Slashdot Mirror


User: julesh

julesh's activity in the archive.

Stories
0
Comments
8,446
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 8,446

  1. Re:Careful with stats... on Wikipedia's Accuracy Compared to Britannica · · Score: 1

    We can safely assume the "experts" had moral concerns. Therefore they have corrected all the wikipedia errors leaving ZERO per article. Britanica on the other hand still has 3 per article.

    It doesn't seem as though they have, no. This may be to do with the fact that they weren't told where the articles they were reviewing had come from.

  2. Re:You forgot about TAXES on Slashback: Quinn, iBackups, Wikipedia · · Score: 1

    The restitution payment will be tax deductable.

  3. Re:How do you collect this information? on It's "1984" in Europe, What About Your Country? · · Score: 2, Insightful

    They're not actually requiring anything like that much data to be captured. The necessary data are:

    EN 16 EN
    a) Data necessary to trace and identify the source of a communication:
    [...]
    (3) Concerning Internet Access, Internet e-mail and Internet telephony:
    (a) The Internet Protocol (IP) address, whether dynamic or static,
    allocated by the Internet access provider to a communication;
    (b) The User ID of the source of a communication;
    (c) The Connection Label or telephone number allocated to any
    communication entering the public telephone network;
    (d) Name and address of the subscriber or registered user to whom the IP
    address, Connection Label or User ID was allocated at the time of the
    communication.

    b) Data necessary to trace and identify the destination of a communication:
    [...]
    (3) Concerning Internet Access , Internet e-mail and Internet telephony:
    (a) The Connection Label or User ID of the intended recipient(s) of a
    communication;
    (b) Name(s) and address(es) of the subscriber(s) or registered user(s) who
    are the intended recipient(s) of the communication.

    c) Data necessary to identify the date, time and duration of a communication:
    [...]
    (2) Concerning Internet Access, Internet e-mail and Internet telephony:
    (a) The date and time of the log-in and log-off of the Internet sessions
    based on a certain time zone.

    d) Data necessary to identify the type of communication:
    [... nothing relevant to Internet connections...]

    e) Data necessary to identify the communication device or what purports to be the
    communication device:
    [...]
    (2) Concerning Internet Access, Internet e-mail and Internet telephony:
    (a) The calling telephone number for dial-up access;
    (b) The digital subscriber line (DSL) or other end point identifier of the
    originator of the communication;
    (c) The media access control (MAC) address or other machine identifier
    of the originator of the communication.

    f) Data necessary to identify the location of mobile communication equipment:
    [... nothing relevant to Internet connections ...]

    So, all they're requiring people to keep is:

    * Details of registered users
    * IP address -> user mappings, including CLID of telephone line if appropriate, or similar identifiers for other technologies
    * Source IP address for e-mails and VOIP calls, E-mail addresses messages are sent to, destination ID for VOIP calls
    * Log on & log off times for connections to e-mail servers and VOIP servers with identity of the user.

    The requirements for logging connections only seem to apply to operators of e-mail servers and VOIP services. I don't think there's a requirement for ISPs to sniff traffic to other people's services.

    This is a long way from the paranoid list of things that's described in the summary, I know. Read the legislation. It ain't complicated.

  4. Re:YES... it's highlightable... on What Makes a Good Web Font · · Score: 1

    What OS and browser are you using? It works fine here on Safari 2.x and OS X Tiger. How much memory do you have that you have to check how much memory it is using?

    WinXP, Firefox 1.0.4. 256Mb, but I have a few other RAM heavy applications running, so 45Mb is enough extra to make it start swapping stuff out.

    It was more along the lines of the 90+% CPU usage that was the issue, though.

  5. Re:Build 'em in on What Makes a Good Web Font · · Score: 1

    The fact of the matter is that most studies (e.g. this one) find a large percentage of users find Georgia easier to read than Times. Certainly it fits the description of easily read fonts from the article better than Times does.

    But I'll grant that, in the end, it *is* a matter of preference, and familiarity with a font does aid readability, I believe, so perhaps for many Times is better.

  6. Re:Fonts and browsers on What Makes a Good Web Font · · Score: 1

    I just can't understand why uploadable TrueType fonts aren't supported by all browsers, and the norm for webpages in 2005.

    Because none of the commercial font foundries will license you to put one of their ttf files on a public web server. They'll only grant you a font embedding license for technologies (e.g. Microsoft's proprietary one) that wrap the font in a format that prevents people from using it easily for anything other than web browsing.

  7. Re:Build 'em in on What Makes a Good Web Font · · Score: 1

    We already have this. The fonts are Monospace, Sans-Serif, Serif, and bold/italic versions of these.

    Unfortunately, because most users are on Windows and don't know how to/don't have the will to change the defaults, these map to Courier New, Arial and Times New Roman, which are not exactly the most readable on-screen fonts ever designed by man.

    If I could, I'd love to change the Windows defaults to Courier New, Verdana and Georgia, but I suspect it's too late now. Hence, when designing web sites, I have to take into account those who have not realised how and why they should change the default, and specify one or the other of these fonts ahead of the equivalent css core font selector in the site's style sheet.

  8. Re:"Trust the browser" on What Makes a Good Web Font · · Score: 3, Insightful

    The user has selected the font most comfortable for them.

    Err... no. In 99% of situations, the user hasn't even realised they can change the default font, and wouldn't bother doing so even if they did know because almost every web site they visit overrides the default anyway.

    And most users wouldn't know a readable font if it smacked them over the head with an em-dash. If most people knew about this feature, I bet most people would have it set to comic sans.

  9. Re:Kerning on What Makes a Good Web Font · · Score: 4, Informative

    Kerning, that is aligning of individual pairs of letters, is one of the basic concepts in typography. Still, a typical KDE/GNOME/whatever editor/browser is pretty likely to have no kerning at all.

    Kerning has to be specified in the font you are using in order to work. And doing it well is one of the hardest parts of font design. Perhaps you have badly kerned fonts installed on your system?

    I'm currently running KDE 3.2.1, and can definitely see kerning in my fonts; for instance in K3b, the menu item "Add files..." has the first 'd' pulled slightly left of where it would normally sit. However, I wouldn't say the font it's using (called just "sans serif" in the control centre, so I'm not sure what it is exactly) is great. Although switching on "sub-pixel hinting" in the control centre improves it substantially, there are still problems: "sk", "si" and "sh" seem to be too close together, and "ol" seems to be too far apart, but the big ones ("AV" and the like) all kern correctly.

    It seems to me, therefore, that it just comes down to using badly designed fonts.

  10. Re:YES... it's highlightable... on What Makes a Good Web Font · · Score: 1, Interesting

    IMO, this is indeed a Good Thing (TM).

    Err.. no. I visited the example page, and found my browser memory usage jumped up by 45Mb, it suddenly began consuming all available CPU cycles and became totally unresponsive. I had to kill the process to close the page.

    This isn't exactly what I call progress.

  11. Just goes to show. on Narwhal Tusks are Sensory Organs · · Score: 1

    What they used to say is true. Never go anywhere without a narwhal.

    Hang on...

  12. Re:Linux is wrong on one thing at least. on Torvalds Says 'Use KDE' · · Score: 1

    Typing the first letter of a file you want to get to is pretty much the "most intuitive thing" if you're versed with even the most basic of web browsing/form filling.

    Not really. The first thing such people are likely to do is look for the box they need to put it in and make sure the caret is in it (e.g. by clicking it).

    There's a key UI design principle, just about the most important one IMO. It's called "discoverability". This design violates it.

  13. Re:Havoc's Response on Torvalds Says 'Use KDE' · · Score: 1

    Having configured more window managers than I care to count, I am long past the point of caring what the minimizing animation looks like.

    Well, yes. That's just you though. Many users care about such things because they get in the way of doing work. Just look at the number of web sites that exist to tell Windoze users how to turn off the stupid animations MS put into WinXP. You can't tell me that these are for "power users" -- a power user would be able to guess how to do it within seconds, just like I did first time I installed XP.

    And here's the point: power users tend to have faster PCs with better graphics hardware than average. So they don't care about the fancy animations that they hardly notice, because their system isn't slowing to a crawl in order to show them. Many other users' are.

  14. Re:Havoc's Response on Torvalds Says 'Use KDE' · · Score: 1

    Well, maybe they should demand a refund.

    Or... and here's an option you may not have considered... they could switch to an alternative system. Which is what we're talking about here.

  15. Staellium who? on This Text Message Will Self Destruct · · Score: 1

    Staellium UK (cell provider)

    Err... no. These people are, approximately, nobody. They certainly aren't a "cell provider", a phrase which suggests to me that they operate a mobile phone network.

    And you'd think that what is essentially an IT company would have a web page that worked, right?

  16. Re:Just who owns the message anyway? on This Text Message Will Self Destruct · · Score: 1
    I'm not a lawyer, but I think that text messages would be the "intellectual property" of the writer unless the receiver had a written agreement with them that said otherwise.

    Yes. However, no intellectual property right I am aware of provides for the writer to be able to prevent somebody who posesses a copy of their work from retaining that copy. Copyright only prevents the creation of additional copies, or "public performance" (e.g. reading the contents of the message from a soapbox, etc.).

    Ownership is technically given upon creation in the US, though a court usually asks for some sort of proof (ie, poor man's mail-in copyright).

    The so-called "poor man's copyright" has no legal standing, and will not generally be accepted by a court as proof of authorship:

    Use of this method will probably not hold up in a court as it is simple for individuals to pre-send envelopes which can then be used later by placing the actual IP materials inside. [source]


    Or:

    We've yet to locate a case of its use where an author's copyright was established and successfully defended in a court of law by this method. [source]
  17. Re:Hardcoded userids and passwords? on The Unspoken Taboo - The Never Expiring Password · · Score: 1

    For a small app, it isn't so much of a problem. And there isn't a good way around it, either, short of some kind of standardised way of finding the password that the app should be using.

    The article, though, is talking about having to recompile and put an app through QA procedures in order to change passwords. That ain't the same kind of application we're talking about.

  18. Re:Hardcoded userids and passwords? on The Unspoken Taboo - The Never Expiring Password · · Score: 1

    Security isn't the issue. It's how easy it is to change that's important.

  19. Re:Hardcoded userids and passwords? on The Unspoken Taboo - The Never Expiring Password · · Score: 1

    Right there was a comment: #Set owner & permissions root:wheel 400.

    If I did that to the scripts on my server, httpd would be unable to read them.

  20. Re:Hardcoded userids and passwords? on The Unspoken Taboo - The Never Expiring Password · · Score: 1

    The security of it isn't really the issue: the question is, how easy is it to change?

    In the case of your PERL/PHP script, it really isn't that difficult. Although, if the password is at the top of every script file in the app it could get time consuming. If multiple applications use the same password and have it stored in a variety of different ways it could be even worse. A configuration file could solve these problems.

    However, the article is talking about having to recompile and put an app through QA procedures in order to change the password. So it's talking about large scale applications built on ISAPI or Java Servlets or similar. In this case, it really is moronic not to put the password in a configuration file.

    Another tangential point:

    And if it's in a file, then is that file any bit more secure than the script

    Yes. Various web servers have had vulnerabilities discovered in the past that allow remote users to view source of script files. Vulnerabilities that allow access to files outside of the document root directory are much rarer. I'd rather take my chances on the latter than the former.

  21. Re:Missing facts, or the truth? on The Unspoken Taboo - The Never Expiring Password · · Score: 2, Insightful

    So you've got s3cr3t456 hard coded in the data source config of your app, who's gonna change that?

    I've got to ask: what kind of muppet hard codes the passwords into the app, when grabbing them from a [configuration file / registry setting / whatever] is so trivially easy?

    The article talks about doing a recompile / QA / release cycle to update passwords. WTF?

  22. Re:and this will be true as long as it's "optional on Most Home PC Users Lack Security · · Score: 1

    MS-DOS and QDOS didn't have this capability, so the standard became that any program had full access to just about anything. The only high security implemented was in the CPU itself, where a system trap was needed to get access to 'Ring 0' (privileged) instructions.

    Just a quick correction: the 8088 and 8086 systems that MS-DOS originally ran on didn't even have this level of security. The ring architecture of privelege levels was added in the 80286 -- and even then, it wasn't used by DOS which ran in "real mode", disabling the system. It wasn't used at all until Windows 2.0 was released.

  23. Re:Bad metric on Most Home PC Users Lack Security · · Score: 1

    I wonder how many people open the front door to their house when the doorbell rings?

    Yeah. Losers. They deserve to be robbed. I bet they've never even heard of chain locks, or peephole viewers.

    (Seriously: there are many places around the world where this kind of security device is just about essential. The parallel to firewalls/anti-virus is obvious.)

  24. Re:Bad metric on Most Home PC Users Lack Security · · Score: 1

    After witnessing how easily most consumer firewalls were abused by Sony's DRM I'd say that firewalls are no longer an indicator of computer security. At least on the Windows platform.

    I've said it before, and I'll say it again: firewalls are designed to protect from threats outside your network. For any other purpose they are, and always have been, just about irrelevant. Once the malware is in your network, there's no point at all in them. Competently designed malware can break any protection provided by an egress-filtering firewall, as long as that firewall isn't set up so paranoid it makes the Internet connection totally unusable.

  25. Re:Go back to requiring models.. on A Look at the US Patent System · · Score: 1

    There isn't any basis for that suggestion in either the Constitution or the existing federal statutes. This is just an observation that the suggestion necessarily implies at least amending 35 USC. This is completely beyond the jurisdiction of the USPTO.

    Ah, I see your point then. Yes, I accept that this would require a modification of the existing laws.

    I fail to see the distinction between a general purpose computer with software and a physical device that performs the method. Isn't the former an example of the latter? This isn't a simple question and the courts have been struggling with it since Diamond v. Diehr in 1995.

    Absolutely. The distinction is a very fine one, and arises simply because in many cases it is so much easier to design a software system than a pure-hardware equivalent. The fact that the question is difficult and subtle probably explains why the courts came down on the side they did: to an inexperienced eye the difference is unimportant.

    The problem is that the ease of implementation of software has led to a huge increase in the number of supposedly-patentable inventions in that field. Many of these aren't particularly worthwhile. The inventor's investment in time and money developing them is tiny compared to that involved in other fields.

    I'm not sure if requiring a description of a pure-hardware implementation is useful, though. But it's an idea to start from, and look at where else it leads.