks. I have no confidence that the jury was privy to the sort of sensitive intelligence which would allow them to determine whether this was some sort of false-flag operation by the FBI.
The only thing that we're certain of is that Shawn Carpenter is clearly shown to have disregarded the straightforward and honest rules of his workplace. People do all sorts of dishonest deeds under the cloak of "patriotism" and the only incontrovertible evidence is that this dude is a cracker.
ESR has so far refused to clarify if he was running the current stable relase Fedora Core 6, or the completely bleeding-edge rawhide
Raw Hide Can Be a Bit Tough to Chew on So Run at Your Own Risk (and Enjoyment)
These releases have not been quality tested by Red Hat's Quality Assurance
team. They may not boot. If they boot, they may not install. If they install,
they may not do anything other then waste CPU cycles. If anything breaks,
you most assuredly own the many fragments which will be littered across your
floor.
It may not be possible to upgrade from Red Hat to Raw Hide, from Raw Hide
to Red Hat, or from Raw Hide to Raw Hide! If a stable upgrade path is
important to you, please do not use Raw Hide.
DO NOT USE THESE RELEASES FOR ANY WORK WHERE YOU CARE ABOUT YOUR APPLICATION
RUNNING, THE ACCURACY OF YOUR DATA, THE INTEGRITY OF YOUR NETWORK, OR ANY
OTHER PURPOSE FOR WHICH A RESPONSIBLE HUMAN WOULD USE A COMPUTER. (But then
again what would be the fun of hacking Linux if there wasn't some risk
involved.;-)....)
Or if he was running one of the not quite as unstable but still a work in progress fc7-test series (which are less buggy than rawhide (whose purpose is to be buggy and fun)) which exist for the purpose of trying to stabilize things for the next release.
But, he did post this on the fedora-devel list which is expressly and only for the purpose of being used by people that are running these UNSTABLE, TESTING VERSIONS THAT ARE NOT PRODUCTION READY AS CLEARLY INDICATED.
ESR knows the value of reporting exactly what went wrong, which is why so many people pointed him to his own "smart questions FAQ". Add to this that he EXPRESSLY did something that he was told not to do and as a result effed up his own system.
As a result of all of the above it can reasonably be assumed that he's deliberately trying to create the impression that Fedora Core is unstable and that the package management system makes it difficult to upgrade individual components. I can put my hand on my heart and say unequivocally after years of using Debian and Fedora Core (and latterly Gentoo), that this is complete and utter rubbish.
ESR is trolling. Possibly for petty motives like personal attention (how pathetic), and possibly for monetary gain (to boost the Ubuntu/Linspire -- Canonical/Freespire empire). Whichever it is his content-free rant should be taken as FUD and he should have his arse kicked from here to Redmond for spreading it.
Thanks for that link. It was exactly what I was looking for. To be fair to Bruce Eckel though, just because a master like Eric Meyer can get it to work doesn't mean that it's as easy for someone less proficient as cobbling it together in Flash (or as he's pushing for Flex/OpenLaszlo).
Not to disagree with what you said, but Bruce's conclusion is that Flash is what we should be writing in, not HTML/Javascript/CSS! And from tackling exactly what he talks about in the article: "My primary goal has been to create a slide-and-audio content delivery system, like you see in the Hands-On Java CD ROM or Thinking in C." I can see why he's drawn to Flash.
No doubt you're thinking "easy"!, but it's not if you're trying to make it cross-platform, in fact it's a major pain in the ass, and if you look at most of the solutions in that domain they use... Flash. Really the article is mis-titled (never mind the Slashdot title), it should be "Why Flash beats the pants off Java for Rich Internet Applications and what we should fix in Java", but I can see why the editors chose another title;)
I guess the thing to do is to stop Tor spewing out the plaintext: "TOR 1.0 Proxy Connection Attempt" which any half-assed network admin could detect. Run wireshark and watch how Tor gives itself away. I suppose that they could then block people trying to get to known Tor entry nodes, but with enough of them then that becomes foolish.
Plausible speculation, and JKR should take your advice.
Slightly irrelevant sidenote:
I haven't read them for about 20 years but I seem to remember Alan Garner's stuff as much more confusing and complex psychologically than Harry Potter. I actually didn't like most of it very much but I remember IIRC The Owl Service fairly clearly. It troubled me.
Even more irrelevant sidenote: Out of the Silent Planet, along with Perelandra are (IMO) fairly awful, however That Hideous Strength is entertainingly schlocky, very different from the rest of the trilogy (apart from the presence of the loathsome Ransome (to whom we are all as women!)). It includes a re-awakened Merlin, mad scientists, talking brains in jars, a NAZI-like police state taking over England, the lesbian chief of the secret police (Fairy Hardcastle) with a taste for sadist interrogations of pure young ladies. Awesome. C.S.Lewis should have done more of that sort of thing. There's also a BBC Radio 4 adaptation of it from some time between 1990 and 1995 which is very well done.
I'm holding out for a movie of it made by the re-united team of Jeunet & Caro (City of Lost Children, Delicatessen etc)
For real. And he insists on being his own mechanic and won't send the car in to the shop to get fixed because he wants to save some money, so his solution is to buy a new car on hire-purchase.
It doesn't matter anyway because Microsoft is fucked because their ability to attract top talent has been eroded by Google. Microsoft's offers of stock are less attractive when you see that the stock isn't going anywhere.
(Your whole argument is also premised on the idea that evil has to be intentional. I'd disagree. I don't care whether a child-raping, mass-murdering psychopath was constrained to behave in that way because of a structural genetically caused defect in his brain structure or if he got spanked too much as a child. All I care about are his actions. Now, I'll grant you that you probably don't rape many children in your cubicle, but you do produce a really crap OS. Still, I expect your inability to see yourself as anything other than a victim is based on the poor quality of Microsoft hires these days.)
It uses Xgl/Compiz AFAIK, but these demos (and there's a live CD) are very nice especially the "Depth Perception" side-by-side windows one.
AIGLX seems like a better solution than Xgl (being better supported on video cards with Free drivers is one major advantage), but these demos are nice.
Whoever modded this as "Troll" is an imbecile. It may be rude, but there's no question that Nature is restricting the flow of knowledge and making an inappropriate profit.
45 subjects is actually a very large sample for an imaging study (fMRI is very expensive). Most studies use 12-16 people
Your point about the statistical tests is well-taken. But the above quote has/nothing/ to do with whether the statistical tests were sufficient or adequate. The significance of a test isn't affected by how much it costs or how bad other people's analyses are. Their work either fails to fit some null hypothesis or doesn't.
It is time for the major science journals to fuck off and die, you can't read that paper unless you pony over $30 to the cunts that run Nature as a profit-making venture. Yes, Nature publishes great research, yes someone has to co-ordinate reviewers etc, yes it costs money to publish their dead-tree, but that is an exorbitant price. Scientific journals contain work that in most cases rests upon a base of tax-payer funded science (as it should be) and the scientists in those disciplines belong to large organisations (e.g. AAAS) that could easily publish their own online journals, cutting out the middlemen of the dead-tree publishers.
The physicists got their act together, why can't other academics. $30 !! Fucking cunts!!
There are such seriously uninformed assertions in the very premises of TFA that it's hard to take what the writer says seriously. For example:
while they're not bad in any sense, they do have problems which are associated with any RPM based distro- dependency hell. I'm sure that any of you who've tried to install any applications would have faced the problem of missing dependencies sometime. And it's all too common to have a few packages totally missing from the repository which means that you have to search for their respective RPMs on the net, download them and install them separately. While functional, this can get a little frustrating over time.
"Dependency hell" existed before YUM (which came from Yellowdog's Seth K. Vidal) solved the problem. YUM is explicitly a dependency solver. It builds on top of the RPM system to automatically find and install the dependent RPM packages.
I knew it wasn't going to be Fedora Core or Yellow Dog since they seemed to have lots of problems when it came to media players.
Fedora Core (don't know about Yellow Dog) explicitly chooses to stay away from software which relies upon non-Free, patent-encumbered material. As a project it considers things like Ubuntu's binary graphics driver distribution, or the inclusion of mp3 decoding software (which is encumbered by the Frauenhoefer Institute's ridiculous patent) to be against the GPL and Free Software. As a result it helps to foster the development of free alternatives, without which there would be a much smaller software ecosystem. This is sane, long-term thinking which steps away from opportunistic, short-term compromises which seek to cannibalize market-share from other Linux distros by spreading confusion and misinformation. Debian has a very similar attitude. There are some non-Fedora run repositories where people have packaged up things like the mplayer codec bundle, mpg321, flash etc. If you really have to have them it's easy to edit/etc/yum/repos.d to add the repository.
The only solution was using a distro which had a better package management system, and did its work without bothering you, the end user.
Look, if an ebuild isn't in the portage tree then you're not going to have much luck installing it unless you make your own. Ditto for an rpm being available to yum in a repository. Your article is uninformed fanboi-ism. To your friend: don't let him near your PS3!
To anyone not using Gentoo, don't take this article as representative of the community, it's a great distro with many advantages and not everyone involved with it is as much as a moron as the article writer.
"It would be nice if that were true, but given the secrecy and lack of information about exactly what the NSA did we have no idea how "helped" any of us are."
Given the fact, that nobody is pushing NSA to say anything on the subject, it is unlikely, that they are lying. The kind of "help" you suspect NSA of providing needs no press-releases...
I'm not suggesting there's any subversion of Vista by the NSA. You're assuming that I'm a conspiracy theorist. I'm not. I'm complaining about the fact that a very unspecified and broad association is being presented in the media to the public which suggests that Vista is secure because the NSA helped to make it secure. I consider that to be bullshit until there are specific details of what was secured and how.
In any event, if the government wanted to help "the users" it would make it very clear as to what security criteria [...]
That's very strict requirements you are placing there, actually. Making anything "very clear", coming up with reliable estimates of saving/loss from using a particular product, making recommendations -- hairy stuff, which NSA is rightly stearing clear from...
Actually, the government already has security specifications for computer systems, there are a whole raft of them for different levels of security, (e.g. this is a completely random example, if you want to find more then google about for "information assurance" and "Department of Defense"). The only point of having government agencies is to be able to certify and standardize systems by some method like this so that the public can have a good idea of what it's getting instead of some nebulous hand-waving about "the NSA guys, and they're real hard-core security ya know? hung out for a few days and if it's OK by them then it gets the Good Housekeeping Seal of Approval, know what I mean?".
Seriously, the press release is remarkable for the lack of detail that it contains. The fact that it doesn't specify exactly what was done suggests that very little was done.
[...] helping hand to a private monopoly, because the roll out of their latest software abortion is looking like a flop.
And why does NSA help BSD [trustedbsd.org] and Linux [nsa.gov]?
Em, because they are public, not private entities that are composed of tax-payers who by any reasonable standards should expect their government agency to do stuff for them and not for a private business monopoly.
Sorry, your conspiracy theory is less convincing,
Sorry, it's not a conspiracy theory, it's a simple objection to two things: 1. To the government helping out a private business entity; 2. To near fraudulent advertising.
I certainly understand and share the frustration of tax-dollars helping a healthy and profitable corporation, but another way to look at this is NSA is helping the users.
It would be nice if that were true, but given the secrecy and lack of information about exactly what the NSA did we have no idea how "helped" any of us are.
As it stands, this announcement is effectively the government giving free publicity to Microsoft and claiming without any evidence that Vista is secure in some way. (See all the "Good Housekeeping" seal-of-approval guff from the Microsoft spokesperson in the article.) In fact we have no idea from this whether they were helping to get Treacherous Computing debugged, so that "the users" don't control the software on their machines properly, or if they just tested a firewall, or what.
In any event, if the government wanted to help "the users" it would make it very clear as to what security criteria were met and whether or not Vista reaches it. It would publish a table with GNU/Linux, Mac OSX, Microsoft Vista etc results from their testing labs and make recommendations as to which should/should-not be used if we want to stop our economy being crippled (through wasted time, ID theft etc) by crappy software.
The fact that none of the above is done lends credence to the theory that this is the government lending a helping hand to a private monopoly, because the roll out of their latest software abortion is looking like a flop.
This is the equivalent of Microsoft jumping up and down beside the NSA and yelling "look, I'm with the trustworthy guy!". Shame on the NSA for either being used, or voluntarily abusing its position like this.
If the NSA can help Microsoft tighten up it's shitty systems then that's good. There are already positive benefits from NSA research into the Flask OS in the form of GNU/Linux's SElinux.
The only problem I have with any of this is that this is another government subsidy (read our tax dollars) going to subsidise a private company which should (given the vast profits it makes) be able to pay for its own security research instead of dipping its snout into the public trough.
First of all, his primary question is: Do citizens currently need to show ID in order to travel in their own country?
The answer is a resounding "no". He is free to travel by foot, bike, motorcycle, car, boat, or other device himself while not violating applicable pedestrian or traffic laws, or by bus or train, entirely anonymously.
Actually you're wrong. When you travel in a car you are very easily trackable. The British perfected the art of tracking suspected Republican terrorists in Northern Ireland by recognition of license plate numbers on cars. When travelling on Amtrak I have been asked for photo ID for tickets which were pre-booked and paid for with a credit-card in advance. It is now illegal in many jurisdictions (e.g. NYC) to have your face covered in certain situations. All of these remove the ability to travel anonymously.
Further, in his quest to "expose" this situation, he found at one of the largest airports in the country, San Francisco International Airport, that he WAS indeed allowed to fly without ID (if he submitted to a search).
And similarly, if you want to get free money from a bank you can do so providing you serve a jail sentence afterwards;) Being searched is unpleasant, intrusive and effectively a punishment deterring anyone normal from not taking the easy route and trading their ID-less anonymity for an escape from close body contact with security personnel.
Claims variously made by privacy advocates assert that showing ID is worthless; that the September 11 hijackers all had valid, government issued photo ID. Sure they did. But some form of identification, fake or not, gives authorities a place to start in an investigation, rather than nothing at all.
The claim is that ID is worthless in preventing terrorist attacks and that the only possible excuse for massive infringements on our liberties is the avoidance of the greater infringement of terrorist nutbags taking away our lives.
Yes, all the 9/11 hijackers had valid IDs. So what? The ID requirement doesn't pretend to "prevent" issues; it's simply a place to start for investigators AFTER an incident,
God, who gives a shit? Despite all the 9-11 conspiracy morons it was clear and is very clear who did what because THEY WANTED US TO KNOW. Terrorists don't make a habit of not telling you excatly what it is they want and who they are. The flight rules are intrusive crap that no one puts up with except for the reason that they think it's going to protect them. And most of them fail, and can only fail to do that. They are a closing of the open society and victory for terrorists.
I want to be able to do file i/o (and so forth) locally, without running a local web server.
You can. You just have to have a webbrowser interpreting the javascript. It differs of course between IE (Scripting.FileSystemObject) and Moz (Components.classes["@mozilla.org/file/local] and Components.classes["@mozilla.org/network/file-outp ut-stream;]) and away you go (after you've taken care of security privileges.
Slashdot Mirror
IIRC Clifford Stoll maintained contact with his managers about what he was doing. He was not forbidden to continue a particular line of enquiry. That seems very different from this case.
Take note too of the special attention paid to the fact that Bruce Held [Sandia's chief of counterintelligence]. was a CIA officer, and remember that the CIA and all the associated apparatus of oldboys are under attack from the neocons because they wouldn't suppport the Bush administration's contention that Iraq had WMDs.
I smell a big stinky rat that just popped out of the sewer with this story. I can't help remembering the Wen Ho Lee story which waved the flag of patriotism to persecute a "foreigner" and think that if the USA is worried about foreigners stealing information then they should look to the Israelis
At best this is an unclear story, at worst it's a move by the neocons to ratchet up tension against China. Probably it's a way at having a go at some non-neocon security establishment likely loyal to the Democrats.
Do we have any confidence that this cracker or his associates in the FBI and Army are not part of some retarded counter-intelligence plot to manufacture tension between the US and China? I realise that this sounds like conspiracy nut ranting, but given the complete lack of information available to any member of the public all we have are unsupportable conspiracy theories with partial information leaked to us by spooks. I have no confidence that the jury was privy to the sort of sensitive intelligence which would allow them to determine whether this was some sort of false-flag operation by the FBI.
The only thing that we're certain of is that Shawn Carpenter is clearly shown to have disregarded the straightforward and honest rules of his workplace. People do all sorts of dishonest deeds under the cloak of "patriotism" and the only incontrovertible evidence is that this dude is a cracker.
Well as regards PNG it's still broken in the majority browser case thanks to Microsoft's fine support of open standards. With you on the rest though ;)
Of course all of the above makes the mistake of taking ESR too seriously. Everybody Loves Eric Raymond has the right take on him.
ESR has so far refused to clarify if he was running the current stable relase Fedora Core 6, or the completely bleeding-edge rawhide
Or if he was running one of the not quite as unstable but still a work in progress fc7-test series (which are less buggy than rawhide (whose purpose is to be buggy and fun)) which exist for the purpose of trying to stabilize things for the next release.
But, he did post this on the fedora-devel list which is expressly and only for the purpose of being used by people that are running these UNSTABLE, TESTING VERSIONS THAT ARE NOT PRODUCTION READY AS CLEARLY INDICATED.
ESR knows the value of reporting exactly what went wrong, which is why so many people pointed him to his own "smart questions FAQ". Add to this that he EXPRESSLY did something that he was told not to do and as a result effed up his own system.
As a result of all of the above it can reasonably be assumed that he's deliberately trying to create the impression that Fedora Core is unstable and that the package management system makes it difficult to upgrade individual components. I can put my hand on my heart and say unequivocally after years of using Debian and Fedora Core (and latterly Gentoo), that this is complete and utter rubbish.
ESR is trolling. Possibly for petty motives like personal attention (how pathetic), and possibly for monetary gain (to boost the Ubuntu/Linspire -- Canonical/Freespire empire). Whichever it is his content-free rant should be taken as FUD and he should have his arse kicked from here to Redmond for spreading it.
if he'd actually told us a little more detail. As it stands this is a "What I Did On My Summer Holidays" and it gets a D- for information.
Thanks for that link. It was exactly what I was looking for. To be fair to Bruce Eckel though, just because a master like Eric Meyer can get it to work doesn't mean that it's as easy for someone less proficient as cobbling it together in Flash (or as he's pushing for Flex/OpenLaszlo).
Not to disagree with what you said, but Bruce's conclusion is that Flash is what we should be writing in, not HTML/Javascript/CSS! And from tackling exactly what he talks about in the article: "My primary goal has been to create a slide-and-audio content delivery system, like you see in the Hands-On Java CD ROM or Thinking in C." I can see why he's drawn to Flash.
No doubt you're thinking "easy"!, but it's not if you're trying to make it cross-platform, in fact it's a major pain in the ass, and if you look at most of the solutions in that domain they use ... Flash. Really the article is mis-titled (never mind the Slashdot title), it should be "Why Flash beats the pants off Java for Rich Internet Applications and what we should fix in Java", but I can see why the editors chose another title ;)
Run wireshark while you use Tor and you'll see.
http://www.packetstormsecurity.org/0610-advisories /Practical_Onion_Hacking.pdf
I guess the thing to do is to stop Tor spewing out the plaintext: "TOR 1.0 Proxy Connection Attempt" which any half-assed network admin could detect. Run wireshark and watch how Tor gives itself away. I suppose that they could then block people trying to get to known Tor entry nodes, but with enough of them then that becomes foolish.
Plausible speculation, and JKR should take your advice.
Slightly irrelevant sidenote:
I haven't read them for about 20 years but I seem to remember Alan Garner's stuff as much more confusing and complex psychologically than Harry Potter. I actually didn't like most of it very much but I remember IIRC The Owl Service fairly clearly. It troubled me.
Even more irrelevant sidenote:
Out of the Silent Planet, along with Perelandra are (IMO) fairly awful, however That Hideous Strength is entertainingly schlocky, very different from the rest of the trilogy (apart from the presence of the loathsome Ransome (to whom we are all as women!)). It includes a re-awakened Merlin, mad scientists, talking brains in jars, a NAZI-like police state taking over England, the lesbian chief of the secret police (Fairy Hardcastle) with a taste for sadist interrogations of pure young ladies. Awesome. C.S.Lewis should have done more of that sort of thing. There's also a BBC Radio 4 adaptation of it from some time between 1990 and 1995 which is very well done.
I'm holding out for a movie of it made by the re-united team of Jeunet & Caro (City of Lost Children, Delicatessen etc)
For real. And he insists on being his own mechanic and won't send the car in to the shop to get fixed because he wants to save some money, so his solution is to buy a new car on hire-purchase.
It doesn't matter anyway because Microsoft is fucked because their ability to attract top talent has been eroded by Google. Microsoft's offers of stock are less attractive when you see that the stock isn't going anywhere.
(Your whole argument is also premised on the idea that evil has to be intentional. I'd disagree. I don't care whether a child-raping, mass-murdering psychopath was constrained to behave in that way because of a structural genetically caused defect in his brain structure or if he got spanked too much as a child. All I care about are his actions. Now, I'll grant you that you probably don't rape many children in your cubicle, but you do produce a really crap OS. Still, I expect your inability to see yourself as anything other than a victim is based on the poor quality of Microsoft hires these days.)
It uses Xgl/Compiz AFAIK, but these demos (and there's a live CD) are very nice especially the "Depth Perception" side-by-side windows one.
AIGLX seems like a better solution than Xgl (being better supported on video cards with Free drivers is one major advantage), but these demos are nice.
Whoever modded this as "Troll" is an imbecile. It may be rude, but there's no question that Nature is restricting the flow of knowledge and making an inappropriate profit.
45 subjects is actually a very large sample for an imaging study (fMRI is very expensive). Most studies use 12-16 people
Your point about the statistical tests is well-taken. But the above quote hasIt is time for the major science journals to fuck off and die, you can't read that paper unless you pony over $30 to the cunts that run Nature as a profit-making venture. Yes, Nature publishes great research, yes someone has to co-ordinate reviewers etc, yes it costs money to publish their dead-tree, but that is an exorbitant price. Scientific journals contain work that in most cases rests upon a base of tax-payer funded science (as it should be) and the scientists in those disciplines belong to large organisations (e.g. AAAS) that could easily publish their own online journals, cutting out the middlemen of the dead-tree publishers. The physicists got their act together, why can't other academics. $30 !! Fucking cunts!!
while they're not bad in any sense, they do have problems which are associated with any RPM based distro- dependency hell. I'm sure that any of you who've tried to install any applications would have faced the problem of missing dependencies sometime. And it's all too common to have a few packages totally missing from the repository which means that you have to search for their respective RPMs on the net, download them and install them separately. While functional, this can get a little frustrating over time.
"Dependency hell" existed before YUM (which came from Yellowdog's Seth K. Vidal) solved the problem. YUM is explicitly a dependency solver. It builds on top of the RPM system to automatically find and install the dependent RPM packages.
I knew it wasn't going to be Fedora Core or Yellow Dog since they seemed to have lots of problems when it came to media players.
Fedora Core (don't know about Yellow Dog) explicitly chooses to stay away from software which relies upon non-Free, patent-encumbered material. As a project it considers things like Ubuntu's binary graphics driver distribution, or the inclusion of mp3 decoding software (which is encumbered by the Frauenhoefer Institute's ridiculous patent) to be against the GPL and Free Software. As a result it helps to foster the development of free alternatives, without which there would be a much smaller software ecosystem. This is sane, long-term thinking which steps away from opportunistic, short-term compromises which seek to cannibalize market-share from other Linux distros by spreading confusion and misinformation. Debian has a very similar attitude. There are some non-Fedora run repositories where people have packaged up things like the mplayer codec bundle, mpg321, flash etc. If you really have to have them it's easy to edit /etc/yum/repos.d to add the repository.
The only solution was using a distro which had a better package management system, and did its work without bothering you, the end user.
Look, if an ebuild isn't in the portage tree then you're not going to have much luck installing it unless you make your own. Ditto for an rpm being available to yum in a repository. Your article is uninformed fanboi-ism. To your friend: don't let him near your PS3!
To anyone not using Gentoo, don't take this article as representative of the community, it's a great distro with many advantages and not everyone involved with it is as much as a moron as the article writer.
"It would be nice if that were true, but given the secrecy and lack of information about exactly what the NSA did we have no idea how "helped" any of us are."
Given the fact, that nobody is pushing NSA to say anything on the subject, it is unlikely, that they are lying. The kind of "help" you suspect NSA of providing needs no press-releases...
I'm not suggesting there's any subversion of Vista by the NSA. You're assuming that I'm a conspiracy theorist. I'm not. I'm complaining about the fact that a very unspecified and broad association is being presented in the media to the public which suggests that Vista is secure because the NSA helped to make it secure. I consider that to be bullshit until there are specific details of what was secured and how.
In any event, if the government wanted to help "the users" it would make it very clear as to what security criteria [...]
That's very strict requirements you are placing there, actually. Making anything "very clear", coming up with reliable estimates of saving/loss from using a particular product, making recommendations -- hairy stuff, which NSA is rightly stearing clear from...
Actually, the government already has security specifications for computer systems, there are a whole raft of them for different levels of security, (e.g. this is a completely random example, if you want to find more then google about for "information assurance" and "Department of Defense"). The only point of having government agencies is to be able to certify and standardize systems by some method like this so that the public can have a good idea of what it's getting instead of some nebulous hand-waving about "the NSA guys, and they're real hard-core security ya know? hung out for a few days and if it's OK by them then it gets the Good Housekeeping Seal of Approval, know what I mean?".
Seriously, the press release is remarkable for the lack of detail that it contains. The fact that it doesn't specify exactly what was done suggests that very little was done.
[...] helping hand to a private monopoly, because the roll out of their latest software abortion is looking like a flop.
And why does NSA help BSD [trustedbsd.org] and Linux [nsa.gov]?
Em, because they are public, not private entities that are composed of tax-payers who by any reasonable standards should expect their government agency to do stuff for them and not for a private business monopoly.
Sorry, your conspiracy theory is less convincing,
Sorry, it's not a conspiracy theory, it's a simple objection to two things: 1. To the government helping out a private business entity; 2. To near fraudulent advertising.
I certainly understand and share the frustration of tax-dollars helping a healthy and profitable corporation, but another way to look at this is NSA is helping the users.
It would be nice if that were true, but given the secrecy and lack of information about exactly what the NSA did we have no idea how "helped" any of us are.
As it stands, this announcement is effectively the government giving free publicity to Microsoft and claiming without any evidence that Vista is secure in some way. (See all the "Good Housekeeping" seal-of-approval guff from the Microsoft spokesperson in the article.) In fact we have no idea from this whether they were helping to get Treacherous Computing debugged, so that "the users" don't control the software on their machines properly, or if they just tested a firewall, or what.
In any event, if the government wanted to help "the users" it would make it very clear as to what security criteria were met and whether or not Vista reaches it. It would publish a table with GNU/Linux, Mac OSX, Microsoft Vista etc results from their testing labs and make recommendations as to which should/should-not be used if we want to stop our economy being crippled (through wasted time, ID theft etc) by crappy software.
The fact that none of the above is done lends credence to the theory that this is the government lending a helping hand to a private monopoly, because the roll out of their latest software abortion is looking like a flop.
This is the equivalent of Microsoft jumping up and down beside the NSA and yelling "look, I'm with the trustworthy guy!". Shame on the NSA for either being used, or voluntarily abusing its position like this.
If the NSA can help Microsoft tighten up it's shitty systems then that's good. There are already positive benefits from NSA research into the Flask OS in the form of GNU/Linux's SElinux.
The only problem I have with any of this is that this is another government subsidy (read our tax dollars) going to subsidise a private company which should (given the vast profits it makes) be able to pay for its own security research instead of dipping its snout into the public trough.
Actually you're wrong. When you travel in a car you are very easily trackable. The British perfected the art of tracking suspected Republican terrorists in Northern Ireland by recognition of license plate numbers on cars. When travelling on Amtrak I have been asked for photo ID for tickets which were pre-booked and paid for with a credit-card in advance. It is now illegal in many jurisdictions (e.g. NYC) to have your face covered in certain situations. All of these remove the ability to travel anonymously.
Further, in his quest to "expose" this situation, he found at one of the largest airports in the country, San Francisco International Airport, that he WAS indeed allowed to fly without ID (if he submitted to a search).And similarly, if you want to get free money from a bank you can do so providing you serve a jail sentence afterwards ;) Being searched is unpleasant, intrusive and effectively a punishment deterring anyone normal from not taking the easy route and trading their ID-less anonymity for an escape from close body contact with security personnel.
Claims variously made by privacy advocates assert that showing ID is worthless; that the September 11 hijackers all had valid, government issued photo ID. Sure they did. But some form of identification, fake or not, gives authorities a place to start in an investigation, rather than nothing at all.The claim is that ID is worthless in preventing terrorist attacks and that the only possible excuse for massive infringements on our liberties is the avoidance of the greater infringement of terrorist nutbags taking away our lives.
Yes, all the 9/11 hijackers had valid IDs. So what? The ID requirement doesn't pretend to "prevent" issues; it's simply a place to start for investigators AFTER an incident,God, who gives a shit? Despite all the 9-11 conspiracy morons it was clear and is very clear who did what because THEY WANTED US TO KNOW. Terrorists don't make a habit of not telling you excatly what it is they want and who they are. The flight rules are intrusive crap that no one puts up with except for the reason that they think it's going to protect them. And most of them fail, and can only fail to do that. They are a closing of the open society and victory for terrorists.
I want to be able to do file i/o (and so forth) locally, without running a local web server.p ut-stream;]) and away you go (after you've taken care of security privileges.
You can. You just have to have a webbrowser interpreting the javascript. It differs of course between IE (Scripting.FileSystemObject) and Moz (Components.classes["@mozilla.org/file/local] and Components.classes["@mozilla.org/network/file-out