CONTEXT Does [a-z] catch e with a grave/aigu? Does [d-e]? Does [e-f]?
RESPONSE
No, not really, although that certainly has been discussed.
Well FAQ me...;-)
Seriously, aside from ugly issues(are accented characters greater than, less than, or equal to their non accented equivalents), I don't think [:alpha:] is should be mandated. Perl's general concept is that things should behave as expected; [a-zA-Z] should grab all alphabetical characters, accented or not, if only because that's what the programmer is most likely to desire. "Give me all characters in this range that aren't accented" is a far less common operation than "give me all alphanumeric characters".
Jon, are you pushing too much corporatism on Bezos?
Are you taking your personal peeves and using them to beat Time's selection of Person Of The Year over the head?
I am in absolute agreement over the coming corporatism conflicts with individualism, but Bezos is just nowhere near obsessed enough with profit to be representative of the money-at-all-cost ethic. Amazon's patent lawsuits are driven far more by myopia than actual plan, and will probably be dropped once the christmas season ends anyway. Worst case scenario, they're an example of "never attribute to malice what can be adequately explained by stupidity."
Katz, email me if you actually read this message. I have something WRT Amazon I'd like to discuss with you.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
If you're going to be so pretentious as to use a gratuitously foreign phrase, you could at least respect your readers and the language enough to spell it properly: raison d'être.
You're lucky I know so many french people, or else I'd have to make some grossly inappropriate comment like "*ARGH* FRENCH PEOPLE".
Actually, to be honest, I just didn't remember how to write the character in HTML, and didn't think it mattered all *that* much. Consider it...raison d'être as expressed in the American character set. What, you think Russia(R-U-S-S-I-A) is the actual Cyrillic character set?;-)
Bah. I suppose I should thank you for keeping me honest. I'll try to use the correct accents next time.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
(Disclaimer: I'm buying a Palmpilot pretty much when my paycheck clears. Merry Christmas.)
First of all, Palmpilots don't have a black and white screen. They have a black and light greenish screen--not "Spinach Green Color" as the old Game Gear ads chastized Gameboy for(but guess which system is still around!)--but greenish nonetheless.
You can't implement a color display without implementing the color white, and that's an readability increase.
The problem is, LCDs don't glow, they block. So most color screens have a consistent white light source behind the display, called a Backlight. Whereas Palmpilots can presently function just fine by reflecting the light surrounding the Palmpilot(with a very optional backlight for low light operation), Color WinCE machines generally need to tote around their light supply in order to meet the functionality expected by their users.
So that's where the battery problems come from. Of course, if a color screen can be developed that *also* operates based upon surrounding light levels, you're only talking about an increased memory/bus transfer load on the system, as it moves from animating and displaying 4 bit black and white color to various degrees of red, green, and blue. Nintendo's Color Gameboy--really a well executed piece of work--is quite small but is definite proof that a color display can be fabricated that operates on ambient light. (While I doubt it has anything to do with power usage, Color Gameboy restricts the color gamut--the range of addressable colors--to 56 specific colors, thus solving much of the speed problems inherent when you're throwing around much more data. Some crazy hackers managed to get a very high color display mode out of the color gameboy though--4096 colors, if I remember right.)
Regarding the usefulness of color, portable web browsing, photograph display, and most forms of advanced context are heavily assisted by the presence of color. We've developed color vision for a reason, and not just to tell whether fruits on the vine are ripe yet;-)
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
When an Open Source license such as the GNU Public License is violated, whose rights take a beating?
I grant the obvious--the original developer of the software is definitely in an ugly situation.
But why? Open Source Licenses are (by definition) distribution contracts. The original developer obviously has their own code, so how much harm can come from a "licensee" refusing to return the developer's own code?
Ah, but the whole concept is that the developer isn't demanding the return of his own code, but rather the new code layered upon his own publically licensed work.
Therein lies the key. It is not merely the developer who is being deprived of content--it is the entire market of software users who are being deprived of that which they have every right to use. It is the horde of developers who wish to "scratch their itch" and improve upon an up-and-coming(or long-established!) codebase to which they have been so generously granted access to. It is the none-too-small number of investors--both large and small--who have put forth their money based upon a business model whose prime component is open access to the core software components and all future developments therein.
Open Source is indeed a public (if not natural) resource--possibly one of the few that is not depleted by usage but rather strengthened by it. However, it is alas not immune to the dangers of hoarding, pollution, and sheer misuse. Indeed, to paraphrase John Philpot Curran, eternal vigilance is the price of software liberty. Should the general perception become that the most basic precepts of Open Source licenses were being routinely ignored, both the stream of new open projects and the third party flow of incremental improvements to existing projects would dry up, as the latter group would feel no obligation to the former, and the former would notice.
Vigilance against such a situation--both real and generated by media manipulators(see Microsoft's aborted faux Letters To The Editor campaign)--is critical to the survival of the Open Source movement, and to the rights which have been granted to the public as a whole.
Is not the defense of public rights the raison d'etre of Government itself? The strip mining of communal codebases is something we've been spared thus far--should our "vigilante slashdotting" fail to sway an entrenched competitor, the involvement of government agencies and government lawyers is not something we should shy away from. There are a number of issues to consider, but Judge Jackson has shown that the U.S. Government can most assuredly "get it" when it comes to the socioeconomic issues surrounding the technology industry.
I'm not naive--although an attacking company would be harmed far more than we would by sheer public disapproval, it'd be better for everyone involved if we never had to travel down this route. Conviction does not negate the crime. However, a public statement of the willingness of government to defend us may have the peculiar effect of preventing us from needing their defense, and that is something I feel may be of value.
I'm interested in what the rest of you think about this. Feel free to disagree, or to provide insight as to what would be necessary to deal with the issues that I have brought up.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
So, AIBO's not the wonderdog, eh? I should have figured.
Oh, how I remember growing up, being about as close to Mini-Geek as humanly possible, and drooling over...Teddy Ruxpin.
For those lucky enough to have been spared the technological disappointment I was forced to experience, little Teddy was a bear with a motor in his mouth...and I swear to you, this bear could TALK! Oh, my poor little Coco 2, with its EARS system, had voice synthesis that sounded so machine like(and yet, here I am 15 years later, and things aren't all that much better)...
But Teddy was almost...human! Wow! And it responded to the lucky kids that got to play with it!
Of course, Teddy *was* human--just a tape recorder in the back, with the mouth playing the role as VU meter. It wasn't responsive. It had no voice recognition. It was just a dumb bear.
There's true genius in the small number of AIBOs being built. Put out a million AIBOs, and everyone discovers it's nowhere near as magical as we'd like to think. Put out 2500, and most of us remain deluded by the myth.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Linus: "I remember when World Domination was just a joke..."
IBM: "I remember World Domination...."
(Disclaimer: Yes, I've recognized how IBM's become one of the cooler companies in the industry over the last few years, much to my slack-jawed amazement.)
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
I would like the funding and the freedom to make the decision that best solves the problem, and this kind of legislation (passed or defeated) calls attention to a software development model that we all should be using.
I'm not sure we're disagreeing at all.
I want you, as an engineer, to have the funding to best solve a problem. Maybe that funding means that you'll devote five man-months to improving the SCSI stack on Linux, or maybe it means you'll just buy a farm of Solaris machines.
Whatever you do, the decision should be made on technical grounds, based upon available resources and the ability for you to amortize the value of the project across multiple tasks, departments and maybe even agencies. Open Source has some definite advantages here! But those are advantages for the engineers to evaluate, not for the long-disconnected politicians to order them to choose, unless they're willing to put their jobs on the line saying what's out there Just Isn't Good Enough.
If Microsoft got a law passed ordering departments to only use the most popular closed source software available, it'd be wrong. The opposite, in my mind, is also true.
That being said, there is assuredly resistance at the direct managerial level above the engineers that makes free software a touchy subject. That resistance should also disappear, but not by mandate of law, but by sheer fact that the reasons behind that resistance are antiquated and just no longer valid.
I'll admit, this is a very strange side for me to be taking, and actually feels kind of out of character, but I just don't feel it's right to speak of freedom and higher quality software out of one side of my mouth while mumbling about forcing the use of free software unless there's nothing that even comes close to finishing the job out of the other.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Open Source Software is a wonderful thing, for innumerable reasons, but I'm not sure upper management(i.e. Congress/Parliament/Whoever) should be mandating its usage any more than it should be mandating its avoidance.
Res Ipsa Loquitar--Let The Facts Speak For Themselves. In this case, let the value of the software speak for itself--I'm a hardcore advocate of Open Source, but let the engineers on the front lines make the technical decisions, not someone whose top priority is to Cut The Budget. It's one thing to have a policy that explicitly states that it's acceptable--even encouraged--to use (L)GPL'd code for your projects. It's quite another thing to demand it, and to stigmatize the use of anything else.
Closed Source code shouldn't be presumed better because it costs many; Open Source shouldn't be presumed better just because it's free. Let the engineers be free to make their choices regarding what to use--hopefully, the track record of our development model, the quality of our code, and the immutability of our support(hi, RSA) will convince them to operate within the system we've created.
I'd rather convince the engineers than threaten their jobs. But that's my opinion.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
There is also point 0 which has been missed, that is that the direct reason for the victims death was that they were driving a motor vehicle at the time.
Ah, but what are you gonna do, ban driving?
Now smoking's another story...lots of people don't smoke, go ban that...
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Basicly, he's just saying that whatever the media deems responsible for tragedy becomes a new public enemy. The media chooses the reason most "abnormal" reason, and everyone jumps on (us vs them).
Pretty much correct, except you hit on something I forgot to mention:
When designing an Us vs. Them conflict, you want as much of your audience as possible to be the "Us", lest you lose the respect of an excessive number of your readers/viewers/developers because you just called them..."Them".
It's not just the media. It's basic social behavior.
We need a patch...
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
1) Lost his GF 2) Lost his Football Playability 3) Lost his D&D
Life is of absolute value, so you NEED to eliminate/suppress/change the way things are so that the infinitely valued Life isn't lost again.
Question:
Which something gets changed to defend the absolute value of Life?
Theory:
That which will cause the least suffering by its suppression(per influential / popular person), or is least understood by the general population, will be the activity suppressed.
Everyone understands love. (Or, more accurately, everyone fails to understand it in a similar manner.)
Everybody loves football.
Ah! But what the fuck is that D&D shit? Blame it, and you're not isolating a significant portion of the population BUT you've done something to defend the absolute value of Life.
Karma dude--go ahead, email me privately. I usually don't go off all philosophical, but if I do, I do generally have a point I'm trying to make. I spent about four years studying Locke etc., so that's why I'll end up speaking like 'em.
Feel free to shoot me if I ever start impersonating Kant.
(Seriously. Contact me. I'm sure you have more to talk about than how Karma sucks;-)
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
It is not so much that we fear what we do not understand, as that we scapegoat what we do not enjoy. That which may be scapegoated may be suppressed; that which we enjoy ourselves we refuse to live without.
A recent poster mentioned a case in which, faced with the choice of blaming a suicide upon either a high school breakup, a sudden injury ending a football career, or a loss of a Dungeons and Dragons character, the media placed blame firmly upon the latter.
One can complain about the unfairness, or one can analyze it to determine the source of its absurdity in utterly plain terms.
Suppose, for a moment, that the media had chosen to scapegoat the breakup as the cause of the suicide. Immediate result--teen relationships deemed dangerous, parents advised to keep close watch on their out-of-control youth...but it doesn't work, because parents both remember their own, non-suicidal relationships and directly experience the estrangement caused if they meddle in teen relationships. Similarly, the many teens that had survived and moved on after a breakup realize the inaccuracy of blaming all breakups for the results of one breakup, and wouldn't care what their parents said anyway.
What's interesting, is while all parties involved in this scenario could *understand* the suicide in terms of a breakup, it's an ineffective scapegoat, and is thus curiously unsatisfying. If you can't suppress anything, the theory goes, you haven't done anything. It Could Happen Again.
What's really sad is that it's a direct consequence of being unable to put a dollar value on life! After all, if you absolutely *have* to do something, and you're not willing to take "acceptable losses" on the life side, you have to do something: Find non-life "acceptable losses" that are, of course, as little of a loss to you as possible. Teen dating is just too familiar to eliminate, so it's unsatisfying to blame.
And what of the two remaining options--football and D&D? Football's an American tradition. Only satanic freaks play D&D(note the distinct lack of understanding). Guess which makes the better Acceptable Loss.
And the real tragedy? Isolation is the real killer, but nobody wants to be forced to incur the "acceptable loss" of being friends with the isolated.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
RSA's been running a rather well-rendered image of two geeks dressed up as Trojan Soldiers, with a giant hooden horse behind them. Superimposed is the text, "Beware of Geeks Bearing Gifts."
It's an ad for their upcoming RSA Security Expo, which should be absolutely fascinating to attend.
More so, now, as the down-in-the-trenches network administrators trust for them lies in quiet but definite shreds, based upon their reaction to the RSAREF2 Buffer Overflow. Buffer overflows happen. They suck, but it's a consequence of the coding systems we've just not found an acceptable replacement for. It was not their technical error but their absolutely shocking response after the hole was discovered last week:
Fix information ~~~~~~~~~~~~~~~
RSA Security was contacted and replied that they don't support RSAREF2 anymore. For futher details you may contact John Linn
A patch is provided below, please read carefully the file license.txt from the RSAREF2 distribution before applying it.
But that's OK. It's good to know where you stand with people. The geeks of the Internet got a CERT-certified patch in. RSA made it illegal to use.
Nice. Tragic, sad, maybe even a bit pitiful. I liked RSA for a long time, and really, really expected better. Maybe someday they'll earn back my trust.
It won't be today.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Well, with all of those karma points I would have expected at least one share of Andover stock:-) I'm afraid they're worthless.
Ha. Seeing your gigantic Karma rating actually got me spending a good chunk of time posting on Slashdot. I know the feeling you describe rather well;-)
(Of course, you can't tell other users Karma anymore. I actually don't know if I like that or not.)
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
We now intend to show other businesses by example how to succeed while being a good citizen of the free software community.
Ooh. Nice little swipe at Corel, there.
(Bruce, unfortunately, has expended much effort converting them into an open source outfit...really, I think we need to start communicating with both *Marketing* and *Legal* at *EVERY* company that's doing something in Open Source. The former failed at Sun, and the latter failed at Corel.)
That being said, I think there's some interesting impacts to be seen. Debian may have its annoyances, but lets not forget: Its packaging system is just so far and away superior to Redhat's at the moment, that it borders on ridiculous. Corel should be praised highly for showing that the traditionally least user-friendly Linux(ok, past Slack) has some amazing potential hidden inside.
OK, so now that Linux has some money, here's the question: What do we wanna see come out of the fundage? Here's *my* candidates:
1) Get some money flowing to a few critical projects. VNC, the any-to-any screen transfer system, needs a crew of crack developers! The ORL(now AT&T) guys have done an amazing job, but they don't have time to take VNC to where it really can be. Mindterm, by contrast, has probably the most unsung hero in the entire Open Source world toiling away, putting out revision after revision of a *world class* SSH client written in 100% Pure, Finally-Got-Its-Killer-App Java. This project is going exactly where it should be, and we ought to do what we can to keep it that way.
2) Contests. A major currency of Open Source is recognition. Lets divide the year into seasons and create cash prizes for best Open Source releases. Two types--one, for individuals, with the obvious stuff(best newcomer, most useful, etc.). Another, for schools. Lets reward classes. Lets reward departments. Linux is much cheaper for the cash strapped to deploy, particularly if you consider that our development environments are free too. Some very exciting stuff has been done teaching kids Python; this is a model that deserves further research!
More later. I'm interested in reactions.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Quake is no more of a murder simulator than a mosh pit at rock concert is a virtualized lynch mob or gladiator pit.
Quake is a game where people fight back, are similarly armed, *have the expectation of death(and rebirth!)* built into the game design, and where, at the conclusion of a difficult match, all the (still surviving) combatants generally *congratulate* themselves with effusive praises of "gg"(for Good Game)!
For crying out loud, there's a thing known as context which pundits, attempting to earn themselves a reputation, a salary, and maybe a few cheap votes, seem to try to remove from human nature. (And it's ironic, really--programming context into a computer device is brutally complicated!) One doesn't need to be an expert on even mammalian behavior to know that violent play is a genetic predisposation--most species do so, and we're no different!
But even a tiger cub knows the difference between playfully biting its brother's neck, and just ripping the trachea out wholesale. You know what? I think there's an off chance that we do too.
The author seems a bit to enthralled with rating systems, though. The most interesting event of 1999 will probably end up being the release--and very effective suppression--of the South Park movie. What, exactly, did the mighty R rating, the model of rating systems everywhere, protect sixteen year olds from? The frankest look at the ridiculousness of rating systems ever concocted? The plain truth that life cannot be wholly described in extrasyllabic language? What? (Oh! I just stepped on a nail! I am presently experiencing inscrutably excruciating amount of pain!)
But, you what what? Blaming cartoons for the sins of the child is a time honored tradition in America. What is reality to get in the way?
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Nothing forces you to rename whole applications to use GPLed apps! You can ship Perl with your application; you just have to provide the source code to Perl if requested.
Such is the state of affairs with most compilers--remember, DJGPP uses lots of GPL/GNU code, and it was used to compile Quake.
Perl, as an interpreter, is a bit different.
Granted, if you're looking to make propietary extensions, you're not going to get an easy free ride under the GPL, but that's how the original coders get paid back: You get their massive infrastructure, they get your patch.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
No really. I can't even use my work's internal search engine anymore--I use Google, which finds more useful content in the public documentation than our lousy engine can find in the private!
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Slashdot Mirror
CONTEXT
Does [a-z] catch e with a grave/aigu?
Does [d-e]?
Does [e-f]?
RESPONSE
No, not really, although that certainly has been discussed.
Well FAQ me...;-)
Seriously, aside from ugly issues(are accented characters greater than, less than, or equal to their non accented equivalents), I don't think [:alpha:] is should be mandated. Perl's general concept is that things should behave as expected; [a-zA-Z] should grab all alphabetical characters, accented or not, if only because that's what the programmer is most likely to desire. "Give me all characters in this range that aren't accented" is a far less common operation than "give me all alphanumeric characters".
--Dan
do modified characters show up in Perl regex's when Locale isn't set
:-)
I don't know what that really means.
Does [a-z] catch e with a grave/aigu?
Does [d-e]?
Does [e-f]?
Does the Locale setting matter?
That's what I meant. (And YES, I'm regretting this entire thread! This wasn't what I came to discuss
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Jon, are you pushing too much corporatism on Bezos?
Are you taking your personal peeves and using them to beat Time's selection of Person Of The Year over the head?
I am in absolute agreement over the coming corporatism conflicts with individualism, but Bezos is just nowhere near obsessed enough with profit to be representative of the money-at-all-cost ethic. Amazon's patent lawsuits are driven far more by myopia than actual plan, and will probably be dropped once the christmas season ends anyway. Worst case scenario, they're an example of "never attribute to malice what can be adequately explained by stupidity."
Katz, email me if you actually read this message. I have something WRT Amazon I'd like to discuss with you.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
*COUGH* -- ``American'' character set?
Yup, go look up ASCII. American subset, English Character Set. As far as I know, no American coined words outside of [a-z].
Hurm. Actually, genuine question--do modified characters show up in Perl regex's when Locale isn't set?
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
If you're going to be so pretentious as to use a gratuitously foreign phrase, you could at least respect your readers and the language enough to spell it properly: raison d'être.
;-)
You're lucky I know so many french people, or else I'd have to make some grossly inappropriate comment like "*ARGH* FRENCH PEOPLE".
Actually, to be honest, I just didn't remember how to write the character in HTML, and didn't think it mattered all *that* much. Consider it...raison d'être as expressed in the American character set. What, you think Russia(R-U-S-S-I-A) is the actual Cyrillic character set?
Bah. I suppose I should thank you for keeping me honest. I'll try to use the correct accents next time.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
(Disclaimer: I'm buying a Palmpilot pretty much when my paycheck clears. Merry Christmas.)
;-)
First of all, Palmpilots don't have a black and white screen. They have a black and light greenish screen--not "Spinach Green Color" as the old Game Gear ads chastized Gameboy for(but guess which system is still around!)--but greenish nonetheless.
You can't implement a color display without implementing the color white, and that's an readability increase.
The problem is, LCDs don't glow, they block. So most color screens have a consistent white light source behind the display, called a Backlight. Whereas Palmpilots can presently function just fine by reflecting the light surrounding the Palmpilot(with a very optional backlight for low light operation), Color WinCE machines generally need to tote around their light supply in order to meet the functionality expected by their users.
So that's where the battery problems come from. Of course, if a color screen can be developed that *also* operates based upon surrounding light levels, you're only talking about an increased memory/bus transfer load on the system, as it moves from animating and displaying 4 bit black and white color to various degrees of red, green, and blue. Nintendo's Color Gameboy--really a well executed piece of work--is quite small but is definite proof that a color display can be fabricated that operates on ambient light. (While I doubt it has anything to do with power usage, Color Gameboy restricts the color gamut--the range of addressable colors--to 56 specific colors, thus solving much of the speed problems inherent when you're throwing around much more data. Some crazy hackers managed to get a very high color display mode out of the color gameboy though--4096 colors, if I remember right.)
Regarding the usefulness of color, portable web browsing, photograph display, and most forms of advanced context are heavily assisted by the presence of color. We've developed color vision for a reason, and not just to tell whether fruits on the vine are ripe yet
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
When an Open Source license such as the GNU Public License is violated, whose rights take a beating?
I grant the obvious--the original developer of the software is definitely in an ugly situation.
But why? Open Source Licenses are (by definition) distribution contracts. The original developer obviously has their own code, so how
much harm can come from a "licensee" refusing to return the developer's own code?
Ah, but the whole concept is that the developer isn't demanding the return of his own code, but rather the new code layered upon his own publically licensed work.
Therein lies the key. It is not merely the developer who is being deprived of content--it is the entire market of software users who are being deprived of that which they have every right to use. It is the horde of developers who wish to "scratch their itch" and improve upon an up-and-coming(or long-established!) codebase to which they have been so generously granted access to. It is the none-too-small number of investors--both large and small--who have put forth their money based upon a business model whose prime component is open access to the core software components and all future developments therein.
Open Source is indeed a public (if not natural) resource--possibly one of the few that is not depleted by usage but rather strengthened by it. However, it is alas not immune to the dangers of hoarding, pollution, and sheer misuse. Indeed, to paraphrase John Philpot Curran, eternal vigilance is the price of software liberty. Should the general perception become that the most basic precepts of Open Source licenses were being routinely ignored, both the stream of new open projects and the third party flow of incremental improvements to existing projects would dry up, as the latter group would feel no obligation to the former, and the former would notice.
Vigilance against such a situation--both real and generated by media manipulators(see Microsoft's aborted faux Letters To The Editor campaign)--is critical to the survival of the Open Source movement, and to the rights which have been granted to the public as a whole.
Is not the defense of public rights the raison d'etre of Government itself? The strip mining of communal codebases is something we've been spared thus far--should our "vigilante slashdotting" fail to sway an entrenched competitor, the involvement of government agencies and government lawyers is not something we should shy away from. There are a number of issues to consider, but Judge Jackson has shown that the U.S. Government can most assuredly "get it" when it comes to the socioeconomic issues surrounding the technology industry.
I'm not naive--although an attacking company would be harmed far more than we would by sheer public disapproval, it'd be better for everyone involved if we never had to travel down this route. Conviction does not negate the crime. However, a public statement of the willingness of government to defend us may have the peculiar effect of preventing us from needing their defense, and that is something I feel may be of value.
I'm interested in what the rest of you think about this. Feel free to disagree, or to provide insight as to what would be necessary to deal with the issues that I have brought up.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
So, AIBO's not the wonderdog, eh? I should have figured.
Oh, how I remember growing up, being about as close to Mini-Geek as humanly possible, and drooling over...Teddy Ruxpin.
For those lucky enough to have been spared the technological disappointment I was forced to experience, little Teddy was a bear with a motor in his mouth...and I swear to you, this bear could TALK! Oh, my poor little Coco 2, with its EARS system, had voice synthesis that sounded so machine like(and yet, here I am 15 years later, and things aren't all that much better)...
But Teddy was almost...human! Wow! And it responded to the lucky kids that got to play with it!
Of course, Teddy *was* human--just a tape recorder in the back, with the mouth playing the role as VU meter. It wasn't responsive. It had no voice recognition. It was just a dumb bear.
There's true genius in the small number of AIBOs being built. Put out a million AIBOs, and everyone discovers it's nowhere near as magical as we'd like to think. Put out 2500, and most of us remain deluded by the myth.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
I have no problem with you personally, and I don't particularly mind your sig, but I wish you would use the standard method of attaching it.
:-)
If Taco gave me enough room to have both a quote and a sig, I'd gladly use the standard method. It's annoying retyping it every time
That being said, I sign my name because, as the WELL saying goes, You Own Your Words.
Didn't know the retyping was annoying anyone but me. I'll try to do something about this.
(Moderators: Just ignore this post.)
Could whoever gave me my first Flamebait rating *please* comment as an AC as to...umm...WTF?
I'm not annoyed. I'm actually *curious*.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Linus: "I remember when World Domination was just a joke..."
IBM: "I remember World Domination...."
(Disclaimer: Yes, I've recognized how IBM's become one of the cooler companies in the industry over the last few years, much to my slack-jawed amazement.)
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
If you use free software, there is no public money to reroute to your pocket :-(
Or to reroute to improve the development of OSS! So you end up with just a crew of government leeches, underfunded to improve but mandated to use...
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
I would like the funding and the freedom to make the decision that best solves the problem, and this kind of legislation (passed or defeated) calls attention to a software development model that we all should be using.
I'm not sure we're disagreeing at all.
I want you, as an engineer, to have the funding to best solve a problem. Maybe that funding means that you'll devote five man-months to improving the SCSI stack on Linux, or maybe it means you'll just buy a farm of Solaris machines.
Whatever you do, the decision should be made on technical grounds, based upon available resources and the ability for you to amortize the value of the project across multiple tasks, departments and maybe even agencies. Open Source has some definite advantages here! But those are advantages for the engineers to evaluate, not for the long-disconnected politicians to order them to choose, unless they're willing to put their jobs on the line saying what's out there Just Isn't Good Enough.
If Microsoft got a law passed ordering departments to only use the most popular closed source software available, it'd be wrong. The opposite, in my mind, is also true.
That being said, there is assuredly resistance at the direct managerial level above the engineers that makes free software a touchy subject. That resistance should also disappear, but not by mandate of law, but by sheer fact that the reasons behind that resistance are antiquated and just no longer valid.
I'll admit, this is a very strange side for me to be taking, and actually feels kind of out of character, but I just don't feel it's right to speak of freedom and higher quality software out of one side of my mouth while mumbling about forcing the use of free software unless there's nothing that even comes close to finishing the job out of the other.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Heh! Slow down!
Open Source Software is a wonderful thing, for innumerable reasons, but I'm not sure upper management(i.e. Congress/Parliament/Whoever) should be mandating its usage any more than it should be mandating its avoidance.
Res Ipsa Loquitar--Let The Facts Speak For Themselves. In this case, let the value of the software speak for itself--I'm a hardcore advocate of Open Source, but let the engineers on the front lines make the technical decisions, not someone whose top priority is to Cut The Budget. It's one thing to have a policy that explicitly states that it's acceptable--even encouraged--to use (L)GPL'd code for your projects. It's quite another thing to demand it, and to stigmatize the use of anything else.
Closed Source code shouldn't be presumed better because it costs many; Open Source shouldn't be presumed better just because it's free. Let the engineers be free to make their choices regarding what to use--hopefully, the track record of our development model, the quality of our code, and the immutability of our support(hi, RSA) will convince them to operate within the system we've created.
I'd rather convince the engineers than threaten their jobs. But that's my opinion.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
There is also point 0 which has been missed, that is that the direct reason for the victims death was that they were driving a motor vehicle at the time.
Ah, but what are you gonna do, ban driving?
Now smoking's another story...lots of people don't smoke, go ban that...
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Basicly, he's just saying that whatever the media deems responsible for tragedy becomes a new public enemy. The media chooses the reason most "abnormal" reason, and everyone jumps on (us vs them).
Pretty much correct, except you hit on something I forgot to mention:
When designing an Us vs. Them conflict, you want as much of your audience as possible to be the "Us", lest you lose the respect of an excessive number of your readers/viewers/developers because you just called them..."Them".
It's not just the media. It's basic social behavior.
We need a patch...
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Short version:
;-)
Given:
Kid kills himself. Depressed for three reasons:
1) Lost his GF
2) Lost his Football Playability
3) Lost his D&D
Life is of absolute value, so you NEED to eliminate/suppress/change the way things are so that the infinitely valued Life isn't lost again.
Question:
Which something gets changed to defend the absolute value of Life?
Theory:
That which will cause the least suffering by its suppression(per influential / popular person), or is least understood by the general population, will be the activity suppressed.
Everyone understands love. (Or, more accurately, everyone fails to understand it in a similar manner.)
Everybody loves football.
Ah! But what the fuck is that D&D shit? Blame it, and you're not isolating a significant portion of the population BUT you've done something to defend the absolute value of Life.
Karma dude--go ahead, email me privately. I usually don't go off all philosophical, but if I do, I do generally have a point I'm trying to make. I spent about four years studying Locke etc., so that's why I'll end up speaking like 'em.
Feel free to shoot me if I ever start impersonating Kant.
(Seriously. Contact me. I'm sure you have more to talk about than how Karma sucks
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
It is not so much that we fear what we do not understand, as that we scapegoat what we do not enjoy. That which may be scapegoated may be suppressed; that which we enjoy ourselves we refuse to live without.
A recent poster mentioned a case in which, faced with the choice of blaming a suicide upon either a high school breakup, a sudden injury ending a football career, or a loss of a Dungeons and Dragons character, the media placed blame firmly upon the latter.
One can complain about the unfairness, or one can analyze it to determine the source of its absurdity in utterly plain terms.
Suppose, for a moment, that the media had chosen to scapegoat the breakup as the cause of the suicide. Immediate result--teen relationships deemed dangerous, parents advised to keep close watch on their out-of-control youth...but it doesn't work, because parents both remember their own, non-suicidal relationships and directly experience the estrangement caused if they meddle in teen relationships. Similarly, the many teens that had survived and moved on after a breakup realize the inaccuracy of blaming all breakups for the results of one breakup, and wouldn't care what their parents said anyway.
What's interesting, is while all parties involved in this scenario could *understand* the suicide in terms of a breakup, it's an ineffective scapegoat, and is thus curiously unsatisfying. If you can't suppress anything, the theory goes, you haven't done anything. It Could Happen Again.
What's really sad is that it's a direct consequence of being unable to put a dollar value on life! After all, if you absolutely *have* to do something, and you're not willing to take "acceptable losses" on the life side, you have to do something: Find non-life "acceptable losses" that are, of course, as little of a loss to you as possible. Teen dating is just too familiar to eliminate, so it's unsatisfying to blame.
And what of the two remaining options--football and D&D? Football's an American tradition. Only satanic freaks play D&D(note the distinct lack of understanding). Guess which makes the better Acceptable Loss.
And the real tragedy? Isolation is the real killer, but nobody wants to be forced to incur the "acceptable loss" of being friends with the isolated.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
RSA's been running a rather well-rendered image of two geeks dressed up as Trojan Soldiers, with a giant hooden horse behind them. Superimposed is the text, "Beware of Geeks Bearing Gifts."
It's an ad for their upcoming RSA Security Expo, which should be absolutely fascinating to attend.
More so, now, as the down-in-the-trenches network administrators trust for them lies in quiet but definite shreds, based upon their reaction to the RSAREF2 Buffer Overflow. Buffer overflows happen. They suck, but it's a consequence of the coding systems we've just not found an acceptable replacement for. It was not their technical error but their absolutely shocking response after the hole was discovered last week:
Fix information
~~~~~~~~~~~~~~~
RSA Security was contacted and replied that they don't support RSAREF2 anymore.
For futher details you may contact John Linn
A patch is provided below, please read carefully the file license.txt from the RSAREF2 distribution before applying it.
But that's OK. It's good to know where you stand with people. The geeks of the Internet got a CERT-certified patch in. RSA made it illegal to use.
Nice. Tragic, sad, maybe even a bit pitiful. I liked RSA for a long time, and really, really expected better. Maybe someday they'll earn back my trust.
It won't be today.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Well, with all of those karma points I would have expected at least one share of Andover stock :-) I'm afraid they're worthless.
;-)
Ha. Seeing your gigantic Karma rating actually got me spending a good chunk of time posting on Slashdot. I know the feeling you describe rather well
(Of course, you can't tell other users Karma anymore. I actually don't know if I like that or not.)
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
We now intend to show other businesses by example how to succeed while being a good citizen of the free software community.
Ooh. Nice little swipe at Corel, there.
(Bruce, unfortunately, has expended much effort converting them into an open source outfit...really, I think we need to start communicating with both *Marketing* and *Legal* at *EVERY* company that's doing something in Open Source. The former failed at Sun, and the latter failed at Corel.)
That being said, I think there's some interesting impacts to be seen. Debian may have its annoyances, but lets not forget: Its packaging system is just so far and away superior to Redhat's at the moment, that it borders on ridiculous. Corel should be praised highly for showing that the traditionally least user-friendly Linux(ok, past Slack) has some amazing potential hidden inside.
OK, so now that Linux has some money, here's the question: What do we wanna see come out of the fundage? Here's *my* candidates:
1) Get some money flowing to a few critical projects. VNC, the any-to-any screen transfer system, needs a crew of crack developers! The ORL(now AT&T) guys have done an amazing job, but they don't have time to take VNC to where it really can be. Mindterm, by contrast, has probably the most unsung hero in the entire Open Source world toiling away, putting out revision after revision of a *world class* SSH client written in 100% Pure, Finally-Got-Its-Killer-App Java. This project is going exactly where it should be, and we ought to do what we can to keep it that way.
2) Contests. A major currency of Open Source is recognition. Lets divide the year into seasons and create cash prizes for best Open Source releases. Two types--one, for individuals, with the obvious stuff(best newcomer, most useful, etc.). Another, for schools. Lets reward classes. Lets reward departments. Linux is much cheaper for the cash strapped to deploy, particularly if you consider that our development environments are free too. Some very exciting stuff has been done teaching kids Python; this is a model that deserves further research!
More later. I'm interested in reactions.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Quake is no more of a murder simulator than a mosh pit at rock concert is a virtualized lynch mob or gladiator pit.
Quake is a game where people fight back, are similarly armed, *have the expectation of death(and rebirth!)* built into the game design, and where, at the conclusion of a difficult match, all the (still surviving) combatants generally *congratulate* themselves with effusive praises of "gg"(for Good Game)!
For crying out loud, there's a thing known as context which pundits, attempting to earn themselves a reputation, a salary, and maybe a few cheap votes, seem to try to remove from human nature. (And it's ironic, really--programming context into a computer device is brutally complicated!) One doesn't need to be an expert on even mammalian behavior to know that violent play is a genetic predisposation--most species do so, and we're no different!
But even a tiger cub knows the difference between playfully biting its brother's neck, and just ripping the trachea out wholesale. You know what? I think there's an off chance that we do too.
The author seems a bit to enthralled with rating systems, though. The most interesting event of 1999 will probably end up being the release--and very effective suppression--of the South Park movie. What, exactly, did the mighty R rating, the model of rating systems everywhere, protect sixteen year olds from? The frankest look at the ridiculousness of rating systems ever concocted? The plain truth that life cannot be wholly described in extrasyllabic language? What? (Oh! I just stepped on a nail! I am presently experiencing inscrutably excruciating amount of pain!)
But, you what what? Blaming cartoons for the sins of the child is a time honored tradition in America. What is reality to get in the way?
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Did you even read the page? It's a demo version; you're searching a minimal subset of their database.
Clearly not obvious to the casual observer, and the entire page just doesn't reflect the claimed quality of the engine itself.
It's a botched launch, and right after GPLTrans too.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Matts--
Nothing forces you to rename whole applications to use GPLed apps! You can ship Perl with your application; you just have to provide the source code to Perl if requested.
Such is the state of affairs with most compilers--remember, DJGPP uses lots of GPL/GNU code, and it was used to compile Quake.
Perl, as an interpreter, is a bit different.
Granted, if you're looking to make propietary extensions, you're not going to get an easy free ride under the GPL, but that's how the original coders get paid back: You get their massive infrastructure, they get your patch.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Google rocks!!
No really. I can't even use my work's internal search engine anymore--I use Google, which finds more useful content in the public documentation than our lousy engine can find in the private!
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com