Sigh - every now and then I forget this is Slashdot and I get surprised that nobody reads TFA:o)
from TFA: Rather than turn over the information, I contacted lawyers at the American Civil Liberties Union, and in April 2004 I filed a lawsuit challenging the constitutionality of the NSL power.
I'm surprised no one has bothered to point out the fact that it is in Symantec's interest for people to use windows. They don't sell their products to *nix/OSX users.
So they say Windows is more secure to convince a few gullible people to buy into the platform. Then those sorry souls who believed them get infected and end up needing an antivirus product (if they haven't bought one already). Oh, gee.... look who they might go to with their cash at that point.
Not only that but they *want* to sell their products to Linux users (regardless of the actual need for them). So they cook up a study which says that Linux is less secure. Six months later they announce they have the answer to this "less secure OS" - Symantec Linux products! A queue of gullible users appears at PCWorld.
We're fast moving from "this is a big red piece of text" to "this is a heading" thanks to CSS allowing us to state that headings should be big and red.
Fast? CSS has allowed us to do that since 1996!:o)
I doubt we're ever going to be in a position where every site is marked up with RDF metadata, but a lot of sites are now offering APIs that are good enough to do the job, sure we're unlikely to have a universal API that allows us to query any website on the internet and extract the data we're looking for, but realistically what would that actually gain us?
People used similar arguments for HTML standards when the (first) browser wars were on. The purpose of a standard is (supposed to be) that sites interacting with each other (as is an ideal of Web 2.0) can do so without specific coding for each site you interact with. Hence RSS aggregators can grab any RSS feed and display it. If "Web 2.0" is going to be as useful as the web itself then it needs to avoid splitting into different APIs and formats.
I think we're going to see a lot more almost-standards around the web...
Okay let's try and imagine if/how the worst could happen here...
> Junior sees the ad....
Toddlers could see this ad because their dad was watching something at about 6pm that he recorded at 9:00pm the night before. Two year olds take in everything they hear and see - I know I have two of them. They are also masters of mimicry, it's a learning device.
> how is a 2 year old going to do the following:
> Open the car door
They can open car doors. They learn to do it by watching adults. My 3 yr old son can get past every child safety door lock we have in the house. He can open stair gates and after watching me fix a door recently has figured out how to take a door handle off (assuming he ever had access to a real screwdriver). Never underestimate the ingenuity and exploratory nature of a two year old.
> Start the car
If the keys were in it - very easily. I agree the parent should be watching their child but we're talking worse case feasibility here aren't we? Aside from this they don't have to. They just need to release the handbrake. There have been (no I don't have any direct sources) a few casdes I remember in the past of kids leaning on handbrakes and they fail. All the car needs to do is roll along and the kid will think they are driving.
> Understand the controls What controls? They will try to turn the steering wheel and that's about it. With an automatic transmission where the gear selector is on the driving column they just need to shift it around until something "clicks".
> Have his feet reach the pedals and be able to see over the steering wheel Neither of these is a prerequisite for having an accident in a car. You just need to make sure it is moving.
Okay, having said all of that I should say that I think it is unlikely that a toddler would want to do this solely by seeing this ad but it may contribute. The parent's responsibility has not been removed but I am not sure that is why the parents complained. The ad could lead a child to think that children are able to do what they see on the TV and try it.
80 complaints is not many and I think the ad company probably pulled it to gain additional publicity (don't think they placed the calls though). Personally I can see why parents would be concerned. If only because a child seeing that ad would be nagging their parents to drive the car for weeks afterwards.:o)
Are these kinds of organized 'advocate mobs' going to be the future of internet activism?
I'm not sure, probably, but one of the best I have seen so far is saynoto0870 which lists the equivalent geographical telephone numbers for the 0870 (national rate non-geographical) numbers that companies give out for support and such. ( Okay so it should have been called saynoto0870.co.uk but that's a little OT )
Considering how long some of them keep you on hold, dialling non-geographical numbers (which are often excluded from discount pricing plans) can cost you a fortune.
Not from where I am sitting. Internet and other electronic forms of elections generally suffer from a clash between ensuring one-vote-per-voter and voter anonymity.
Jason Kitcat has done significant research on evoting originally as part of a Uni project to provide such a function. His conclusion was that evoting was bad for (among others) the reason I've given above. See this website for more details.
To be fair he hasn't appropriated it. Others refer to him as such - particularly those from countries where an equivalent position is a title and not a post. I agree he hasn't gone out of his way to correct that but I am unaware of any direct effort by TB to use this as a title.
Most (good) news media in the UK at least seem to refer to him as "the Prime Minister, Tony Blair" or "mr Blair" as you have suggested.
Caveat: this does not mean I like his policies of course.:o)
Practically every country in the EU has mandatory ID in one form or another and they have absolutely no issue with it.
Yet again this ill-informed argument raises it head. The part most people (at least the ones I know) are upset about is not the issue of ID cards but the database behind them. The proposals include a database which government departments, police and other parties will have access to. This would give those parties access to data that at present they have no access to. Currently the data is spread across several disparate databases and for one party to have it all (financial, social benefits, movements, location, taxation, employment, law enforcement issues etc.) would take some significant time. The protest is not about being forced to carry ID - most of us do that anyway. The concern is to do with the level of (mis)trust there is in the present or any future government or other national institution to not mis-use (or even "lose") this data.
Hey dude, thanks for your reply. I think my post came off as a complaint but maybe it was more of a call for help.
thought so but the wording was one of complaint - hence I tried to help and answe the complaint at the same time.
c) mixing pre-built and self-compiled binaries leads to problems I think that's a valid complaint. Let's say package B depends on package A, and I compiled package A from source. Now apt-get package-B won't work because apt doesn't know about my package A existing. Yet compiling package B from source will work, because it will use `packageA-config --libs` to find out where the libs are. So why should package B's configure/make scripts be able to figure out that I have package A installed, and apt-get not be able to?
But when you compile it from source you are telling it that package B is installed (that's what the config option does). Without you telling it this, it is unlikely to have figured it out.
Remember that deb packages are binaries not source. They have been built on another system which had it's libraries in the same place as yours and had particular ones installed. The dependency is the package builder saying "you need this installed first" and (as you are using a package manager) the best way to assure that is to see if the other package is installed. This is the major difference: packages = binaries with expectations & asks few questions, source = less assumptions and asks/allows you to supply info it needs.
You can also install deb source packages which will compile and install on your system discovering what they can and asking the rest of you. Check out man apt and look for the source command (you'll need a source repository in your sources list for this to work).
I understand why there is an appeal to use sources. In the past I have resorted to compiling from source because the available package was too old and did not include the security patches I needed and sometimes it can just be fun to get your hands dirty. But - given a reasonably updated repository - I find myself doing this less now because apt just makes it so much easier to install/update and remove software. Having struggled with dependency hell on rpm based systems[1] and Windows, I find the simplicity of apt-get install wonderful, particularly when I know it will show me any outstanding bugs and install all dependencies for me (asking first of course).
[1] This was a while ago and I know rpm systems have improved. Still don't beat apt for me though.
Is anyone actually working on some kind of universal package installer that wraps around everything else yet?
How would that work exactly. Packages are often built on and for a particular distro. consequently they expect certain things in certain places and things to work in particular ways. This goes beyond LSB stuff for location of libraries etc. Most daemon packages will include init start/stop scripts, a SuSE init script for mysqld is different to a Debian one.
I would say that if you want some software that is not included in your chosen distro's package list, download the source, build and install a package of your own. That way you keep your package manager informed of what is going on.
Package managers all have one thing in common, in order to work for you properly they must be able to manage what is and is not installed.
What is particularly evil is the "install on any distribution" or even worse "drag-and-drop" installations because they circumvent all the consistency checks and automated update features of the distributions and standard packaging systems. And "self-updating" distributions are evil because they bother the user with trivia ("Version 1.9.1.23.1 is available; may I waste your time now, or later?") and present a security hole.
Agreed. The real key issue (for me) with packages is not the package manager or the type of package (rpm/deb etc.) it's the repositories. Any software installation system that expects me to download packages from half a dozen different sites, manage dependencies myself and keep on top of security updates (for all software not just the OS) etc. is way behind the times. This includes Windows and some of the GNU/Linux distros.
What I want/need is a system where pretty much everything I want is downloadable/updatable from a single command, two or three repositories (at the same remote location) and handles dependency properly.
For me this system is apt on Debian. I will concede that others prefer rpms etc. but having been forced to use YUM (on a different system) recently I will stick with apt thank you very much (particularly with apt-listbugs as well).:o)
apt works fine for the most part on its own - it just downloads and installs binaries. And it seems to keep its own internal dependency or tagging system. The problem is: these "dependencies" aren't compatible with anything I installed outside apt: source builds, rpm installation, even if I used debian apt packages they aren't compatible with Ubuntu apt packages.
First off - I am not aware of any packaging system that will support applications built from source (which are compiled and installed manually). How can it know what versions you have built and how can it manage them (for that is what packaging systems do) if you have installed the package yourself. You might as well complain that a pre-built binary downloaded from a third party website is not recognised by a packaging system. Second - if you are building from source and wish to keep apt/dpkg informed why not build a deb and install that. Then apt will know what you have installed and what version it is (and subsequently whether it meets dependency requirements for other packages).
man dpkg-buildpackage
will be your friend here.
The situation becomes a nightmare as soon as I install something from source - I can no longer use apt for anything that depends on it. Trying to set up a webserver was the biggest pain because for some reason php4 wasn't in the ubuntu apt packages, so I installed it separately, and then I couldn't install anything that required php4 because they all needed "php4-ubuntu".
I don't use Ubuntu but searching here it took me ten seconds to see that php4 is available for Edgy in the "universe" repository (php5 is in "security" but you specifically mentioned php4). This would suggest that you have not enabled that repository in your sources file. If you want to set up a webserver, next time download the ubuntu server CD and select the LAMP option on installation.
This has to be fixed.
No, it does not. You perhaps need to read up a little more but if your entire complaint is that: a) php4 does not come with Ubuntu b) apt/dpkg does not magically know what you have done outside of it's sphere of influence c) mixing pre-built and self-compiled binaries leads to problems
Then I would say that your complaint is rather silly.
Maybe I should just go to Gentoo and compile everything myself!
If you think it will help but, based on my limited experience of your situation as described by your post, I would suggest you would end up in more trouble.
Perhaps you should think about using Synaptic or something similar or reading this.
I thought the point of standards was to make it so we (the developers) only have to implement one thing.
I'm not sure that the point of a standard is to ensure the one format to rule them all. After all we have different standards for plain text. Surely the point of a standard is so that if a developer chooses to support it in their code they can (in this instance) make certain assumptions about the documents that come in that format?
I can fully understand IBM's reasoning here. The only thing it seems MS wants to do is create more vendor lock.
Agreed. "Officially" the reason for the MS submission of OOXML is to ensure developer's get the deal I mentioned above but in reality it's probably worthless as I think they'll extend it with proprietary extensions asap. MS know that since Office97 what has really kept Office at the top is user gullibility and the fact that so much data is in.doc format. It's why they did not join in with ODF.
The problem here - IMHO - is the lack of definition (or marketing re-definition) of the term "open standard". Is an open standard one that many can contribute to with a leading group that ratify decisions? Is it one where anyone can read the standard and support it in their app - with or without charge? Is it one where all interested parties work together to produce something that they all agree on and will all support without "embracing and extending" it?
For my money it should be the latter - at that point then, yes, it negates the reason for more than one standard document format.
Nothing in TFA or from the Novartis or broad.mit.edu sites indicates that there is any licencing of the content they are making available. AFAICS they are giving it away free of charge and without restriction. This is public domain not open source isn't it?
Also they are giving away the results of the research (e.g. data) - open source is not normally a term used in such circumstances. The Creative Commons licences (among others) were created because typical open source/free (as in speech) licencing models do not suit data.
Now whilst I applaud them for not keeping this research under wraps I think it's wrong to call it "open source." Having said that I feel that perhaps some kind of condition _should_ have been attached to the research data. If only to stop someone analysing it and then keeping their analysis secret.
Having read TFA I fail to see what this business model has to do with Open Source per se. What he is presenting is a model for a software development company/co-op but the fact that he wants it to develop open source software is largely irrelevant, isn't it? The same model could equally be used to develop proprietary software and nothing in this article explains (to my untrained eye) exactly how it would make money from developing Open Source software, it merely explains how any profit made would be shared among the members.
Also, from TFA:
Each year, members would elect one-third of the board of directors,...
and later on
The board would also be in charge of accepting new members, controlling the size of the co-op, and the acceptance of individuals.
Anyone else see a potential membership-for-votes conflict here?:o)
The signal tell the phone to wipe all of its data and begin emitting a very loud and obnoxious sound.
Will anybody notice another 'phone making a loud and obnoxious noise?
Most mobile phones already make loud and obnoxious noises, what with the ring-tones and this new "fad" of walking along with your 'phone playing tinny "music" to all and sundry!
Ah - here's an idea perhaps we can report somebody whose 'phone is guilty of the above by reporting it stolen. Of course for that we'd need their number - any ideas how to get that?
I seem to remember him saying he had a speech synthesizer. plausible... not with such pronunciation though..
certainly it is but it was not one that he carried around with him and plugged into every terminal he used - that was the bit I was referring to.
As mentioned by another poster it was, of course, a movie-device used to aid the viewer (and it worked). I was aware of this but it still made me smile.
I have mixed feelings about War Games. Some of it was good and realistic, the text logins and the war-dialling, like you say, but some of it was pushing things a little, like computers are alive and one them has been put in charge of the nuclear button.
And some of it was just complete fantasy-land, like the cute girl wanted to hang out with the class nerd while he played a computer game in his bedroom. I ask you.
My particular favourite was when the kid plugs in the speaker at home so we can "hear" the computer "speak" and then this voice miraculously appears each time he accesses WOPR regardless of the terminal he is using - or where it is located.
Slashdot Mirror
Sigh - every now and then I forget this is Slashdot and I get surprised that nobody reads TFA
from TFA:
Rather than turn over the information, I contacted lawyers at the American Civil Liberties Union, and in April 2004 I filed a lawsuit challenging the constitutionality of the NSL power.
Not only that but they *want* to sell their products to Linux users (regardless of the actual need for them). So they cook up a study which says that Linux is less secure. Six months later they announce they have the answer to this "less secure OS" - Symantec Linux products! A queue of gullible users appears at PCWorld.
Fast? CSS has allowed us to do that since 1996!
People used similar arguments for HTML standards when the (first) browser wars were on. The purpose of a standard is (supposed to be) that sites interacting with each other (as is an ideal of Web 2.0) can do so without specific coding for each site you interact with. Hence RSS aggregators can grab any RSS feed and display it. If "Web 2.0" is going to be as useful as the web itself then it needs to avoid splitting into different APIs and formats.
And, for me, this is part of the problem.
Do you know many two year olds?
:o)
> Assume the worst,
Okay let's try and imagine if/how the worst could happen here...
> Junior sees the ad....
Toddlers could see this ad because their dad was watching something at about 6pm that he recorded at 9:00pm the night before. Two year olds take in everything they hear and see - I know I have two of them. They are also masters of mimicry, it's a learning device.
> how is a 2 year old going to do the following:
> Open the car door
They can open car doors. They learn to do it by watching adults. My 3 yr old son can get past every child safety door lock we have in the house. He can open stair gates and after watching me fix a door recently has figured out how to take a door handle off (assuming he ever had access to a real screwdriver). Never underestimate the ingenuity and exploratory nature of a two year old.
> Start the car
If the keys were in it - very easily. I agree the parent should be watching their child but we're talking worse case feasibility here aren't we? Aside from this they don't have to. They just need to release the handbrake. There have been (no I don't have any direct sources) a few casdes I remember in the past of kids leaning on handbrakes and they fail. All the car needs to do is roll along and the kid will think they are driving.
> Understand the controls
What controls? They will try to turn the steering wheel and that's about it. With an automatic transmission where the gear selector is on the driving column they just need to shift it around until something "clicks".
> Have his feet reach the pedals and be able to see over the steering wheel
Neither of these is a prerequisite for having an accident in a car. You just need to make sure it is moving.
Okay, having said all of that I should say that I think it is unlikely that a toddler would want to do this solely by seeing this ad but it may contribute. The parent's responsibility has not been removed but I am not sure that is why the parents complained. The ad could lead a child to think that children are able to do what they see on the TV and try it.
80 complaints is not many and I think the ad company probably pulled it to gain additional publicity (don't think they placed the calls though). Personally I can see why parents would be concerned. If only because a child seeing that ad would be nagging their parents to drive the car for weeks afterwards.
yes but let's be honest it's unlikely a person as visually impaired as Stevie Wonder would watch the advert and copy it isn't it?
I'm not sure, probably, but one of the best I have seen so far is saynoto0870 which lists the equivalent geographical telephone numbers for the 0870 (national rate non-geographical) numbers that companies give out for support and such. ( Okay so it should have been called saynoto0870.co.uk but that's a little OT )
Considering how long some of them keep you on hold, dialling non-geographical numbers (which are often excluded from discount pricing plans) can cost you a fortune.
um - this has already been mod'ed as OT but if anyone is interested I think they meant to post that one here
Not from where I am sitting. Internet and other electronic forms of elections generally suffer from a clash between ensuring one-vote-per-voter and voter anonymity.
Jason Kitcat has done significant research on evoting originally as part of a Uni project to provide such a function. His conclusion was that evoting was bad for (among others) the reason I've given above. See this website for more details.
ah the optimism.
Isn't that what Genuine Advantage does?
Oh.. wait, you mean phones your home!
To be fair he hasn't appropriated it. Others refer to him as such - particularly those from countries where an equivalent position is a title and not a post. I agree he hasn't gone out of his way to correct that but I am unaware of any direct effort by TB to use this as a title.
:o)
Most (good) news media in the UK at least seem to refer to him as "the Prime Minister, Tony Blair" or "mr Blair" as you have suggested.
Caveat: this does not mean I like his policies of course.
Yet again this ill-informed argument raises it head. The part most people (at least the ones I know) are upset about is not the issue of ID cards but the database behind them. The proposals include a database which government departments, police and other parties will have access to. This would give those parties access to data that at present they have no access to. Currently the data is spread across several disparate databases and for one party to have it all (financial, social benefits, movements, location, taxation, employment, law enforcement issues etc.) would take some significant time.
The protest is not about being forced to carry ID - most of us do that anyway. The concern is to do with the level of (mis)trust there is in the present or any future government or other national institution to not mis-use (or even "lose") this data.
thought so but the wording was one of complaint - hence I tried to help and answe the complaint at the same time.
But when you compile it from source you are telling it that package B is installed (that's what the config option does). Without you telling it this, it is unlikely to have figured it out.
Remember that deb packages are binaries not source. They have been built on another system which had it's libraries in the same place as yours and had particular ones installed. The dependency is the package builder saying "you need this installed first" and (as you are using a package manager) the best way to assure that is to see if the other package is installed. This is the major difference: packages = binaries with expectations & asks few questions, source = less assumptions and asks/allows you to supply info it needs.
You can also install deb source packages which will compile and install on your system discovering what they can and asking the rest of you. Check out man apt and look for the source command (you'll need a source repository in your sources list for this to work).
I understand why there is an appeal to use sources. In the past I have resorted to compiling from source because the available package was too old and did not include the security patches I needed and sometimes it can just be fun to get your hands dirty. But - given a reasonably updated repository - I find myself doing this less now because apt just makes it so much easier to install/update and remove software. Having struggled with dependency hell on rpm based systems[1] and Windows, I find the simplicity of apt-get install wonderful, particularly when I know it will show me any outstanding bugs and install all dependencies for me (asking first of course).
[1] This was a while ago and I know rpm systems have improved. Still don't beat apt for me though.
How would that work exactly. Packages are often built on and for a particular distro. consequently they expect certain things in certain places and things to work in particular ways. This goes beyond LSB stuff for location of libraries etc. Most daemon packages will include init start/stop scripts, a SuSE init script for mysqld is different to a Debian one.
I would say that if you want some software that is not included in your chosen distro's package list, download the source, build and install a package of your own. That way you keep your package manager informed of what is going on.
Package managers all have one thing in common, in order to work for you properly they must be able to manage what is and is not installed.
Agreed. The real key issue (for me) with packages is not the package manager or the type of package (rpm/deb etc.) it's the repositories.
Any software installation system that expects me to download packages from half a dozen different sites, manage dependencies myself and keep on top of security updates (for all software not just the OS) etc. is way behind the times. This includes Windows and some of the GNU/Linux distros.
What I want/need is a system where pretty much everything I want is downloadable/updatable from a single command, two or three repositories (at the same remote location) and handles dependency properly.
For me this system is apt on Debian. I will concede that others prefer rpms etc. but having been forced to use YUM (on a different system) recently I will stick with apt thank you very much (particularly with apt-listbugs as well).
First off - I am not aware of any packaging system that will support applications built from source (which are compiled and installed manually). How can it know what versions you have built and how can it manage them (for that is what packaging systems do) if you have installed the package yourself. You might as well complain that a pre-built binary downloaded from a third party website is not recognised by a packaging system.
Second - if you are building from source and wish to keep apt/dpkg informed why not build a deb and install that. Then apt will know what you have installed and what version it is (and subsequently whether it meets dependency requirements for other packages). will be your friend here.
I don't use Ubuntu but searching here it took me ten seconds to see that php4 is available for Edgy in the "universe" repository (php5 is in "security" but you specifically mentioned php4). This would suggest that you have not enabled that repository in your sources file.
If you want to set up a webserver, next time download the ubuntu server CD and select the LAMP option on installation.
No, it does not. You perhaps need to read up a little more but if your entire complaint is that:
a) php4 does not come with Ubuntu
b) apt/dpkg does not magically know what you have done outside of it's sphere of influence
c) mixing pre-built and self-compiled binaries leads to problems
Then I would say that your complaint is rather silly.
If you think it will help but, based on my limited experience of your situation as described by your post, I would suggest you would end up in more trouble.
Perhaps you should think about using Synaptic or something similar or reading this.
"adj. Acceptable but of less than top quality: a standard grade of beef." ( from answers.com )
Methinks they did.
I'm not sure that the point of a standard is to ensure the one format to rule them all. After all we have different standards for plain text.
Surely the point of a standard is so that if a developer chooses to support it in their code they can (in this instance) make certain assumptions about the documents that come in that format?
Agreed. "Officially" the reason for the MS submission of OOXML is to ensure developer's get the deal I mentioned above but in reality it's probably worthless as I think they'll extend it with proprietary extensions asap. MS know that since Office97 what has really kept Office at the top is user gullibility and the fact that so much data is in
The problem here - IMHO - is the lack of definition (or marketing re-definition) of the term "open standard". Is an open standard one that many can contribute to with a leading group that ratify decisions? Is it one where anyone can read the standard and support it in their app - with or without charge? Is it one where all interested parties work together to produce something that they all agree on and will all support without "embracing and extending" it?
For my money it should be the latter - at that point then, yes, it negates the reason for more than one standard document format.
Nothing in TFA or from the Novartis or broad.mit.edu sites indicates that there is any licencing of the content they are making available. AFAICS they are giving it away free of charge and without restriction. This is public domain not open source isn't it?
Also they are giving away the results of the research (e.g. data) - open source is not normally a term used in such circumstances. The Creative Commons licences (among others) were created because typical open source/free (as in speech) licencing models do not suit data.
Now whilst I applaud them for not keeping this research under wraps I think it's wrong to call it "open source." Having said that I feel that perhaps some kind of condition _should_ have been attached to the research data. If only to stop someone analysing it and then keeping their analysis secret.
to be fair it's not that hard to do:
install Windows OEM, install Acrobat reader, install Norton, ship
I think that should read _only_ windows. It's not available under any other platform (yet).
Also, from TFA:
and later on
Anyone else see a potential membership-for-votes conflict here?
Will anybody notice another 'phone making a loud and obnoxious noise?
Most mobile phones already make loud and obnoxious noises, what with the ring-tones and this new "fad" of walking along with your 'phone playing tinny "music" to all and sundry!
Ah - here's an idea perhaps we can report somebody whose 'phone is guilty of the above by reporting it stolen. Of course for that we'd need their number - any ideas how to get that?
certainly it is but it was not one that he carried around with him and plugged into every terminal he used - that was the bit I was referring to.
As mentioned by another poster it was, of course, a movie-device used to aid the viewer (and it worked). I was aware of this but it still made me smile.
My particular favourite was when the kid plugs in the speaker at home so we can "hear" the computer "speak" and then this voice miraculously appears each time he accesses WOPR regardless of the terminal he is using - or where it is located.