I follow world politics carefully and am generally politically active. While it frightens me to see what's been happening in Canada lately (closely mirroring the US), we in Quebec have managed to avoid a lot of the nonsense using French as a form of natural encryption (allowing us to talk about things we're not supposed to talk about in English). I'm not kidding..:) Our media here is much more aggressive.
We have a strong local economy (despite the reports you may happen to read in Ontario and Alberta) and relaxed attitudes about work and "sins" (quickest declining religious affiliation in North America).
Good, polite, and fearless Americans: come visit Montreal, meet a Quebecois girl, and enjoy a multicultural, free and well educated people.
Sometimes you look at the security measures in place at airports and you have wonder whether it is just for show?
I'd take it one step further. The excessive security measures are designed to harass and delay everyday travellers to raise their ire. The majority will project their frustration onto "terrorists," and believe that the only way to return to simple, convenient air travel is to grant the powers that be carte blanche to attack whomever it sees fit.
Treo's crash due to 3rd party applications (at least with up to date firmware and default applications).
Nice try. Third party applications (whatever that means; this is a general purpose computer) do exaggerate the problem, but it stems from a number of flawed design decisions.
- NVFS / DBcache (somewhat fixed in latest firmware)
- Single threaded operation (supporting "background tasks" with a shared stack)
- No memory protection
- Buggy hardware (bluetooth reliability for me is about 85%)
Believe my, I love my Treo. But it was rushed out the door a year too early. It was not, and still to a large degree is not ready. PalmOne support is horrendously bad. I've exchanged my unit several times before I found one which was stable (though it still crashes or locks about once a week).
And yes, I was running the stripped Chinese (APR) 1.71 rom with English language files the day it was released; this certainly helped over the stock rom, but even the ROW 1.71 isn't where it should be in this day and age.
I own a Treo 650. It has its problems, but it's the best device I've ever owned.
One word. Convergence.
Seriously. If you're not interested in a cameraphone, don't buy one. But don't ruin it for people who DO want one.
Don't tell me you can't see the value of a single device that:
- Plays MP3s (meaning I don't have to carry an iPod in addition to a phone
- Plays video (I fly RC planes and have a collection of in-flight videos my friends like to see)
- Has an advanced calculator with unit conversion (which no self-respecting geek should be without)
- Has web, directory assistance (411), MSN, irc, SMS, and ssh access (meaning I can connect to servers at work when things go wrong)
- Has GPS software (TomTom) for in-car navigation, meaning I don't have to leave an expensive unit in the car, to get stolen
- Has a reasonably good 640x480 camera (meaning I can capture events without carrying a camera, plus photoblogging!)
- Has an address book, day planner, alert service, and journal
- Has an excellent (speaker)phone, with excellent call management features
Yes, it's expensive. But so are laptops, TVs, cable, rent, and cars. We all pick our toys. None of them are vital to the survival of our race. But, these are amazing times.
Which of Cuthbert's rights were violated when he broke the law and was convicted of doing so, again? I missed that part.
Excuse the Star Trek quotation.:) But it's a good one.
"There can be no justice so long as laws are absolute."
The investigators and prosecutors should lose their jobs for wasting taxpayer money, prosecuting a professional for something clearly non-malicious. You don't charge someone for break and enter if they walk up your driveway to read your house number.
What it should have said is that Cuthbert DID attempt to defraud the police. Very unprofessional behavior from a supposed "security professional."
We don't know that. All we know from the stories so far is that he "lied," but take that with a grain of salt. Lying means different things to different people.
Imagine explaining why redirecting ISP users' traffic to ad servers "cannot be done" to highly aggressive marketing people. It's a lie. It can be done. But it may not be worth the effort expenditure to explain to them, at a technical level, why this will cause big problems (disrupting forms, confusing browsers). They aren't the experts; that's why they hired you. If you tell them something like "Well, technically it can be done but yaddiyaddiyadda," they may ask you to go ahead and do it, regardless. Don't expect them to go on at length about why a certain ad campaign must include certain keywords or concepts.
Of course every situation is different, and it may sound egotistical to take this attitude, but it's important sometimes. A professor can't explain to his 10 year old son why electrons cannot be directly observed without lying a little bit; there's just too much ground to cover. "Observing with a photon will alter its state." "What's a photon dad?" "It's a little particl---" eeeehn. Lie. Well, sorta. You get the point.
In this case, the fact that he'd been arrested and charged for a directory traversal probably indicated to him that the people he was dealing with were incompetent. He probably figured that the best odds he had to making this thing blow over was to tell them what they needed to hear, to make them go away.
"All I did was access the site using normal web access practices."
As a fellow security consultant, I cannot believe the comments I've read for this article so far. Have people lost their self respect so fully that they hand every last shred of individual right and responsibility over to the state?
Judge Purdy said that Cuthbert was "deliberately trying to throw the police off the trail", by saying one thing and then another.
Well no shit! The people who were prosecuting him clearly couldn't handle the truth. These are not reasonable people. One who arrests another for a directory traversal (with no evidence of cracking) is not a reasonable person.
The very fact the investigators couldn't discern between a cracking attempt and a directory traversal is evidence that the they were not capable of handling this type of work. Being an intelligent person, he probably figured the best course of action (to end this as quickly as possible) was to give the information to them in a way they could understand.
For example, if I were arrested for the same "offense," I would probably state something like this:
"I wasn't hacking; I was just using standard web access techniques to validate the site's identity."
Which, depending on your level of ignorance, may be construed as "lying." The investigator may live under the impression that the only type of web access which is "standard" is logging on the site using the main form. The investigators probably felt he was being an arrogant prick and wanted to make an example of him. This is not the purpose of law.
This guy donates 30 pounds to a charity, for which he receives no verification. He practices due diligence (against a phishing attack) by validating the authenticity of the site. And they have the nerve not only to arrest him, but to prosecute him! And convict him!
I am repulsed, and I weep for the security community.
Why is it that people are so fixated on screen size? Everywhere you see "15 inch screen" or "3.3 inch LCD" and nowhere do they mention the resolution; mostly it's because they're low resolution screen!
Which brings me to the point: What is it with low-res devices? 320x200 is bearly enough to run a simple contact manager, let alone do any useful work. If your eyes are too bad to see a 2.5" screen at 320x200, get glasses! Or, just enlarge the font. It looks more crisp and easy to read anyway.
And stop buying low-res devices, or that's all companies will produce!
Just cram more pixels in there, and the image gets sharper. If you can't read tiny fonts, get glasses, or hold the display closer to your eyes. Or increase the font size.
I'm with you for almost all your points. But, wifi is a godsend.
Yes it's a power hog, but 2 hours of 802.11 on a PDA at a hotspot is better than 2 hours of GPRS (especially for those who must pay per byte). It's infinitely faster and more reliable. And nothing says you can't suspend your radio while you work.
And in terms of cost.. sure, it's expensive. But if your reasoning is that you're likely to break and drop it... well, be careful!:) Buy a leather case or rubber skin to protect it. It's a delicate piece of technology; there's no getting around it (lightweight, cheap, durable.. pick two).
Myself, I've got a Treo 650, I love it. I think this LifeDrive is a huge waste of time and money, especially considering it doesn't run Cobalt. I don't get PDAs, though (anymore); I've owned a few in my lifetime (BOSS organizer, Palm III, V, Zaurus C760 (running debian:)), but ever since I got my Treo I could never go back.
There is just nothing like having one device to carry around, with everything - MP3s (2gb SD), movies for flights, schedule, accounts and passwords, web browser, phone, email, MSN, IRC, SSH, photoblogging... the list goes on and on. Paired with an unlimited GPRS account it's unstoppable.. EXCEPT.. no WIFI!:)
And with regards to the camera, the megapixel+ cameras on phones these days use higher quality lenses and CCDs than their 640x480 (and lower) counterparts. They're still crap, but at least they're better crap.
The car I grew up with was like this. When it broke down my dad would get out the 500 page maintenance manual (they used to have those things for cars) and fix it himself. Now even mechanics can't fix some cars unless they pay the manufacturer for the 'right' to know how the hell the car's operating system works.
Interesting. I hear this over and over again, and I'm not really sure where it comes from. I suppose people don't want to be bothered learning new technology as things change, but speaking as a home mechanic who has changed fairly major components on a modern vehicle (clutch, suspension, brakes, etc), I can tell you that computers are 1% of what makes a car today.
Computers today are still used mainly to optimize things like fuel maps and ignition timing. This whole "mechanic opening the hood and connecting a laptop" thing is simply a myth. Of course it depends on the nature of the failure, but the vast majority of automotive diagnostic includes analyzing the symptoms, checking for worn bearings and bushings, bent shafts, burned plugs, loose wires, and bad sensors.
Computer diagnostics help locate the failing part sometimes, but most problems are purely mechanical. Computers, and in general, electronics, do not fail. Particularly on older cars, nearly *all* failures are mechanical.
And finally, this whole "proprietary systems" junk is nonsense. In North America at least, all modern vehicles conform to an open specification called OBD-II.
Wow. Now *that* is a company that wants your business. Litigious corporations apt to sue their customers to silence them in a similar situation, take note:
I don't mean to pooh pooh this idea just because it's somewhat Windows specific but the only real advantage I see to this over snmp is that the delivery modes are more sophisticated and the data can be organized hierarchally.
The SNMP MIB tree is hierarchical. For example, the "version" parameter of NET-SNMP can be found by querying:
ucdavis.version.versionTag
Furthermore, these names have corresponding OID numbers, which are universally unique.
So why not just add builtin event notification to snmp?
Anyway, in re-reading what I wrote I realized I could have phrased some things better.. it's not entirely correct that they're offering to re-buy the software from you.. a refund *is* different and is taxed differently... and a few other inaccuracies, but on the whole, as far as I know, it's legally sound.
s interesting to note, however, that a lot of the decisions were built upon Blizzard's stating that a person can take the software home, read the EULA, reject it, then take it back to the store for a refund within 30 days. I didn't see anywhere pointed out that you won't actually GET a refund in the real world. So Blizzard offers a "way out" of the one-sided contract that cannot actually be used.
Living in Canada, once I purchase a software title at a retail outlet, that copy of the software belongs to me, regardless of any contract forms included in the box (the copy becomes the purchaser's personal property). If the vendor wanted me to return it if I didn't agree to their contract, they must have made that a purchase stipulation (via contract) before the sale was executed.
They are asking *you* to take a specific action with your property.
Here is a piece of paper/dialog box with terms of agreement written down. Please agree to these terms. If you don't agree to these terms, please take the action of selling us the software back at the cost you paid for it.
That is, they are offering to re-buy the software from you (a refund).
However, since you own the software copy in question (and the legal right to use it, as assigned by our equivalents of the first sale doctrine and copyright law), it's up to you - not them - to decide if you want to sell them back the software. They give you two choices (agree to the terms, or return it), what binds you to agree with either of them?
That's the trouble with selling things. You don't get to ask for them back.:)
Now before people start waving their arms around with "You've got nothing to worry about unless you've got something to hide", keep in mind that information can always be used for purposes other than stopping terrorism. Information can be used for political reasons as well.
Forget political reasons. What if you do have something to hide?
No, I'm serious. You're a criminal. I'm a criminal. We're all criminals. You've downloaded copyrighted movies/mp3s, he's smoked some drugs, she sat at the front of the bus, and I've driven 19mph over the speed limit.
There are so many laws in America, it's simply a matter of whether someone gets caught.
I for one am not interested in giving the "powers that be" any more control/surveillance capacity than they already have.
What high innovation rate? Software is doing the same shit today that it was doing back in '95, we just have prettier interfaces now. I'd hardly call that innovation.
We all see what we want to see, I suppose. How about:
- Konqueror's KIO abstracted protocol interface
- Extensively reliable plug-in based software (IM, firefox, etc). Do you remember what generic software extensions were like in 1995?
- Dancing tree filesystems
- MPEG4/divx/ogg vorbis, theora
- Hashing-based multipart/swarming P2P clients
- Freenet
- New Linux VMs and schedulers
- Mouse gestures
- Bayesian spam filters
- MOSIX
Though I'd give anything for internal bluetooth, have you seen this?
I got one for my C760 a couple months ago, and can't live without it. Serial-over-bluetooth without taking the CF slot, and pairs with every phone I've tried (plus your PC, using the included USB adapter).
Thanks for all your hard work Marcelo! I think I speak for the community when I say we all you a great debt of gratitude.
And of course, thanks Linus for choosing him!:)
And last, but certainly not least, kudos to all kernel contributors. You guys make it happen.
Ok, now back to my compile.;)
Slashdot Mirror
I follow world politics carefully and am generally politically active. While it frightens me to see what's been happening in Canada lately (closely mirroring the US), we in Quebec have managed to avoid a lot of the nonsense using French as a form of natural encryption (allowing us to talk about things we're not supposed to talk about in English). I'm not kidding.. :) Our media here is much more aggressive.
We have a strong local economy (despite the reports you may happen to read in Ontario and Alberta) and relaxed attitudes about work and "sins" (quickest declining religious affiliation in North America).
Good, polite, and fearless Americans: come visit Montreal, meet a Quebecois girl, and enjoy a multicultural, free and well educated people.
Sometimes you look at the security measures in place at airports and you have wonder whether it is just for show?
I'd take it one step further. The excessive security measures are designed to harass and delay everyday travellers to raise their ire. The majority will project their frustration onto "terrorists," and believe that the only way to return to simple, convenient air travel is to grant the powers that be carte blanche to attack whomever it sees fit.
I'd say it's working quite well.Nice try. Third party applications (whatever that means; this is a general purpose computer) do exaggerate the problem, but it stems from a number of flawed design decisions.
- NVFS / DBcache (somewhat fixed in latest firmware)
- Single threaded operation (supporting "background tasks" with a shared stack)
- No memory protection
- Buggy hardware (bluetooth reliability for me is about 85%)
Believe my, I love my Treo. But it was rushed out the door a year too early. It was not, and still to a large degree is not ready. PalmOne support is horrendously bad. I've exchanged my unit several times before I found one which was stable (though it still crashes or locks about once a week).
And yes, I was running the stripped Chinese (APR) 1.71 rom with English language files the day it was released; this certainly helped over the stock rom, but even the ROW 1.71 isn't where it should be in this day and age.
I own a Treo 650. It has its problems, but it's the best device I've ever owned.
One word. Convergence.
Seriously. If you're not interested in a cameraphone, don't buy one. But don't ruin it for people who DO want one.
Don't tell me you can't see the value of a single device that:
- Plays MP3s (meaning I don't have to carry an iPod in addition to a phone
- Plays video (I fly RC planes and have a collection of in-flight videos my friends like to see)
- Has an advanced calculator with unit conversion (which no self-respecting geek should be without)
- Has web, directory assistance (411), MSN, irc, SMS, and ssh access (meaning I can connect to servers at work when things go wrong)
- Has GPS software (TomTom) for in-car navigation, meaning I don't have to leave an expensive unit in the car, to get stolen
- Has a reasonably good 640x480 camera (meaning I can capture events without carrying a camera, plus photoblogging!)
- Has an address book, day planner, alert service, and journal
- Has an excellent (speaker)phone, with excellent call management features
Yes, it's expensive. But so are laptops, TVs, cable, rent, and cars. We all pick our toys. None of them are vital to the survival of our race. But, these are amazing times.
Excuse the Star Trek quotation. :) But it's a good one.
"There can be no justice so long as laws are absolute."
The investigators and prosecutors should lose their jobs for wasting taxpayer money, prosecuting a professional for something clearly non-malicious. You don't charge someone for break and enter if they walk up your driveway to read your house number.
We don't know that. All we know from the stories so far is that he "lied," but take that with a grain of salt. Lying means different things to different people.
Imagine explaining why redirecting ISP users' traffic to ad servers "cannot be done" to highly aggressive marketing people. It's a lie. It can be done. But it may not be worth the effort expenditure to explain to them, at a technical level, why this will cause big problems (disrupting forms, confusing browsers). They aren't the experts; that's why they hired you. If you tell them something like "Well, technically it can be done but yaddiyaddiyadda," they may ask you to go ahead and do it, regardless. Don't expect them to go on at length about why a certain ad campaign must include certain keywords or concepts.
Of course every situation is different, and it may sound egotistical to take this attitude, but it's important sometimes. A professor can't explain to his 10 year old son why electrons cannot be directly observed without lying a little bit; there's just too much ground to cover. "Observing with a photon will alter its state." "What's a photon dad?" "It's a little particl---" eeeehn. Lie. Well, sorta. You get the point.
In this case, the fact that he'd been arrested and charged for a directory traversal probably indicated to him that the people he was dealing with were incompetent. He probably figured that the best odds he had to making this thing blow over was to tell them what they needed to hear, to make them go away.
"All I did was access the site using normal web access practices."
Is it a lie? Depends who you ask.
I'd really like to know exactly what was said.
Judge Purdy said that Cuthbert was "deliberately trying to throw the police off the trail", by saying one thing and then another.
Well no shit! The people who were prosecuting him clearly couldn't handle the truth. These are not reasonable people. One who arrests another for a directory traversal (with no evidence of cracking) is not a reasonable person.
The very fact the investigators couldn't discern between a cracking attempt and a directory traversal is evidence that the they were not capable of handling this type of work. Being an intelligent person, he probably figured the best course of action (to end this as quickly as possible) was to give the information to them in a way they could understand.
For example, if I were arrested for the same "offense," I would probably state something like this:
"I wasn't hacking; I was just using standard web access techniques to validate the site's identity."
Which, depending on your level of ignorance, may be construed as "lying." The investigator may live under the impression that the only type of web access which is "standard" is logging on the site using the main form. The investigators probably felt he was being an arrogant prick and wanted to make an example of him. This is not the purpose of law.
This guy donates 30 pounds to a charity, for which he receives no verification. He practices due diligence (against a phishing attack) by validating the authenticity of the site. And they have the nerve not only to arrest him, but to prosecute him! And convict him!
I am repulsed, and I weep for the security community.
Which brings me to the point: What is it with low-res devices? 320x200 is bearly enough to run a simple contact manager, let alone do any useful work. If your eyes are too bad to see a 2.5" screen at 320x200, get glasses! Or, just enlarge the font. It looks more crisp and easy to read anyway.
And stop buying low-res devices, or that's all companies will produce!
How many 640x480 PDAs are there these days? 3? 4?
Actually I'd say he's one of the few Americans who deserve the title...
Don't you yanks all swear to uphold and protect the constitution, so help you god? Don't you have the right to protect against home invasion?
It's a shame it has to come to this.
Just cram more pixels in there, and the image gets sharper. If you can't read tiny fonts, get glasses, or hold the display closer to your eyes. Or increase the font size.
Imagine 640x640 on a smartphone..
Yes it's a power hog, but 2 hours of 802.11 on a PDA at a hotspot is better than 2 hours of GPRS (especially for those who must pay per byte). It's infinitely faster and more reliable. And nothing says you can't suspend your radio while you work.
And in terms of cost.. sure, it's expensive. But if your reasoning is that you're likely to break and drop it... well, be careful! :) Buy a leather case or rubber skin to protect it. It's a delicate piece of technology; there's no getting around it (lightweight, cheap, durable.. pick two).
Myself, I've got a Treo 650, I love it. I think this LifeDrive is a huge waste of time and money, especially considering it doesn't run Cobalt. I don't get PDAs, though (anymore); I've owned a few in my lifetime (BOSS organizer, Palm III, V, Zaurus C760 (running debian :)), but ever since I got my Treo I could never go back.
There is just nothing like having one device to carry around, with everything - MP3s (2gb SD), movies for flights, schedule, accounts and passwords, web browser, phone, email, MSN, IRC, SSH, photoblogging... the list goes on and on. Paired with an unlimited GPRS account it's unstoppable.. EXCEPT.. no WIFI! :)
And with regards to the camera, the megapixel+ cameras on phones these days use higher quality lenses and CCDs than their 640x480 (and lower) counterparts. They're still crap, but at least they're better crap.
As a Canadian, let me just say: this isn't socialism; this is corruption. It's not limited to the US.
Interesting. I hear this over and over again, and I'm not really sure where it comes from. I suppose people don't want to be bothered learning new technology as things change, but speaking as a home mechanic who has changed fairly major components on a modern vehicle (clutch, suspension, brakes, etc), I can tell you that computers are 1% of what makes a car today.
Computers today are still used mainly to optimize things like fuel maps and ignition timing. This whole "mechanic opening the hood and connecting a laptop" thing is simply a myth. Of course it depends on the nature of the failure, but the vast majority of automotive diagnostic includes analyzing the symptoms, checking for worn bearings and bushings, bent shafts, burned plugs, loose wires, and bad sensors.
Computer diagnostics help locate the failing part sometimes, but most problems are purely mechanical. Computers, and in general, electronics, do not fail. Particularly on older cars, nearly *all* failures are mechanical.
And finally, this whole "proprietary systems" junk is nonsense. In North America at least, all modern vehicles conform to an open specification called OBD-II.
"This kind of bias makes me physically ill. Let's not forget that people used to say that women couldn't drive an automobile." Bad example. ;)
This is how you're supposed to do business!
Kudos to Palmone.
Physicists Finally Solve the Failing-Paper Problem
Oh, if only :~(
<mutter>back to studying I guess.</mutter>
The SNMP MIB tree is hierarchical. For example, the "version" parameter of NET-SNMP can be found by querying:
Furthermore, these names have corresponding OID numbers, which are universally unique.
So why not just add builtin event notification to snmp?
What, like SNMP traps?
Come on.. this stuff ain't new. :)
Anyway, in re-reading what I wrote I realized I could have phrased some things better.. it's not entirely correct that they're offering to re-buy the software from you.. a refund *is* different and is taxed differently... and a few other inaccuracies, but on the whole, as far as I know, it's legally sound.
Living in Canada, once I purchase a software title at a retail outlet, that copy of the software belongs to me, regardless of any contract forms included in the box (the copy becomes the purchaser's personal property). If the vendor wanted me to return it if I didn't agree to their contract, they must have made that a purchase stipulation (via contract) before the sale was executed.
They are asking *you* to take a specific action with your property.
Here is a piece of paper/dialog box with terms of agreement written down. Please agree to these terms. If you don't agree to these terms, please take the action of selling us the software back at the cost you paid for it.
That is, they are offering to re-buy the software from you (a refund).
However, since you own the software copy in question (and the legal right to use it, as assigned by our equivalents of the first sale doctrine and copyright law), it's up to you - not them - to decide if you want to sell them back the software. They give you two choices (agree to the terms, or return it), what binds you to agree with either of them?
That's the trouble with selling things. You don't get to ask for them back. :)
Anyway, that's how it works up here.
Forget political reasons. What if you do have something to hide?
No, I'm serious. You're a criminal. I'm a criminal. We're all criminals. You've downloaded copyrighted movies/mp3s, he's smoked some drugs, she sat at the front of the bus, and I've driven 19mph over the speed limit.
There are so many laws in America, it's simply a matter of whether someone gets caught.
I for one am not interested in giving the "powers that be" any more control/surveillance capacity than they already have.
Clearly this law is incompatible with American society.. tens of millions of people cannot be wrong.
We all see what we want to see, I suppose. How about:
- Konqueror's KIO abstracted protocol interface
- Extensively reliable plug-in based software (IM, firefox, etc). Do you remember what generic software extensions were like in 1995?
- Dancing tree filesystems
- MPEG4/divx/ogg vorbis, theora
- Hashing-based multipart/swarming P2P clients
- Freenet - New Linux VMs and schedulers
- Mouse gestures
- Bayesian spam filters
- MOSIX
No innovation? Open your eyes.
I got one for my C760 a couple months ago, and can't live without it. Serial-over-bluetooth without taking the CF slot, and pairs with every phone I've tried (plus your PC, using the included USB adapter).
Well put.
Thanks for all your hard work Marcelo! I think I speak for the community when I say we all you a great debt of gratitude. And of course, thanks Linus for choosing him! :)
And last, but certainly not least, kudos to all kernel contributors. You guys make it happen.
Ok, now back to my compile. ;)