Yes and if the guy on the other end is a proxy server by whomever you're afraid of (criminals, good guys, mommy) then no need for the encryption part either.
The one time I want a patent issued to help retard things and the system does the right thing and rejects it on obviousness. Well maybe they just forgot they could do that and from now on obviousness *will* matter.
Building the equivalent of a nuclear plant every day is not as high a bar as it might seem. The equivalent of might some day mean harvesting a banana peal to toss into Mr. Fusion.
I've bought/built about 20 PCs for personal use over the years. I bought retail or retail upgrades for each machine (I have 3 concurrent licenses in total). Recently I got a SMART warning and swapped a data drive. I had to talk to a Microsoft support person to get a new license key as the one that came with my install CD didn't work. I since then had to swap the system drive and submitted a support request b/c it won't run windows update and they assigned me a case # a month ago and haven't called back. Fortunately for the community I know Microsoft's machines - even when patched - are a risk so I don't allow them on the public network without a firewall (openbsd in my case). However they should know better than to prevent a paying customer from applying their patches.
So you think they are going to force carriers to run an open-ed up version of their platform to unsigned code? Not likely. More likely is they will offer the carriers the option to keep it locked down or open it up. I would expect that at minimum things like network APIs will be restricted to signed content which the carrier can revoke.
Ok so I'm agnostic; that means I don't believe in god, gods, God, nor Gods but I also don't not believe in them - I simply don't think I know the answer.
Religion has and will continue to serve mankind. Not all religions, not all followers of every religion - but some by some for all more or less.
I am big into science - I love *love* understanding how things work. I am constantly surfing about learning, learning about technology learning about people learning about almost everything.
Science is about finding explanations for our observations and engineering is about applying that knowledge.
There is nothing in science that makes it more concrete than the absolute beliefs of a deist in their creator.
I believe in evolution but I can't prove the world is more than a day old. If you find this hard to believe take some time to ponder it. I offer you this seed to germinate if you care. Imagine for a moment that there is a vastly superior force out there (Borg in a million years, a million immortal telepathic Einstein clones on their trillionth anniversary,...) and this force decides to build a world that is self consistent and appears to be really really old when examined from within. I am defining "vastly powerful" such that given enough time to construct such a thing it could be done.
This doesn't answer the question "is there such a thing or is it possible in reality." The point here is that science is a belief system - a belief system that values knowledge.
The bigger point here is that social values and individual values are what matter and not the belief system through which they interpret the world. So long as you are helping life (my value system) I am content with you as you are; cross that line and you earn my ire whether your cause is religious, scientific, economic, or political.
OTS: off the shelf, meaning a typical one you'd find in a 'store."
Many of the commercial certificate authorities offer code-signing certificates for software management programs like Qualcomm's BREW, Microsoft Smartphone, Sun Java, Sun J2ME, SymbianMicrosoft ActiveX, etc. These are governed by the CA under either their policy or a policy specified by the platform vendor, or the carrier/operator.
If you are looking for tamperproofing and easy verification by end users there is no need to go for an expensive certificate service, buy something cheap that comes with revocation services. Revocation services is critical if you are going to be sharing keys or having folks rotate in and out of authority (joining and leaving the release or development efforts) or if you are not confident that the place you store your keys could be compromised.
You should be able to get what you need for about 20 USD/year.
In high assurance scenarios like commercial CA operations private-keys are never controlled by an individual. Typically an N of M scheme is used to activate crypto-hardware.
There as been some interesting work done demonstrating the generation of partial signatures using partial keys - this probably meeds one of your needs. Each of the trusted core of developers gets part of the private-key and uses that to sign part of the release, all the signature parts are assembled and voila you're done. Key recovery works well here as each key part can be encrypted and backed up elsewhere (USB token somewhere else). This may be way overkill for your needs.
Why not just use an OTS code signing certificate and use the Mozilla or Java or OpenSSL tools to manage signing? If you lose the key you can just get a (free) replacement. This way your key chains up to a well known root that ships with FF, Java, Opera etc. Also if you find your key has been compromised for whatever reason, CRLs or OCSP will be available to prevent use of the compromised key by whomever it is you want to defend against.
I've bought sevearl windows O/S licenses as well as office licenses. The SP3 EULA crossed a line for me so I let them know I will not be buying their O/S products.
The way I look at it he's a better player than most and he'll continue to make money by playing the game. When he's dead he's giving just about all of it away to charity. So while he's not giving away the large percentage of his income that you, me and all slashdotters give every year - he's using that $$ to make $$$ so he can donate $$$$.
Bill has a full time employee to find effective and proper ways to pour tons of cash money into helping people live better lives. By every reasonable measure Bill gates is a philanthropist.
No doubt the business minds at microsoft and billy's accountants and lawyers are good at managing his money - including reducing his tax burden - this of course is a different topic. Note that IBM does the same thing, as does Apple, as does Red Hat, as does RMS, as do I, and if you get a paycheck in the USA I'm guessing you try do pay as little tax as possible as opposed to as much as possible. This is a good thing since if you had died yesterday - you would have had more money to have left for charity (you are donating billions of dollars to charity when you die right?).
I am not a particular fan of Microsoft as a company - I'd say they're about average over all.
I think once people pass $20MM net worth money is not as important as power - granted money can get you some power, but not all
Finally I'll say that IMO windows is pretty good for a current OS. Office is a great tool. Apple makes better UIs.
Umm, just a 411 here but Billy gives more to charity in a day than you will likely earn and spend in your entire life. This is statistically true but of course you may be waaaay above average income earner - so I could be wrong.
If they want to know where they stand for coverage they could allow people an easy way to provide feedback. Any one who as has had the pleasure of walking around 'down town' Los Alos knows that VW doesn't really have coverage there. Stand on the major road in front of Banderas (a killer BBQ restaurant that is ALWAYS PACKED with the rich and beautiful) and you will find that the quality of signal varies drastically minute to minute and is never good enough to have a 5 minute call without a drop.
There are similar holes in Mountain View of all places - near the old Sun Campus. I reported this one to them about 2.5 years ago. They've done a lot about it so far:-)
build it yourself:
-pc $200
-win2k license [yeah - I buy my music too] $100
-killer audio card $170
-free VNC to control it via any pc (http://www.uk.research.att.com/vnc/)
-with ssh if you like to control it from wide and far(http://www.openssh.com/)
-free media jukebox (http://www.musicex.com/mediajukebox/index.html auto cover art,CDDB, local database)
-free MonkeysAudio (http://www.monkeysaudio.com lossless compression ~60% smaller!)plug-in for MJ
-home R/C IR to serial device - $30
-plextor 'accu-stream' drive for ripping $150
-lots of slow and quite 5400 RPM drives (much quiter than 7 or 10k drives and cheaper). each CD will be rouhgly 300MB - and drives are roughly $2@GB
I recently broke a desk while doing some whiteboarding and consequently sent somone's laptop plumetting to it's demise. Actually nothing happened to the computer. Nothing. I've dropped mine and used it in all sorts of non-computing ways and it works well too. I wish my laptop had a handle - so I could carry it easily.
Note that I started off with a one word reply ("moron").
Umm. I am confidentysure the open market deserves more credit than you give it. Consider the possibility that technologies get phased in and not slammed into place therfore there is plenty of room for fine-tuning during the maturation of the technologies and practices. In the end legally binding digital signatures will make this more secure than they are without giving up any privacy nor anonymity [IE will still be IE and that represents some risk -> perhaps a more trusted brand will offer something up:].
1. WAP is documented very well. Their document's are as wonderfull as those one might wade through at the
IETF. WAP is proprietary and deviates from known standards in places it should have and others it shouldn't have. WAP also includes some very nice stuff which will no doubt make it's way back into IETF such as SOME of the WTLS (WAP TLS) work.
2. Umm. I don't think anything bars you from running WAP over faster carriers - except the existence of the infrastructure to enable them. WAP speed will always be limited by the underlying carrying technology. What kind of voice bandwidth do you think you get on your Verizon Star-Tac? [It seems like everyone in mountain view has a Star-Tac]
3. HTTP relies on TCP. TCP as it stands is problematic for unreliable connections (ask folks in china what it's like to surf). WAP uses WDP/WTP instead of TCP/HTTP. BFD. I agree they should've modded TCP/HTTP and TLS to suit their needs. The fact of the matter is that while I find the methods a bit distasteful - they are private companies with a plain economic agenda who had to develop variants of existing technologies. They did so and are now working to fold their mod back into the IETF - a much better place for standards to live once they're deployed. I think it is OK to develop proprietary protocols, deploy them, and then release them to the public for modification. This is one of the easiest way for society to benefit from private money's expenditures and I think we should encourage corporate entites which do so!
The so called "NG WAP" will be based entirely (?) on IETF protocols. There is a bunch of support for this goal within the WAP forum which now has representatives from thousands of companies including all the key players. There is alot of work being done to ensure this can happen. WAP might pull it off:-) Or Not. I don't really care either way as I'm sure I'll have a G3 phone as soon as someone rolls it out where I am - and I'm guessing it'll be able to surf - WAP or otherwise.
I've been to 4 WAP forum events - they are as boring as can be most of the time. Everyonce in a while RSA and Certicom have a party - but that's another story.
AAAhhh!
Without good tech folks moving up the ladder we would never have good tech managers. As a tech savvy manager I play a critical role in helping my company (ok I only own a small part) by helping to make evaluations of new markets created by new technologies [I help pick what new internet services we will build and offer out]. I realize that not everyone would find that exciting... I do!
As a manager coming from a development position I play a critical role in deciding if, when and which companies we should acquire. This involves meeting with the managers and developers of prospects and discussing their designs so I can evaluate their technology as well as their skills. I realize that not everyone would find this exciting...
Finally this did all come at a price. I have more than quadrupled the number of stock options I have vesting and my salary has more than doubled over the last 5 years. I have gotten three promotions in as many years. Finally on this point I would point out that I took a 30% pay cut to go from consultant to FTE when I first started and I've made about 5000 years of consultant fees in the 5 years since. I work today because I WANT TO DO MY JOB and not because of any financial constraints whatsoever. I'm here on slashdot Sunday morning because I WANT TO.
To paint a complete picture I present the downside as well. I have had as many as 15 employees under my supervision and that took nearly 50% of my time - I think I am lucky here because all my engineers are technically strong - or at least capable of fulfilling their duties so I need only manage their happiness, careers, and any politics that may creep into our space. The fact that I was a developer along side many of them helps inspire confidence in them. Probably the shittiest part of my job is protecting my team from folks outside of engineering - although I feel good about protecting who I was from who I didn't want to deal with. There are also the occasional service escalations [fires] - these used to razzle me but after some experience I realize that so long as I do the right thing [usually obvious] it's usually just a quick decision and some delegation to the team.
If you don't want to be a manager and you are a capable developer the odds are quite good you can stay at your current position. You certainly don't have to go into management - but it can be a shitload of fun.
-----
These may be my opinions, you don't have to share yours
While I've no doubt that you have had a terrible experience I can tell you it's been the opposite for me. I developed for years for my current employer and eventually was offered a choice: take a leadership role or they'd have to bring someone new as my leader. I had already seen our 8 man company grow to 30 - including two folks between me and the top - there was no way I could allow this trend would continue. I faced leadership the same way I faced my develoment role -> head on and eager to dominate!
Fortunately for me my boss is a good guy - so long as he thinks I'm trying hard and doing at least a decent job he leaves his door open and stays out of my way.
It's sad you feel this way -> but it would be tragic of only idiots took jobs as managers as then developers would forever be dealing with... well... dilbert style managers.
Slashdot Mirror
You can do it cheaper by using botnets rather than legitimate resources.
Yes and if the guy on the other end is a proxy server by whomever you're afraid of (criminals, good guys, mommy) then no need for the encryption part either.
The one time I want a patent issued to help retard things and the system does the right thing and rejects it on obviousness. Well maybe they just forgot they could do that and from now on obviousness *will* matter.
Building the equivalent of a nuclear plant every day is not as high a bar as it might seem. The equivalent of might some day mean harvesting a banana peal to toss into Mr. Fusion.
I've bought/built about 20 PCs for personal use over the years. I bought retail or retail upgrades for each machine (I have 3 concurrent licenses in total). Recently I got a SMART warning and swapped a data drive. I had to talk to a Microsoft support person to get a new license key as the one that came with my install CD didn't work. I since then had to swap the system drive and submitted a support request b/c it won't run windows update and they assigned me a case # a month ago and haven't called back. Fortunately for the community I know Microsoft's machines - even when patched - are a risk so I don't allow them on the public network without a firewall (openbsd in my case). However they should know better than to prevent a paying customer from applying their patches.
So you think they are going to force carriers to run an open-ed up version of their platform to unsigned code? Not likely. More likely is they will offer the carriers the option to keep it locked down or open it up. I would expect that at minimum things like network APIs will be restricted to signed content which the carrier can revoke.
Ok so I'm agnostic; that means I don't believe in god, gods, God, nor Gods but I also don't not believe in them - I simply don't think I know the answer.
...) and this force decides to build a world that is self consistent and appears to be really really old when examined from within. I am defining "vastly powerful" such that given enough time to construct such a thing it could be done.
Religion has and will continue to serve mankind. Not all religions, not all followers of every religion - but some by some for all more or less.
I am big into science - I love *love* understanding how things work. I am constantly surfing about learning, learning about technology learning about people learning about almost everything.
Science is about finding explanations for our observations and engineering is about applying that knowledge.
There is nothing in science that makes it more concrete than the absolute beliefs of a deist in their creator.
I believe in evolution but I can't prove the world is more than a day old. If you find this hard to believe take some time to ponder it. I offer you this seed to germinate if you care. Imagine for a moment that there is a vastly superior force out there (Borg in a million years, a million immortal telepathic Einstein clones on their trillionth anniversary,
This doesn't answer the question "is there such a thing or is it possible in reality." The point here is that science is a belief system - a belief system that values knowledge.
The bigger point here is that social values and individual values are what matter and not the belief system through which they interpret the world. So long as you are helping life (my value system) I am content with you as you are; cross that line and you earn my ire whether your cause is religious, scientific, economic, or political.
OTS: off the shelf, meaning a typical one you'd find in a 'store."
Many of the commercial certificate authorities offer code-signing certificates for software management programs like Qualcomm's BREW, Microsoft Smartphone, Sun Java, Sun J2ME, SymbianMicrosoft ActiveX, etc. These are governed by the CA under either their policy or a policy specified by the platform vendor, or the carrier/operator.
If you are looking for tamperproofing and easy verification by end users there is no need to go for an expensive certificate service, buy something cheap that comes with revocation services. Revocation services is critical if you are going to be sharing keys or having folks rotate in and out of authority (joining and leaving the release or development efforts) or if you are not confident that the place you store your keys could be compromised.
You should be able to get what you need for about 20 USD/year.
In high assurance scenarios like commercial CA operations private-keys are never controlled by an individual. Typically an N of M scheme is used to activate crypto-hardware.
There as been some interesting work done demonstrating the generation of partial signatures using partial keys - this probably meeds one of your needs. Each of the trusted core of developers gets part of the private-key and uses that to sign part of the release, all the signature parts are assembled and voila you're done. Key recovery works well here as each key part can be encrypted and backed up elsewhere (USB token somewhere else). This may be way overkill for your needs.
Why not just use an OTS code signing certificate and use the Mozilla or Java or OpenSSL tools to manage signing? If you lose the key you can just get a (free) replacement. This way your key chains up to a well known root that ships with FF, Java, Opera etc. Also if you find your key has been compromised for whatever reason, CRLs or OCSP will be available to prevent use of the compromised key by whomever it is you want to defend against.
What would RMS do?
I've bought sevearl windows O/S licenses as well as office licenses. The SP3 EULA crossed a line for me so I let them know I will not be buying their O/S products.
? sc id=sw;en;1076
Let them know what you think.
http://support.microsoft.com/common/survey.aspx
The way I look at it he's a better player than most and he'll continue to make money by playing the game. When he's dead he's giving just about all of it away to charity. So while he's not giving away the large percentage of his income that you, me and all slashdotters give every year - he's using that $$ to make $$$ so he can donate $$$$.
Bill has a full time employee to find effective and proper ways to pour tons of cash money into helping people live better lives. By every reasonable measure Bill gates is a philanthropist.
No doubt the business minds at microsoft and billy's accountants and lawyers are good at managing his money - including reducing his tax burden - this of course is a different topic. Note that IBM does the same thing, as does Apple, as does Red Hat, as does RMS, as do I, and if you get a paycheck in the USA I'm guessing you try do pay as little tax as possible as opposed to as much as possible. This is a good thing since if you had died yesterday - you would have had more money to have left for charity (you are donating billions of dollars to charity when you die right?).
I am not a particular fan of Microsoft as a company - I'd say they're about average over all.
I think once people pass $20MM net worth money is not as important as power - granted money can get you some power, but not all
Finally I'll say that IMO windows is pretty good for a current OS. Office is a great tool. Apple makes better UIs.
Umm, just a 411 here but Billy gives more to charity in a day than you will likely earn and spend in your entire life. This is statistically true but of course you may be waaaay above average income earner - so I could be wrong.
You are right of course. Here's 1.1
return c ? a|b : a&b
a bit late, but I just read it...
return (a|b) & c
Thanks but I've reported this hole and others before.
If they want to know where they stand for coverage they could allow people an easy way to provide feedback. Any one who as has had the pleasure of walking around 'down town' Los Alos knows that VW doesn't really have coverage there. Stand on the major road in front of Banderas (a killer BBQ restaurant that is ALWAYS PACKED with the rich and beautiful) and you will find that the quality of signal varies drastically minute to minute and is never good enough to have a 5 minute call without a drop.
:-)
There are similar holes in Mountain View of all places - near the old Sun Campus. I reported this one to them about 2.5 years ago. They've done a lot about it so far
build it yourself:
-pc $200
-win2k license [yeah - I buy my music too] $100
-killer audio card $170
-free VNC to control it via any pc (http://www.uk.research.att.com/vnc/)
-with ssh if you like to control it from wide and far(http://www.openssh.com/)
-free media jukebox (http://www.musicex.com/mediajukebox/index.html auto cover art,CDDB, local database)
-free MonkeysAudio (http://www.monkeysaudio.com lossless compression ~60% smaller!)plug-in for MJ
-home R/C IR to serial device - $30
-plextor 'accu-stream' drive for ripping $150
-lots of slow and quite 5400 RPM drives (much quiter than 7 or 10k drives and cheaper). each CD will be rouhgly 300MB - and drives are roughly $2@GB
I just started ordering parts last week
Note that I started off with a one word reply ("moron").
-----
Umm. I am confidentysure the open market deserves more credit than you give it. Consider the possibility that technologies get phased in and not slammed into place therfore there is plenty of room for fine-tuning during the maturation of the technologies and practices. In the end legally binding digital signatures will make this more secure than they are without giving up any privacy nor anonymity [IE will still be IE and that represents some risk -> perhaps a more trusted brand will offer something up :].
-----
2. Umm. I don't think anything bars you from running WAP over faster carriers - except the existence of the infrastructure to enable them. WAP speed will always be limited by the underlying carrying technology. What kind of voice bandwidth do you think you get on your Verizon Star-Tac? [It seems like everyone in mountain view has a Star-Tac]
3. HTTP relies on TCP. TCP as it stands is problematic for unreliable connections (ask folks in china what it's like to surf). WAP uses WDP/WTP instead of TCP/HTTP. BFD. I agree they should've modded TCP/HTTP and TLS to suit their needs. The fact of the matter is that while I find the methods a bit distasteful - they are private companies with a plain economic agenda who had to develop variants of existing technologies. They did so and are now working to fold their mod back into the IETF - a much better place for standards to live once they're deployed. I think it is OK to develop proprietary protocols, deploy them, and then release them to the public for modification. This is one of the easiest way for society to benefit from private money's expenditures and I think we should encourage corporate entites which do so!
The so called "NG WAP" will be based entirely (?) on IETF protocols. There is a bunch of support for this goal within the WAP forum which now has representatives from thousands of companies including all the key players. There is alot of work being done to ensure this can happen. WAP might pull it off :-) Or Not. I don't really care either way as I'm sure I'll have a G3 phone as soon as someone rolls it out where I am - and I'm guessing it'll be able to surf - WAP or otherwise.
I've been to 4 WAP forum events - they are as boring as can be most of the time. Everyonce in a while RSA and Certicom have a party - but that's another story.
-----
I think I'll patent the idea of putting a power button on home computers - I bet Apple would license it for the glory and ad-value.
-----
As a manager coming from a development position I play a critical role in deciding if, when and which companies we should acquire. This involves meeting with the managers and developers of prospects and discussing their designs so I can evaluate their technology as well as their skills. I realize that not everyone would find this exciting ...
Finally this did all come at a price. I have more than quadrupled the number of stock options I have vesting and my salary has more than doubled over the last 5 years. I have gotten three promotions in as many years. Finally on this point I would point out that I took a 30% pay cut to go from consultant to FTE when I first started and I've made about 5000 years of consultant fees in the 5 years since. I work today because I WANT TO DO MY JOB and not because of any financial constraints whatsoever. I'm here on slashdot Sunday morning because I WANT TO.
To paint a complete picture I present the downside as well. I have had as many as 15 employees under my supervision and that took nearly 50% of my time - I think I am lucky here because all my engineers are technically strong - or at least capable of fulfilling their duties so I need only manage their happiness, careers, and any politics that may creep into our space. The fact that I was a developer along side many of them helps inspire confidence in them. Probably the shittiest part of my job is protecting my team from folks outside of engineering - although I feel good about protecting who I was from who I didn't want to deal with. There are also the occasional service escalations [fires] - these used to razzle me but after some experience I realize that so long as I do the right thing [usually obvious] it's usually just a quick decision and some delegation to the team.
If you don't want to be a manager and you are a capable developer the odds are quite good you can stay at your current position. You certainly don't have to go into management - but it can be a shitload of fun.
-----
These may be my opinions, you don't have to share yours
-----
While I've no doubt that you have had a terrible experience I can tell you it's been the opposite for me. I developed for years for my current employer and eventually was offered a choice: take a leadership role or they'd have to bring someone new as my leader. I had already seen our 8 man company grow to 30 - including two folks between me and the top - there was no way I could allow this trend would continue. I faced leadership the same way I faced my develoment role -> head on and eager to dominate!
Fortunately for me my boss is a good guy - so long as he thinks I'm trying hard and doing at least a decent job he leaves his door open and stays out of my way.
It's sad you feel this way -> but it would be tragic of only idiots took jobs as managers as then developers would forever be dealing with... well... dilbert style managers.
-----