Laptops, especially bleeding-edge ones that run hot, have a high failure rate. I've owned about 6 laptops in the post-Pentium era (earlier ones ran cooler and were more reliable) and four of them have needed warranty repair after more than a year of service. With a 1-year warranty I'd have been SOL. With a 3-year warranty, you're more covered, and the machine is almost obsolete after that long anyway, so it's time for an upgrade if it breaks. These days, only higher priced laptops tend to come with 3 year warranties any more, probably because the failure rate is known to be so high.
I guess if this eMachines thing has a 1-year warranty you can get an "extended" warranty from Best Buy for a few hundred bucks more. I'd definitely advise doing that. But it means you have to figure it into the price of the machine.
Spam is a perfect carrier for steganographic data since it's broadcast to millions of people and nobody can fall under suspicion merely by receiving it. When the government wants to monitor people's communications to search for steganography, when they don't do anything about spam, the purpose of the monitoring is probably not the stated one.
They are sending sekrit instructions to al-spamda about where to hide the weaponz of mass distraction. Or who knows. Any government efforts to control steganography (like reported just yesterday ) better go after spammers first, or we have to wonder what they're really up to.
Actually, it was already Free (according to the FSF). GPL software is a subset of Free software. Anything GPL-compatible is also necessarily Free. There are even some GPL-incompatible licenses which are still Free but the FSF advises against using them.
My concern is that the problem indemnification addresses is a LONG-term problem. The SCO suit is just a short-term instance of the long term problem. Wait til Microsoft tries something similar.
An organization like Debian can't itself offer indemnification, but perhaps it could work with an insurance policy to offer indemnity policies to people wanting to buy them. However, the closest to a real solution would be for Darl and company to see jail time and dissuade others from running similar scams. But it just isn't likely.
If indemnification makes people more likely to adopt open source software in the short term, it is a good thing.
Why do you say that? If they think they're asking for lawsuits unless they write some company a check for every copy of the program they use, how is it different from using proprietary software?
If SCO (and imagine Microsoft doing the same thing later on) have managed to create enough FUD for users to be afraid of using free software unless identified by some company, that already undermines the goals of free software pretty badly. Being able to download, modify, and redistribute software with the author's permission isn't all that attractive if SCO has made you feel threatened by legal hassles for doing it. You no longer get the freedom from bureaucracy, hassles, per-seat fees, and so forth that the free software developers labored to bring you.
We shouldn't celebrate just because indemnification is available and say it solves the problem. That SCO has created demand for such indemnification is already a big problem. And of course companies offering indemnification have a vested interest in creating more such demand. They're not doing anything bad by offering it, but neither is it completely in the interests of free software for everyone to jump on it. It's more complicated than that and we have to keep the issues clear.
Most of the spam I receive these days has a lot of random words in it embedded in HTML contents. The obvious reason is to get past statistical spam filters (see the Paul Graham articles etc.) which look for an over-abundance of words like "penis". However, "random" and "competently encrypted" cannot be distinguished from one another. So there's NO way to tell whether that spam has steganographically encoded messages in it.
What they really seem to want is an excuse to scan everybody's email and other net traffic as it flows over the net. That's scary.
I don't think you've ever been to Vegas. Also, I don't walk around with 3 grand in cash in my pocket every day, but I've done it a number of times when I had occasion to. It's not a big deal, as long as you don't advertise it or look like you're carrying it, you're no less safe than if you don't have it. But if the cash is broadcasting radio signals saying "Steal me! Steal me!", that's a lot less safe.
In some instances, yes. For the Netgear, I'm not sure what the situation is, I think it's running embedded Linux but don't know what the IPSEC stack is.
However, IMO, concerns about intentional secret backdoors in products are somewhat overblown. That stuff went out of fashion years ago. There's plenty of unintentional security holes in all kinds of products, but since the introduction of the Clipper chip, CALEA, 40-bit browser encryption, and so forth, government policy has been towards disclosure of backdoors (though as you can see from that list, user acceptance hasn't been so great).
The minute that data from a VPN wiretap through an intentional, undisclosed backdoor is used as evidence against anyone, the jig is up, and nobody buys that brand of VPN router again. I do agree with you to use build-it-yourself-from-source software on general principle though.
I'm talking about routing the Cisco box's VOIP traffic through a separate IPSEC tunnel that isn't especially aware that the data going through it is voice data. It all gets encrypted and is never exposed to the internet except through the VPN.
you buy a couple of those Cisco ATA186 VOIP phone adapters (POTS phone jack on one side, ethernet on the other, about $150 each) and route its IP side through your favorite IPSEC VPN box (Netgear makes one for about $150)? Don't you get an untappable phone? Feds would have to ban routing voice traffic through a VPN in order to stop that.
Whaaaat? (Re:GOOD for them!!!)
on
RFID Casino Chips
·
· Score: 2, Insightful
What are you talking about, no invasion of privacy? If Wal-Mart wanted to put an RFID tag on your forehead when you go through the entrance, so they could track every item you looked at, would you not feel invaded as long as they took it off when you left?
And why do you think you'll only be tracked while on the casino property? Most people who go to Vegas stay there for several days, and keep their chips with them when they leave the casino for the night, until it's time to go home. They don't cash out at the end of every session. Most casinos will in fact accept chips from other casinos. You can use Luxor chips at Caesars, and so forth. You can bet that the Caesars will install the equipment to install Luxor's and everyone else's. So you'll be tracked no matter what casino you go in. For that matter, every local restaurant may also install equipment to read the RFID's and they'll track you too.
Worst of all, the local muggers may also get RFID equipment. Walk past one on the sidewalk on the way to a restaurant with $3000 in chips in your pocket, and the mugger will know the demonination, serial number, and issuing casino of every chip. It makes their target selection a lot more efficient. They could even give you an automatically printed receipt to file with your police report, but somehow I don't think they'll do that.
It's apparently illegal to not put an accurate originating number on the fax itself. Not that junk faxers are bothered by that in the slightest, since junk faxing itself is illegal.
I have a pile of junk faxes left over from before I gave up and switched my fax machine off auto-answer. They are the usual kind, toner cartridges, vacation specials, and so on. Is there any simple way to tell if they came from fax.com? I'll be happy to send them to some plaintiff somewhere if it will get more money out of the junk faxers. Getting some of that money myself as a side effect would be nice but is not necessary.
If there's all these unlicensed DVD players around, why stop there? Why don't the vendors of those players make a selling point of disabling the region codes and macrovision, and letting people skip around in the movie the way they want to, instead of being forced to watch commercials and FBI warnings? Of course, if they're doing that, more power to them--it's bad enough to pay extra for licenses, but those "requirements" mean having to pay extra to have useful features removed. Any sympathy I might have left for licenseholders runs out when that happens.
It's really too early for Slashdot readers to try to run that code. As the usenet post said, it's alpha test. I'd actually call it pre-alpha. The usenet sci.crypt discussion is about ways to change the design so it can be hosted on multiple sites at the same time. Really, it would have been a lot better to wait for the author to make an announcement, before linking an ongoing discussion about a work in progress to the front page of Slashdot as if the code was ready for prime time. Ow!
They have to find it first though. That's harder without Onstar, if you park it in a garage.
Re:$20,000 for a low-traffic database server?
on
Wikipedia Needs $20K
·
· Score: 1
The database has to take updates all the time--right now none are being taken. It also has to deal with users' text search queries, which are disabled right now.
I do think the database load could be reduced some by reorganizing the software, but that's a lot of development work that consumes money in its own way, even if done by volunteers. It's more resource-effective to just throw hardware at the problem.
I have a fax machine in my bedroom that I mostly use as a voice phone on my one phone line, sending or (by prearrangement) receiving a fax once in a while. I usually don't leave the fax on autoanswer, but one day I did, because I was expecting a fax from my insurance company and forgot to switch the machine back afterwards. Some wardialer found the number (or the insurance company leaked or sold it) and I've had a steady stream of junk faxes.
The reason this is so much worse than typical junk faxes is that it's not a dedicated fax line that only wastes paper or electrons. This is my bedroom telephone. It actually rings as if it were one of my friends calling and I have to answer it only to hear a fax tone. And the fax spam comes at all hours of the day and night. It starts around 7 or 8 AM when I'm sleeping. If it came at 4 AM, I'd just go back to sleep, but at 8 AM it's almost time to wake up anyway, so I don't get back to sleep so easily, which means I go through the whole day short an hour or so of sleep, which messes up my mood and alertness and productivity for the whole day. Anyone who thinks the $500 TCPA penalty for sending a junk fax is excessive just wrong. $500 is just about the right amount of damages for the hassle and impairment that an 8AM bullshit fax causes if you weren't ready to wake up then. Even getting rid of the fax machine would not stop the junk faxes. They've slowed down since the incident I described, but they persisted on a few-times-a-week basis for several months.
You know, spam control might be the killer application for so-called "trusted" computing (TCPA). Someone could develop a mail protocol that would only accept connections from clients that present a credential that comes from a TCPA app or a whitelisted peer. The TCPA app would only be willing to sign say 5 challenges/minute or whatever, so to send messages faster than that, you'd have to buy multiple PC's or (say if you're running a legitimate mailing list) get on the whitelists of the people you want to send mail to. With enough advertising, pretty soon most people might refuse to accept mail from any clients except for the damn Windows-dependent TCPA thing. Since unlike DRM, escaping spam is a very real benefit for actual users, that may make it far easier to foist off TCPA. Be very afraid.
Slashdot Mirror
I guess if this eMachines thing has a 1-year warranty you can get an "extended" warranty from Best Buy for a few hundred bucks more. I'd definitely advise doing that. But it means you have to figure it into the price of the machine.
Spam is a perfect carrier for steganographic data since it's broadcast to millions of people and nobody can fall under suspicion merely by receiving it. When the government wants to monitor people's communications to search for steganography, when they don't do anything about spam, the purpose of the monitoring is probably not the stated one.
They are sending sekrit instructions to al-spamda about where to hide the weaponz of mass distraction. Or who knows. Any government efforts to control steganography (like reported just yesterday ) better go after spammers first, or we have to wonder what they're really up to.
Full definition: FSF Free Software Definition.
They are being used by the NASA folks on the ground.
An organization like Debian can't itself offer indemnification, but perhaps it could work with an insurance policy to offer indemnity policies to people wanting to buy them. However, the closest to a real solution would be for Darl and company to see jail time and dissuade others from running similar scams. But it just isn't likely.
Why do you say that? If they think they're asking for lawsuits unless they write some company a check for every copy of the program they use, how is it different from using proprietary software?
Meant "indemnified", not "identified" in above message. Doh.
We shouldn't celebrate just because indemnification is available and say it solves the problem. That SCO has created demand for such indemnification is already a big problem. And of course companies offering indemnification have a vested interest in creating more such demand. They're not doing anything bad by offering it, but neither is it completely in the interests of free software for everyone to jump on it. It's more complicated than that and we have to keep the issues clear.
What they really seem to want is an excuse to scan everybody's email and other net traffic as it flows over the net. That's scary.
I don't think you've ever been to Vegas. Also, I don't walk around with 3 grand in cash in my pocket every day, but I've done it a number of times when I had occasion to. It's not a big deal, as long as you don't advertise it or look like you're carrying it, you're no less safe than if you don't have it. But if the cash is broadcasting radio signals saying "Steal me! Steal me!", that's a lot less safe.
However, IMO, concerns about intentional secret backdoors in products are somewhat overblown. That stuff went out of fashion years ago. There's plenty of unintentional security holes in all kinds of products, but since the introduction of the Clipper chip, CALEA, 40-bit browser encryption, and so forth, government policy has been towards disclosure of backdoors (though as you can see from that list, user acceptance hasn't been so great).
The minute that data from a VPN wiretap through an intentional, undisclosed backdoor is used as evidence against anyone, the jig is up, and nobody buys that brand of VPN router again. I do agree with you to use build-it-yourself-from-source software on general principle though.
I'm talking about routing the Cisco box's VOIP traffic through a separate IPSEC tunnel that isn't especially aware that the data going through it is voice data. It all gets encrypted and is never exposed to the internet except through the VPN.
Optional means that when you compile the kernel, you can configure it with or without the feature.
you buy a couple of those Cisco ATA186 VOIP phone adapters (POTS phone jack on one side, ethernet on the other, about $150 each) and route its IP side through your favorite IPSEC VPN box (Netgear makes one for about $150)? Don't you get an untappable phone? Feds would have to ban routing voice traffic through a VPN in order to stop that.
And why do you think you'll only be tracked while on the casino property? Most people who go to Vegas stay there for several days, and keep their chips with them when they leave the casino for the night, until it's time to go home. They don't cash out at the end of every session. Most casinos will in fact accept chips from other casinos. You can use Luxor chips at Caesars, and so forth. You can bet that the Caesars will install the equipment to install Luxor's and everyone else's. So you'll be tracked no matter what casino you go in. For that matter, every local restaurant may also install equipment to read the RFID's and they'll track you too.
Worst of all, the local muggers may also get RFID equipment. Walk past one on the sidewalk on the way to a restaurant with $3000 in chips in your pocket, and the mugger will know the demonination, serial number, and issuing casino of every chip. It makes their target selection a lot more efficient. They could even give you an automatically printed receipt to file with your police report, but somehow I don't think they'll do that.
Sheesh.
It's apparently illegal to not put an accurate originating number on the fax itself. Not that junk faxers are bothered by that in the slightest, since junk faxing itself is illegal.
I have a pile of junk faxes left over from before I gave up and switched my fax machine off auto-answer. They are the usual kind, toner cartridges, vacation specials, and so on. Is there any simple way to tell if they came from fax.com? I'll be happy to send them to some plaintiff somewhere if it will get more money out of the junk faxers. Getting some of that money myself as a side effect would be nice but is not necessary.
If there's all these unlicensed DVD players around, why stop there? Why don't the vendors of those players make a selling point of disabling the region codes and macrovision, and letting people skip around in the movie the way they want to, instead of being forced to watch commercials and FBI warnings? Of course, if they're doing that, more power to them--it's bad enough to pay extra for licenses, but those "requirements" mean having to pay extra to have useful features removed. Any sympathy I might have left for licenseholders runs out when that happens.
It's really too early for Slashdot readers to try to run that code. As the usenet post said, it's alpha test. I'd actually call it pre-alpha. The usenet sci.crypt discussion is about ways to change the design so it can be hosted on multiple sites at the same time. Really, it would have been a lot better to wait for the author to make an announcement, before linking an ongoing discussion about a work in progress to the front page of Slashdot as if the code was ready for prime time. Ow!
Reverse defenestration, throwing windows out of your computer. Where do I download? (Props to Eric for definition).
They have to find it first though. That's harder without Onstar, if you park it in a garage.
The database has to take updates all the time--right now none are being taken. It also has to deal with users' text search queries, which are disabled right now. I do think the database load could be reduced some by reorganizing the software, but that's a lot of development work that consumes money in its own way, even if done by volunteers. It's more resource-effective to just throw hardware at the problem.
The reason this is so much worse than typical junk faxes is that it's not a dedicated fax line that only wastes paper or electrons. This is my bedroom telephone. It actually rings as if it were one of my friends calling and I have to answer it only to hear a fax tone. And the fax spam comes at all hours of the day and night. It starts around 7 or 8 AM when I'm sleeping. If it came at 4 AM, I'd just go back to sleep, but at 8 AM it's almost time to wake up anyway, so I don't get back to sleep so easily, which means I go through the whole day short an hour or so of sleep, which messes up my mood and alertness and productivity for the whole day. Anyone who thinks the $500 TCPA penalty for sending a junk fax is excessive just wrong. $500 is just about the right amount of damages for the hassle and impairment that an 8AM bullshit fax causes if you weren't ready to wake up then. Even getting rid of the fax machine would not stop the junk faxes. They've slowed down since the incident I described, but they persisted on a few-times-a-week basis for several months.
You know, spam control might be the killer application for so-called "trusted" computing (TCPA). Someone could develop a mail protocol that would only accept connections from clients that present a credential that comes from a TCPA app or a whitelisted peer. The TCPA app would only be willing to sign say 5 challenges/minute or whatever, so to send messages faster than that, you'd have to buy multiple PC's or (say if you're running a legitimate mailing list) get on the whitelists of the people you want to send mail to. With enough advertising, pretty soon most people might refuse to accept mail from any clients except for the damn Windows-dependent TCPA thing. Since unlike DRM, escaping spam is a very real benefit for actual users, that may make it far easier to foist off TCPA. Be very afraid.