Most plausible about it is the obsessive need by Microsoft to control the whole market and let no competition appear. And that's exactly why Microsoft needs to be reduced in size: there is nothing wrong with having Microsoft be a big player in the market, but there is a lot wrong with any OS or software vendor being the only significant player in its market segment.
Remember, this is an internal email to the marketing department. There may be a few tech-heads there, but for the most part, these are folks that are pumped up about products they barely understand. They know the buzzwords, they know how to talk to upper management, but they don't have even a MSCE diploma - they just know how to sign upo folks for the MSCE classes.
Not to say that they aren't important - Microsoft probably hires the best technical sales folks they can, with a number of converts from the Unix world. Some may even be much more clued in then I think. The bottom line is, the sales folks need to believe that Microsoft products are better, that they are providing a real service to customers when they sell them Microsoft prodcuts, and have to truly believe that a customer is making a deadly mistake when they go IBM and/or Linux. If they are convinced, and have a few facts to support it, then they can usually convince the one guy who makes the purchasing decisions.
Dangerous? Sure - what happens when the Microsoft salesmen walks through your server room, and points out your Linux box running DHCP \ DNS \ Apache \ Samba \ GNU/whatever? Can you write up a clear, understandable business study explaining why it's better and cheaper to have you administrate this custom box rather than pay for a Microsoft solution? Do you know what to say when they ask "Well, what happens when you leave the company, and we have to hire a $500/hour Linux consultant, rather than a cheaper part-time MSCE?"
That's the problem with a beautiful user-created-and-operated operating system, it's also user-marketed, and we grubby Morlocks have a hard time writing in market-speak, much less making the 7 AM marketing meeting...
Always consider that leak is intentional, and that you have been specifically targeted as part of a disinformation campaign. Ask yourself what purposes might exist in getting you to buy into the message. Be skeptical, it pays off. My own impression is that this message was too convenient and is attempting to convince me to underestimate Microsoft, or to misdirect me away from where their real efforts are. Just look at the opening lines - it's practically _begging_ to be "leaked". Of course, that's just my opinion...
Nah, this is a real leak. Look at all that marketing speak.
Check out the part about the consulting company doing a study, comparing the cost of Microsoft solutions to Linux solutions in Unix upgrade costs. There's two possible conclusions to that study. One, Linux could come out on top, and then Microsoft would never release the study. Two, Microsoft would come out on top, and now a Linux company (Red Hat) can proactively do their own study, so that they have something to give to their own marketing people. Even without a "leaked memo", the sales folks could have said "yes, DH Brown is releasing a study in a few months, showing hard numbers that Microsoft is better, I'll get that to you when it comes out, etc. etc.". No real advantage in leaking the memo.
At the same time, I doubt he's really concerned about a leak - there's no real facts in there, just strategy. I imagine the sales team is out there, selling Microsoft products, and complaining to each other that the customer brings up Linux, and they have no ammo to use. This is the boss saying "we've heard the coffee room conversations, we do have a Linux strategy. Here it is. Sell, you beautiful marketers, Sell!".
Now we just need real cost-of-ownship numbers, since you know the DH Brown report will use top consultant by-the-hour numbers...
I think we've all heard about the Third Law incident
No, we haven't. Care to elaborate?
Personally, I think what killed Ion Storm was that Valve was able to pull off Half-Life on the Quake II engine while Ion Storm was unable to pull off Daikatana. They both tried to do similar things (plot-driven first-person shooter), but Half-Life pulled it off without annoying AI bugs.
At several places, the email refers to infoweb, giving the address as, for instance, http://infoweb/linux. Obviously, this is some sort of internal Microsoft database. Is it just for marketing info? Any Microsoft employees know what is going on?
If it is just an internal database, seems a little strange to start a "Linux insiders" group, unaccessable to anyone in the Linux community. Unless, of course, the idea is show a client what looks like a public web page, filled with the "real facts" on Linux.
Sorry, didn't look at the computer over the weekend. Thanks for the (non-anon) response.
Let me clarify - I think it is valid and difficult work to find brand new theoretical exploits. It can be even harder to turn a theoretical exploit into an actual exploit. It's a little easier to take a known exploit (buffer-overflow attacks), and try to find the same exploit in some other code. It's easier to take a known, coded exploit, and convert it to do something you want. It's easy to take a coded exploit, and put a user-friendly front-end on it, and even easier to download such a package, and set it up to scan all the @Home domain for exploitable machines. Once an exploit goes from theory to tool, it's easy to use.
Sure, by that point, the hole is easy to patch, too - even a non-related change may break a byte-level exploit. The problem is, the whole computing world is slow to patch, and you can't lay all the blame on bad administrators. As you know, most secure systems are secure because they were designed that way from the start, and the computing world was not designed for security. The computing world has its good and bad administrators, but it also has its un-administered networks, its user-administrated networks, and its home-PC users who were never told how to update the software.
So we have a world with known exploits, and an abundance of machines ready to be exploited. Sure, you can have the most secure machine around, but it won't help when the unsecured ones are used in a DDOS attack against you. You may be security conscience, but it doesn't help when the new hire gives passwords over the phone to hacker using social engineering, or when a co-worker uses the same password for his remote access and for the web-site that passes passwords in plain text. Businesses require people, and as long as you have people and machines, there are security weaknesses in your network.
That's what I mean by saying its easier to find and exploit a hole (especially if someone else does the finding), then it is to patch those holes (especially if you consider the entire network, not just the boxes you have direct control over). Its hard work for a lion to catch a gazelle, but it doesn't have to get the fastest, just the slowest.
I'm sure you would *love* the "Mitnick treatment" when they are *your* constitutional rights being brushed aside
I'm a big fan of the Constitution too. I support all those amendments, from the ones I like (freedom of speech, freedom of religion, right to speedy trial) to the ones I don't like as much (right to bear arms, no cruel and unusual punishment). They do a great job of upholding my more general right to "life, liberty, and the pursuit of happiness/property". That's also why I play within the rules - follow the law when I think it's right, follow the law but protest it when I think it's wrong. I also admire those who take the civil disobedience route, publicly breaking laws they think are wrong. I can't do that right now, because I can't suffer the consequences. I try to support those that can, by giving to the EFF and keeping up on the issues.
I don't see Kevin Mitnick as trying to exercise civil disobedience. I see an individual who got very good at breaking into computer systems, and got to the point where he couldn't stop himself. When he is completely free in a year and a month, if no one pays him to break into systems for a living, then there is a good chance he will go back to breaking into them as a hobby. Most of the world sees this as wrong. When he gets punished, there is not a general outcry, even among the computing community, that his punishment is particularly harsh. Even though hackers say that the computer world runs under different property laws then the rest of the world, the rest of the world has responded with a resounding "no, we'll treat them the same". This isn't a great starting point for civil disobedience.
In any case, yeah, its painful to see the judicial and legal system interact with the computer world. It's also pretty clear how to stay on the right side in the judicial world: don't break into other's property, and don't make people want to go tell mommy you've been bad.
I wish there was a way to make worm writers and exploit users realize the repercussions of what they are doing, but they often are so convinced of their superiority that they don't listen to what everyone is telling them. Until (and if) they grow up, I don't mind taking away their tools/toys, or at least make it harder for them to use them.
Or perhaps you can explain how a particular kind of hole will always have an advantage due to people who need to find and exploit holes in general?
I thought your moderation was unfair, since you brought up a valid criticism (if I understand it correctly). Of course, if you were just pointing out that I used the word "hole" too often, well, sorry for not sending it by my editor.
Yes, it's hard work to find a security hole in the first place. Yes, it's a skill to do that. Yes, the people that are good at finding these holes will probably be good at securing their own machines/code.
Once a hole is found and exploited however, the information takes on a life of its own. There are only a few that kind find these holes, but there are more that, once the hole is found, can write an exploit routine. There are even more who can take that routine and make a user-friendly interface for it, or design a script to try out the exploit on many machines. There are even more who wouldn't know the first thing about finding holes, writing exploits, or even making a good script, but who can download and run these things. These days, it takes about a month or two for an exploit to go from discovery to script-kiddie tool.
Once a programmer knows about an exploit, it is fairly easy to patch the hole, unless it takes a redesign. Usually, you can quickly change the program and issue a patch. A good company can get the patch out before the exploit reaches the script-kiddie stage.
But can the administrator patch it soon enough? Many Microsoft bugs are quickly patched, but few users go to Microsoft Update to get the patches. When the administrator want to do it for them, they find out that there is no one patch, but a patch for each system configuration. You can't download one patch and install it over the network. You can't even burn it to a CD and walk to each computer. You have to go to each computer, load up the web page for Microsoft Update, select the patch, and start the download. After a few minutes, you then click a box to restart the computer. Multiply that by the number of machines, and you are working a lot of unpaid overtime.
So administrators put it off. Maybe they hope the firewall will block things, or they send out an email telling employees to do the update themselves, or they wait for the weekend after next. And then, there's the home users who, again, never were told how to update their boxes.
So, the script kiddie has the advantage - a known hole, with a known patch, and millions of computers where the patch hasn't been installed yet. It's even easier if you know a good block of addresses so you can try all of them - @Home and Roadrunner networks are especially ripe for Windows exploits, or it seems so, looking at my firewall logs.
As for hackers eliminating each other - they usually have their own boxes secured, because they try out exploits on each other first.
Because all the spare law enforcement officials are giving me traffic tickets.
Yeah, cause that will get ya out of a ticket...
"Hey Barney, why aren't you on the Internet stopping the real criminals! Boy, I'm glad I buy from Amazon, or else my sales tax would pay for your salary!"
You sir, are absolutely right. Parents should take computers away from their kids, and replace them with quality time, such as board games and jigsaw puzzles, which allow for conversations.
Kids don't really need all that power, and just get themselves into trouble. If you HAVE to have a computer, get WebTV, or something like that, so you can compute as a family.
I think it would be more appropriate to classify virus writers as "vandals", and treat them as such legally.
It's a strange sort of vandalism, though.
If I spraypaint my sign on a business, then that business has to spend extra money to repaint, and maybe buy some security lights or hire a security guard, or risk loosing customers due to customer bad impressions.
If I write a Windows worm that results in email systems all over the world shutting down and horrible network congestion, then almost everyone that does web work loses a few minutes. Even if you run Linux and Mozilla, your Slashdot load time will be that much slower, due to all the other packets running around the backbones, and you'll get that much less work done.
Businesses will lose money, but very little of it will be identifiable. The identifiable stuff - network guys spending their weekends patch Winboxen - is misleading as well, since many of these guys are salaried. In the end, it turns up as a dip in productivity, vaguely measurable, possibly showing up in end-of-year profit statements, but hard to prove.
It does impact the bottom line in subtle ways, though. Reduced profits lead to reduced taxes, and the government has a little less money to spend.
So, yeah, call it vandalism, possibly bordering on property damage, but also add "defrauding the government" or some such charge. Those IRS bastards know how to squeeze money out of folks that owe them money.
The solution isn't to toss them in jail or throw away the key, the solution is to get them to do something useful with their skills and then to use products that don't have so many security problems.
Great idea! Take a kid who obviously has no respect for other's property, and hand him the keys to your enterprise system! By the time he's done, all the backdoors, security holes, and other problems will be patched, except for your script kiddie's backdoors. Then, shoot the script kiddie. No known security holes, and one less 1337 haxor - everyone wins!
The one flaw in your plan is that the folks that make these worms are, for the most part, social backwards (no respect for others' property or lost time, and usually from a middle-class background, so they don't know how to really work for a living), and don't have a great set of computer skills, outside of those needed to find holes. It's a bit easier to find and exploit holes then it is to find and patch those holes, so the assholes will always have the advantage.
Personally, I like the Kevin Mitnick treatment - put 'em in jail for a while, away from computers, then put them on probation, again without access to computers. If you are too socially retarded to play the game right, then you'll have to sit on the sidelines. Too bad these kids are privileged enough that their parents could hire lawyers, and parents are brainwashed into thinking that computers are necessary for their kid's education...
On a side note, to us non-native English speakers, that has spent too much time in Dilbert-land, "Sales engineer" really sounds like an oxymoron."
Leave it to a Nordic to apologize for their English, and then use a word that 1/2 the high school students in the USA couldn't define, all in the same sentence.
I've found that many high school students learn the definition of oxymoron, if the English teacher teaches it. For some reason, oxymoron burns a hole in a high school kid's head...
1. Average computer users are afraid they will break their computer. Example: Many think if they mess up setting up a drive in the BIOS, the drive will physically break.
I have to grab an extra hand to count the number of times I've actually damaged a computer when learning about it. Here's a few:
Zapping the motherboard while trying to add a sound card.
SOMEHOW creating a recursive directory structure under DOS (c:/a/b/a/b/a/b/a/b/a/b...)
Renaming ZIP files to COM files so I could run the damn things
Accidentily formating a drive because I was going through a book trying out commands
Filling the hard drive with a word file consisting of the phrase "I LOVE THERESA" 2^2^2^2^2^2^2... times because I just learned how to cut and paste in Wordstar
Deleting some strange files (what the hell is a DLL? a VXD?) while making room for my game.
Nearly breaking my laptop screen while trying to get X-Windows working on it
several others...
The point is, you don't start learning about that computer until you start breaking it. True, the fear is a barrier to learning (my wife had a student that made her come to her house to reboot a frozen computer for the first time), but, while exploring how things work, you are going to break something eventually. It's OK if you have someone to support you (Thanks Dad!) or a sizeable paycheck (Thanks Boss!), but otherwise, a computer is damn expensive to learn.
I'd put that fairly high on your list - getting a new learner to buy a device that costs more than their first car, but that is 1000x more complicated then their first car.
Having said that, I think I'd be willing to work on a LDP that tried to help out on the teaching issue. I think getting new people onto the Linux boat is a noble goal.
Conversely, when will someone get me a program that will let me play DOA3 or other xgames on my PC? I wouldn't think that would be too hard. I think MS should even support it because if we can buy a program to let us buy and run games on our PC, they don't lose money on each console sold.
This is not a bug, it's a feature.
XBox = DirectX, known version, known platform, known hardware, soon-to-be-discovered bugs, soon-to-be-discovered optimizations, etc. etc.
It's a game developer's Nirvana, to only have to code for one platform, knowing that the way it looks on your development system is exactly how it will look on the buyer's system. No unexpected incompatible drivers. No hardware conflicts. No performance bottlenecks on strange systems with cheap-ass components. No Packard-Bells.
It's like asking why the clothing industry can't make a good-looking pair of one-size-fits-all shoes.
I agree with the ideas put forth here in principle, but having security insurance would mean that (as in any insurance) some companies are going to try insurance fraud and intrude on their own machines and try to claim damages. Without an investigation and guilty party found, how can you be sure it's not an inside job? The insurance companies are likely going to refuse to pay if they arbitrarily decide it's an inside job (they'll surely have some clause) or the insurance rates will be prohibitively high.
You are absolutely right - computer intrusion fraud would be much harder to detect than other kinds of fraud. This is one thing a law would have to address - perhaps making it a federal offense to commit insurance fraud, and create a branch of the FBI that investigates fraud claims. If the insurance company suspects that it may be fraud (and they would make it their business to know what a real intrusion looks like), they would look into it during a normal claim investigation, and, if necessary, alert the FBI to a possible fraud investigation.
If someone is willing to commit this kind of fraud, one that brings real damage to their business, then either that person is in trouble or the company is in trouble. Remember, the insurance covers provable losses, so any claim will probably fall short of actual losses in time, reputation, stock price, insurance rate, and actual bottom line. A company is less likely to do this to itself or its stock than a rogue employee, and investigations tend to bring these rogue elements into clear relief.
I agree, fraud is a problem, as well as the international aspect of the Internet. Its hard to see how any laws can help make it more secure. But the insurance idea, especially if it's mandatory for government contracts, creates a financial incentive to secure networks, and sets a benchmark for what is a reasonably secure environment.
Computer Intrusion is a cost of doing business. Because the Internet is not secure, and because it can be low-cost to break into computer systems, computer systems will be broken into. Making intrusion illegal will help when you catch someone may help disuade others, but more often than not, other crackers will simply analyze the case for mistakes and blame the criminal for "being stupid". Making tools illegal will give sys admins a irrational sense of security, since they won't be able to test their own networks with their own tools.
One thing that may help is if there was some independant firm that could give a qualitative and quanitative measurement of a company's security. These independant firms could review patch logs, sys admin proceedures, backup procedures, and employee training materials. They could also perform more intrusive audits, using a standard set of tools (upgraded quarterly) to attempt to infiltrate the organization. At the end, they could then give some sort of ranking, to let a company know what bases have been covered and how they rank with others in the industry.
This service is done by many security firms, but there is no real standard. All the information is propriatary, and usually secret, because a company doesn't want to publicize what holes were found. Even then, there is no real motivation to get ongoing reviews, because, if there are no visible hacker attempts, then it seems like a waste of time and money.
This might be changed by offering computer security insurance. This insurance would cover the cost of recovering after a sucessful cracking attempt, as well as any lost business. An insurance firm would evaluate the current security and ability to recover from a hacking attempt, and find a reasonable insurance rate based on the company's preparedness.
This would help in several ways. First, even though the evaluation would be between the insurance company and the insurance purchaser, the insurance rate would show up on the financial reports. Investors and reporters could compare the rate and the coverage, and make a rough determination of the fitness of the company's security measures. The rate information should be included in the financial report, since this information would help an investor decide how likely a company is to suffer financial loss due to a hacking attempt. It may require a law to get this insurance information into financial reports.
Second, it would give companies a forum to disclose successful hacks. Currently, companies keep all but the most damaging hacking attempts secret, because it makes them look bad in the eyes of investors. If there is a financial incentive to report hacking attempts (they could get some insurance money back), there may be motivation to share this critical information, and other companies may be able to secure their own systems against new methods.
Third, damage claims would be more realistic. When a cracker is caught, many companies let their imagination soar when it comes to damages, assuming fantastical scenarios like, "What if he found our most prized trade secrets, and sold them to our direct competitor, thus making us lose all the profit from that product / service?", or "What is the sum of all the salaries of everyone who ever worked on that machine?". If the company had to actually file a claim, then the insurance company would dictate the terms of that claim, what is fair game for damages and what is not. This will help put the cracker's actions into better perspective.
Fourth, once standards are formed, the government could use the standards for contractors. For instance, a contractor working with "Secret" documents may have to have a score of 90 out of 100 for the general company, and a score of 97 out of 100 for the division working with the secret data. The government may even demand scores of 100 - not unrealistic for a score based on repeatable and auditable tests.
Fifth, the insurance companies would have an incentive to discover what security measures work, and which don't. If they find that yearly training for employees to deter social engineering attacks work, then they can make that part of the standard. If randomized one-use passwords work, then it goes in. If some widely believed precaution has little effect, it can come out of the standard. In general, we'll have a better idea of what makes a secured network, and more books will be written helping small businesses meet the insurance company's demands.
Sixth, we can develop labs like UL for computer security, which can rate software, operating systems, and hardware, giving them ratings for their out-of-the-box configurations. Vendors will work harded for better ratings, and auditors will have an idea how much patching needs to be done for a particular system to be kept up-to-date. Security will actually become a selling point.
I'm not sure if there is a law that would make this happen. I'm sure you can talk to the insurance lobby, and get a rough idea why this doesn't exist yet.
this seems like another HUGE waste of time and effort on the part of the Linux community. Why is it that so much code has to be wasted on these "we're doing it because WE CAN" projects? If you want to use Debian tools, USE DEBIAN!! Not Debian on Win32; not Debian on OSX, just DEBIAN. Does that make TOO MUCH sense or something?
Waste of time? It only wasted a minute of your time, and most of that was wasted by you posting a reply.
Waste of time for the developers? They are working on what they are interested in. If you want them to work on something they are less interested in, pay them. "Silly" side projects is what makes this games work.
Waste of time for the users? Some folks have to use Windows in a job context, because the tools they use are Windows only. Once people are used to Unix tools, it's hard to go back. Plus, what happens to the Wintel platform when:
The user runs free office applications that freely work with Microsoft Office formats, but have an even better native format
The user ignores the latest "vital" Microsoft operating system extensions, in favor of tools ported from the Linux / BSD environments
The user uses non-Microsoft entertainment apps, because they are less restrictive than the "official" ones
Core Microsoft facilities are replaced with ones that work better with the "ported" tools
Users have the option of emulating Windows software/games, or buying a native Linux version, and start to seriously think about the Linux version
The hardest part about moving to Linux is learning the 200 basic facts that allow you to work at all (deleting files is called "removing", user files go here, applications go here, you start X11 by typing "startx", etc.). If you can learn 100 of those facts under a Windows environment, you are half-way there.
This is a stepping stone in a migration to the standard Debian, or it may be the start of new and interesting developments. We just have to wait and see.
Yeah, LPB stands for Low Ping Bastard. Depending a little on the engine, LPBs could snipe better, circle-straff better, and do other things in closer to real-time.
On the other hand, HPB (High Ping Bastards) could sometimes do some nasty things, like run past open areas (one snapshot at the entrance, next beyond the entrance, HPB only saw a frozen character at the entrance, which then speed past on the next update). It wasn't predictable, but I think some people tried to develop hacks based on it. Also, HPBs could complain about LPBs, and blame connection rather than lack of skill.
Just for comparision, when I was on a 56K phone line (getting 48K max), I'd have a ping of about 300 on good days. With the cable modem, I could get down to 20 if the server was a few hops away, and was usually at 40-60, and almost always had the lowest ping (except for the folks playing on a local LAN, with pings of 0 or in the teens). I don't think there's a hard and fast correlation between CS "ping" or "latency" and the ping you'd get from the "ping www.hostname.com" command.
This is my (non-technical) Counterstrike experience. The Quake folks may have more insight. CounterStrike runs just fine on my P3-350 machine with a Voodoo 2 card, while they still benchmark Quake on the latest hardware. Quake folks seem to care more about hardware/connections, but that might just be the impression I get from how often it is used in benchmarks.
I was looking over my 2001 Demotivators calendar (2002 version for sale here). It says that on October 25, 1999, "A zero-revenue online greeting company called "Blue Mountain" sells for $780 million to Excite".
They had a revenue of $113 million for that quarter.
The 1999 news site has a ton of stuff like this. The 2000 site seems to have as much, but the last announcement is in May, 2000.
Does that shed some light on where the money went? Just another company, thinking they would keep getting exponential growth, making money out of nothing, with no provisions for an economic downturn.
DSL - tried to get it a year ago, and I'm just a bit too far away from the CO to get service. It will probably take 3 visits and 3 mornings off of work to verify that I can't get DSL - and even then, I'll never have official word, just the hearsay from a disgruntled tech.
802.11b wireless - Several providers? What part of the country is that again? Here in my corner of the midwest, there are a few less options.
Satellite - "Games are wasteful of valuable bandwidthm especially given the current shortage". Guess us gamers should go the e-ghetto where we belong...
T1 - This would be a great option if a) I had the expertise to set this up in a timely manner b) I had the capital to pay for the initial equipment c) I knew ANY neighbors in a mile radius that would pay for a connection and the 802.11b equipment. Sorry, it's not really viable right now.
Dialup. See Satellite.
Sorry. I got a cable modem because I like an always on connection, and I really enjoy online games. I kept it because it really enhances the online gaming experience, even on my (comparatively) slow machine, and it helps facilitate my new linux habit (45 minutes to download an ISO image from a public server).
But hey, thanks for making me feel like an idiot for going for the fast, easy, cheap option and not investigating the other lame-ass offers in town.
OK - I'm doing the home wiring thing come spring. I got cat5e, cat3, and coax (cable modem, digital cable TV...).
What's RG6, and why do I want it?
BTW, my local home depot is carrying cat5e for about $60 for 1000ft., which was as good as I could find. They also carry a consumer-grade data-utility box, $62.98, with modules costing extra. Did you buy a utility box or build your own?
When science fiction writers introduce technology that doesn't exist, either they are guessing (some Jules Verne predicitions), projecting current technology (Stephenson's e-books), or just making something up as a plot device or to bypass current technological limitations (Star Trek's transporter). Even though these things are interesting, they have a limited impact on the path of future technological inventions.
Personally, I think science fiction is at its best when it predicts the effect of technology on society rather than predicts the technology. 1984 is such a great novel not because it got scientists and engineers thinking about how surveilance technology would work. 1984 is great because it got everyone thinking about the ramifications of surveilance technology. With this novel, everyone has a common understanding of how far a government could go with pervasive surveilance of citizens, and we can argue new technology based on thise common understanding. Without it, privacy advocates would seem (even more) crazy to the common citizen.
Because technology is improving at exponential rates, we don't often have time to think about the ramifications of technology until we are using it. Good predictive science fiction gives us a little time beforehand, to think and prepare.
Personally, I'm not interested in this historical project of finding which guesses were right, or Tech TV style observations of "Gee Whiz, isn't this tech great!" I'm more interested with the dialog about future trends, and more of our society thinking about the future.
On a side note, it seems that predictive science fiction is drawing back its horizons more and more. It seems good predictive science fiction is concerned with the next few years, maybe a few generations at most, while hundreds to thousands of years in the future is the domain of fantastical science fiction and lite sci-fi shows. Is this because all the predictive science fiction writers are having a hard time thinking past the singularity?
If I remember correctly, they did a kind of similar thing when the Exxon Valdez oil ship crashed... I think there was some bacteria that had been engineered to live off oil, and so they dropped some bacteria on the oil and that cleaned up much of it. This is from my freshman biology class, so I'm not quite sure if it's accurate.
You are correct. If I remember correctly, this bacteria was patented by the company that developed it. Others wanted to copy the bacteria and challenged the patent, and eventually the Supreme Court ruled that you could patent an organism under the U.S. Patent law. This led to the rush to patent every human gene that a start-up lab could get their hands on, by only speculating what possible uses the gene might have.
I'm sorry, but you're making a critical error. People are ALWAYS trying to chip away at those rights. The excuses vary to whatever sounds good in the political climate of the time, but the fight is constant. We haven't got this far by waiting for the courts.
If an individual is unjustly violating my rights, then I can either report him to the authorities, or sue him in court.
If a corporation is violating my rights, I pretty much have to go to court.
If a law is violating my constitional rights, then I get arrested or fined, and the higher courts eventually strike down the law
If the government is violating my natural rights, then I have to change the government, or possibly take up arms and overthrow the government.
I see all these as "fighting for my rights", in the context of our constitutional government. If AOL/Time Warner is threating to put me in jail for trying to tell someone else how a DVD is encoded, I don't call up the militia to march on the state capitol. I let them arrest me or fine me or whatever, then take the issue to court. And, if I can't really make that personal sacrifice, I support those who can.
I would hasten to say that there is no free press in this country (USA). Although there are many news outlets (networks, internet) its pretty clear that they are all getting exactly the same information, just distributing it in different ways. The problem lies in the stupidty of the average US citizen when it comes to geopolitical affairs. Americans have no idea the rest of the world exists, largely because other countries dont affect our news. When Americans are confronted with complicated multinational issues, they cringe, because they realize they know nothing... their response: bomb them till they comply to our ideology.
One last thing... our American "free press" you describe has dropped the ball on so many stories I can't even begin to list them all. A good example is the Patriot Missile. Not a single Patriot Missile ever destroyed a Scud during the Gulf War, the Israelies have their own ballistics reports that are widely available online... yet no one in the American media thought to question the reliability or accuracy of Patriot Missile. Why? Because the Army told us and the U.S. Government would never lie, would they?
Please give a link for this widely availible balistics report.
Patriot missles not being effective is an interesting story. It would be fascinating during the Gulf War. It's not headline news because there are a dozen other things going on right now. I would like a quick summary of stories you think are important but were completely missed by our free press.
I am curious how wide your definition of the press is. I subscribe to a couple of great independant magazines (Mother Jones and Utne Reader), one of which has a "top ten missed stories of the year", or something like that. If it's Utne, then the top stories are actually published in another magazine or journal. Through these sources and others, I feel I get the major "news" of the day and the year.
Are you saying that the press is limited because the government / military isn't telling them everything? Our news outlets have gotten stories that the government didn't want people to know about, from Watergate to the Pentagon Papers the Iran-Contra affair. Whenever government tried to flex it's muscle to stop stories, freedom of the press won the day.
Are you saying that some stories go unreported? Quite possible. Out of any 100 articles on Slashdot, maybe 5% are news stories, and few of these make the major news, even when they should (Dmitry's arrest, for instance). But the big media only has a limited amount of time for news, and even then it has to make it flashy enough to get market share. Other sources like NPR are better, but even they have to work within a programming format. Yep, some stories fall throught the cracks, but that's not a concerted effort of government censors, but just editors making decisions.
Are you saying there is no free press because difficult stories are not told? Remember the Whitewater "scandal", and how hard some stations tried to explain it? The Middle East is complex, and many news outlets are doing a commendable job of explaining the subtleties of the region, within time restrictions. I've seen no evidence of censorship, and most stories are frank about unpleasant things like CIA involvement in the Afghan war against the USSR.
Are you saying the press isn't free because the public doesn't want hard stories? I've seen many news shows do "education" segments on the Middle East and Afghanistan. These segments are due to the desire of the average American to learn more. Look at the book sale rankings, and you will see that the Middle East, Afghanistan, and Islam are the hottest topics.
Are you saying that the press isn't free because all availible information isn't gathered, sorted, and dissiminated directly into our skulls, whether we like it or not? Then sir, you are correct.
Slashdot Mirror
I wonder if they already have a Linux port in the works? In that case, there may be a business reason to keep it out of the hands of the Wine team.
If you are a wine developer signing up to be a beta tester, be safe and don't use the same name you use in the wine source!
Remember, this is an internal email to the marketing department. There may be a few tech-heads there, but for the most part, these are folks that are pumped up about products they barely understand. They know the buzzwords, they know how to talk to upper management, but they don't have even a MSCE diploma - they just know how to sign upo folks for the MSCE classes.
Not to say that they aren't important - Microsoft probably hires the best technical sales folks they can, with a number of converts from the Unix world. Some may even be much more clued in then I think. The bottom line is, the sales folks need to believe that Microsoft products are better, that they are providing a real service to customers when they sell them Microsoft prodcuts, and have to truly believe that a customer is making a deadly mistake when they go IBM and/or Linux. If they are convinced, and have a few facts to support it, then they can usually convince the one guy who makes the purchasing decisions.
Dangerous? Sure - what happens when the Microsoft salesmen walks through your server room, and points out your Linux box running DHCP \ DNS \ Apache \ Samba \ GNU/whatever? Can you write up a clear, understandable business study explaining why it's better and cheaper to have you administrate this custom box rather than pay for a Microsoft solution? Do you know what to say when they ask "Well, what happens when you leave the company, and we have to hire a $500/hour Linux consultant, rather than a cheaper part-time MSCE?"
That's the problem with a beautiful user-created-and-operated operating system, it's also user-marketed, and we grubby Morlocks have a hard time writing in market-speak, much less making the 7 AM marketing meeting...
Nah, this is a real leak. Look at all that marketing speak.
Check out the part about the consulting company doing a study, comparing the cost of Microsoft solutions to Linux solutions in Unix upgrade costs. There's two possible conclusions to that study. One, Linux could come out on top, and then Microsoft would never release the study. Two, Microsoft would come out on top, and now a Linux company (Red Hat) can proactively do their own study, so that they have something to give to their own marketing people. Even without a "leaked memo", the sales folks could have said "yes, DH Brown is releasing a study in a few months, showing hard numbers that Microsoft is better, I'll get that to you when it comes out, etc. etc.". No real advantage in leaking the memo.
At the same time, I doubt he's really concerned about a leak - there's no real facts in there, just strategy. I imagine the sales team is out there, selling Microsoft products, and complaining to each other that the customer brings up Linux, and they have no ammo to use. This is the boss saying "we've heard the coffee room conversations, we do have a Linux strategy. Here it is. Sell, you beautiful marketers, Sell!".
Now we just need real cost-of-ownship numbers, since you know the DH Brown report will use top consultant by-the-hour numbers...
No, we haven't. Care to elaborate?
Personally, I think what killed Ion Storm was that Valve was able to pull off Half-Life on the Quake II engine while Ion Storm was unable to pull off Daikatana. They both tried to do similar things (plot-driven first-person shooter), but Half-Life pulled it off without annoying AI bugs.
If it is just an internal database, seems a little strange to start a "Linux insiders" group, unaccessable to anyone in the Linux community. Unless, of course, the idea is show a client what looks like a public web page, filled with the "real facts" on Linux.
Let me clarify - I think it is valid and difficult work to find brand new theoretical exploits. It can be even harder to turn a theoretical exploit into an actual exploit. It's a little easier to take a known exploit (buffer-overflow attacks), and try to find the same exploit in some other code. It's easier to take a known, coded exploit, and convert it to do something you want. It's easy to take a coded exploit, and put a user-friendly front-end on it, and even easier to download such a package, and set it up to scan all the @Home domain for exploitable machines. Once an exploit goes from theory to tool, it's easy to use.
Sure, by that point, the hole is easy to patch, too - even a non-related change may break a byte-level exploit. The problem is, the whole computing world is slow to patch, and you can't lay all the blame on bad administrators. As you know, most secure systems are secure because they were designed that way from the start, and the computing world was not designed for security. The computing world has its good and bad administrators, but it also has its un-administered networks, its user-administrated networks, and its home-PC users who were never told how to update the software.
So we have a world with known exploits, and an abundance of machines ready to be exploited. Sure, you can have the most secure machine around, but it won't help when the unsecured ones are used in a DDOS attack against you. You may be security conscience, but it doesn't help when the new hire gives passwords over the phone to hacker using social engineering, or when a co-worker uses the same password for his remote access and for the web-site that passes passwords in plain text. Businesses require people, and as long as you have people and machines, there are security weaknesses in your network.
That's what I mean by saying its easier to find and exploit a hole (especially if someone else does the finding), then it is to patch those holes (especially if you consider the entire network, not just the boxes you have direct control over). Its hard work for a lion to catch a gazelle, but it doesn't have to get the fastest, just the slowest.
I'm sure you would *love* the "Mitnick treatment" when they are *your* constitutional rights being brushed aside
I'm a big fan of the Constitution too. I support all those amendments, from the ones I like (freedom of speech, freedom of religion, right to speedy trial) to the ones I don't like as much (right to bear arms, no cruel and unusual punishment). They do a great job of upholding my more general right to "life, liberty, and the pursuit of happiness/property". That's also why I play within the rules - follow the law when I think it's right, follow the law but protest it when I think it's wrong. I also admire those who take the civil disobedience route, publicly breaking laws they think are wrong. I can't do that right now, because I can't suffer the consequences. I try to support those that can, by giving to the EFF and keeping up on the issues.
I don't see Kevin Mitnick as trying to exercise civil disobedience. I see an individual who got very good at breaking into computer systems, and got to the point where he couldn't stop himself. When he is completely free in a year and a month, if no one pays him to break into systems for a living, then there is a good chance he will go back to breaking into them as a hobby. Most of the world sees this as wrong. When he gets punished, there is not a general outcry, even among the computing community, that his punishment is particularly harsh. Even though hackers say that the computer world runs under different property laws then the rest of the world, the rest of the world has responded with a resounding "no, we'll treat them the same". This isn't a great starting point for civil disobedience.
In any case, yeah, its painful to see the judicial and legal system interact with the computer world. It's also pretty clear how to stay on the right side in the judicial world: don't break into other's property, and don't make people want to go tell mommy you've been bad.
I wish there was a way to make worm writers and exploit users realize the repercussions of what they are doing, but they often are so convinced of their superiority that they don't listen to what everyone is telling them. Until (and if) they grow up, I don't mind taking away their tools/toys, or at least make it harder for them to use them.
Wow - that's a lot of words for a Monday...
Or perhaps you can explain how a particular kind of hole will always have an advantage due to people who need to find and exploit holes in general? I thought your moderation was unfair, since you brought up a valid criticism (if I understand it correctly). Of course, if you were just pointing out that I used the word "hole" too often, well, sorry for not sending it by my editor.
Yes, it's hard work to find a security hole in the first place. Yes, it's a skill to do that. Yes, the people that are good at finding these holes will probably be good at securing their own machines/code.
Once a hole is found and exploited however, the information takes on a life of its own. There are only a few that kind find these holes, but there are more that, once the hole is found, can write an exploit routine. There are even more who can take that routine and make a user-friendly interface for it, or design a script to try out the exploit on many machines. There are even more who wouldn't know the first thing about finding holes, writing exploits, or even making a good script, but who can download and run these things. These days, it takes about a month or two for an exploit to go from discovery to script-kiddie tool.
Once a programmer knows about an exploit, it is fairly easy to patch the hole, unless it takes a redesign. Usually, you can quickly change the program and issue a patch. A good company can get the patch out before the exploit reaches the script-kiddie stage.
But can the administrator patch it soon enough? Many Microsoft bugs are quickly patched, but few users go to Microsoft Update to get the patches. When the administrator want to do it for them, they find out that there is no one patch, but a patch for each system configuration. You can't download one patch and install it over the network. You can't even burn it to a CD and walk to each computer. You have to go to each computer, load up the web page for Microsoft Update, select the patch, and start the download. After a few minutes, you then click a box to restart the computer. Multiply that by the number of machines, and you are working a lot of unpaid overtime.
So administrators put it off. Maybe they hope the firewall will block things, or they send out an email telling employees to do the update themselves, or they wait for the weekend after next. And then, there's the home users who, again, never were told how to update their boxes.
So, the script kiddie has the advantage - a known hole, with a known patch, and millions of computers where the patch hasn't been installed yet. It's even easier if you know a good block of addresses so you can try all of them - @Home and Roadrunner networks are especially ripe for Windows exploits, or it seems so, looking at my firewall logs.
As for hackers eliminating each other - they usually have their own boxes secured, because they try out exploits on each other first.
Yeah, cause that will get ya out of a ticket...
"Hey Barney, why aren't you on the Internet stopping the real criminals! Boy, I'm glad I buy from Amazon, or else my sales tax would pay for your salary!"
Kids don't really need all that power, and just get themselves into trouble. If you HAVE to have a computer, get WebTV, or something like that, so you can compute as a family.
It's a strange sort of vandalism, though.
If I spraypaint my sign on a business, then that business has to spend extra money to repaint, and maybe buy some security lights or hire a security guard, or risk loosing customers due to customer bad impressions.
If I write a Windows worm that results in email systems all over the world shutting down and horrible network congestion, then almost everyone that does web work loses a few minutes. Even if you run Linux and Mozilla, your Slashdot load time will be that much slower, due to all the other packets running around the backbones, and you'll get that much less work done.
Businesses will lose money, but very little of it will be identifiable. The identifiable stuff - network guys spending their weekends patch Winboxen - is misleading as well, since many of these guys are salaried. In the end, it turns up as a dip in productivity, vaguely measurable, possibly showing up in end-of-year profit statements, but hard to prove.
It does impact the bottom line in subtle ways, though. Reduced profits lead to reduced taxes, and the government has a little less money to spend.
So, yeah, call it vandalism, possibly bordering on property damage, but also add "defrauding the government" or some such charge. Those IRS bastards know how to squeeze money out of folks that owe them money.
Great idea! Take a kid who obviously has no respect for other's property, and hand him the keys to your enterprise system! By the time he's done, all the backdoors, security holes, and other problems will be patched, except for your script kiddie's backdoors. Then, shoot the script kiddie. No known security holes, and one less 1337 haxor - everyone wins!
The one flaw in your plan is that the folks that make these worms are, for the most part, social backwards (no respect for others' property or lost time, and usually from a middle-class background, so they don't know how to really work for a living), and don't have a great set of computer skills, outside of those needed to find holes. It's a bit easier to find and exploit holes then it is to find and patch those holes, so the assholes will always have the advantage.
Personally, I like the Kevin Mitnick treatment - put 'em in jail for a while, away from computers, then put them on probation, again without access to computers. If you are too socially retarded to play the game right, then you'll have to sit on the sidelines. Too bad these kids are privileged enough that their parents could hire lawyers, and parents are brainwashed into thinking that computers are necessary for their kid's education...
Leave it to a Nordic to apologize for their English, and then use a word that 1/2 the high school students in the USA couldn't define, all in the same sentence.
I've found that many high school students learn the definition of oxymoron, if the English teacher teaches it. For some reason, oxymoron burns a hole in a high school kid's head...
I have to grab an extra hand to count the number of times I've actually damaged a computer when learning about it. Here's a few:
Zapping the motherboard while trying to add a sound card.
SOMEHOW creating a recursive directory structure under DOS (c:/a/b/a/b/a/b/a/b/a/b...)
Renaming ZIP files to COM files so I could run the damn things
Accidentily formating a drive because I was going through a book trying out commands
Filling the hard drive with a word file consisting of the phrase "I LOVE THERESA" 2^2^2^2^2^2^2... times because I just learned how to cut and paste in Wordstar
Deleting some strange files (what the hell is a DLL? a VXD?) while making room for my game.
Nearly breaking my laptop screen while trying to get X-Windows working on it
several others...
The point is, you don't start learning about that computer until you start breaking it. True, the fear is a barrier to learning (my wife had a student that made her come to her house to reboot a frozen computer for the first time), but, while exploring how things work, you are going to break something eventually. It's OK if you have someone to support you (Thanks Dad!) or a sizeable paycheck (Thanks Boss!), but otherwise, a computer is damn expensive to learn.
I'd put that fairly high on your list - getting a new learner to buy a device that costs more than their first car, but that is 1000x more complicated then their first car.
Having said that, I think I'd be willing to work on a LDP that tried to help out on the teaching issue. I think getting new people onto the Linux boat is a noble goal.
This is not a bug, it's a feature.
XBox = DirectX, known version, known platform, known hardware, soon-to-be-discovered bugs, soon-to-be-discovered optimizations, etc. etc.
It's a game developer's Nirvana, to only have to code for one platform, knowing that the way it looks on your development system is exactly how it will look on the buyer's system. No unexpected incompatible drivers. No hardware conflicts. No performance bottlenecks on strange systems with cheap-ass components. No Packard-Bells.
It's like asking why the clothing industry can't make a good-looking pair of one-size-fits-all shoes.
You are absolutely right - computer intrusion fraud would be much harder to detect than other kinds of fraud. This is one thing a law would have to address - perhaps making it a federal offense to commit insurance fraud, and create a branch of the FBI that investigates fraud claims. If the insurance company suspects that it may be fraud (and they would make it their business to know what a real intrusion looks like), they would look into it during a normal claim investigation, and, if necessary, alert the FBI to a possible fraud investigation.
If someone is willing to commit this kind of fraud, one that brings real damage to their business, then either that person is in trouble or the company is in trouble. Remember, the insurance covers provable losses, so any claim will probably fall short of actual losses in time, reputation, stock price, insurance rate, and actual bottom line. A company is less likely to do this to itself or its stock than a rogue employee, and investigations tend to bring these rogue elements into clear relief.
I agree, fraud is a problem, as well as the international aspect of the Internet. Its hard to see how any laws can help make it more secure. But the insurance idea, especially if it's mandatory for government contracts, creates a financial incentive to secure networks, and sets a benchmark for what is a reasonably secure environment.
One thing that may help is if there was some independant firm that could give a qualitative and quanitative measurement of a company's security. These independant firms could review patch logs, sys admin proceedures, backup procedures, and employee training materials. They could also perform more intrusive audits, using a standard set of tools (upgraded quarterly) to attempt to infiltrate the organization. At the end, they could then give some sort of ranking, to let a company know what bases have been covered and how they rank with others in the industry.
This service is done by many security firms, but there is no real standard. All the information is propriatary, and usually secret, because a company doesn't want to publicize what holes were found. Even then, there is no real motivation to get ongoing reviews, because, if there are no visible hacker attempts, then it seems like a waste of time and money.
This might be changed by offering computer security insurance. This insurance would cover the cost of recovering after a sucessful cracking attempt, as well as any lost business. An insurance firm would evaluate the current security and ability to recover from a hacking attempt, and find a reasonable insurance rate based on the company's preparedness.
This would help in several ways. First, even though the evaluation would be between the insurance company and the insurance purchaser, the insurance rate would show up on the financial reports. Investors and reporters could compare the rate and the coverage, and make a rough determination of the fitness of the company's security measures. The rate information should be included in the financial report, since this information would help an investor decide how likely a company is to suffer financial loss due to a hacking attempt. It may require a law to get this insurance information into financial reports.
Second, it would give companies a forum to disclose successful hacks. Currently, companies keep all but the most damaging hacking attempts secret, because it makes them look bad in the eyes of investors. If there is a financial incentive to report hacking attempts (they could get some insurance money back), there may be motivation to share this critical information, and other companies may be able to secure their own systems against new methods.
Third, damage claims would be more realistic. When a cracker is caught, many companies let their imagination soar when it comes to damages, assuming fantastical scenarios like, "What if he found our most prized trade secrets, and sold them to our direct competitor, thus making us lose all the profit from that product / service?", or "What is the sum of all the salaries of everyone who ever worked on that machine?". If the company had to actually file a claim, then the insurance company would dictate the terms of that claim, what is fair game for damages and what is not. This will help put the cracker's actions into better perspective.
Fourth, once standards are formed, the government could use the standards for contractors. For instance, a contractor working with "Secret" documents may have to have a score of 90 out of 100 for the general company, and a score of 97 out of 100 for the division working with the secret data. The government may even demand scores of 100 - not unrealistic for a score based on repeatable and auditable tests.
Fifth, the insurance companies would have an incentive to discover what security measures work, and which don't. If they find that yearly training for employees to deter social engineering attacks work, then they can make that part of the standard. If randomized one-use passwords work, then it goes in. If some widely believed precaution has little effect, it can come out of the standard. In general, we'll have a better idea of what makes a secured network, and more books will be written helping small businesses meet the insurance company's demands.
Sixth, we can develop labs like UL for computer security, which can rate software, operating systems, and hardware, giving them ratings for their out-of-the-box configurations. Vendors will work harded for better ratings, and auditors will have an idea how much patching needs to be done for a particular system to be kept up-to-date. Security will actually become a selling point.
I'm not sure if there is a law that would make this happen. I'm sure you can talk to the insurance lobby, and get a rough idea why this doesn't exist yet.
Waste of time? It only wasted a minute of your time, and most of that was wasted by you posting a reply.
Waste of time for the developers? They are working on what they are interested in. If you want them to work on something they are less interested in, pay them. "Silly" side projects is what makes this games work.
Waste of time for the users? Some folks have to use Windows in a job context, because the tools they use are Windows only. Once people are used to Unix tools, it's hard to go back. Plus, what happens to the Wintel platform when:
The user runs free office applications that freely work with Microsoft Office formats, but have an even better native format
The user ignores the latest "vital" Microsoft operating system extensions, in favor of tools ported from the Linux / BSD environments
The user uses non-Microsoft entertainment apps, because they are less restrictive than the "official" ones
Core Microsoft facilities are replaced with ones that work better with the "ported" tools
Users have the option of emulating Windows software/games, or buying a native Linux version, and start to seriously think about the Linux version
The hardest part about moving to Linux is learning the 200 basic facts that allow you to work at all (deleting files is called "removing", user files go here, applications go here, you start X11 by typing "startx", etc.). If you can learn 100 of those facts under a Windows environment, you are half-way there.
This is a stepping stone in a migration to the standard Debian, or it may be the start of new and interesting developments. We just have to wait and see.
(Dammit, responded to an AC again...)
On the other hand, HPB (High Ping Bastards) could sometimes do some nasty things, like run past open areas (one snapshot at the entrance, next beyond the entrance, HPB only saw a frozen character at the entrance, which then speed past on the next update). It wasn't predictable, but I think some people tried to develop hacks based on it. Also, HPBs could complain about LPBs, and blame connection rather than lack of skill.
Just for comparision, when I was on a 56K phone line (getting 48K max), I'd have a ping of about 300 on good days. With the cable modem, I could get down to 20 if the server was a few hops away, and was usually at 40-60, and almost always had the lowest ping (except for the folks playing on a local LAN, with pings of 0 or in the teens). I don't think there's a hard and fast correlation between CS "ping" or "latency" and the ping you'd get from the "ping www.hostname.com" command.
This is my (non-technical) Counterstrike experience. The Quake folks may have more insight. CounterStrike runs just fine on my P3-350 machine with a Voodoo 2 card, while they still benchmark Quake on the latest hardware. Quake folks seem to care more about hardware/connections, but that might just be the impression I get from how often it is used in benchmarks.
I did a quick search of the Excite web site. That same month, they promised to donate up to $3 million to a Meg Ryan-sponsered charity.
They had a revenue of $113 million for that quarter.
The 1999 news site has a ton of stuff like this. The 2000 site seems to have as much, but the last announcement is in May, 2000.
Does that shed some light on where the money went? Just another company, thinking they would keep getting exponential growth, making money out of nothing, with no provisions for an economic downturn.
I'll miss being a LPB on Counterstrike.
DSL - tried to get it a year ago, and I'm just a bit too far away from the CO to get service. It will probably take 3 visits and 3 mornings off of work to verify that I can't get DSL - and even then, I'll never have official word, just the hearsay from a disgruntled tech.
802.11b wireless - Several providers? What part of the country is that again? Here in my corner of the midwest, there are a few less options.
Satellite - "Games are wasteful of valuable bandwidthm especially given the current shortage". Guess us gamers should go the e-ghetto where we belong...
T1 - This would be a great option if a) I had the expertise to set this up in a timely manner b) I had the capital to pay for the initial equipment c) I knew ANY neighbors in a mile radius that would pay for a connection and the 802.11b equipment. Sorry, it's not really viable right now.
Dialup. See Satellite.
Sorry. I got a cable modem because I like an always on connection, and I really enjoy online games. I kept it because it really enhances the online gaming experience, even on my (comparatively) slow machine, and it helps facilitate my new linux habit (45 minutes to download an ISO image from a public server).
But hey, thanks for making me feel like an idiot for going for the fast, easy, cheap option and not investigating the other lame-ass offers in town.
What's RG6, and why do I want it?
BTW, my local home depot is carrying cat5e for about $60 for 1000ft., which was as good as I could find. They also carry a consumer-grade data-utility box, $62.98, with modules costing extra. Did you buy a utility box or build your own?
Personally, I think science fiction is at its best when it predicts the effect of technology on society rather than predicts the technology. 1984 is such a great novel not because it got scientists and engineers thinking about how surveilance technology would work. 1984 is great because it got everyone thinking about the ramifications of surveilance technology. With this novel, everyone has a common understanding of how far a government could go with pervasive surveilance of citizens, and we can argue new technology based on thise common understanding. Without it, privacy advocates would seem (even more) crazy to the common citizen.
Because technology is improving at exponential rates, we don't often have time to think about the ramifications of technology until we are using it. Good predictive science fiction gives us a little time beforehand, to think and prepare.
Personally, I'm not interested in this historical project of finding which guesses were right, or Tech TV style observations of "Gee Whiz, isn't this tech great!" I'm more interested with the dialog about future trends, and more of our society thinking about the future.
On a side note, it seems that predictive science fiction is drawing back its horizons more and more. It seems good predictive science fiction is concerned with the next few years, maybe a few generations at most, while hundreds to thousands of years in the future is the domain of fantastical science fiction and lite sci-fi shows. Is this because all the predictive science fiction writers are having a hard time thinking past the singularity?
You are correct. If I remember correctly, this bacteria was patented by the company that developed it. Others wanted to copy the bacteria and challenged the patent, and eventually the Supreme Court ruled that you could patent an organism under the U.S. Patent law. This led to the rush to patent every human gene that a start-up lab could get their hands on, by only speculating what possible uses the gene might have.
Anyone remember the case more clearly?
If an individual is unjustly violating my rights, then I can either report him to the authorities, or sue him in court.
If a corporation is violating my rights, I pretty much have to go to court.
If a law is violating my constitional rights, then I get arrested or fined, and the higher courts eventually strike down the law
If the government is violating my natural rights, then I have to change the government, or possibly take up arms and overthrow the government.
I see all these as "fighting for my rights", in the context of our constitutional government. If AOL/Time Warner is threating to put me in jail for trying to tell someone else how a DVD is encoded, I don't call up the militia to march on the state capitol. I let them arrest me or fine me or whatever, then take the issue to court. And, if I can't really make that personal sacrifice, I support those who can.
One last thing... our American "free press" you describe has dropped the ball on so many stories I can't even begin to list them all. A good example is the Patriot Missile. Not a single Patriot Missile ever destroyed a Scud during the Gulf War, the Israelies have their own ballistics reports that are widely available online... yet no one in the American media thought to question the reliability or accuracy of Patriot Missile. Why? Because the Army told us and the U.S. Government would never lie, would they?
Please give a link for this widely availible balistics report.
Patriot missles not being effective is an interesting story. It would be fascinating during the Gulf War. It's not headline news because there are a dozen other things going on right now. I would like a quick summary of stories you think are important but were completely missed by our free press.
I am curious how wide your definition of the press is. I subscribe to a couple of great independant magazines (Mother Jones and Utne Reader), one of which has a "top ten missed stories of the year", or something like that. If it's Utne, then the top stories are actually published in another magazine or journal. Through these sources and others, I feel I get the major "news" of the day and the year.
Are you saying that the press is limited because the government / military isn't telling them everything? Our news outlets have gotten stories that the government didn't want people to know about, from Watergate to the Pentagon Papers the Iran-Contra affair. Whenever government tried to flex it's muscle to stop stories, freedom of the press won the day.
Are you saying that some stories go unreported? Quite possible. Out of any 100 articles on Slashdot, maybe 5% are news stories, and few of these make the major news, even when they should (Dmitry's arrest, for instance). But the big media only has a limited amount of time for news, and even then it has to make it flashy enough to get market share. Other sources like NPR are better, but even they have to work within a programming format. Yep, some stories fall throught the cracks, but that's not a concerted effort of government censors, but just editors making decisions.
Are you saying there is no free press because difficult stories are not told? Remember the Whitewater "scandal", and how hard some stations tried to explain it? The Middle East is complex, and many news outlets are doing a commendable job of explaining the subtleties of the region, within time restrictions. I've seen no evidence of censorship, and most stories are frank about unpleasant things like CIA involvement in the Afghan war against the USSR.
Are you saying the press isn't free because the public doesn't want hard stories? I've seen many news shows do "education" segments on the Middle East and Afghanistan. These segments are due to the desire of the average American to learn more. Look at the book sale rankings, and you will see that the Middle East, Afghanistan, and Islam are the hottest topics.
Are you saying that the press isn't free because all availible information isn't gathered, sorted, and dissiminated directly into our skulls, whether we like it or not? Then sir, you are correct.