Slashdot Mirror


User: pla

pla's activity in the archive.

Stories
0
Comments
6,765
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,765

  1. Re:OT: SciFi and apostrophe names on New Star Wars TV Series Confirmed · · Score: 1

    It's not clear why they choose to use apostrophes rather than, say, umlauts (à la Mötley Crüe) - or peculiar alien squiggles, come to that.

    Because umlauts have a preexisting (and presumeably incorrect for the context) meaning as regards pronunciation, and standard English keyboards lack peculiar alien squiggles.

    Although I might have it totally wrong, the use of an apostrophe in transliterated "alien" words always made perfect sense to me - Just a sort of stutter or very short pause. This serves to break up what would otherwise amount to a dipthong, or allows vocalization of two identical sounds (the "silent consonant" theory, or just lets you reposition the tongue between two awkward consonants (a sort of "silent vowel", not necessarily a "strange" one).

  2. Re:Can someone... on Initial Reactions to Fedora Core 5 · · Score: 1

    Can someone tell me what the actuall differences are between the major linux distro's?

    If you really want a detailed list of differences, just compare each distro's list of which versions of which packages they include.

    Beyond that, the differences exist as more of a philosophical matter than anything you would necessarily notice at a glance or any packages you'll find outright missing.

    For example, Slackware tries to look the most Unix-like. Debian tries to use absolutely nothing except free-as-in-speech software. Gentoo tries to squeeze as much performance as possible out of a specific system by compiling the entire distro on the spot. Redhat tries to make sure their business versions work as intended by using the Fedora line for testing.

    In practice, though, they all have basically the same things installed, in one or two semi-standard locations.

    As for which you should use - Entirely up to you. I considered myself a Slackware guy until the 10.x line, where I kept getting kernel "Oops"es (on three totally different machines, so not just bad hardware on one of them). On one of them, I have FC4 running now, and I'll probably move the others to Fedora as well if it runs stably enough.

    And just to drive home my point about the similarity - As my basis for choosing FC4 over Debian Stable, I could FTP all four RH4 install ISOs at once from different sites, while I couldn't get a single HTTP or FTP debian mirror to let me have them without throttling me (and Debian fans, don't bother telling me about Jigdo or to just use BitTorrent - I just wanted to get a single machine back up ASAP, not learn how to use yet another zealously-required download manager).

  3. "Other projects" not the problem... on OpenBSD Project in Financial Danger · · Score: 1

    What I want to point out what a lot of people don't seem to realize is that OpenSSH development is paid from the same pool of money as OpenBSD. OpenSSH is in use by millions around the world however the revenue stream just simply isn't there

    Okay, to explain why I consider that sooooo wrong, I present an analogy...

    The US space program costs billions of dollars per year, and really doesn't "do" all that much - aside from the occasional high-profile exploration mission, it primarily launches satellites for the US military. Yet, it has given us, as a side benefit of solving the problems inherent in getting to and living in space, countless synthetic materials and advanced manufacturing techniques.

    Even if the space program ended tomorrow, we'd still have the results of all its work. We can even keep researching ideas such as nanotubes, completely independant of the possibility of a space elevator.


    If OpenSSH does well while OpenBSD teeters on the edge of collapse, perhaps a reprioritization of the larger group seems in order?


    Ditch the shuttle, but keep the weather satellites.

  4. Re:This just in: on Sudo vs. Root · · Score: 2, Informative

    You can configure pretty much any group or role based permission you want;

    With one slight problem... Yes, for a handful of well-known low-complexity programs, you can lock down sudo. For anything more, you may as well just give the user root... For example, if you let your sudo'ers use any shell or editor, or invoke any world-writeable script, game over. Most process-, file-, and account-management programs. Anything that allows explicity suspending to a shell (or invoking an arbitrary subprogram). I could go on.

    As an off-the-cuff generalization, I'd go so far as to say that most programs you need to run as root, you can use to trivially gain "normal" root access to a system. And while you might argue that you generally trust your sudo'ers more than your random users, never forget the old maxim "never attribute to malice that which you can explain as laziness".

  5. Re:Email, problem. Cell phones, not a problem. on FBI Agents Don't Have Email Access · · Score: 3, Insightful

    Repeat after me, the Web is not the Internet

    No kidding... Your point?

    I also don't want to read email (which increasingly includes web-like formatting), chat on IRC, or read UseNET on a 1.5 inch screen; And my phone doesn't make the best destination for downloading files via FTP or any P2P; And it takes far too long to enter alphanumeric data to make anything even remotely interactive (ie, ssh) useful on a cellphone.

    I suppose getting an RSS feed might prove vaguely useful, but not nearly enough to justify the increased expense - And y'know, with a government that can't seem to spend our tax dollars fast enough, I can't say it really bothers me that the FBI hasn't caught on to yet another way to waste our money.

    So, repeat after me - Contextually useless distinctions don't require enumeration.

  6. Email, problem. Cell phones, not a problem. on FBI Agents Don't Have Email Access · · Score: 4, Insightful

    and only 100 of the 2000 New York FBI agents have a Internet-ready mobile phone.

    So? I make my living as a geek, and don't have an internet-ready cell phone.

    Why would I pay more, for a service redundant with something I already have, yet with a far lower quality presentation?

    When I want to do something online, I'll use a PC. When I want to call someone, I'll use my cell phone. They each serve entirely separate purposes, and as long as my eyes work better scanning large surfaces than a 1.5 inch square, they will continue serving different purposes.

  7. Re:For the love of Pete... on Patriot Act Game Pokes Fun at Government · · Score: 1
    This is just the sort of response which I was complaining about. You speak so generally, I have no idea whether it is true or not.

    As part of the problem here, our code of law has grown so complex that the average person cannot make sense of it. For example, the USA PATRIOT act includes the following, as a typical, possibly relevant to your query, and unintelligible clause:

    SEC. 201. AUTHORITY TO INTERCEPT WIRE, ORAL, AND ELECTRONIC COMMUNICATIONS RELATING TO TERRORISM.

    Section 2516(1) of title 18, United States Code, is amended--
    (1) by redesignating paragraph (p), as so redesignated by section 434(2) of the Antiterrorism and Effective Death Penalty Act of 1996 Public Law 104-132; 110 Stat. 1274), as paragraph (r); and

    (2) by inserting after paragraph (p), as so redesignated by section 201(3) of the Illegal Immigration Reform and Immigrant Responsibility Act of 1996 (division C of Public Law 104-208; 110 Stat. 3009-565), the following new paragraph:
    `(q) any criminal violation of section 229 (relating to chemical weapons); or sections 2332, 2332a, 2332b, 2332d, 2339A, or 2339B of this title (relating to terrorism); or'.

    The rest of it reads pretty much the same, just an endless stream of external references and suspicious drop-in replacements (I didn't abruptly end that quote - It really does just stop with an extended disjunction!) that only a lawyer (and probably only one familiar with this specific topic) can make even the vaguest sense out of it.

    Thus, as much as I agree with you in that I absolutely loathe having to depend on other people's interpretations, on this matter, we don't have much choice. Pick a talking head that you trust, and do some fact checking, but it unfortunately reduces to "do I trust the EFF or Alberto 'Torquemada' Gonzales more?"
  8. Re:What Is The Story here? on DoJ Following Porn Blocker Advances? · · Score: 1

    I don't understand why this summary has to bring the government into this or speculate that they might do something. There's no evidence of impending censorship, no political issues at work here.

    Although I agree that this FP has little to do with government regulation (other than a sort of "proof of concept" for potentially effective porn blocking), we have plenty of proof that the current administration wants to censor the internet... The entire quest to make Google turn over search records on a legal fishing trip that makes SCO look like they have a case by comparison, for example.

    Whether you like Bush or hate him, he clearly adheres to the wishes of his ultra crispy base in fighting porn (by way of the DoJ). If you don't see the threat of a censored net before 2008,you need to open your eyes and stop believing the doublespeak... When people start believing lines such as "We have protected civil liberties by extending the patriot act", they pose more of a threat to this country than Osama ever did.

  9. Re:The Invisible Downloader. on Canadian Record Industry Disputes Own P2P Claims · · Score: 1

    In keeping with the invisible nature of P2P (intentional or otherwise). How does anyone know that they have the facts?

    1) Arguably not illegal in Canada.
    2) Many people brag about the size of their pirated collection.
    3) If you consider P2P as even remotely "anonymous", I have a bridge to sell...

  10. Cue the jokes about thoughtcrime... on SCOTUS To Hear Patentable Thought Case · · Score: 1

    No, seriously... We need to remind the asshats in Washington that we consider the idea of legislating thought so obnoxious that we mock the very idea.

    They might not get the jokes, but we'll still have the last laugh, one way or another...

  11. Re:About this kind of software competition on Vista May Put Anti-Spyware Companies Out · · Score: 1

    I really don't mind if Microsoft would similarly put Windows antivirus companies "out of business" either.

    I have to wonder how any for-profit antispyware companies managed to stay in business in the first place...

    The two best anti-spyware programs out there, AdAware and Spybot (I won't count Giant because MS borged them), come for free (as in beer, but still free).

    In that environment, how does any company make a profit selling a competing product? I seem to recall Netscape making a similar complaint long ago (although I personally thought they had the superior browser, so they arguably had a bit more right to whine than the antispyware folks).

    Strange. I just don't understand the business world. But then, I guess I enjoy considering myself reasonably sane.

  12. Re:Fake - second console plugged into TV on Xbox 360 Backup Discs Bootable · · Score: 0

    They don't show the inputs on the back or mention how the "hack" was done for obvious reasons

    I agree, obvious indeed! Namely, "They thought we might find it more useful to see the front of the TV". Although, I suppose you could also argue "because they don't have a transparent TV".

    Now, they could have used a mirror... But wait! We wouldn't see the back of the mirror! It might actually contain a high-resolution display rather than a mirror, which they use to trick us into thinking we can see the back of the TV! So how about two mirrors?


    As for mentioning how they did the hack... From the FP, "the hack has not been released to the public ... but all the research of the last few months is publicly viewable." Translation - Go ahead and compile your own hack (or wait for someone else to release exactly that in a few hours), they just won't give you a one-click attack.

  13. Re:You Must Have a Lot of Stuff on HD-DVD and Blu-Ray Coming Soon to PCs · · Score: 1

    You Must Have a Lot of Stuff

    Like I said, you can consider me a packrat. I still have ISOs of every major Slackware release back to 2.1 (along with a splash of other distros). ISOs of every data-CD I've ever bought (including driver CDs from hardware all the way back to my first CD-ROM drive). FLAC rips of every audio CD I've ever bought (and I have a lot of CDs). More flash animations, short movies, and other random pop-web-media than you can shake a stick at (and "Yes Virginia, there is porn"... No pun against "shake a stick at" intended). And of course, HDDs, going back to a complete final-state image of my first HDD, a 10MB monster slightly bigger than my PC and which connected to the game controller port.

    And in a few years, when storage sizes grow and prices drop sufficiently, I'll put all my DVDs on there as well. The way I see it, I have a few hundred pounds of CDs and DVDs (including cases, of course) and literally a few tons of books (sadly, I don't have all of those in digital form, though I keep working toward that goal). Not to mention a digital photo-album that would also probably weight more than I could carry all at once, if I used a film-camera. In a fire, after my own butt, what would I stop to save out of all that? A lot of people might say "nothing", or try to get everything and fail (or even die trying). I have a quick, easy, and safe answer - Grab the already-offline backup fileserver which lives about 6ft from my front door, and run . Clothes come second. ;-)


    Kinda sad to think that aside from my friends, the majority of my life that I care about fits in an 8x14x19 aluminum box... But, so it goes. ;-)

  14. Re:The underlying problem is still piracy. on Sony DRM and the New Digital Hole · · Score: 2, Insightful

    Hate to feed the trolls (and my most recent mod points just expired, damn!), but...


    The fact of the matter is that, whatever pseudophilosophical bullshit exceptions people give here

    You do realize that copyright itself counts as a "pseudophilosophical bullshit exception" to physical reality, right? You don't have a natural "right" to control copying and distribution of something just because you happened to put a particular combination of words/notes together, of which 99.99% of your "creation" already existed just under the surface of the culture that spawned you? You only have some protection because society as a whole values your work in entertaining us and, however little, for enriching our culture as a whole. Shift the balance just the teensiest bit, and the only justification of your copy-"right" vanishes like the fiction on which we've based it.


    (such as the "wink wink" 'backing up my DVDs' nonsense of the submitter)

    Some people will pirate movies. Some people really just want to back them up . Most of us fall somewhere between those two, wanting backups of our own movies, and not really caring if we have a few copied movies or CDs for which we don't own the original. Almost all of us prefer to reward the creator, however, thus the delicate balance we have between copy rights and fair-use rights. To repeat, don't mistake a copy-right as a natural right; it exists only at the whim of society as a whole.


    It doesn't matter if you think 70 years is too long for copyright.

    True, it doesn't - Nor does it matter if you think it too short, or just right. My previous point will hold whether you make copyright last forever, or for a week. Deal.


    mindless overcommercialized shite and that somehow justifies your piracy.

    Who needs justification? You seem to have missed the point. We. Don't. Care. "They" have failed to act in good faith in upholding their end of the social contract implicit in copyrights. "We" have started responding in kind. "They" will lose.


    You are not engaging in meaningful rebellion against 'the corporate overlords' by engaging in software piracy. you are not gandhi.

    "meaning" exists after-the-fact, and the victors get to define it. Ghandi promoted passive terrorism, tax evasion, and open sedition. But he won, so we think of him as some sort of frickin' saint.


    You help no artist with your piracy, period.

    Heard of Galactic Civilizations II? You might have, it made it to the Slashdot FP recently. Or LsL:LotLL? Or for a more blunt example, heard of Microsoft Windows, probably the single most pirated yet best-selling product line in the history of computers? Not that I really care, though - Just because you have that particular point wrong doesn't mean its truth has any influence on this topic.


    It is not possible to successfully find some 'loophole' in the concept of fair use. There's simply no such thing because fair use by definition is a fungible thing

    I would like to see your definition of "fungible". However, I will agree that you can't find loopholes in fair-use, because fair-use itself exists as nothing more than the holes in copyright law. But to repeat myself yet again, what you consider "fair" use really doesn't matter, because we define collectively which fictions we allow to remain codified as law, and individually which ones we adhere to.


    Yes, companies occasionally trip over themselves and make mistakes while trying to protect their goods. but making that the central issue (as slashdot always does) as opposed to addressing the fundamental problem is just wrong.

    I agree completely. The "fundamental problem" here involves the idea that we grant corporeal status and human rights to non-human groups assembled for the solue purpose of extracting profit from society. Yet the same penalties we can apply to humans cannot, in practice, apply to corporations. Thus we have a problem.

  15. Re:Great For Backups on HD-DVD and Blu-Ray Coming Soon to PCs · · Score: 2, Interesting

    With the very large capacity hard drives out there, this, although it looks expensive, just might be the lesser expensive way to back up one's entire system, or entire hard drives.

    Looks expensive? Heh... I place a pretty high value on my time and my sanity. And really, a full live backup system doesn't cost all that much, nevermind just using an external USB HDD!

    About a year ago I started on a quest to back up my home fileserver to DVD, a few discs per week. I can deal with my or my SO's PC dying completely, but if my poor fileserver went down... Well, the mere thought scares me to the point that I started leaving it turned off and unplugged most of the time, not the most useful state (not to mention that a system has the best chance of dying on startup, but an unplugged system won't die in a thunderstorm).

    After a couple months, I realized I would never finish that project, since it would take well over a hundred DVDs, and a small subset of that changed often enough by itself to take most of a DVD once a week (hey, I admit it, you could describe me as a digital packrat - Anything that touches my PC, I keep there. Well organized, mind you, but still, it takes up (cheap) space).

    So, I now have a live fileserver and a backup fileserver. I rsync them once per week, takes about 5 minutes over GigE (though almost a full day for the initial backup), then take the backup machine offline. This gives me the best of both worlds... Something like a nearby lightning strike might hurt the live machine, but the backup machine would survive. A multi-drive failure on the backup machine would suck, but I'd still have the live machine to re-backup from.


    I went for decent quality hardware, but could have pulled off the entire project for under $600 (I just now configured such a complete system (headless) at NewEgg - 1.1TB, Sempron64, 512MB - for $567.87). I blew closer to a grand on my own new machine, but have 1.2TB, a gig of fast RAM, same CPU (hey, like a fileserver needs a lot of horsepower?), SeaSonic PS, and a Lian-Li case (no, I don't care how it looks - I care that it had seven (or more - two 3-bay ThermalTake iCages plus an optical drive) external 5.25" bays in a mid-tower form, and only the PC3077 met that condition - and yes, it does have 7 bays - The entire front control panel thing slides out and you can throw it away if you want, no Dremel-use required). And it draws only 67W (about half what the old one ate), runs nearly silent and within a few degrees of ambient (4 120MM fans in it!).


    As the only wish-list item remaining (other than 1TB+ optical writeable discs, of course, which would make all of this discussion irrelevant), I would like to find a way to grow a RAID-5 array. I use striped LVM2 on the live machine, which gives great performance and I can grow the FS just by adding another drive, but on the backup machine, I really want single-drive failure tolerance - Which I have, but if I want to add more capacity, I need to completely rebuild the array and perform a slow complete backup (which would also leave me uncomfortably lacking a backup for a couple of days).

  16. Re:WTFFF? on Kerberos 5, LDAP, and Time-of-Day Constraints? · · Score: 1

    What the fuckity fuck fuck??? Why is this moderated as a troll?

    Ah, no biggie... My karma can handle it, and I've mostly gotten used to Slashdot's moderation as about 25% completely random.

    In this case, I can only guess that the modder never made it past my pathetically weak joke (although that would seem to warrant "unfunny" rather than "troll", but I did warn that I needed sleep). That, or just the typical MS-hater with points.

    So it goes... Just roll with the mods, and hope the good ones win over time. :-)


    Thanks for the voice of encouragement, though!

  17. Re:That is misleading on Creative Commons License Upheld by Dutch Court · · Score: 3, Interesting

    The only thing that applies meaning to the installation is the EULA, so if I don't agree then pushing the button doesn't mean anything.

    More interestingly, what if someone else agrees on my behalf, without my permission? Now, you might initially say that that other person would bear responsibility for my use, but what if the third-party involved had fur, whiskers, and a tail? And just to avoid the "I have responsibility for my pets" problem, presume this furry li'l EULA-circumventor stores nuts for the winter and came in through an open window.

    Or for a potentially more likely way around agreeing to a EULA (and in fact, the way that I personally use whenever possible) - Most Windows installers (and all MSIs?) allow a silent installation as a command-line option. Silent, as in, it never asks you to agree, or even tells you about what you would otherwise have agreed to. I'd like to see that scenario played out in court...

  18. Re:That's enough for me on Sony Decides Against Blu-Ray Downsampling · · Score: 1

    They are leaving the capability there, and offering only the promise that the first Sony movies released will not use it. Another studio or Sony after a change of heart can and will use it.

    Which explains fully why I will buy a "hirtachi" or "soni" or "Toyshiba", aside from the price. I don't so much care about price - Under $500, I will buy the "best" prcoduct in its generation.

    I do not, however, define "best" quite the same way as the big boys want me to. I define it as "least restrictive" balanced with "highest quality".

    For the previous gen players, I've found Toshiba and Panasonic protected my rights fairly well while trying to produce a good quality image (for progressive Hollywood pics, any Wallyword(tm) player will do; If you want to view out-of-region content with a strange interlacing scheme, you can either pray to your favorite imaginary friend, or do your homework).

    For Blu-Ray and HD-DVD, it looks like everyone you've heard of has a stake in it, thus none of them will deliberately allow you to use "diagnostic" codes to disable the key DRM features. So, if they really want me to go with generics and knock-offs, I won't complain...

  19. Re:Well DUH on Analysis of .NET Use in Longhorn and Vista · · Score: 1

    I still don't understand what this has to do with sandboxes.

    First, think of a computer as a really impressively complex Turing machine. Modern PCs have made huge leaps ahead of that model in terms of performance, but in terms of computational power, you can consider them isomorphic. It helps to think of this in terms of pure memory-mapped I/O.

    Now, in the simplest model of malicious code, you might have a program that says "go to the beginning of the tape and write zeros until the end of the tape". A tad mindlessly destructive, but it will work as our model of a "bad" program.

    To make the idea of a sandbox meaningful, we need to implement some form of privilege isolation - At its simplest form, consider a Turing machine emulating X Turing machines, checking the tape-extent bounds on each emulated turing machine.

    For that level of complexity, you could "prove" correctness. I wouldn't personally want to have to do it, but it lies within the realm of possibility.

    But what about within each of those emulated Turing machines? A malicious program could easily wipe our the entire emulated memory. So we don't just want virtualization as our sandbox - It works, and damn well... As I mentioned, I use it for my web browser. Barring a flaw in the VM I use, my worst-case scenario for a browser-based exploit requires me to replace the VM image with the backed up original. Consider, though, that you could say the exact same thing about a PC itself - Barring some hardware flaw (such as a BIOS writing vulnerability), the absolute worst-case scenario of attack requires nothing more than reinstalling an OS and restoring from a backup. In the case of a VM, I consider my running image disposeable; In the case of a whole machine, reinstalling requires more time and effort than just copying one large file, but these amount to the same situation, logically.

    Sandboxing, therefore, amounts to a way to limit damage to the most specific context possible. On a 'nix system, we don't run as root because the worst damage a normal user can do, assuming no OS flaws and sane FS permission, requires resetting that user's account to a new-user state.

    We don't want that, however, and whether or not the OS survives, most of us would consider such damage-limitation as frustratingly useless if our dissertation or tax forms or the like vanished while the OS stays just fine-n'-dandy.

    So, we really want a sandbox that "knows" what we should and shouldn't do. We run a web browser, it might even save the occasional file, but we don't expect our web browser to format the HDD. Same idea applies to email clients. To media players. To the shell itself.

    The problem then turns into a situations of how much you want to make your sandbox to protect you from. If you don't mind reinstalling your OS and restoring from a nonvolatile offline backup, hell, don't even bother using an antivirus program! I personally wouldn't go that far, but I think nothing of wiping XP on my SO's machine and restoring from a backed-up preconfigured state I have stored on a DVD for just that purpose. It takes a couple of hours, but only about 10 minutes of my interactive time.



    And there we run into the problem, and why the halting problem has relevance to the idea of sandboxing. The more complex you make your sandbox, the less you can analytically call it "secure". At some point, you can only call it "probably secure". And at some point, it has attained a level of complexity where we can't even say that much, we literally cannot say more than "it works, and hasn't crashed on any known inputs".

    Mathematically, that last situation would require a truly infinite input space (though the halting problem technically does not). But in practice? A mere 4KB(=32Kb) RSA key would, on modern hardware, take far longer than the current age of the universe to crack. How many programs have you seen lately that take up more than 4K

  20. Re:Well DUH on Analysis of .NET Use in Longhorn and Vista · · Score: 1

    You can, in theory, prove that a particular sandbox running on a particular OS is secure.

    Cantor's diagonal argument doesn't reduce the problem to a proof-by-divine-intervention. Humans do not have a magical exemption from the halting problem, just that we currently have better hardware for solving certain classes of "hard" problems. We can make better (meta^x)schemas than today's computers can. But problems still exist that we not only cannot solve, but we can't tell if we can ever solve them... Amusingly enough, you can consider this the halting problem applied to human problem-solving - For example, will an infinite number of mathematicians working for an infinite amount of time ever find a perfect prime-generating algorithm? If someone finds one tomorrow, we'll have a good solid answer of "yes". If we still don't have one a billion years from now, we'll still only have a solid "I don't know".


    Extending this to sandboxing gets tricky, in that you need to decide what exactly you want the sandbox to protect you from (and even the "you" counts as an assumption, in the sense that DRM uses a form of sandboxing to protects itself from the user). You can indeed construct a proveably secure sandbox - It throws away all inputs and has no internal state. For anything "useful", in the sense that it allows almost all of the functionality of a modern computer while preventing anything "bad" from happening, you just can't do it - This situation reduces to requiring a telepathic interface to know whether or not the user intended to perform foo. This situation describes one of the basic flaws of DRM, in trying to allow all legal uses of protected content while block all illegal ones: If I make a copy of a non-protected CD as a backup, I have acted within my legal rights; If I perform the exact same steps but then sell the original, I have infringed the copyright on that CD.


    Now, all of the above doesn't make sandboxing useless... I use it myself in a number of common situations (my web browser, for example, runs under a virtual machine). But when you start to trust the security of your sandbox as more than a mere convenience, you will eventually find a bullet-shaped hole in your foot, you just won't see the gun anywhere.

  21. Re:Well DUH on Analysis of .NET Use in Longhorn and Vista · · Score: 1

    Every time you find and fix one bug, you've only fixed that one, but haven't done anything about future ones; that seems like the epitome of bandaidness. A single centralized sandbox api could conceivably address such bugs categorically, in a finite amount of code.

    ...With apologies to Douglas Hofstadter,

    Great Solution! In one fell swoop you've managed to eliminate all bugs that directly exploit vulnerabilities in the OS. This seems like such a wonderful accomplishment, it needs a name... How about Mu?

    In the past, we've only had the ability to attack one bug at a time... B1, B2, B3, and so on. Sure, we've gotten better, and can now attack whole classes of bugs at once such as buffer overflows, RPC vulnerabilities and the like - Let's call those fixing B^2, B^3, and so on.

    But this idea, why allow bugs to touch the OS at all? Keep 'em in a sandbox where they can't do any harm. Of course, eventually, someone will find a way to get this particular sandbox - Sorry, Mu - to execute arbitrary code (remember, "intelligent, conscientious, meticulous coders will still write code that has simple vulnerabilities"), which can then in turn exploit flaws in the underlying OS. But no doubt we can build a better sandbox, Mu-2, then Mu-3, and so on. Perhaps we can even sandbox whole schemas of attack, such as debuggers and DLL-injection. So we'll need Mu^2, Mu^3, Mu^4...

    Hey, I have a great idea - Let's run the whole OS in a sandbox! I'll name this new Solution E(psilon). Certainly, no one could ever defeat so glorious a solution as E! Hmm, "E!", now that entirely coincidental bit of typography really makes me think...



    Sandboxing reduces to an instance of the halting problem. No solution exists for the halting problem (Cantor's diagonal argument provides a fairly elegant proof of that).

  22. Don't turn down a good solution out of pride... on Kerberos 5, LDAP, and Time-of-Day Constraints? · · Score: 2, Funny

    In contrast, this is found on Microsoft but that isn't a solution we're willing to engage.

    "willing to engage"?

    Take a course on management-speak recently? ;-)


    Anyway... You can use a Microsoft KDC without bothering with the rest of the AD overhead (at least not on any other machines). If you just don't want to commit yourself to implementing a full domain with AD, you can do just the one Windows server and the rest your 'nix of choice.


    That will satisfy all your target constraints except for actualizing your non microsofterian design paradigm, while still leveraging your market share of intellectual property and maximizing your focal penetration.

    Hmm... Okay, ignore that last bit. Past my bedtime.

  23. Re:encryption for FSs on PA Seizes Newspaper's Computers · · Score: 1

    I wouldn't use the word reporters but more of the word criminals.

    Would you, now? If, as a reporter, you used that choice of words prior to the outcome (and only one particular outcome at that) of a criminal trial, you would find yourself at the wrong end of a libel suit.


    It amazes me that people have a problem with whistleblowers and reporters covering them. These people risk their jobs, reputations and even freedom (to live outside a state-sponsored cage), to expose what they consider intolerable corruption. I consider those people heroes, role-models, people I hope I would have the guts to emulate if I found myself in their shoes.

    Instead, we needlessly (server logs would make the entire case, if it exists) confiscate all of a legitimate newspaper's IT assets in a blatant instance of police retaliation/harassment; we have Shrub trying to make it a crime to expose his illegal spying programs; put reporters in prison for repeating official leaks that come directly from (most likely) the VP himself. Not good.

  24. Re:You just seemed to show ... on Cost Effective Scan-to-FTP Products? · · Score: 1

    a P300 is waaaay faster than any embedded thousand-dollar solution.

    No. Not even in the same ballpark for the (apparently) intended use.


    So, yes, I fail to see the "pound foolish" side of things.

    Have you ever used a photocopier to scan to TIFFs?

    Ours at work, not a high-end model by any stretch of the imagination, can suck in somewhere around 50-100ppm (not copying, just scanning).

    With a flatbed scanner, even one with a sheet feeder, you might get 5ppm.

    As I understand it, the FP poster doesn't need a hardware solution, he needs a routing solution... A way to take thousands of TIFF files with very non-descript names from possibly dozens of users, and send them to the correct place.

    Personally, I would look into some form of quick-n-dirty OCR. Find something in the page that looks like an address or phone number or whatever he needs to use as the destination, and direct the scan to the best match against a list of known-good destinations. In the worst case, he could print out thin mailing labels with some sort of routing code on them, attach it in the margins, and let the OCR read that.


    Of course, I might have completely misunderstood his request as well... I have to admit, I don't quite understand how he thought a large number of photocopiers would address the problem, regardless of expense...

  25. Re:Those inventions aren't Islamic on 1001 Islamic Inventions · · Score: 0, Flamebait

    the Koran is *inherently* an Arabic document, and - it is argued -can not be translated, but only glossed in other languages

    You can argue that nothing can ever have a "true" translation outside its original language, because some subtleties of language-A will not exist in language-B. Howver, if the language-instance in question contains information, another language can convey that information.

    Therefore, to say that you cannot translate the Koran amount to saying that the Koran does not contain any information.


    In Islam, this is not an abberation - it is a key tenet of the politico-religious philosophy.

    Not "abberation", "abomination".

    Whether work-of-fiction-"K" specifies how to run a country or not, having one group's curiously silent imaginary friend at the helm always represents a pathological state in need of correction.


    Islam is not *merely* a religion;

    Agreed. It also counts as a memetic plague in need of remedy. But don't think I mean this as just down on Islam... I'd say the same thing about Christianity, about Judaism, about Hinduism, and the rest. Not that I don't believe in a deity - I do - but any humans who claim to understand the nature of that which has either chosen not to, or lacks the ability to, explain itself to us, you should get as far away from as possible. Because sooner or later (usually sooner), some charismatic village idiot will convince enough people that their imaginary friend told them to go on a killing spree against those with a different name for their imaginary friend.