Re:YES! Does this mean...
on
NTT Joins OSDL
·
· Score: 1
i listen to them comparied to an average
MP3 and they sound like ass compaired to
the highest quality encoded MP3
And MP3 sounds like crap compared to the
highest quality PCM (ie, a raw CD rip). I
certainly won't disagree with you there, but
I think you make an unfair comparison. No,
a 96Kbps VQF doesn't sound like a 384Kbps
MP3. But I'd certainly like to hear what
a 384Kbps (possibly VBR?) VQF would sound
like...
Because global warming doesn't act over
a period of days
Global warming, no. Local effects, yes.
In case we've already forgotten, during the
no-fly restriction after the WTC attack, daily
temperature variations changed by up to two
degrees Fahrenheit per day in areas
normally having the highest levels of air
traffic.
So yes, something as simple as increased
particulate matter in the air leads to
increased cloud formation, drastically
affecting local weather, over the course
of hours rather than years.
Such changes may have little to no long-term
effects, but they do occur, and do
have a simple enough explanation that your
"average uneducated slashbot" can understand
it. More particulates means more clouds,
which means less temperature variation.
YES! Does this mean...
on
NTT Joins OSDL
·
· Score: 3, Interesting
This pleases me greatly. Does this mean
we can expect to see NTT's TwinVQ (ie, VQF
as popularized by the Yamaha encoder but
technically belonging to NTT) made open
source sometime in the near future?
For those unaware of VQF, it performs noticeably
better than MP3 at compressing audio (at 96Kbps,
it perorms better than even MP3Pro, though takes
about 10x as long to encode). For some reason
(cough cough money cough) only a 96Kbps encoder
ever made it out to the general public, but many
people who used and loved it have long awaited
a higher bitrate version.
C'mon, NTT, you've got an otherwise dead and
useless code base. Let us play!
but can you explain how someone who uses
a real operating system can achieve the same
thing?
Someone who uses a "real" OS (by which I will
presume you mean Linux or one of the BSDs) doesn't
have this problem in the first place. Cheesy
Windows-based DRM trojans installed at CD autorun
would have little effect on such a machine.
Its just a shame that all this technology
will be beaten by simply swapping the
sessions
I've posted this before, and no doubt I'll post
it again...
Rip your CDs to an ISO with CDRWin or BlindRead,
with C2 error correction disabled (but leave jitter
correction turned on). Then mount the disk image
via Daemon Tools or the like, and use any normal
CD audio ripper (in its fastest mode, since no
errors or jitter can occur this way) such as CDex
to extract the audio tracks from the virtual drive.
Works on every "defective" CD on the market, gives
a perfect rip every time (for which reason I even
use this method to rip non-defective CDs), and in
many cases, it even takes less total time than using
the CD audio ripper (assuming a non-defective CD)
directly on the physical CD.
You'll only have a problem if your drive doesn't
support turning off C2 correction, in which case,
spring the fifty bucks to get a cheap older Plextor
drive from Blindwrite's "supported drives" list.
Disclaimer - I have never even heard of the artist
mentioned in the FP, and haven't tried this method
on that particular CD. As I said, though, I have
yet to fail to rip a CD this way, and have little
doubt it would work in this case as well (sounds
like just another cheesy multi-session standards
violation hack, with the added "bonus" of running
a trojan on your machine if you have unwisely left
autorun turned on).
None of the propositions set forth in this
review really seem all that shocking. How
exactly does this go against the standard
beliefs regarding socioeconomic trends?
Okay, the apparent reversal of cause and
effect may come as a surprise to some people,
but if we consider it from the perspective
that backcasting sometimes yields
more stable and accurate results than
forecasting, it doesn't really take any
major leap-of-faith to agree.
So... Why the big deal? Perhaps someone
more familiar with this field than myself
(who has experience in time series analysis,
but not specifically with the social aspects
of real-world datasets) can explain?
Well we are certainly near the limit of
lossless compression
For general-purpose compression, yes.
Keep in mind, though, that Shannon's theory
only applies to context-free compression, by
which I mean something slightly different than
the normal information-theoretical use of the
word "context"...
As a trivial example, consider a multiplicative
congruential random number generator (the one
most C libs use for "rand()"). If you take the
output of that and try to compress it, you get
very poor results. If, however, you simply
record the initial state of the generator and
the number of samples produced, you obtain a
compression ratio approaching 100%.
Although quite a lot of work has gone into
compressing human speech via a source-based
model (for example, telephone carriers almost
all use some form of CELP, which uses a fairly
crude model of the human vocal tract, along
with an excitation vector, to generate
near-perfect speech reproduction), not so much
work has gone into mimicing the physics
behind the gamut of musical sources (which
includes human singing, in a form significantly
different from ordinary speech, as one of the
more difficult-to-model instruments).
With a sufficiently complex model, we should
have the ability to record an entire concert
as little more than a MIDI-like file, containing
the excitiation parameters for each instrument
involved.
Heh, did you even read tahat before hitting
"post"?
Don't live off someone else's work... So, for
example, we shouldn't find some dead guy named
Dewey, steal his work, extend it a bit, and start
suing people who use the dead guy's name without
our permission?
Are people not allowed to get paid for what
they do?
Depends on what they do. In this case, they
just categorize books. If I come up with a
system of classifying books as "good" or "bad",
can I sue you for recommending a book to a friend
as "good"? I doubt it. Yet, the issue at hand
just has a somewhat better granularity (and the
same level of subjectivity, as others have pointed
out).
More importantly, this seems to center on the use
of the exact phrase "Dewey Decimal System". I
have to wonder how much water that can hold,
using a person's (other than one's own) name in
a trademark. Could I trademark "Bush is an
Idiot", then sue the press drones who repeat
that 10 times a day?
Does anyone else miss the ability to push
the power button and have their computer turn
off now?
Although back in the days of 8086s I scolded
people heartily for exactly what I now do to
address the very problem you mention...
Just plug your PC into a power strip, and use
the power strip's switch as your on/off button.
Instant off - No delays, resets instead of
powering down, "are you sure"s, needing to hold
the button for X seconds, or outright ignoring
that you pressed the button. It goes off, it
stays off.
Granted, I turn my machines off less than once
per month, but when I want them off, I really
do want them to turn off and stay that way
until I turn them back on.
Out of curiosity where do you go every
morning for 5 minutes of bug checking?
CERT's vulnerabilities page makes a good
start, covering almost anything worth noticing.
For the really big exploits, such as
Blaster, just checking Slashdot and/or
NewsForge daily will inform you of their
existance at least a few days before they
hit the mainstream press (and, more importantly,
before the Script Kiddies have a nice and tidy
all-in-one package to take advantage of the
problem). That alone leads me to the statement
I made about lazy admins not doing their jobs
if they ignore major patches - Not a single
regular reader of Slashdot has the teensiest
bit of "plausible deniability" regarding the
recent Blaster worm problems.
Unfortunately, we can only hope that CERT
remains a decent source of info on this topic,
what with them recently agreeing to act as the
lackeys of the US government. But I can
hope that they'll at least remain moderately
valuable in reporting exploits early enough
to avoid damage.
Failing to install a patch is not good
enough a reason to punish anyone.
No. But crippling your local broadband
segment because of a virus for which a
patch exists does count as a good
enough reason.
I certainly don't have the time to lurk
security mailing lists to stay ahead of every
friggin' exploit.
Then, put simply, you do not do your job (assuming
security on those boxes does fall under
your responsibility). Doing a quick check on
the major exploits discovered on any given
day takes about 5 minutes of your time. If that
day's check turns up a new serious exploit,
do you suppose it will take you longer to
patch your machines, or to deal with
having them infected (along with the unknown
costs associated with possible leaking of
sensitive information)?
More importantly, realize that this wouldn't
necessarily (I realize they could make yet
another bad law, but assuming they get it
right for a change) affect you just because you
didn't apply some obscure patch and someone
rooted one of your boxes - More that, if you
have a gaping security hole from the
well-publicized Outlook-exploit-of-the-week
that you choose to ignore for a few days,
you have demonstrated total negligence
in forcing your machine(s) to play nicely.
The internet depends on cooperative
effort at many levels. The sooner the masses
of clueless computer users realize that, the
better. If it takes small fines to do so,
I see no problem with that. And as a bonus,
perhaps people would finally stop
using Outlook, once they realize that it may
well cost them a few bucks.
The large majority of Java projects are server-side, which is where it really rocks.
Write once and deploy on your choice of
platform (Linux, Solaris, or Windows if
need be).
Although true (in my experience), the idea
itself has sooooo many things wrong
with it...
Portability - Server-side Java, by nature, does
not involve any OS-specific activity. So, with
no loss of portability or functionality,
you could do the same in C/C++. Which,
incidentally, will run on any platform for
which GCC exists - About 30 *times* the
number of platforms for which a JVM exists.
Performance - Yes, servers tend to have
fairly impressive hardware resources available
to them. So lets cripple that hardware by
making it run an interpreted language. JIT?
Server-side apps also tend to have very short
process lives, doing a small task and exiting.
In such situations, JIT causes worse
performance, as it wastes time optimizing
something that will never execute again during
this process' invocation.
I believe (though I do not wish to put words
in his mouth) that CurtLewis only mentioned
GUI programming because if you use Java
anywhere else, you have misused it.
It makes it easy to write an app with
a similar user experience on any
hardware with the resources to run the JVM. If
the idea of a "user experience" has no meaning
to your app, using Java means you have made a
suboptimal choice.
For instance, there is something new out
there called the INTRA-web. Rather than connect
to the OUTSIDE world in an attempt to get
information, you simply search your own hard
drive.
Although you may have meant your comments
sarcastically, what you write does have both
merit and truth.
The phenomena of small physically-close
groups of people sharing resources over
a private LAN has grown rapidly, particularly
thanks to 802.11. Apartment-wide LANs,
private wireless subnets in dorms, even
connections between small groups of neighbors
in separate actual buildings...
Put another way, between me and my 10
closest friends, we have almost every major
CD, DVD, and game released in recent history.
Providing shared access between us means we
would never need to actually go
searching on the net for such material
(of course, I don't happen to live on even
the same continent as all my friends,
but the point remains the same).
I don't see this as going away, and in fact,
thanks to the RIAA, I expect such low-profile
networks will become far more common.
And good luck to the RIAA in cracking down
on something they can't even see without
happening to live within a few hundred feet
of an active node (and have the trust of the
owner of that node to let them look around).
P2P will not die just because the RIAA has
cracked down on a few people sharing music.
First, let me say that I don't particularly
support massive stealing of music - A bit of
sharing between friends, sure, but the
wholesale infringements we see thanks to the
likes of Kazaa, no. That said...
As with virus/worm authors, the RIAA has served
a useful purpose, if by reprehensible means.
They have demonstrated that P2P has a major
flaw that most people do not know about - The
model itself does NOT automatically mean
anonymity. It just means that no central
server exists to shut down, thereby
making it all but impossible for any
legal action to completely kill. People (can)
still have accountability for their actions
on a P2P network. Aside from the RIAA's abuse
of this fact, we should worry quite a lot more
about government use.
So my prediction - P2P services such as Kazaa,
that try to track users and transactions, will
fade into oblivion. At the same time, those
that make every effort to prevent logging, to
give plausible deniability, and that use
encryption to hide the actual data going over
the weak links (anywhere between the first "P"
and the second "P"), will gain in popularity.
As an obvious current choice, the open-source
Freenet does this already, though it has serious
problems as far as actually finding what
you want goes.
Someone will eventually find a way to make
Freenet (or a similar app) more useable,
however, without compromising the benefits
I mention above. That will replace the
current generation of P2P programs, but
will itself still count as P2P.
So no, the idea won't die, nor will its use.
Implementations will simply become far more
sophisticated, and while at each step in
the free-information arms race a few people
will suffer (as has held true throughout all
of history), the rest of us will benefit from
their sacrifice.
But a recent report indicated about half
of the US telemarketing CEOs have put their
numbers on the federal government Do Not
Call list.
Well then, since the fDNC includes exemptions
for charities, political campaigns, and companies
you have (however indirectly) some business
relationship...
I guess we'll have to call to harass them for
contributions to the "down with telemarketing"
fund. Or to vote for the AntiDirectMarketing
candidate in 2004.;-)
They still trumpet on about Google's immortal
cookie yet fail to realise *gasp* Google does
have user preferences and uses the cookie to
track those preferences. Some small part of me
believes that the Google reps never responded
because they died laughing about... THE
COOKIE.
Although I mostly agree with you, I'd like to
point out that you can "save" your Google
prefs via the URL. I do not browse with cookies
enabled, and Google remembers my defaults just
fine - I go there via a bookmark, and the
page I get has all my preferences set.
but in the end you're just sinking
to the telemarketers' level.
Although I agree with you in principle,
I think you missed the bigger issue...
The Telemarketers insist that they have a
constitutionally protected right to harass
us, even after we have added our names to
a federally-maintained list saying that we
would really rather not have them call us.
This mass calling, while superficially
petulant, demonstrates that a right to call
and harass people works both ways,
if they want to play that game.
Think of this as no different than signing
Ralsky up for every junkmail catalog in the
world... While childish, it does get the
message across - "We hate you and everything
you do, so please shrivel up and die, preferably
in some painful manner that involves your
loathesome occupation". Well, perhaps not
quite that verbose, but they get the idea.
Is this really something that needs to
be worsened by giving ideas to the
industrious - but idle-minded masses on
slashdot? The damage can only be worsened
here!
Oh, Pshaw! I expect we'll reach
70 or 80 comments before someone thinks to
post the home phone numbers of various
telemarketing company's CEOs (hint, hint,
c'mon, someone out there has those suckers,
post em!).
Do the ends justify the means? No.
Hey, the telemarketers already presented a
number of points describing why we have a right
to call and harass them. We all just want to
congratulate them for their hard work. And
hey, since the DNC registry would cost them
two million jobs, if enough of us keep calling,
perhaps they can re-hire those two million
to field the inbound calls. So you see,
we have simply found a way, by all pulling
together, to save two million jobs in an
otherwise bad economy.;-)
Re:Filesharing != Stealing
on
RIAA Bits
·
· Score: 1
Sharing means there is one object, and only
party can use it at a time.
So you never read the sunday comics with a
friend, at the same time, effectively sharing
a single copy of them?
You never watched a rented movie with your
family, SO, friends, or whatever, thereby
sharing a single limited resource (ie, the
movie)?
I will agree that "filesharing" means "copying",
but, "IF your going to bitch about precise
definitions, please use ALL the correct terms,
not just the ones that make your arguement
look better.";-)
providing even more restricted environments
(like chroot jails or the applet runner) for
untrusted code would be a good idea, too.
What you write makes a lot of sense, and
leaves me at least a bit of hope of a "good"
implementation. Even within your ideas, though,
I can see room for a few unacceptible
restrictions...
For example, who defines "untrusted code"?
Perhaps most people don't care about issues
like that, but I personally think nothing of
popping out 15 minutes of code to automate a
task that would have only taken me 20 minutes
to do manually. Would that count as untrusted,
requiring my code to have access to only the
most trivial of resources, such as limited
CPU and memory, no HDD, no network, etc?
So from that angle, perhaps you can better
understand my concern with the threat of a
"secure" base OS... While it will save the
majority of computer users a lot of grief,
those of us who can secure our machines,
and need low-level access to hardware, will
suffer greatly (basically, to the point of
reducing us to no more capable than that
same majority of computer users).
So, did anyone else read the linked article
and think "Looks like someone bought the
IEEE's support of TCPA / Palladium"?
I hope not, but it certainly sounds
that way. Basically, it makes the
point that we cannot trust people not to
run programs that break their own (or
others) computers, so the task of limiting
what (possibly malicious) code can run
falls to the OS.
Sad. If I didn't have complete confidence
that any DRM scheme will eventually prove
itself flawed, I might actually worry. Though,
I certainly do not look forward to the general
inconvenience it would cause, regardless...
Only education (and not running Outlook)
will help reduce the modern plague of
worms, virii, spam, and other ways to
generally make a computer and the internet
grind to a crawl. Not legislation, and
not crippled hardware. People simple need
to learn how to secure their own damn
machines.
However, I can see the many of Slashdot crowd
crying over this intrusion of commercialism, but
this seems like a reasonable way to try and
recoup the costs of developing and distributing
Linux products.
I think the that all those who've defended
Mandrake in this matter have a similar
conceptual problem... They view Linux as
a product, rather than the result of a
large community effort.
Certainly, we welcome corporate contributions
to the open source world. Mandrake does indeed
have a nice installer, IBM did improve the
stability and performance of Linux on very high
end machines, Debian and to a lesser degree
Redhat have package distribution systems at
least slightly better than building everything
from scratch.
But if those companies make such contributions,
they need to realize that they haven't earned
any loyalty, and CERTAINLY don't have the "right"
to make money off their contributions. They've
earned good will, nothing more. If I can find
a (nonintrusive) way to benefit such companies,
I will. If they make their "contributions"
something I consider barely short of spyware
the requires me to waste time removing it after
installation, well, that "good will" quickly
turns into "time to go back to Slackware".
Now, with the present issue, I don't have a
problem with ads during install, since an
installation means "tell it what you want it
to do and come back in an hour". They can show
ads to the wall, to the cat, to my chair, all
they want. But putting ads in the screensaver
and hijacking the user's browser? Deplorable,
and this will end up hurting them far more than
it helps.
I somehow don't think the mouse will be
replaced anytime soon.
Probably not, but I'd like to see them vanish.
For delicate work, such as purely digital drawing,
mice force the user to use the whole wrist and arm,
rather than far more dextrous fingers. For coarse
work like web browsing, mice far exceed the
precision needed.
I'd like a wireless optical thimble, myself - A
sort of finger-cap that tracks the surface you
place it on, and you can tap your finger to
click. Far better for art, and far lighter
and less encumbering for "normal" work. Alas,
I don't think such a devce exists.:-(
That one probably occurs frequently, which
is unfortunate, because it's typically an error.
Why post this as AC? Very good catch. I meant to
have an ampersand in there (since, as written, you
have it correct, "data" must exist as a pointer,
so it would most likely have a size of 4 rather
than the intended size of what it points to).
Would it really be better for the environment
for me to swap my 1973 MG for a new car, taking
into account the pollution caused by the
manufacture, for the sake of a few miles
per gallon?
Over the life of the car? Yes.
Although the "few miles per gallon" might not
make enough difference to warrant a new car,
you've overlooked the million and one other
emissions control features in newer cars
(especially compared to something from
1973). Computer controlled fuel mix, 2nd-stage
(and 3rd-stage in CA and a few other places)
catalytic exhaust processing, etc. Add to that
the very high probablility of that older car
having a slow (or maybe not so slow) oil leak,
and the picture changes even more.
So yes, you should pay more for driving
something like that. You can save money by
not getting a new car, or you can save money
at the pump.
Incidentally, the savings of just going from
20 to 30mpg comes out to around $380 per year,
at $1.70/gal... For a car that old, you more
likely get 10-15mpg, and if you look carefully,
get a hybrid or even a modern diesel, you can
manage 50mpg. The difference there comes out
to more like $1600 per year - Over the life of
the car, that savings alone would *pay* for the
car. And you get the satisfaction of not adding
more polution (quite so fast) to the world.
And, finally, the difference will increase
linearly with fuel prices - at $3/gal (live
in AZ or CA a few weeks ago?), you'd save
$2800/year.
i listen to them comparied to an average MP3 and they sound like ass compaired to the highest quality encoded MP3
And MP3 sounds like crap compared to the highest quality PCM (ie, a raw CD rip). I certainly won't disagree with you there, but I think you make an unfair comparison. No, a 96Kbps VQF doesn't sound like a 384Kbps MP3. But I'd certainly like to hear what a 384Kbps (possibly VBR?) VQF would sound like...
Because global warming doesn't act over a period of days
Global warming, no. Local effects, yes.
In case we've already forgotten, during the no-fly restriction after the WTC attack, daily temperature variations changed by up to two degrees Fahrenheit per day in areas normally having the highest levels of air traffic.
So yes, something as simple as increased particulate matter in the air leads to increased cloud formation, drastically affecting local weather, over the course of hours rather than years.
Such changes may have little to no long-term effects, but they do occur, and do have a simple enough explanation that your "average uneducated slashbot" can understand it. More particulates means more clouds, which means less temperature variation.
This pleases me greatly. Does this mean we can expect to see NTT's TwinVQ (ie, VQF as popularized by the Yamaha encoder but technically belonging to NTT) made open source sometime in the near future?
For those unaware of VQF, it performs noticeably better than MP3 at compressing audio (at 96Kbps, it perorms better than even MP3Pro, though takes about 10x as long to encode). For some reason (cough cough money cough) only a 96Kbps encoder ever made it out to the general public, but many people who used and loved it have long awaited a higher bitrate version.
C'mon, NTT, you've got an otherwise dead and useless code base. Let us play!
but can you explain how someone who uses a real operating system can achieve the same thing?
Someone who uses a "real" OS (by which I will presume you mean Linux or one of the BSDs) doesn't have this problem in the first place. Cheesy Windows-based DRM trojans installed at CD autorun would have little effect on such a machine.
Its just a shame that all this technology will be beaten by simply swapping the sessions
I've posted this before, and no doubt I'll post it again...
Rip your CDs to an ISO with CDRWin or BlindRead, with C2 error correction disabled (but leave jitter correction turned on). Then mount the disk image via Daemon Tools or the like, and use any normal CD audio ripper (in its fastest mode, since no errors or jitter can occur this way) such as CDex to extract the audio tracks from the virtual drive.
Works on every "defective" CD on the market, gives a perfect rip every time (for which reason I even use this method to rip non-defective CDs), and in many cases, it even takes less total time than using the CD audio ripper (assuming a non-defective CD) directly on the physical CD.
You'll only have a problem if your drive doesn't support turning off C2 correction, in which case, spring the fifty bucks to get a cheap older Plextor drive from Blindwrite's "supported drives" list.
Disclaimer - I have never even heard of the artist mentioned in the FP, and haven't tried this method on that particular CD. As I said, though, I have yet to fail to rip a CD this way, and have little doubt it would work in this case as well (sounds like just another cheesy multi-session standards violation hack, with the added "bonus" of running a trojan on your machine if you have unwisely left autorun turned on).
None of the propositions set forth in this review really seem all that shocking. How exactly does this go against the standard beliefs regarding socioeconomic trends?
Okay, the apparent reversal of cause and effect may come as a surprise to some people, but if we consider it from the perspective that backcasting sometimes yields more stable and accurate results than forecasting, it doesn't really take any major leap-of-faith to agree.
So... Why the big deal? Perhaps someone more familiar with this field than myself (who has experience in time series analysis, but not specifically with the social aspects of real-world datasets) can explain?
Well we are certainly near the limit of lossless compression
For general-purpose compression, yes.
Keep in mind, though, that Shannon's theory only applies to context-free compression, by which I mean something slightly different than the normal information-theoretical use of the word "context"...
As a trivial example, consider a multiplicative congruential random number generator (the one most C libs use for "rand()"). If you take the output of that and try to compress it, you get very poor results. If, however, you simply record the initial state of the generator and the number of samples produced, you obtain a compression ratio approaching 100%.
Although quite a lot of work has gone into compressing human speech via a source-based model (for example, telephone carriers almost all use some form of CELP, which uses a fairly crude model of the human vocal tract, along with an excitation vector, to generate near-perfect speech reproduction), not so much work has gone into mimicing the physics behind the gamut of musical sources (which includes human singing, in a form significantly different from ordinary speech, as one of the more difficult-to-model instruments).
With a sufficiently complex model, we should have the ability to record an entire concert as little more than a MIDI-like file, containing the excitiation parameters for each instrument involved.
Don't live off someone else's work.
Heh, did you even read tahat before hitting "post"?
Don't live off someone else's work... So, for example, we shouldn't find some dead guy named Dewey, steal his work, extend it a bit, and start suing people who use the dead guy's name without our permission?
Are people not allowed to get paid for what they do?
Depends on what they do. In this case, they just categorize books. If I come up with a system of classifying books as "good" or "bad", can I sue you for recommending a book to a friend as "good"? I doubt it. Yet, the issue at hand just has a somewhat better granularity (and the same level of subjectivity, as others have pointed out).
More importantly, this seems to center on the use of the exact phrase "Dewey Decimal System". I have to wonder how much water that can hold, using a person's (other than one's own) name in a trademark. Could I trademark "Bush is an Idiot", then sue the press drones who repeat that 10 times a day?
Does anyone else miss the ability to push the power button and have their computer turn off now?
Although back in the days of 8086s I scolded people heartily for exactly what I now do to address the very problem you mention...
Just plug your PC into a power strip, and use the power strip's switch as your on/off button. Instant off - No delays, resets instead of powering down, "are you sure"s, needing to hold the button for X seconds, or outright ignoring that you pressed the button. It goes off, it stays off.
Granted, I turn my machines off less than once per month, but when I want them off, I really do want them to turn off and stay that way until I turn them back on.
Out of curiosity where do you go every morning for 5 minutes of bug checking?
CERT's vulnerabilities page makes a good start, covering almost anything worth noticing.
For the really big exploits, such as Blaster, just checking Slashdot and/or NewsForge daily will inform you of their existance at least a few days before they hit the mainstream press (and, more importantly, before the Script Kiddies have a nice and tidy all-in-one package to take advantage of the problem). That alone leads me to the statement I made about lazy admins not doing their jobs if they ignore major patches - Not a single regular reader of Slashdot has the teensiest bit of "plausible deniability" regarding the recent Blaster worm problems.
Unfortunately, we can only hope that CERT remains a decent source of info on this topic, what with them recently agreeing to act as the lackeys of the US government. But I can hope that they'll at least remain moderately valuable in reporting exploits early enough to avoid damage.
Failing to install a patch is not good enough a reason to punish anyone.
No. But crippling your local broadband segment because of a virus for which a patch exists does count as a good enough reason.
I certainly don't have the time to lurk security mailing lists to stay ahead of every friggin' exploit.
Then, put simply, you do not do your job (assuming security on those boxes does fall under your responsibility). Doing a quick check on the major exploits discovered on any given day takes about 5 minutes of your time. If that day's check turns up a new serious exploit, do you suppose it will take you longer to patch your machines, or to deal with having them infected (along with the unknown costs associated with possible leaking of sensitive information)?
More importantly, realize that this wouldn't necessarily (I realize they could make yet another bad law, but assuming they get it right for a change) affect you just because you didn't apply some obscure patch and someone rooted one of your boxes - More that, if you have a gaping security hole from the well-publicized Outlook-exploit-of-the-week that you choose to ignore for a few days, you have demonstrated total negligence in forcing your machine(s) to play nicely.
The internet depends on cooperative effort at many levels. The sooner the masses of clueless computer users realize that, the better. If it takes small fines to do so, I see no problem with that. And as a bonus, perhaps people would finally stop using Outlook, once they realize that it may well cost them a few bucks.
The large majority of Java projects are server-side, which is where it really rocks. Write once and deploy on your choice of platform (Linux, Solaris, or Windows if need be).
Although true (in my experience), the idea itself has sooooo many things wrong with it...
Portability - Server-side Java, by nature, does not involve any OS-specific activity. So, with no loss of portability or functionality, you could do the same in C/C++. Which, incidentally, will run on any platform for which GCC exists - About 30 *times* the number of platforms for which a JVM exists.
Performance - Yes, servers tend to have fairly impressive hardware resources available to them. So lets cripple that hardware by making it run an interpreted language. JIT? Server-side apps also tend to have very short process lives, doing a small task and exiting. In such situations, JIT causes worse performance, as it wastes time optimizing something that will never execute again during this process' invocation.
I believe (though I do not wish to put words in his mouth) that CurtLewis only mentioned GUI programming because if you use Java anywhere else, you have misused it. It makes it easy to write an app with a similar user experience on any hardware with the resources to run the JVM. If the idea of a "user experience" has no meaning to your app, using Java means you have made a suboptimal choice.
For instance, there is something new out there called the INTRA-web. Rather than connect to the OUTSIDE world in an attempt to get information, you simply search your own hard drive.
Although you may have meant your comments sarcastically, what you write does have both merit and truth.
The phenomena of small physically-close groups of people sharing resources over a private LAN has grown rapidly, particularly thanks to 802.11. Apartment-wide LANs, private wireless subnets in dorms, even connections between small groups of neighbors in separate actual buildings...
Put another way, between me and my 10 closest friends, we have almost every major CD, DVD, and game released in recent history. Providing shared access between us means we would never need to actually go searching on the net for such material (of course, I don't happen to live on even the same continent as all my friends, but the point remains the same).
I don't see this as going away, and in fact, thanks to the RIAA, I expect such low-profile networks will become far more common. And good luck to the RIAA in cracking down on something they can't even see without happening to live within a few hundred feet of an active node (and have the trust of the owner of that node to let them look around).
P2P will not die just because the RIAA has cracked down on a few people sharing music.
First, let me say that I don't particularly support massive stealing of music - A bit of sharing between friends, sure, but the wholesale infringements we see thanks to the likes of Kazaa, no. That said...
As with virus/worm authors, the RIAA has served a useful purpose, if by reprehensible means. They have demonstrated that P2P has a major flaw that most people do not know about - The model itself does NOT automatically mean anonymity. It just means that no central server exists to shut down, thereby making it all but impossible for any legal action to completely kill. People (can) still have accountability for their actions on a P2P network. Aside from the RIAA's abuse of this fact, we should worry quite a lot more about government use.
So my prediction - P2P services such as Kazaa, that try to track users and transactions, will fade into oblivion. At the same time, those that make every effort to prevent logging, to give plausible deniability, and that use encryption to hide the actual data going over the weak links (anywhere between the first "P" and the second "P"), will gain in popularity. As an obvious current choice, the open-source Freenet does this already, though it has serious problems as far as actually finding what you want goes.
Someone will eventually find a way to make Freenet (or a similar app) more useable, however, without compromising the benefits I mention above. That will replace the current generation of P2P programs, but will itself still count as P2P.
So no, the idea won't die, nor will its use. Implementations will simply become far more sophisticated, and while at each step in the free-information arms race a few people will suffer (as has held true throughout all of history), the rest of us will benefit from their sacrifice.
But a recent report indicated about half of the US telemarketing CEOs have put their numbers on the federal government Do Not Call list.
;-)
Well then, since the fDNC includes exemptions for charities, political campaigns, and companies you have (however indirectly) some business relationship...
I guess we'll have to call to harass them for contributions to the "down with telemarketing" fund. Or to vote for the AntiDirectMarketing candidate in 2004.
They still trumpet on about Google's immortal cookie yet fail to realise *gasp* Google does have user preferences and uses the cookie to track those preferences. Some small part of me believes that the Google reps never responded because they died laughing about... THE COOKIE.
Although I mostly agree with you, I'd like to point out that you can "save" your Google prefs via the URL. I do not browse with cookies enabled, and Google remembers my defaults just fine - I go there via a bookmark, and the page I get has all my preferences set.
but in the end you're just sinking to the telemarketers' level.
;-)
Although I agree with you in principle, I think you missed the bigger issue...
The Telemarketers insist that they have a constitutionally protected right to harass us, even after we have added our names to a federally-maintained list saying that we would really rather not have them call us.
This mass calling, while superficially petulant, demonstrates that a right to call and harass people works both ways, if they want to play that game.
Think of this as no different than signing Ralsky up for every junkmail catalog in the world... While childish, it does get the message across - "We hate you and everything you do, so please shrivel up and die, preferably in some painful manner that involves your loathesome occupation". Well, perhaps not quite that verbose, but they get the idea.
Is this really something that needs to be worsened by giving ideas to the industrious - but idle-minded masses on slashdot? The damage can only be worsened here!
Oh, Pshaw! I expect we'll reach 70 or 80 comments before someone thinks to post the home phone numbers of various telemarketing company's CEOs (hint, hint, c'mon, someone out there has those suckers, post em!).
Do the ends justify the means? No.
Hey, the telemarketers already presented a number of points describing why we have a right to call and harass them. We all just want to congratulate them for their hard work. And hey, since the DNC registry would cost them two million jobs, if enough of us keep calling, perhaps they can re-hire those two million to field the inbound calls. So you see, we have simply found a way, by all pulling together, to save two million jobs in an otherwise bad economy.
Sharing means there is one object, and only party can use it at a time.
;-)
So you never read the sunday comics with a friend, at the same time, effectively sharing a single copy of them?
You never watched a rented movie with your family, SO, friends, or whatever, thereby sharing a single limited resource (ie, the movie)?
I will agree that "filesharing" means "copying", but, "IF your going to bitch about precise definitions, please use ALL the correct terms, not just the ones that make your arguement look better."
providing even more restricted environments (like chroot jails or the applet runner) for untrusted code would be a good idea, too.
What you write makes a lot of sense, and leaves me at least a bit of hope of a "good" implementation. Even within your ideas, though, I can see room for a few unacceptible restrictions...
For example, who defines "untrusted code"? Perhaps most people don't care about issues like that, but I personally think nothing of popping out 15 minutes of code to automate a task that would have only taken me 20 minutes to do manually. Would that count as untrusted, requiring my code to have access to only the most trivial of resources, such as limited CPU and memory, no HDD, no network, etc?
So from that angle, perhaps you can better understand my concern with the threat of a "secure" base OS... While it will save the majority of computer users a lot of grief, those of us who can secure our machines, and need low-level access to hardware, will suffer greatly (basically, to the point of reducing us to no more capable than that same majority of computer users).
So, did anyone else read the linked article and think "Looks like someone bought the IEEE's support of TCPA / Palladium"?
I hope not, but it certainly sounds that way. Basically, it makes the point that we cannot trust people not to run programs that break their own (or others) computers, so the task of limiting what (possibly malicious) code can run falls to the OS.
Sad. If I didn't have complete confidence that any DRM scheme will eventually prove itself flawed, I might actually worry. Though, I certainly do not look forward to the general inconvenience it would cause, regardless...
Only education (and not running Outlook) will help reduce the modern plague of worms, virii, spam, and other ways to generally make a computer and the internet grind to a crawl. Not legislation, and not crippled hardware. People simple need to learn how to secure their own damn machines.
"If you ever have the urge to sum up an artist's work in one sentence again... don't."
...unless that artist is Andy Warhol.
;-)
You mean the dude that painted the soup cans?
However, I can see the many of Slashdot crowd crying over this intrusion of commercialism, but this seems like a reasonable way to try and recoup the costs of developing and distributing Linux products.
I think the that all those who've defended Mandrake in this matter have a similar conceptual problem... They view Linux as a product, rather than the result of a large community effort.
Certainly, we welcome corporate contributions to the open source world. Mandrake does indeed have a nice installer, IBM did improve the stability and performance of Linux on very high end machines, Debian and to a lesser degree Redhat have package distribution systems at least slightly better than building everything from scratch.
But if those companies make such contributions, they need to realize that they haven't earned any loyalty, and CERTAINLY don't have the "right" to make money off their contributions. They've earned good will, nothing more. If I can find a (nonintrusive) way to benefit such companies, I will. If they make their "contributions" something I consider barely short of spyware the requires me to waste time removing it after installation, well, that "good will" quickly turns into "time to go back to Slackware".
Now, with the present issue, I don't have a problem with ads during install, since an installation means "tell it what you want it to do and come back in an hour". They can show ads to the wall, to the cat, to my chair, all they want. But putting ads in the screensaver and hijacking the user's browser? Deplorable, and this will end up hurting them far more than it helps.
I somehow don't think the mouse will be replaced anytime soon.
:-(
Probably not, but I'd like to see them vanish.
For delicate work, such as purely digital drawing, mice force the user to use the whole wrist and arm, rather than far more dextrous fingers. For coarse work like web browsing, mice far exceed the precision needed.
I'd like a wireless optical thimble, myself - A sort of finger-cap that tracks the surface you place it on, and you can tap your finger to click. Far better for art, and far lighter and less encumbering for "normal" work. Alas, I don't think such a devce exists.
That one probably occurs frequently, which is unfortunate, because it's typically an error.
Why post this as AC? Very good catch. I meant to have an ampersand in there (since, as written, you have it correct, "data" must exist as a pointer, so it would most likely have a size of 4 rather than the intended size of what it points to).
Would it really be better for the environment for me to swap my 1973 MG for a new car, taking into account the pollution caused by the manufacture, for the sake of a few miles per gallon?
Over the life of the car? Yes.
Although the "few miles per gallon" might not make enough difference to warrant a new car, you've overlooked the million and one other emissions control features in newer cars (especially compared to something from 1973). Computer controlled fuel mix, 2nd-stage (and 3rd-stage in CA and a few other places) catalytic exhaust processing, etc. Add to that the very high probablility of that older car having a slow (or maybe not so slow) oil leak, and the picture changes even more.
So yes, you should pay more for driving something like that. You can save money by not getting a new car, or you can save money at the pump.
Incidentally, the savings of just going from 20 to 30mpg comes out to around $380 per year, at $1.70/gal... For a car that old, you more likely get 10-15mpg, and if you look carefully, get a hybrid or even a modern diesel, you can manage 50mpg. The difference there comes out to more like $1600 per year - Over the life of the car, that savings alone would *pay* for the car. And you get the satisfaction of not adding more polution (quite so fast) to the world.
And, finally, the difference will increase linearly with fuel prices - at $3/gal (live in AZ or CA a few weeks ago?), you'd save $2800/year.