> So when we grumble about possible backdoors in commercial software, it's paranoia. When the DOD does it, it's what? Justifiable, or just well-funded paranoia?
Yeah, that was my first thought, too.
I have a feeling that this article may have some substantial repercussions in the IT industry. If the DoD won't use closed-source software due to fear of backdoors, do you sleep well knowing that your workstation uses it?
Your bank?
Your voting machine?
OSS advocates might get some mileage out of showing this to The Man.
Imagine sitting down to try out your new FPS. You wander the maze, turn a corner, and find yourself facing a pack of drooling zombies. You whip up your chain gun and squeeze the trigger, when suddenly... up pops the EULA Wizard!
By hosing these zombies, you agree not to copy, loan, distribute, blah, blah, blah...
[hose] [flee]
Having vaporized the zombies and satisfied the EULA Wizard, you boldly advance down the hallway. A trapdoor! You find yourself falling, and struggle to deploy your crossbow with the grappling hook. There it is! Up the shaft with it! You pull the trigger, and... up pops the EULA Wizard!
By using this device, you agree not to blah, blah, blah...
[use] [die]
Then you go get your real chainsaw, and saw the game box up into tiny bits of confetti. Bzzzzz! "Just call me Ash!" Bzzz! Bzzzzz! An up pops a message on the chainsaw's WINCE window.
> I'll be the first on my block to live "off the grid".
It seems like you could put a motor between/dev/null and ground, hook up the motor to a generator, and then start downloading porn and piping it directly to/dev/null. All the "1" bits in the pix are stored as small charges of static electricity, so put 'em to work.
If your mom catches you, you can tell her that you're just trying to help with the electric bill.
Just quote the most damning parts of the bulletins under fair use, and tell MS to stick it if they don't like it.
When MS gets tired of having only the worst part quoted, maybe they'll lighten up a bit.
Though more likely they'll fall back on UCITA, and claim that it's illegal to publish, quote, discuss, think about, or even be aware of any bugs in their software.
Because Netscape is now AOL's equivalent of MS's "integrated desktop", the average AOLer is happy to be spoonfed, and AOL is happy to oblige them on that.
Look forward to Galeon and its ilk, if you want a barenaked browser.
> If we can use the sea to connect to the internet, then think of all the nodes... your sink, the toilets...
Now's you mention it, I do see a lot of toilet bowls bearing a little sticker that says "Designed for use with Windows98". I always thought the Unix support staff stuck them there for a rude joke, but maybe I was wrong.
I live on a remote desert island, and for my IP services I have to save up all my packets for a week, and ship them out on the boat that swings by to drop off medical supplies. I get the replies a week later.
This really makes for slow downloads, which means I hardly ever get that coveted f1r57 p057.
> Maybe this is limited to highways that are 4 lane and bigger?
Actually, when I said "6-lane" I meant three each way. I've never noticed it on a road with 2 lanes each way, though, so I'd propose 3 as the lower bound.
> What the hell is up guys? Now that you got paid do you just not give a damn?
Actually, I kind of like the current arrangement. Now when someone blasts me for not reading the article before posting, I can come back with the defense, "I figured the article was going to be wrong, so I didn't see any reason to read it."
> What can you do? Put a "Press 1 if you are an idiot, Press 2 if you're l33t." menu tree into the system?
Hahaha. Where I live, there's a stretch of 6-lane freeway headed out of town into the countryside. Almost always, the "fast" lane moves slowest, and the "slow" lane moves fastest, presumably because everyone thinks they belong in the fast lane. I usually drive in the middle lane, and use the "slow" lane for a passing lane.
I've noticed this in other places, too. So much for self selection.
The article isn't perfectly clear, but this sounds like more of the recent lamentable process of Science by Press Release, rather than the traditional Science by Peer Review. Announcing it to stir up excitement, eh? You're less likely to look a fool if you figure out exactly what you have, first.
Other telling points -
The field workers are "sure" they can find more remains related to this find. How could they possibly be "sure" of such a thing? Willpower does not produce fossils. Hard work doesn't even guarantee it. (Assuming no Piltdown-style fraud.)
And the bit about the cat and the tree. Give me a break. It's not hard to understand why 6,000,000 year old remains might be scattered around a bit. Show me the code^w tooth marks.
> $3,500,000,000...
but all the poor countries won't be able to and the games will become that much more adulterated without funding.
A more interesting figure would be the breakdown on how much of that wad of bills went into the pockets of corrupt IOC officials, corrupt officials in the poor companies supposedly being supported, etc.
You have been following the news about how the IOC operates, I suppose?
Now, if I discover that the IOC is using the money to feed the starving and educate the ignorant, I'd be as apologetic as I would be surprised. But from what has come to light over the past few years about who they are and how they operate, the risk of surprise would seem to be very slight.
> The only machine i administrate that ever got `cracked` was a linux box. OK, I admit it, it wasn`t carefully secured and patched like it should be, but... well... if you`re a busy admin you haven`t always got the time to read bugtraq every day, and even if you have, the time to implement the fixes isn`t always availble.
<clue>
Forgive my bluntness, but is it really so bad? I run <lamer>RedHat</lamer>, and I find it very easy to stay on top of the worst exploits simply by subscribing to their mailing list. Whenever a patched component is available, I know it immediately simply by spotting the distinctive subject line in my inbox. It takes a few seconds to read the message, a few seconds to type in ncftpget whatever (fewer, if you use the <lamer>Netscape mail client</lamer> like me, and merely have to click the link), and a few seconds more to type rpm -Uhv whatever. If you're a pro, you can show your professionalism by dedicating a few extra minutes to reading up on what has actually been changed.
</clue>
Hardly a major challenge. It certainly beats applying a service pack and then trying to fix the resulting trainwreck; at least with Linux patches you can pick and choose your bugs.
All that to the side, I would say that maintaining system integrity is the primary responsibility of a "busy admin". Spend whatever time it takes to do it right. If your boss wants too many other things that distract from that fundamental responsibility, you should find another job while the economy's still hot.
What do you mean by "huge amounts of random data"? Perhaps proffie just wants you to implement a binary tree for storage? You could store a smooth billion records in the leaves of a binary tree only 30 layers deep. The access would hardly qualify as "inefficient", in Scheme or any other language.
> Multiply this by at least 1000 for the entire US, and you have easily enough money to write apps which do a better job of meeting the specific needs of municipal institutions while maintaining user compatibility with MS Office. Unfortunately, that will never happen because municipal institutions will avoid co-ordinating with each other if it kills them.
That's what I keep telling a friend who works in IT at a 2-year college. They license a big administrative app that costs a heap and works like crap. They have the code, so they find it easier to fix it themselves than to beat a fix out of the vendor. But whenever a new version comes out -- about once a year -- it does not include all the local fixes and enhancements, so they have to give it a major reworking before they can put it into production.
Other 2-year colleges all over the state use the same software, and have the same experiences with it. So my question is: why not ditch the vendor, let each school appoint one of their current maintainers as a full-time developer, and pool that talent between all the schools to create an OSS version? Not only would they lose the licensing fees, they would also reduce the amount of staff currently dedicated to keeping it running. And -- here's the shocker for S/W consumers -- they would end up with a project that actually did what they needed, rather than what some vendor Marketroid and clueless college purchasing agent thought they ought to have.
To many people still fail to see where their own best interests lie, when it comes to IT systems.
> Linux may be good for computer savvy ppl like the readers of Slashdot, but expecting everyone to use it is just unreasonable.
And just where are all those savvy Windows users? Back when I had a job in VAX support, the PC users used to hit me up with the most ridiculous kind of questions. In most cases I could figure out the answer in about a minute and a half, even though I didn't run Windows myself either at work or at home, and darn sure didn't run the applications they were always asking about.
Why should we expect public employees to be retrained to a high level of competence on Linux, when they never have been on Windows?
> So when we grumble about possible backdoors in commercial software, it's paranoia. When the DOD does it, it's what? Justifiable, or just well-funded paranoia?
Yeah, that was my first thought, too.
I have a feeling that this article may have some substantial repercussions in the IT industry. If the DoD won't use closed-source software due to fear of backdoors, do you sleep well knowing that your workstation uses it?
Your bank?
Your voting machine?
OSS advocates might get some mileage out of showing this to The Man.
--
> My favorite is a guy called Agent Wesley, he's got reaaaly long fingers.
At least, you thought he did until you felt a hand on each shoulder.
Sorry; just an old construction worker's joke about a visit to the proctologist.
--
--
> I'll be the first on my block to live "off the grid".
/dev/null and ground, hook up the motor to a generator, and then start downloading porn and piping it directly to /dev/null. All the "1" bits in the pix are stored as small charges of static electricity, so put 'em to work.
It seems like you could put a motor between
If your mom catches you, you can tell her that you're just trying to help with the electric bill.
--
> One microsoft-bug-list-T-shirt, please. Size Hindenburg[1], please."
It does need to be big. Giga is reporting that MS just hit the 93rd security patch for the year -- a 30% increase over last year.
--
> That's because the /. staff are all competing with each other to get first post.
/. Hall of Fame for all-time funniest posts.
That belongs in the
--
Just quote the most damning parts of the bulletins under fair use, and tell MS to stick it if they don't like it.
When MS gets tired of having only the worst part quoted, maybe they'll lighten up a bit.
Though more likely they'll fall back on UCITA, and claim that it's illegal to publish, quote, discuss, think about, or even be aware of any bugs in their software.
--
I disagree. IMO, they should never collect information about you without your explicit permission.
--
> Makes you wonder what Netscape was smoking when they shipped.
An insider informs me that they've been smoking marketing glossies.
--
> Why the hell does Mozilla need an IRC client??
Because Netscape is now AOL's equivalent of MS's "integrated desktop", the average AOLer is happy to be spoonfed, and AOL is happy to oblige them on that.
Look forward to Galeon and its ilk, if you want a barenaked browser.
--
> If we can use the sea to connect to the internet, then think of all the nodes... your sink, the toilets...
Now's you mention it, I do see a lot of toilet bowls bearing a little sticker that says "Designed for use with Windows98". I always thought the Unix support staff stuck them there for a rude joke, but maybe I was wrong.
--
I live on a remote desert island, and for my IP services I have to save up all my packets for a week, and ship them out on the boat that swings by to drop off medical supplies. I get the replies a week later.
This really makes for slow downloads, which means I hardly ever get that coveted f1r57 p057.
--
> Maybe this is limited to highways that are 4 lane and bigger?
Actually, when I said "6-lane" I meant three each way. I've never noticed it on a road with 2 lanes each way, though, so I'd propose 3 as the lower bound.
--
Not strictly an IDE, but you might be interested in GVD, the brand-new Gnu Visual Debugger.
It's written in Ada, but more importantly for you, it currently supports debugging for Ada and C. Other languages are supposed to follow.
--
> What the hell is up guys? Now that you got paid do you just not give a damn?
Actually, I kind of like the current arrangement. Now when someone blasts me for not reading the article before posting, I can come back with the defense, "I figured the article was going to be wrong, so I didn't see any reason to read it."
--
> What can you do? Put a "Press 1 if you are an idiot, Press 2 if you're l33t." menu tree into the system?
Hahaha. Where I live, there's a stretch of 6-lane freeway headed out of town into the countryside. Almost always, the "fast" lane moves slowest, and the "slow" lane moves fastest, presumably because everyone thinks they belong in the fast lane. I usually drive in the middle lane, and use the "slow" lane for a passing lane.
I've noticed this in other places, too. So much for self selection.
--
The article isn't perfectly clear, but this sounds like more of the recent lamentable process of Science by Press Release, rather than the traditional Science by Peer Review. Announcing it to stir up excitement, eh? You're less likely to look a fool if you figure out exactly what you have, first.
Other telling points -
The field workers are "sure" they can find more remains related to this find. How could they possibly be "sure" of such a thing? Willpower does not produce fossils. Hard work doesn't even guarantee it. (Assuming no Piltdown-style fraud.)
And the bit about the cat and the tree. Give me a break. It's not hard to understand why 6,000,000 year old remains might be scattered around a bit. Show me the code^w tooth marks.
--
> I haven't heard that much except for how the head of the organisation is a bit of a crackpot. Could you post some links please?
Start here.
--
> $3,500,000,000...
but all the poor countries won't be able to and the games will become that much more adulterated without funding.
A more interesting figure would be the breakdown on how much of that wad of bills went into the pockets of corrupt IOC officials, corrupt officials in the poor companies supposedly being supported, etc.
You have been following the news about how the IOC operates, I suppose?
Now, if I discover that the IOC is using the money to feed the starving and educate the ignorant, I'd be as apologetic as I would be surprised. But from what has come to light over the past few years about who they are and how they operate, the risk of surprise would seem to be very slight.
--
The Olympics lost me about 12 years ago, when I realized that -
- it's not the friendly competition between inspired amateurs that it's portrayed to be
- it's too commercial
- it's an outlet for dangerous nationalist/ideologist sentiments
If I had still been interested, I could have added this a couple of years ago-- it is run by a corrupt organization, the IOC
Some may care if it's not webcast, but I won't be among the mourners. Maybe this will hasten its demise.</soapbox>
--
> I thought Windows was the only OS with vulnerabilities.
I'm proud to report that my Apple ][ still hasn't been hacked.
--
> The only machine i administrate that ever got `cracked` was a linux box. OK, I admit it, it wasn`t carefully secured and patched like it should be, but ... well ... if you`re a busy admin you haven`t always got the time to read bugtraq every day, and even if you have, the time to implement the fixes isn`t always availble.
<clue>
Forgive my bluntness, but is it really so bad? I run <lamer>RedHat</lamer>, and I find it very easy to stay on top of the worst exploits simply by subscribing to their mailing list. Whenever a patched component is available, I know it immediately simply by spotting the distinctive subject line in my inbox. It takes a few seconds to read the message, a few seconds to type in ncftpget whatever (fewer, if you use the <lamer>Netscape mail client</lamer> like me, and merely have to click the link), and a few seconds more to type rpm -Uhv whatever. If you're a pro, you can show your professionalism by dedicating a few extra minutes to reading up on what has actually been changed.
</clue>
Hardly a major challenge. It certainly beats applying a service pack and then trying to fix the resulting trainwreck; at least with Linux patches you can pick and choose your bugs.
All that to the side, I would say that maintaining system integrity is the primary responsibility of a "busy admin". Spend whatever time it takes to do it right. If your boss wants too many other things that distract from that fundamental responsibility, you should find another job while the economy's still hot.
--
What do you mean by "huge amounts of random data"? Perhaps proffie just wants you to implement a binary tree for storage? You could store a smooth billion records in the leaves of a binary tree only 30 layers deep. The access would hardly qualify as "inefficient", in Scheme or any other language.
--
> Multiply this by at least 1000 for the entire US, and you have easily enough money to write apps which do a better job of meeting the specific needs of municipal institutions while maintaining user compatibility with MS Office. Unfortunately, that will never happen because municipal institutions will avoid co-ordinating with each other if it kills them.
That's what I keep telling a friend who works in IT at a 2-year college. They license a big administrative app that costs a heap and works like crap. They have the code, so they find it easier to fix it themselves than to beat a fix out of the vendor. But whenever a new version comes out -- about once a year -- it does not include all the local fixes and enhancements, so they have to give it a major reworking before they can put it into production.
Other 2-year colleges all over the state use the same software, and have the same experiences with it. So my question is: why not ditch the vendor, let each school appoint one of their current maintainers as a full-time developer, and pool that talent between all the schools to create an OSS version? Not only would they lose the licensing fees, they would also reduce the amount of staff currently dedicated to keeping it running. And -- here's the shocker for S/W consumers -- they would end up with a project that actually did what they needed, rather than what some vendor Marketroid and clueless college purchasing agent thought they ought to have.
To many people still fail to see where their own best interests lie, when it comes to IT systems.
--
> Linux may be good for computer savvy ppl like the readers of Slashdot, but expecting everyone to use it is just unreasonable.
And just where are all those savvy Windows users? Back when I had a job in VAX support, the PC users used to hit me up with the most ridiculous kind of questions. In most cases I could figure out the answer in about a minute and a half, even though I didn't run Windows myself either at work or at home, and darn sure didn't run the applications they were always asking about.
Why should we expect public employees to be retrained to a high level of competence on Linux, when they never have been on Windows?
--