You are using someone elses computer. And you expect privacy. There is a need to protect the equipment and the computer.
How to protect the computer is supposed to up to the the computer's owner, not the government. We're talking about a law that requires the cafe owner to install cameras, whether he wants to or not. Are we having an Emily Litella moment yet?
How is this different from video monitoring ATMs, Banks, Gas Stations and the like? I don't think this is a terrible privacy decision at all! You have the right to go where you want to go and when, and if you want to not be monitored using the Internet, go somewhere else... perhaps in the privacy of your own home. I'm sure there are other cafes that don't have cameras all about...
RTFA. The cameras in banks and gas stations were put there voluntarily by the bank and gas station owners. The law requires that all cyber cafes in that city install cameras, whether the cafe owners want to or not. That's why it's a terrible decision. And since all the cafes there are required to have cameras, by definition there aren't any that don't have them.
Also, using a bank or gas station is not a First Amendment activity and isn't subject to the same safeguards.
Looks like there's pending patents for the PKWARE format even though it's completely straightforward. It includes both password-based symmetric encryption, and public-key encryption using x509 certificates. There's a no-royalty license that I didn't bother to read but it looks like for the public-key format, you're only allowed to decrypt encrypted files under the license, not encrypt new ones. If they're going to use x509 certificates I don't understand why they didn't stick with s/mime format.
Thanks. The winzip format is reasonably well done, though the authentication format is unspecified (the doc says "look at the implementation tips" and the implementation tips say "look at the doc") but is done by Brian Gladman's published AES library, so can be deduced from that. I see one minor problem, that for AES-128 the key is computed by crunching the password with a 64-bit salt. Because of the birthday paradox there starts to be significant chance of re-using a key after encrypting a billion or so files, which isn't implausible in some types of automated systems. Since the encryption mode is AES-CTR, re-using a key is a serious security failure. The solution is use AES-256 which is also provided and which uses a 128 bit salt. I don't understand why they used separate salt sizes for the two key sizes.
Will the new "secure" zip format be published so other implementations can use it? There's the old pkzip "password" feature that infozip implments, that's deliberately weak because of the old export controls, but that doesn't count.
So every fatal car accident caused by untimely mechanical failure is "murder by manufacturer"?
It's murder by management if the engineers tell management "hey, this part isn't strong enough, we have to use a stronger part or some cars are going to blow up" and management says "nah, that'll cost too much, forget it". Ford Motor Company was in fact indicted for second-degree murder over the notorious exploding Pinto gas tank, after it came out that basically the above engineer-management exchange had taken place.
Similar exchanges took place before the Challenger explosion (engineers didn't want to launch until the O-ring erosion had been fixed, and management overruled them) and the Columbia crash (engineers wanted photos of the insulation damage so if necessary they could make a contingency plan, and management spiked the request). So those also fit the pattern of murder by management.
See one of my other posts, he doesn't browse the web much. He occasionally uses lynx, but for the most part if he wants to look at a url, he emails it to a daemon that retrieves the page text and emails it back to him. He doesn't seem very interested in random web surfing, i.e. using the web as an entertainment medium. He'll look at a specific URL if someone sends it to him and he has reason to think it will be interesting.
Are you saying that every port 25 listener is supposed to check incoming IP addresses against the SPF list for the domain in the envelope-From? That means that you're not to relay through anything not in the SPF list? If you can relay, the relay can just forge the appropriate Received: headers. If you can't relay, then, hmm, your flexibility is impaired but maybe that's the idea.
I'm not sure about GNU Screen. He does use that thing where you get virtual terminals by hitting alt-F1, alt-F2, etc. He spends a lot of his time keeping up with email. He doesn't use netnews or IM or w3m which would probably be an even worse productivity sink for him. He uses Rmail (the built-in Emacs mail reader) for email, not a separate client.
I don't think he feels "too cool to use a window system", but rather just doesn't feel like he needs one for what he does. He's the author of an old Lisp machine window system and has written plenty of X code, so it's not like the idea of a window system is unknown or scary to him.
Part of his setup's weirdness is because he travels a lot and has limited net access on the road. He does very little online. Instead, if he visits you at your company or university, he'll typically plug his laptop into your ethernet and spend a few minutes downloading his unread email (however many hundred messages that is) into it. Then he unplugs and reads the email offline while going on his way, spooling his replies onto disk. Then at his next stop, he plugs in again, uploads his replies to the old email and downloads new mail that's arrived since the last stop. He usually doesn't use web browsers. If you mail him a URL he should see, he prefers if you send him a text dump of the contents along with it. If he only gets the URL and thinks it's likely to be interesting, he emails it to a special daemon he's set up back home, that retrieves the URL's text contents and dumps it into his next batch of email. Images? What images?
All in all it actually seems like a pretty practical system, less conducive to wasting time web surfing than what most of us are used to, but he doesn't care about that.
A few people have asked about this. I used to work for RMS and have seen him hacking lots of times. He uses an amazingly primitive environment. No window system at all, just text mode. He does everything inside Emacs. I spoke with him once about a web-based email client I'd used and he said he could understand why such things were worthwhile but he'd never want to use one himself because he couldn't use Emacs editing commands in one while composing mail. Since he doesn't use a window system, there's no simple mechanism for a screen shot, but there wouldn't be much to see anyway, just whatever message he was composing or code he was hacking.
As for his.emacs file, last time I looked, it wasn't empty, but contained a few lines to turn off the default disabling of novice-confusing commands like narrow-to-window, and I think he also enables debug-on-error. It no serious customization to speak of though. As someone else mentioned, he's presumably set up Emacs's defaults the way he already likes them.
In recent years because of injuries, he's often had to get other people to type for him while he tells them what to type ("control-F, meta-d, blah blah"). That wouldn't show up in a screen shot either, but somehow seems like it should be part of the picture. Typing for him is an interesting experience if you don't have to do it for too long. Volunteer for it sometime if the situation arises, I'm sure he'll appreciate it.
I don't see why they can't open the closed codecs. Other companies open formerly closed programs or formats all the time. Even Flash has been opened, fron what I understand (the format, not the Macromedia implementation).
You seem to be saying that getting Realmedia to adopt open formats is a bad thing?
Yes. I'd rather that they either go completely open and be embraced as a standard, or else stay completely proprietary so they can die out as quickly as possible and be replaced by open formats. I don't see this mixed open/proprietary stuff as doing anything but prolonging our agony.
The only important parts of realmedia are the realaudio and realvideo codecs which as far as I know are proprietary. All attempts to integrate open formats like Vorbis into realplayer are only helping spread the disease. Why does anyone think it's interesting? Until the realaudio and realvideo formats are opened, integrating those other formats is just helping Realmedia Corp. co-opt the open formats.
Along with perfect ballbearings and other ideas that didn't work out, one of the more interesting suggestions for zero-g (actually microgravity) manufacture was metal foams. The idea is to shoot gas bubbles into molten metal. With no gravity to make the bubbles rise to the top, they'd stay where they were, and cooling down the mix would result in metal foam, sort of like foam rubber except with metal instead of rubber. I wonder if aerogel amounts to the same thing and could be made the same way?
Ref: The Third Industrial Revolution by G. Harry Stine.
and therefore looks like it could be very difficult to honor. What happens if some major application turns out to infringe? E.g., suspend disbelief for a moment and imagine that GIMP's code turns out to be 97% ripped off from Photoshop. Red Hat is now going to rewrite it all?
Also, what about patents? The "Assurance program" isn't limited to copyrights. If some program is found to infringe a patent, there may not be any way to reimplement the functionality without still infringing.
I don't know why but that article made me chuckle "heh, Boston outsources its news/weather reporting to Florida". It's reminds me of how Indian phone center workers are sometimes trained in different regional US accents to create the illusion that they're local to the US customer.
What do you think the chances are of the Webb telescope actually getting launched in 2010?
For that matter, what do you think its chances are of ever getting launched at all?
In the current economy, it's not too clever to quit your IT job unless you've got a firm, unreversable commitment for a new one to switch to with an absolutely definite start date that can't be postponed by the new employer. Similarly I don't think it's clever to abandon the Hubble til the Webb is launched and operational.
According to this post, only about $40 million would need to be raised to service the Hubble Space Telescope, one of the best and most productive scientific instruments ever made. The Saturn 5 out at Huntsville is just a big hunk of metal laying on the ground, completely nonfunctional, and sure, maybe it gets even more pockmarked as the years go by, but it's not like it's going to suddenly vanish or anything. And anyway, unless something has happened, there's another one on display at Kennedy Space Center (I saw that one in the early 80's). I'd say put the $5 million toward servicing the Hubble and actually accomplish some useful exploration, rather than just polishing up a relic of glory days gone by.
No you don't get it. The idea is that the spam contains encrypted messages. Because the messages are encrypted, $AGENCY can't read them. Because they're spam and sent to millions of innocent sufferers, $AGENCY can't tell who the one real intended recipient is. Because so many different spammers are using the gibberish tactic, $AGENCY can't tell which ones are really using steganography. If $AGENCY really wants to do something about steganography, the first thing to do is shut down spammers.
It may have been considered before Bush's proposal, but it didn't become a necessity til after Bush's election stunt killed off the possibility of doing anything else with the Hubble. That's why it was only a proposal before and is a reality now. And that, in turn is why the news reports correctly attribute the Hubble abandonment to Bush's boondoggle.
This is a desktop replacement machine. Most users will always run it on AC power. Batteries are an afterthought. They're useful if you need to power up the machine and check on something without messing with the AC adapter. If you want to watch DVD's through a cross country plane flight, you want a smaller machine that fits on the tray table anyway.
Slashdot Mirror
How to protect the computer is supposed to up to the the computer's owner, not the government. We're talking about a law that requires the cafe owner to install cameras, whether he wants to or not. Are we having an Emily Litella moment yet?
RTFA. The cameras in banks and gas stations were put there voluntarily by the bank and gas station owners. The law requires that all cyber cafes in that city install cameras, whether the cafe owners want to or not. That's why it's a terrible decision. And since all the cafes there are required to have cameras, by definition there aren't any that don't have them.
Also, using a bank or gas station is not a First Amendment activity and isn't subject to the same safeguards.
Looks like there's pending patents for the PKWARE format even though it's completely straightforward. It includes both password-based symmetric encryption, and public-key encryption using x509 certificates. There's a no-royalty license that I didn't bother to read but it looks like for the public-key format, you're only allowed to decrypt encrypted files under the license, not encrypt new ones. If they're going to use x509 certificates I don't understand why they didn't stick with s/mime format.
Thanks. The winzip format is reasonably well done, though the authentication format is unspecified (the doc says "look at the implementation tips" and the implementation tips say "look at the doc") but is done by Brian Gladman's published AES library, so can be deduced from that. I see one minor problem, that for AES-128 the key is computed by crunching the password with a 64-bit salt. Because of the birthday paradox there starts to be significant chance of re-using a key after encrypting a billion or so files, which isn't implausible in some types of automated systems. Since the encryption mode is AES-CTR, re-using a key is a serious security failure. The solution is use AES-256 which is also provided and which uses a 128 bit salt. I don't understand why they used separate salt sizes for the two key sizes.
Will the new "secure" zip format be published so other implementations can use it? There's the old pkzip "password" feature that infozip implments, that's deliberately weak because of the old export controls, but that doesn't count.
It's murder by management if the engineers tell management "hey, this part isn't strong enough, we have to use a stronger part or some cars are going to blow up" and management says "nah, that'll cost too much, forget it". Ford Motor Company was in fact indicted for second-degree murder over the notorious exploding Pinto gas tank, after it came out that basically the above engineer-management exchange had taken place.
Similar exchanges took place before the Challenger explosion (engineers didn't want to launch until the O-ring erosion had been fixed, and management overruled them) and the Columbia crash (engineers wanted photos of the insulation damage so if necessary they could make a contingency plan, and management spiked the request). So those also fit the pattern of murder by management.
I don't see why. He's not secretive about it. Type for him sometime and you'll see it all too.
See one of my other posts, he doesn't browse the web much. He occasionally uses lynx, but for the most part if he wants to look at a url, he emails it to a daemon that retrieves the page text and emails it back to him. He doesn't seem very interested in random web surfing, i.e. using the web as an entertainment medium. He'll look at a specific URL if someone sends it to him and he has reason to think it will be interesting.
Are you saying that every port 25 listener is supposed to check incoming IP addresses against the SPF list for the domain in the envelope-From? That means that you're not to relay through anything not in the SPF list? If you can relay, the relay can just forge the appropriate Received: headers. If you can't relay, then, hmm, your flexibility is impaired but maybe that's the idea.
They'd have to either switch ISP's, or no longer be able to receive email from users who didn't implement SPF.
I don't think he feels "too cool to use a window system", but rather just doesn't feel like he needs one for what he does. He's the author of an old Lisp machine window system and has written plenty of X code, so it's not like the idea of a window system is unknown or scary to him.
Part of his setup's weirdness is because he travels a lot and has limited net access on the road. He does very little online. Instead, if he visits you at your company or university, he'll typically plug his laptop into your ethernet and spend a few minutes downloading his unread email (however many hundred messages that is) into it. Then he unplugs and reads the email offline while going on his way, spooling his replies onto disk. Then at his next stop, he plugs in again, uploads his replies to the old email and downloads new mail that's arrived since the last stop. He usually doesn't use web browsers. If you mail him a URL he should see, he prefers if you send him a text dump of the contents along with it. If he only gets the URL and thinks it's likely to be interesting, he emails it to a special daemon he's set up back home, that retrieves the URL's text contents and dumps it into his next batch of email. Images? What images?
All in all it actually seems like a pretty practical system, less conducive to wasting time web surfing than what most of us are used to, but he doesn't care about that.
He's had tendinitis in his wrists for years (repetitive strain injury). More recently he fell and hurt his arm, but hopefully that's better by now.
As for his .emacs file, last time I looked, it wasn't empty, but contained a few lines to turn off the default disabling of novice-confusing commands like narrow-to-window, and I think he also enables debug-on-error. It no serious customization to speak of though. As someone else mentioned, he's presumably set up Emacs's defaults the way he already likes them.
In recent years because of injuries, he's often had to get other people to type for him while he tells them what to type ("control-F, meta-d, blah blah"). That wouldn't show up in a screen shot either, but somehow seems like it should be part of the picture. Typing for him is an interesting experience if you don't have to do it for too long. Volunteer for it sometime if the situation arises, I'm sure he'll appreciate it.
I don't see why they can't open the closed codecs. Other companies open formerly closed programs or formats all the time. Even Flash has been opened, fron what I understand (the format, not the Macromedia implementation).
Yes. I'd rather that they either go completely open and be embraced as a standard, or else stay completely proprietary so they can die out as quickly as possible and be replaced by open formats. I don't see this mixed open/proprietary stuff as doing anything but prolonging our agony.
The only important parts of realmedia are the realaudio and realvideo codecs which as far as I know are proprietary. All attempts to integrate open formats like Vorbis into realplayer are only helping spread the disease. Why does anyone think it's interesting? Until the realaudio and realvideo formats are opened, integrating those other formats is just helping Realmedia Corp. co-opt the open formats.
Ref: The Third Industrial Revolution by G. Harry Stine.
Also, what about patents? The "Assurance program" isn't limited to copyrights. If some program is found to infringe a patent, there may not be any way to reimplement the functionality without still infringing.
I don't know why but that article made me chuckle "heh, Boston outsources its news/weather reporting to Florida". It's reminds me of how Indian phone center workers are sometimes trained in different regional US accents to create the illusion that they're local to the US customer.
For that matter, what do you think its chances are of ever getting launched at all?
In the current economy, it's not too clever to quit your IT job unless you've got a firm, unreversable commitment for a new one to switch to with an absolutely definite start date that can't be postponed by the new employer. Similarly I don't think it's clever to abandon the Hubble til the Webb is launched and operational.
According to this post, only about $40 million would need to be raised to service the Hubble Space Telescope, one of the best and most productive scientific instruments ever made. The Saturn 5 out at Huntsville is just a big hunk of metal laying on the ground, completely nonfunctional, and sure, maybe it gets even more pockmarked as the years go by, but it's not like it's going to suddenly vanish or anything. And anyway, unless something has happened, there's another one on display at Kennedy Space Center (I saw that one in the early 80's). I'd say put the $5 million toward servicing the Hubble and actually accomplish some useful exploration, rather than just polishing up a relic of glory days gone by.
No you don't get it. The idea is that the spam contains encrypted messages. Because the messages are encrypted, $AGENCY can't read them. Because they're spam and sent to millions of innocent sufferers, $AGENCY can't tell who the one real intended recipient is. Because so many different spammers are using the gibberish tactic, $AGENCY can't tell which ones are really using steganography. If $AGENCY really wants to do something about steganography, the first thing to do is shut down spammers.
It's not nitpicking to report that the plain facts don't resemble your ridiculous spin.
It may have been considered before Bush's proposal, but it didn't become a necessity til after Bush's election stunt killed off the possibility of doing anything else with the Hubble. That's why it was only a proposal before and is a reality now. And that, in turn is why the news reports correctly attribute the Hubble abandonment to Bush's boondoggle.
This is a desktop replacement machine. Most users will always run it on AC power. Batteries are an afterthought. They're useful if you need to power up the machine and check on something without messing with the AC adapter. If you want to watch DVD's through a cross country plane flight, you want a smaller machine that fits on the tray table anyway.