I'm not saying that one is better. I'm saying that one has more layers and more encapsulation involved. This can be a good thing if written correctly, but as many have pointed in comments and links, there have been problems with the services implementations at times.
I agree that screen scraping is a pain for the end developer, but I posit that it is easier to audit a script using CGI.pm than one that uses SOAP::Lite.pm, given a not-very-large CGI application.
You're talking about the wrong kind of security. Think "bugs" instead of "encryption".
The issue is that SOAP exposes backend functionality to the end-user (or end-developer).
As an example, consider the server that offers the web service that lets you look up your bank balance. Compare it to a CGI program that does the same thing. They have almost the exact same security issues: privacy of the data (solved by https) and authentication (making sure you are who you say you are). Both the web service and the CGI are equally dangerous by themselves.
The difference is that SOAP and other web services add the extra abstraction layer that offers one more place for the developer(s) to screw up. And it makes it one step harder for a sysadmin or developer to find problems.
As the recent SOAP::Lite vulnerabilty points out, this is a non-negligible risk.
IE is not my main browser on OS X, but I use it occasionally and it doesn't seem *that* slow to me. Did Wired apply the OS/browser updates? I find it conspicuous that don't mention versions or date, and refer to the Macs as "out of the box". If they're running 10.0.x, I wouldn't be surprised about some slowness. Its performance problems are well known. Under 10.1.4 with Moz 1.0RC1, I get 3.4 seconds load on this slashdot article with a 400Mhz G4. So I say, at worst, it's not the OS.
If Wired had mentioned the OS version, then I'd be interested, but without that datum, it's hard to evaluate whether the article author is insightful or just dumb.
Similarly, IE is not written by Microsoft either. It's alien technology. It was discovered by a MS coder who stumbled on a crashed spacecraft while hiking in the woods in the mid-90s. Using him as a vessel, the program infected the Windows codebase and has grown since then, digging it's tendrils deeper and deeper into the system.
So when MS says they can't remove IE from Windows, it's true.
How do you set this variable system wide so, say, server processes like Apache which may use zlib get MALLOC_CHECK_ 2. Is there a way to globally set an env var with modifying/etc/rc.d/init.d/* ?
What was our reaction to MS disabling access to the MSN sites? And this is different exactly how?
In one case, case Microsoft software denied the user the ability to view content.
In the other case Microsoft software denied the user the ability to view content.
Sen. Russ Feingold has never disappointed me in the six years I've followed is career. He seems to me to be the politician with more integrity than any other I know about. His vote against the "USA" act reinforces my high opinion of him.
Here's his statements about the liberty implications of the bills that are in consideration right now: feingold.senate.gov
I think this is a very immature attitude. Would you nuke Michigan just because Timothy McVeigh came from there? Do you naively assume that every Afghani is evil just because there are terrorists living in that nation?
Following that logic, maybe we should nuke China too to prevent them from attacking Taiwan. Maybe we kill all the sharks in the ocean to keep them from attacking our children. Maybe we should execute all gun owners in the US because they *might* murder someone.
These are all absurd reactions. If you don't have a concrete reason for retaliation and specific goals for what you expect that retaliation to accomplish, then you are just lashing out against your fears.
How many innocent Afghanis is it acceptable to kill along with bin Laden to abate our terror?
"we know who our enemies are and hardly need proof to go to war with them"
OK, then tell me: who are they? What is their address? What are their names? Who are we at war with? You don't know, do you?
Right now we are at war with Fear. Later today, or in a few days, we may know precisely who the enemy is. Until then, declaring war is absurd.
Civilization is not an illusion. Some people act barbarous at times. Society tries to prevent them from harming others, but often it fails. That doesn't mean you give up on it.
Tell me, who should we attack, hmm? Iraq? Afghanistan? Libya? Rural Michigan? What do you think, should we kill all arab-americans? Should we just kill any one you don't like?
Rational thought must prevail, not mob mentality. You decide the punishment AFTER you find the perpetrator guilty.
Your are totally right: it is OK to be upset. It's even OK to express that anger in words.
But I don't want us to do something in anger that we will regret later. Anger should never be the driving force in any relations (international, domestic or personal).
I am *seriously* scared of the mob mentality that is being whipped up. With this much anger, someone is going to die, and it's likely to be someone innocent if that anger isn't tempered by rational thought.
Most of the replies to my post above said that it is war, not crime. This is in agreement with what President Bush has said. However
* We don't yet have a target. You can't just declare war on all bad guys in the world. Of the evidence which is available to the general public, the guilt of bin Laden is very uncertain right now. For all we know, it was a small group of Americans of Mideastern descent who executed these acts. I'm not saying that's it, I'm just saying wait until we know who did it before saying what we're going to do to them!
* If it does turn out to be a foreign terrorist organization, nuking them likely won't help. They aren't all hiding in one convenient location. You will just make martyrs of them.
I've been using Noriega as a (admittedly imperfect) analogy in discussions with friends. If the US had assassinated him, it would have created a martyr and put blood on our hands. Instead, he's just some nearly forgotten bum in a Florida jail today.
Numerous editorials in todays NY Post have advocated ignoring the law and using racist, mob logic to correct the injustice of yesterday's attack. These frothing calls to action are not only irresponsible, they are barbarous.
"Who is responsible for yesterday's carnage? That's no great mystery."
- editorial 4006
The law of the land is innocent until proven guilty. Until there is concrete evidence pointing to the perpetrators of the terrorist attacks, there can be no action. If the US attacks without evidence, then we are terrorists as well, and would deserve all the condemnation we are piling on our - still unknown - attackers.
"To hell with Bill Clinton's 'gather the evidence and proceed to court' approach."
- editorial 4022
"The response... should be as simple as it is swift - kill the bastards. No, I don't mean hunt them, arrest them, extradite them and prosecute them in a court of law. I mean a far quicker and neater form of retribution for this cabal of cowards. A gunshot between the eyes, blow them to smithereens, poison them if you have to."
- Steve Dunleavy editorial 3999
Both of these editorialists call for dismissing the due process on which our justice system is based. They call for the removal of equal treatment under the law. These demands for extreme measures are demands for the creation of a dictatorship, of a police state. Assassinations, executions without trials, condemnation without evidence - these are the hallmarks of regimes like Stalin's Soviet Union, Mao Tse Tung's China and Hitler's Germany.
Consistent and reasoned responses are imperitive in civilized society. Everything else is barbarism.
Numerous editorials in todays NY Post have advocated ignoring the law and using racist, mob logic to correct the injustice of yesterday's attack. These frothing calls to action are not only irresponsible, they are barbarous.
"Who is responsible for yesterday's carnage? That's no great mystery."
- editorial 4006
The law of the land is innocent until proven guilty. Until there is concrete evidence pointing to the perpetrators of the terrorist attacks, there can be no action. If the US attacks without evidence, then we are terrorists as well, and would deserve all the condemnation we are piling on our - still unknown - attackers.
"To hell with Bill Clinton's 'gather the evidence and proceed to court' approach."
- editorial 4022
"The response... should be as simple as it is swift - kill the bastards. No, I don't mean hunt them, arrest them, extradite them and prosecute them in a court of law. I mean a far quicker and neater form of retribution for this cabal of cowards. A gunshot between the eyes, blow them to smithereens, poison them if you have to."
- Steve Dunleavy editorial 3999
Both of these editorialists call for dismissing the due process on which our justice system is based. They call for the removal of equal treatment under the law. These demands for extreme measures are demands for the creation of a dictatorship, of a police state. Assassinations, executions without trials, condemnation without evidence - these are the hallmarks of regimes like Stalin's Soviet Union, Mao Tse Tung's China and Hitler's Germany.
Consistent and reasoned responses are imperiitive in civilized society. Everything else is barbarism.
I agree with others that Slashdot was great today. The focus on the disasters was admirable, and the information was high quality. Extra kudos to the posters who offered high quality links when it seemed that the world was slashdotted.
That said, I found that Slashdot was not the right source for news today. The news I got here was delayed (the stories) or hard to sift through (the posts). I found great fringe material (red cross info, missing persons sites, etc) and lots of mirrored material (thanks to all!) but it was diluted by speculation, rumor, flames and unchecked emotion. On the plus side, there was also support, prayers and many thoughtful discussions. Again, this diluted the news for better or for worse.
Instead, I found ananova to be the best site on the net today, with a simple, chronological list of relevent wire reports: ananova.com topic focus.
But I suspect I will find Slashdot to be the best site on the net for reflection over the next week or so.
Note, that this isn't criticism, but observation. Slashdot is more a community than a news source. This was an interesting mini-revelation for me today. Maybe Slashdot needs a QuickNews feature which lets stories go up faster (and get pulled down faster when proved inaccurate or inappropriate). I think a community run, up-to-the-minute news source would be valuable. Just some thoughts...
Anyone who uses a script like that is crazy. Next there will be a Code Red III which spoofs the originating IP and then your perl script becomes an unwitting part of a distributed DOS attack... Then YOU go to jail instead of the Code Red author.
With a good speech recognition package, this would be a good way to get extremely high compression for voice. Record your voice, convert to text, compress text, spit over the net, change back to *your* voice on the other end. It would require initially transmitting your voice profile. However, it would not work well with current technology because the lag during speech recognition would be quite noticable. Also, you would have to detect inflection in the speech recognition phase and encode that in the text.
This could also be very useful for deaf telephone users. Currently, a deaf person relies on a human relay to talk to a non-TDD equipped person. With good speech-to-text and text-to-speech technology the human middle-man could be removed, saving a ton of money.
Old job: dual fanned SGI O2 with three screaming external scsi disks on my desk -- I never really got to enjoy the great sound subsystem.
New job: Powerbook G3 with external monitor (dual head! woohoo!), kbd, mouse -- the only sounds it makes are from the sound system (and occasional barely audible DVD-ROM seeks). There are fifteen of us, all with Powerbooks, in one large room with NO cube walls and the loudest sound is usually the clattering of keyboards and clicking of mice. It's truly amazing how big a difference it makes.
Local disk storage was nice (fast!) but remote disk access is a price worth paying for quiet.
As a new homeowner, I have become a strong advocate of reel mowers, particularly the modern ones which are quieter and MUCH easier to push. Here are some advantages, in order of importance (according to me):
They are quiet!! You can mow whenever you like and neighbors don't have to close windows to hear themselves.
They are low pollution. Just CO2 from the pusher.
They are low maintenance. Sharpen once every few years and they are good to go.
They are cheap (about US$100 + $0 for gas).
They take up very little space (try hanging a power mower from the garage wall).
You can stop and chat with the neighbor for a minute without the off/on cycle.
They can get into tighter spots (good if you have an odd-shaped yard).
They are making a well-deserved comeback, with high appeal for environment and neighbor conscious people with yards smaller than a polo field.
[Note: it is not clear from the article if NCSU engineering is going 100% RH or just endorsing it. For this post I will assume the former. If that's wrong, I apologize]
Why don't I hear anyone crying "Monopoly!" and "Freedom to choose!"? Change the name from RH to MS and the product from Linux to Win and the arguments would be totally different.
Tell me how this makes RH different from Microsoft (trying to nail a market by getting students to use their product so they will demand it as professionals)
Flawed logic in other posts:
1) "Not surprising, most engineering is UNIX..."
Just because it's popular doesn't mean it's good. We could say that "standardizing" on Microsoft is good since most Universities are Windows-dominated. I don't think any Linux advocate buys that.
2) "I'd rather see a university convert to Red Hat than yet another school move over to exclusively NT"
Who said a Univ has to choose any? What I suspect this poster means is that (s)he would rather use Linux. Just because you like Linux, does that mean it should be shoved down the throats of your classmates?
3) "...noone connected with [other] distributions are doing anything along these lines to promote Linux"
Is Linux promotion the ultimate good? Do the ends justify the means? It's one thing to advocate or endorse Linux to convince a user. It's quite another to work with the higher-ups and decree Linux is best, regardless of the actual task at hand.
Personal example: I prefer Linux, my wife prefers Windows. Despite the fact that I'm the techie of the house, I have not forced her to switch to Linux (even though I have a thousand reasons why it's better), and I think everyone would agree that this is the right choice. If you complain when someone makes you use Windows, then why not complain when someone forces you to use Linux?
Speaking of encrypting filesystems, has anyone tried encryting the swap dir? This is one place people always worry about data being compomised. Secure programs sometimes lock RAM while fiddling with passwords so they can't be swapped out.
What if you encrypted swap and kept the key in locked RAM with the kernel? If the machine crashes or reboots (perhaps into a different OS or a boot disk), the swap is unreadable as the key has been lost. The user would never need to see the key -- it could be generated at each boot by the kernel and never revealed.
So, Jon, does this mean you wouldn't mind if I bought a copy of one of your books, scanned it, and published it on my web site? I mean, DAMN, amazon is charging $16 for your recent book. Nobody should have to pay that much for a book, right?
I mean, are you really just out to make a buck or are you doing it for your fans?
Slashdot Mirror
I'm not saying that one is better. I'm saying that one has more layers and more encapsulation involved. This can be a good thing if written correctly, but as many have pointed in comments and links, there have been problems with the services implementations at times.
I agree that screen scraping is a pain for the end developer, but I posit that it is easier to audit a script using CGI.pm than one that uses SOAP::Lite.pm, given a not-very-large CGI application.
You're talking about the wrong kind of security. Think "bugs" instead of "encryption".
The issue is that SOAP exposes backend functionality to the end-user (or end-developer).
As an example, consider the server that offers the web service that lets you look up your bank balance. Compare it to a CGI program that does the same thing. They have almost the exact same security issues: privacy of the data (solved by https) and authentication (making sure you are who you say you are). Both the web service and the CGI are equally dangerous by themselves.
The difference is that SOAP and other web services add the extra abstraction layer that offers one more place for the developer(s) to screw up. And it makes it one step harder for a sysadmin or developer to find problems.
As the recent SOAP::Lite vulnerabilty points out, this is a non-negligible risk.
IE is not my main browser on OS X, but I use it occasionally and it doesn't seem *that* slow to me. Did Wired apply the OS/browser updates? I find it conspicuous that don't mention versions or date, and refer to the Macs as "out of the box". If they're running 10.0.x, I wouldn't be surprised about some slowness. Its performance problems are well known. Under 10.1.4 with Moz 1.0RC1, I get 3.4 seconds load on this slashdot article with a 400Mhz G4. So I say, at worst, it's not the OS.
If Wired had mentioned the OS version, then I'd be interested, but without that datum, it's hard to evaluate whether the article author is insightful or just dumb.
Similarly, IE is not written by Microsoft either. It's alien technology. It was discovered by a MS coder who stumbled on a crashed spacecraft while hiking in the woods in the mid-90s. Using him as a vessel, the program infected the Windows codebase and has grown since then, digging it's tendrils deeper and deeper into the system.
So when MS says they can't remove IE from Windows, it's true.
How do you set this variable system wide so, say, server processes like Apache which may use zlib get MALLOC_CHECK_ 2. Is there a way to globally set an env var with modifying /etc/rc.d/init.d/* ?
No luck with fink.sourceforge.net either. They're at 2.9.9p2.
If I have to reconfigure ONE more window manager to do focus-follows-mouse-sloppily, I'll have to change my email address to chris@loonybin.org.
.wmrc:
I advocate an XML-based prefs format that is shared by many WMs, with less-capable ones simply ignoring the features they can't understand.
In
<keyboard>
<focus>
<follow/>
<sloppy/>
</focus>
<repeat>
<speed value=6 scale=10/>
</repeat>
<clicksound value=false/>
</keyboard>
or something like that.
What was our reaction to MS disabling access to the MSN sites? And this is different exactly how?
In one case, case Microsoft software denied the user the ability to view content.
In the other case Microsoft software denied the user the ability to view content.
Hmm, I guess I see your point.
Sen. Russ Feingold has never disappointed me in the six years I've followed is career. He seems to me to be the politician with more integrity than any other I know about. His vote against the "USA" act reinforces my high opinion of him.
Here's his statements about the liberty implications of the bills that are in consideration right now: feingold.senate.gov
I think this is a very immature attitude. Would you nuke Michigan just because Timothy McVeigh came from there? Do you naively assume that every Afghani is evil just because there are terrorists living in that nation?
Following that logic, maybe we should nuke China too to prevent them from attacking Taiwan. Maybe we kill all the sharks in the ocean to keep them from attacking our children. Maybe we should execute all gun owners in the US because they *might* murder someone.
These are all absurd reactions. If you don't have a concrete reason for retaliation and specific goals for what you expect that retaliation to accomplish, then you are just lashing out against your fears.
How many innocent Afghanis is it acceptable to kill along with bin Laden to abate our terror?
"we know who our enemies are and hardly need proof to go to war with them"
OK, then tell me: who are they? What is their address? What are their names? Who are we at war with? You don't know, do you?
Right now we are at war with Fear. Later today, or in a few days, we may know precisely who the enemy is. Until then, declaring war is absurd.
Civilization is not an illusion. Some people act barbarous at times. Society tries to prevent them from harming others, but often it fails. That doesn't mean you give up on it.
I never said "forget."
Tell me, who should we attack, hmm? Iraq? Afghanistan? Libya? Rural Michigan? What do you think, should we kill all arab-americans? Should we just kill any one you don't like?
Rational thought must prevail, not mob mentality. You decide the punishment AFTER you find the perpetrator guilty.
Your are totally right: it is OK to be upset. It's even OK to express that anger in words.
But I don't want us to do something in anger that we will regret later. Anger should never be the driving force in any relations (international, domestic or personal).
I am *seriously* scared of the mob mentality that is being whipped up. With this much anger, someone is going to die, and it's likely to be someone innocent if that anger isn't tempered by rational thought.
Enough innocents have died already!
Most of the replies to my post above said that it is war, not crime. This is in agreement with what President Bush has said. However
* We don't yet have a target. You can't just declare war on all bad guys in the world. Of the evidence which is available to the general public, the guilt of bin Laden is very uncertain right now. For all we know, it was a small group of Americans of Mideastern descent who executed these acts. I'm not saying that's it, I'm just saying wait until we know who did it before saying what we're going to do to them!
* If it does turn out to be a foreign terrorist organization, nuking them likely won't help. They aren't all hiding in one convenient location. You will just make martyrs of them.
I've been using Noriega as a (admittedly imperfect) analogy in discussions with friends. If the US had assassinated him, it would have created a martyr and put blood on our hands. Instead, he's just some nearly forgotten bum in a Florida jail today.
Numerous editorials in todays NY Post have advocated ignoring the law and using racist, mob logic to correct the injustice of yesterday's attack. These frothing calls to action are not only irresponsible, they are barbarous.
... should be as simple as it is swift - kill the bastards. No, I don't mean hunt them, arrest them, extradite them and prosecute them in a court of law. I mean a far quicker and neater form of retribution for this cabal of cowards. A gunshot between the eyes, blow them to smithereens, poison them if you have to."
"Who is responsible for yesterday's carnage? That's no great mystery."
- editorial 4006
The law of the land is innocent until proven guilty. Until there is concrete evidence pointing to the perpetrators of the terrorist attacks, there can be no action. If the US attacks without evidence, then we are terrorists as well, and would deserve all the condemnation we are piling on our - still unknown - attackers.
"To hell with Bill Clinton's 'gather the evidence and proceed to court' approach."
- editorial 4022
"The response
- Steve Dunleavy editorial 3999
Both of these editorialists call for dismissing the due process on which our justice system is based. They call for the removal of equal treatment under the law. These demands for extreme measures are demands for the creation of a dictatorship, of a police state. Assassinations, executions without trials, condemnation without evidence - these are the hallmarks of regimes like Stalin's Soviet Union, Mao Tse Tung's China and Hitler's Germany.
Consistent and reasoned responses are imperitive in civilized society. Everything else is barbarism.
Numerous editorials in todays NY Post have advocated ignoring the law and using racist, mob logic to correct the injustice of yesterday's attack. These frothing calls to action are not only irresponsible, they are barbarous.
... should be as simple as it is swift - kill the bastards. No, I don't mean hunt them, arrest them, extradite them and prosecute them in a court of law. I mean a far quicker and neater form of retribution for this cabal of cowards. A gunshot between the eyes, blow them to smithereens, poison them if you have to."
"Who is responsible for yesterday's carnage? That's no great mystery."
- editorial 4006
The law of the land is innocent until proven guilty. Until there is concrete evidence pointing to the perpetrators of the terrorist attacks, there can be no action. If the US attacks without evidence, then we are terrorists as well, and would deserve all the condemnation we are piling on our - still unknown - attackers.
"To hell with Bill Clinton's 'gather the evidence and proceed to court' approach."
- editorial 4022
"The response
- Steve Dunleavy editorial 3999
Both of these editorialists call for dismissing the due process on which our justice system is based. They call for the removal of equal treatment under the law. These demands for extreme measures are demands for the creation of a dictatorship, of a police state. Assassinations, executions without trials, condemnation without evidence - these are the hallmarks of regimes like Stalin's Soviet Union, Mao Tse Tung's China and Hitler's Germany.
Consistent and reasoned responses are imperiitive in civilized society. Everything else is barbarism.
I agree with others that Slashdot was great today. The focus on the disasters was admirable, and the information was high quality. Extra kudos to the posters who offered high quality links when it seemed that the world was slashdotted.
That said, I found that Slashdot was not the right source for news today. The news I got here was delayed (the stories) or hard to sift through (the posts). I found great fringe material (red cross info, missing persons sites, etc) and lots of mirrored material (thanks to all!) but it was diluted by speculation, rumor, flames and unchecked emotion. On the plus side, there was also support, prayers and many thoughtful discussions. Again, this diluted the news for better or for worse.
Instead, I found ananova to be the best site on the net today, with a simple, chronological list of relevent wire reports: ananova.com topic focus.
But I suspect I will find Slashdot to be the best site on the net for reflection over the next week or so.
Note, that this isn't criticism, but observation. Slashdot is more a community than a news source. This was an interesting mini-revelation for me today. Maybe Slashdot needs a QuickNews feature which lets stories go up faster (and get pulled down faster when proved inaccurate or inappropriate). I think a community run, up-to-the-minute news source would be valuable. Just some thoughts...
Anyone who uses a script like that is crazy. Next there will be a Code Red III which spoofs the originating IP and then your perl script becomes an unwitting part of a distributed DOS attack... Then YOU go to jail instead of the Code Red author.
With a good speech recognition package, this would be a good way to get extremely high compression for voice. Record your voice, convert to text, compress text, spit over the net, change back to *your* voice on the other end. It would require initially transmitting your voice profile. However, it would not work well with current technology because the lag during speech recognition would be quite noticable. Also, you would have to detect inflection in the speech recognition phase and encode that in the text.
This could also be very useful for deaf telephone users. Currently, a deaf person relies on a human relay to talk to a non-TDD equipped person. With good speech-to-text and text-to-speech technology the human middle-man could be removed, saving a ton of money.
Old job: dual fanned SGI O2 with three screaming external scsi disks on my desk -- I never really got to enjoy the great sound subsystem.
New job: Powerbook G3 with external monitor (dual head! woohoo!), kbd, mouse -- the only sounds it makes are from the sound system (and occasional barely audible DVD-ROM seeks). There are fifteen of us, all with Powerbooks, in one large room with NO cube walls and the loudest sound is usually the clattering of keyboards and clicking of mice. It's truly amazing how big a difference it makes.
Local disk storage was nice (fast!) but remote disk access is a price worth paying for quiet.
They are making a well-deserved comeback, with high appeal for environment and neighbor conscious people with yards smaller than a polo field.
[Note: it is not clear from the article if NCSU engineering is going 100% RH or just endorsing it. For this post I will assume the former. If that's wrong, I apologize]
..."
Why don't I hear anyone crying "Monopoly!" and "Freedom to choose!"? Change the name from RH to MS and the product from Linux to Win and the arguments would be totally different.
Tell me how this makes RH different from Microsoft (trying to nail a market by getting students to use their product so they will demand it as professionals)
Flawed logic in other posts:
1) "Not surprising, most engineering is UNIX
Just because it's popular doesn't mean it's good. We could say that "standardizing" on Microsoft is good since most Universities are Windows-dominated. I don't think any Linux advocate buys that.
2) "I'd rather see a university convert to Red Hat than yet another school move over to exclusively NT"
Who said a Univ has to choose any? What I suspect this poster means is that (s)he would rather use Linux. Just because you like Linux, does that mean it should be shoved down the throats of your classmates?
3) "...noone connected with [other] distributions are doing anything along these lines to promote Linux"
Is Linux promotion the ultimate good? Do the ends justify the means? It's one thing to advocate or endorse Linux to convince a user. It's quite another to work with the higher-ups and decree Linux is best, regardless of the actual task at hand.
Personal example: I prefer Linux, my wife prefers Windows. Despite the fact that I'm the techie of the house, I have not forced her to switch to Linux (even though I have a thousand reasons why it's better), and I think everyone would agree that this is the right choice. If you complain when someone makes you use Windows, then why not complain when someone forces you to use Linux?
Speaking of encrypting filesystems, has anyone tried encryting the swap dir? This is one place people always worry about data being compomised. Secure programs sometimes lock RAM while fiddling with passwords so they can't be swapped out.
What if you encrypted swap and kept the key in locked RAM with the kernel? If the machine crashes or reboots (perhaps into a different OS or a boot disk), the swap is unreadable as the key has been lost. The user would never need to see the key -- it could be generated at each boot by the kernel and never revealed.
So, Jon, does this mean you wouldn't mind if I bought a copy of one of your books, scanned it, and published it on my web site? I mean, DAMN, amazon is charging $16 for your recent book. Nobody should have to pay that much for a book, right?
I mean, are you really just out to make a buck or are you doing it for your fans?