I used to have the same type of setup. We required the field techs to submit an as built of what they put out there. Then we would run a script that checked to see that it was all online and configured properly, then stick it into a database.
It wasn't perfect. It didn't save a copy of the original upload so once it was in the db it was just more records.. reverting changes was a manual thing for me if something went wrong. But you can make it as complex as you like, your primary problem is going to be enforcing the change in work habits, which has got to come from management or you'll have people holding out no matter how much better the new system is.
There are several ways to do this that don't involve invading your privacy any more than they already have by making you present papers to fly. They already have all the information you could want in their database about your trips with them. Attaching a photo to it does nothing more than give someone a feeling of unease the moment you've pulled off this sham.
I dislike it when the coffee shop employees use my name without having been introduced because it's unexpected. The first thing that goes through your head is how did this person know my name, then you work backwards and figure it out. "Oh, they read it off my credit card." The uneasiness goes away but the feeling that something wasn't quite right with your experience is still there. Now try it in a situation where you can't figure it out because there’s a third party involved?
Situation: Man you've never seen before approaches you in an airport and says "Mr. Smith?" What is your immediate reaction?
First you're trying to figure out where you've met the person before, then you're trying to figure out if something is wrong or if they're a thief or confidence man playing you because obviously they've overheard your name from somewhere? You're never able to make the connection that they've "recognized" you because they haven't. They weren't even introduced by a mutual acquaintance like the front desk clerk because in a giant airport it would be impossible to believe that the front desk clerk described you well enough to be tracked down.
You will always be left with a feeling that shenanigans have happened and it won't make you happy. Unless you're an extremely trusting grandmotherly type person who finds the novelty to be so interesting you forget your suspicions; If you are in that particular demographic then the novelty of hearing your name called over the intercom so you can come to the desk and be updated would be just as effective as the above.
Finally, I'm in a position of choice in what has become an increasingly hostile market due to security theater. Every chance I get I will choose the airline that isn't creepy internet stalking me.
I've downloaded the source to Thunderbird a few times when I got frustrated that something was broken and figured I'd try to fix it. The code is terrible.
Well, that's too harsh. What I should say is that it's written without thought of user supported patches. Features I've been waiting on for years just died at various points in times. Simple things like sharing address books between applications or syncing to a phone just never were realized. The developers whining at the users with comments like "unless you're willing to write the replacement" doesn't help. Obviously, the developer isn't willing to write it either so we're at an impass.
So what's the alternative? Not web based email, that's inflexible for various reasons. Getting something that will do multiple mailboxes, encryption/signing, just those two are show stoppers for everyone. Hushmail can do the second but not the first. It's still a WIP for Zimbra and most other web suites. I'm carefully watching Zimbra and waiting for the last couple of things I need and maybe I'll be able to officially be clientless.
I'm going to check on evolution again and see if it's up to par. My initial problems with it were related to it not having a windows version and the lack of certain features, but things may have changed.
plane get reloaded with fuel at the gate and move to the next city and if you have a big boom you may also hit the airport fuel tanks / take out a big chunk of the gate area.
I won't bother restating the article details other than to say it was an RC car, left near the cockpit which is too far away from the fuel tanks to rupture them. If it had been a bomb.
Even if it did, the fuel won't explode (the vapors can, but not without the right air/fuel ratio) and even the ignition point of the jet fuel is higher than you would think (140 degrees F according to wikipedia). So even a fire is unlikely unless it was incendiary.
The main point being that an RC car is too small to blow up an airplane, even a little Cessna.
As a counterpoint, when the mythbusters blew up the cement truck they used 850lbs of high-explosive, which detonates (explodes faster than the speed of sound) and generally provides more force for doing work like pushing a cement mixer wall away from another cement mixer wall.
Expansion room is important. Holding an M80 tightly in your hand might blow your hand off, while holding it in your open palm might just burn your skin slightly (I still advise you not to try this)
The same applies in larger scales. If the RC car was a bomb, the explosion of say 5 pounds of material would go mostly up in the air and around all the sides, taking the paths of least resistance. It would probably leave a permanent mark on the ugly airplane carpet, which would need to be replaced.. along with a couple of seats.
The reason small bombs are effectively dangerous is shrapnel. Grenades pack a small amount of explosives inside a metal shell which breaks apart and speeds along into peoples bodies. Grenades are not effective against tanks, vehicles, or airplanes, despite video games saying otherwise.
Why am I saying all this? I want you to understand that even a little bit of panic while remaining uninformed does you and the public a disservice. A stampede to get away from a potential bomb scare would have potentially caused much more harm than anything reasonable you could have done to the plane while it's on the ground.
I've said this before, and this is a good example. Intellectual property should be solely the property of the author. Period. It should be non-transferable and upon the authors death become public domain.
There is always a grift, and corporations are good at finding it, which is why the laws are so fucked up now. People would argue (rightly so) that someone who dies early can cost their corporation major losses due to distribution/advertising/etc of a product that's now public domain.
Older artists like Prince, Madonna, Cher, or megagroups like U2, Metallica, etc, or junkies who otherwise make good music, would start to become unmarketable for people to license because the very real threat of death causes loss of revenue (in excess of the normal loss of revenue due to no longer producing works)
People who die making films no longer have royalty rights, meaning in certain cases it would be cheaper for a corporation to kill a director than to license distribution after a film is made.
Insurance rates for all performing artists and really anyone who makes anything of value would go way up.
All of these things hurt the artist as much as the corporation.
There's no reason your car can't send signaling through the inductive system and do the same identification. I'm mainly concerned about efficiency concerns, but if they find a way to make it work then it opens up a bunch of other practical uses (the drawbacks being living and working forever in giant EM fields, but again they have problems to solve..)
I sign email on one machine, but encryption and even signing requires copying your private key to all the machines you actively use mail clients on, including your phone. Nobody has made a simple and secure protocol for private key download or message upload/sign/encrypt on the remote server. For that matter, nobody bothered making a protocol for contact list sharing, settings sharing, installed plugin sharing, etc, which is why people moved to web mail and things that sync with a phone.
So I have a machine at home I occasionally check mail on, a laptop, a desktop at work, several virtual machines I might need to access email on, a phone or two, etc.. But even if that were all solved there's the problem of replying to encrypted emails, and the fact the subject and recipients aren't encrypted. (Recipient, fine.. that's impractical. Subject: nono.)
So you sent an encrypted message and want to review it later. How? Hope you included a copy encrypted with your own public key (cc'd yourself). Maybe your mail client does this for you. If not the message in your Sent folder is unrecoverable. Want to continue an encrypted conversation? Better make sure your phone or whatever you send mail from this second supports things, and you have it properly configured.
Then there's the fact email wasn't made to be secure and therefore it's broken. DKIM? Sounds good but mailing lists that append things mess things up. GPG should be signing parts of the email and clearly saying what it's signed, but the new idea is to put the signature in the email header where it can be mangled by the next MTA.
Mail headers pretty much make no sense. How do you know which parts weren't spoofed? Can you believe any of it besides whats in your maillog? The answer is yes 99% of the times but only because we still have some trust in the sending MTA if it's a reliable provider.
Mail and it's headers should be append only with clear distinctions of what MTA appended what and everyone signing things for verifiability. That would require a rewrite of the protocol though.
The PSU is still a point of failure, a heat source, and is costing 6% efficiency per server at the start. DC has a bunch of advantages in this type of environment, one being that redundant power is easy.
The only real downside to DC is the lack of standardized plugs, and the lack of jumpers. Wiring harnesses eliminate some of this, but having to run and terminate wires of various sizes tends to turn off everyone but electricians.
You're right DNSSEC is not the answer, but Convergence has problems.
From a previous post I made:
"The problem I foresee is that users won't change notaries based on trust. Most users click yes to anything, don't know what's going on 99% of the time and have no clue/don't want to know how crypto works on the internet."
There is also the privacy issue of sending a certificate request to number of notaries, meaning someone out there knows what sites you're browsing and when.
Or the bandwidth consideration of asking number of people for trust information about a certificate.
Proxying the information means you're back to trusting one person (who you might as well call your CA, since that's the business a CA will get into if we switch).. and it still doesn't fix the privacy concerns (unless you use multiple proxies and then it's bandwidth, unless you use only one at a time in rotation and then there's the issue of who to trust)
They're using outdated perl syntax. And taking advantage of things you shouldn't be doing even if they're allowed. Lots of languages let you do things and caution you not to. Not saying "return" or using good variable names or declaring scope on variables isn't good.
Regardless of how hard a language is to learn, once you "get it" you pretty much "get it" for 90% of other languages too. For instance, I can read and translate both Quorum and Randomo just by looking at the examples provided. That doesn't make the languages easy to use or better, or make perl worse, they're just different cases.
Users have to learn the fundamentals of programming before they can program. Conditionals, loops, subroutines, Boolean logic. All of which were touched on by their sample. To me, changing "sub" or "function" to "action" doesn't make things any clearer, it just seems like you're trying to reinvent pascal. Repeat b-a times is kind of nice, but you could do the same by saying for($a..$b) { } (which arguably is less clear than the repeat statement but just as true, you want it to repeat for all integers between $a and $b)
Also, removing parenthesis might make things clearer for simple logic but what about if d + e > 4 * x? Now you've introduced ambiguity, or at least forced the user to memorize order of operations rather than letting them be clear in their statement.
They also acknowledge they only tested 18 people, which isn't a big enough sample set to know if they're on to something. They've essentially asked "which is easier to understand, psuedocode or badly written real languages with no comments" and the answer is pseudocode, but it's still not intuitive what the program does.
I think they're failing to understand that people writing code now might not even understand modulus. While that's sad, it's also important to grasp what level of novice you're dealing with before training them. Visual Basic will let you write a minesweeper game without doing any math. Does that count as easier, or does math still have a place? (When I see novice programmers writing logic that doesn't use math it generally means they've unrolled what you would be doing mathematically and done a bad job of it)
In summary, I like perl. Many people from the python/ruby/php communities have already had their fun pooping on the party so if you're going to attack the language please make sure your arguments hold some weight. There are definitely problems but syntax isn't one of them unless you run with scissors every time your parents hand them to you. Perl has very few training wheels and therefor you get people giving bad examples, but if you ignore those it just gets things done.
The other factor is, all helium we currently have is produced through alpha particle emissions due to radioactive decay. This is a non-renewable and finite resource that if exploited would run out long before we cooked ourselves in a carbonated atmosphere.
Tiny carbon footprint indeed, but possibly still wasteful. Once the helium escapes the balloon it floats up to the upper atmosphere and escapes into space via some method I'm forgetting. Never to be used again. The same thing applies to your birthday balloons but nobody is particularly worried about those unless you try to lift your house with them.
I consider firefox to be in the "just fine" range. Their releases aren't world changing so much as they are irritating. I'd rather they improved the download process in windows (since windows package management is awful) and released only when needed, or tried breaking functionality into multiple modular branches then releasing those more often. Perhaps inspiring people to build other browsers, or browser distributions around the different core features. I know to some extent that was what was done, but there is more to modularize if people wanted to.
Stabilizing the extension API, or making component versioning would also be nice so if you're whizzyfoo widget was terribly old but only touched a component that hadn't changed in years, it wouldn't need a revision bump every time they released a new version. (It's been a long time, but I think World of Warcraft did this with it's addons eventually, making them include the libraries they needed and updating versions based on those)
Alternatively, a killer feature for me would be "private browsing" in a tab, so I could login to facebook and google+, and other social sites in some tabs without them spreading their cookie porn all over the other sites I visited.
The concept is sound, but the practice is probably too lofty to take off (armchair assessment)
The problem I foresee is that users won't change notaries based on trust. Most users click yes to anything, don't know what's going on 99% of the time and have no clue/don't want to know how crypto works on the internet. Asking my mom to manage trust relationships is what I am imagining is ridiculous.
So, you need a mediator to manage notaries for you. Your browser vendor can do it, but trusting them is no more a reasoned argument than trusting a CA.
I'm also curious what the analytical benefits would be of running a notary. You wouldn't be able to know exactly who's trusting you for what, but you would be getting lots of information all the time about what users are doing.
I don't have anything new to contribute, but I've visited this site for over a decade. People have sometimes complained of issues, or new features they didn't like, I know I personally have found other "daily sites" to visit as well, but that never stopped my love of the site you built.
I know this was the first place I've turned to for world-changing news. Not the only news site, but the first news site because this was the first place people really used for meta-discussion, back before CNN/Fox/BBC/everyone had a comment list, or read twitter on air.
This was one of the first "hugely popular" sites to opensource their code. Something that never had to be done, but was great for the community.
My point is that this site has been innovative and inspiring to many people and to many other sites. I hope that you find success with your next venture as well, and I appreciate everything you've done for the Linux/web/opensource/whatever communities.
So we've got to manage infrastructure in a way that's counter to it's purpose. They propose this already knowing the workarounds and that it's technically not a feasible solution for anything, and yet they want it to go through anyway.
Laws shouldn't be there to force third parties to operate in an inefficient or insecure manner. Laws are supposed to be to punish the guilty party, or get restitution for the wronged party. Yes, there are criminal laws that say "don't do this." Don't speed, or don't murder would be examples of those. But I'm having trouble remembering a law that required a 3rd party to censor things at someones request.
If libraries weren't dying as an instituion I'm sure the most obvious similarity would be a librarian being asked to pull books and hide them in the back room because they weren't allowed to show them to the public anymore. I find it interesting that people in America are scared to go to certain websites or look at some of these leaked documents online because it might be illegal or might be used against them. Not only have we bowed down to censorship, we're running scared that someone will find out we aren't so pure and innocent.
People even here are asking "will it be legal to circumvent this?" when the true question should be "why is censorship suddenly a part of the US federal governments mandate?"
I don't think it's as bad as you guys are making it out to be. I run my own mail server using postfix, postgrey, spamassassin and dovecot. There are several things to worry about when starting out that seem daunting and it's best to tackle it in stages. Getting postfix + dovecot working in debian is easy and gets you mail. Getting spamassassin should also be easy but will barely help unless you tweak the rules to your liking. Postgrey cut my spam by 95% and from what I recall was easy to setup.
The important thing is that once it's setup it's simple to maintain and doesn't break often. The thing to remember is to write down all the steps you took to get things installed (preferably in a wiki so you can keep the documentation updated. You should do this for all complex projects you take on that are hard to setup but easy to maintain, just so you don't forget how to set it up again)
The other important thing is to use an OS that supports easy updates that don't break config files. Your OS of choice is a flame war waiting to happen, but I think debian is very good about this.
Third thing, mentioning because it's important if you're running mail for a company: Use Maildir for the mail spool format, and overspec the server for I/O. SAS, raid 0+1 and solid state drives are all viable options. 30+ users hitting a mail spool hurts a server like almost nothing else.
Also, I know I didn't touch on web-based mail clients. That's more work that is probably going to involve apache and zimbra or another program of your choice. Squirellmail works if you just want mail, but if you want mail+calendar there are several options and you'll have to find what you like. I would do this after you get everything else working first though.
I'm mostly excited about all the choices we have here in America and the fact that all of them give you the same bandwidth throttling option. In a world out there filled with choice it's important to know that we can go to any provider and get the same thing no matter what we want.
Had some interesting points to make but they're halfway not relevant so I removed them. Leaving these because they're just about relevant.
The government at all levels can and does misuse this kind of data. They think giving "illegal" drugs to cancer patients is something worth prosecuting for. They're more interested in speed traps than stolen cars because one requires doing work and the other makes money.
You know what doesn't require sophisticated algorithms to reduce crime? Increasing patrols in neighborhoods and business areas that are frequent targets. I know you can't write press releases about it because it's nothing new, but burglars tend to move on if a patrol car passes a place every 5 minutes.
Arguably that's exactly what they're looking to do. Increase patrols in areas that computers flag as being high targets, but that is also reactive rather than proactive, meaning someone has to suffer crime until it reaches some threshold where they give a damn. There's nothing more predictive here than a monitoring system that turns red when it sees a percentage.
I've never heard of Mailinator. Now that I have I guess I'm still not interested. I have my own domain and create fake accounts to track who sells my name but I generally get more spam due to mailing list posts I make than anything else, and you can't have a one-way email for mailing list accounts (although I guess you could set them to only accept mail from the mailing list, if you're willing to not accept personal replies to things you send out)
But this guy is full of himself. "Look at me, I setup a system to facilitate hiding your email address. Oh, people want to ban it? Lets see about that, hah!"
A normal response would be to just give out your list, or as he claims, stop accepting mail for that website (although that's opt-out so it's automatically less good than the alternative)
Now us evil web site owners will just have to come up with some other way to ban his bullshit.. like sharing the list publicly despite his efforts.. or.. banning his IP:
mailinator.com. 86400 IN A 66.135.37.96 spamherelots.com. 86400 IN A 66.135.37.96 thisisnotmyrealemail.com. 86400 IN A 66.135.37.96
shrug.. none of my business I suppose since I haven't heard of him, but I would be furious if I got that kind of response from an "anti-spam" company when asking them to stop spamming me.
It's a good thing I don't reward people who do stupid stuff by giving them money though. Maybe I don't even care to be the first consumer of a game that has this shit-ass sales model?
It seems like this release doesn't really bring anything the user will want bad enough to upgrade. I like the new speedier release schedule because it always seemed like we never got new versions, but I'd also like to see more than just minor bug fixes rolled into a major release.
On a personal soapbox: We've been promised for a while now that sqllite would replace mork for address books. Has it? Being able to synchronize address books between mutt and thunderbird (or an iphone or android contact list) without the use of ldap has been something I've wanted for years. LDAP has never been a complete solution because it was read only from most (all?) common mail clients.
Perhaps this whole idea can be replaced with mozilla sync/weave if they integrate that. I've been worried about the direction of thunderbird since mozilla "spun it off" though. It seems they don't want it/don't want to work on it, but don't really want to let it go either.
After installing and playing with the new version, it looks like mostly a UI change.
At first I thought the citizens were going to have to pay for the cleanup and fixing of all the problems, along with the trial and all that. Now that I know this criminal with no job prospects will be paying the $1.5M I can sleep better at night.
My personal ideas about job integrity end at or a little before the threat of getting arrested so I could argue I don't think what he did was wise (I would've made the guy wanting the passwords put it in writing and then quietly laughed when they broke things), but I don't think the punishment fits the crime at all. Why is there never a middle ground in the justice system between ruining someones life and letting them go free?
And why can't the city just let this one go? They won a long time ago.. back when he was fired, jailed, etc and he surrendered the passwords without the network ever going down.
If I came to work and someone had stolen something off my desk I would be mad. If I found out it was management and they had taken it because they saw it as a resource they could use better elsewhere I would quit.
Personal workspace items given to a user shouldn't be taken back without their consent. It's no different if they stole someones stapler or pens. Dual or triple monitors might be seen as a luxury still, but they're cheap now. If the company can't afford to pay $100 for the accounting department to pick up a new monitor then they don't need you. They're either underpaying you or just don't give a damn about you as an employee or a human being.
Seems a big failure on design. If I designed a credit card payment system I would have it only be active in the portion of the network that required people to pay for something.
So... your playstation comes online and you want to sign in and play a game. Ok, the console has been authorized before it should be able to send a token saying "I'm whois let me play games."
In fact, PSN shouldn't really care who you are unless you're trying to buy something. Buying something and playing a game are two fundamentally different things. Your credit card should probably not be linked to the same username that you use for web browsing. There should be two accounts or two privilege levels that require different types of sign-on.
Why does the PSN network care who you are until you buy something? The entire store should still be online and all free downloads available, just no payed downloads until they fix that part. You should be able to play Black Ops without risking your financial future right?
You might say the customer wouldn't put up with the bullshit of having two accounts, or everyone will use the same password twice but:
1. If you explain how it works some people will do the right thing and be protected. 2. We've already put up with crazy amounts of bullshit, like weekly system updates that can't be backgrounded and take forever. Loss of features some people specifically payed for (ps2 compatibility, running Linux), and just a bad UI that can't do simple things like play your mp3 collection while you game or browse the store.
Slashdot Mirror
I used to have the same type of setup. We required the field techs to submit an as built of what they put out there. Then we would run a script that checked to see that it was all online and configured properly, then stick it into a database.
It wasn't perfect. It didn't save a copy of the original upload so once it was in the db it was just more records.. reverting changes was a manual thing for me if something went wrong. But you can make it as complex as you like, your primary problem is going to be enforcing the change in work habits, which has got to come from management or you'll have people holding out no matter how much better the new system is.
There are several ways to do this that don't involve invading your privacy any more than they already have by making you present papers to fly. They already have all the information you could want in their database about your trips with them. Attaching a photo to it does nothing more than give someone a feeling of unease the moment you've pulled off this sham.
I dislike it when the coffee shop employees use my name without having been introduced because it's unexpected. The first thing that goes through your head is how did this person know my name, then you work backwards and figure it out. "Oh, they read it off my credit card." The uneasiness goes away but the feeling that something wasn't quite right with your experience is still there. Now try it in a situation where you can't figure it out because there’s a third party involved?
Situation: Man you've never seen before approaches you in an airport and says "Mr. Smith?" What is your immediate reaction?
First you're trying to figure out where you've met the person before, then you're trying to figure out if something is wrong or if they're a thief or confidence man playing you because obviously they've overheard your name from somewhere? You're never able to make the connection that they've "recognized" you because they haven't. They weren't even introduced by a mutual acquaintance like the front desk clerk because in a giant airport it would be impossible to believe that the front desk clerk described you well enough to be tracked down.
You will always be left with a feeling that shenanigans have happened and it won't make you happy. Unless you're an extremely trusting grandmotherly type person who finds the novelty to be so interesting you forget your suspicions; If you are in that particular demographic then the novelty of hearing your name called over the intercom so you can come to the desk and be updated would be just as effective as the above.
Finally, I'm in a position of choice in what has become an increasingly hostile market due to security theater. Every chance I get I will choose the airline that isn't creepy internet stalking me.
I've downloaded the source to Thunderbird a few times when I got frustrated that something was broken and figured I'd try to fix it. The code is terrible.
Well, that's too harsh. What I should say is that it's written without thought of user supported patches. Features I've been waiting on for years just died at various points in times. Simple things like sharing address books between applications or syncing to a phone just never were realized. The developers whining at the users with comments like "unless you're willing to write the replacement" doesn't help. Obviously, the developer isn't willing to write it either so we're at an impass.
https://bugzilla.mozilla.org/show_bug.cgi?id=382876
So what's the alternative? Not web based email, that's inflexible for various reasons. Getting something that will do multiple mailboxes, encryption/signing, just those two are show stoppers for everyone. Hushmail can do the second but not the first. It's still a WIP for Zimbra and most other web suites. I'm carefully watching Zimbra and waiting for the last couple of things I need and maybe I'll be able to officially be clientless.
I'm going to check on evolution again and see if it's up to par. My initial problems with it were related to it not having a windows version and the lack of certain features, but things may have changed.
You guys have had your fun. Stop tweeting dick jokes at him and he'll turn the internet back on.
plane get reloaded with fuel at the gate and move to the next city and if you have a big boom you may also hit the airport fuel tanks / take out a big chunk of the gate area.
I won't bother restating the article details other than to say it was an RC car, left near the cockpit which is too far away from the fuel tanks to rupture them. If it had been a bomb.
Even if it did, the fuel won't explode (the vapors can, but not without the right air/fuel ratio) and even the ignition point of the jet fuel is higher than you would think (140 degrees F according to wikipedia). So even a fire is unlikely unless it was incendiary.
The main point being that an RC car is too small to blow up an airplane, even a little Cessna.
As a counterpoint, when the mythbusters blew up the cement truck they used 850lbs of high-explosive, which detonates (explodes faster than the speed of sound) and generally provides more force for doing work like pushing a cement mixer wall away from another cement mixer wall.
Expansion room is important. Holding an M80 tightly in your hand might blow your hand off, while holding it in your open palm might just burn your skin slightly (I still advise you not to try this)
The same applies in larger scales. If the RC car was a bomb, the explosion of say 5 pounds of material would go mostly up in the air and around all the sides, taking the paths of least resistance. It would probably leave a permanent mark on the ugly airplane carpet, which would need to be replaced.. along with a couple of seats.
The reason small bombs are effectively dangerous is shrapnel. Grenades pack a small amount of explosives inside a metal shell which breaks apart and speeds along into peoples bodies. Grenades are not effective against tanks, vehicles, or airplanes, despite video games saying otherwise.
Why am I saying all this? I want you to understand that even a little bit of panic while remaining uninformed does you and the public a disservice. A stampede to get away from a potential bomb scare would have potentially caused much more harm than anything reasonable you could have done to the plane while it's on the ground.
I've said this before, and this is a good example. Intellectual property should be solely the property of the author. Period. It should be non-transferable and upon the authors death become public domain.
There is always a grift, and corporations are good at finding it, which is why the laws are so fucked up now. People would argue (rightly so) that someone who dies early can cost their corporation major losses due to distribution/advertising/etc of a product that's now public domain.
Older artists like Prince, Madonna, Cher, or megagroups like U2, Metallica, etc, or junkies who otherwise make good music, would start to become unmarketable for people to license because the very real threat of death causes loss of revenue (in excess of the normal loss of revenue due to no longer producing works)
People who die making films no longer have royalty rights, meaning in certain cases it would be cheaper for a corporation to kill a director than to license distribution after a film is made.
Insurance rates for all performing artists and really anyone who makes anything of value would go way up.
All of these things hurt the artist as much as the corporation.
There's no reason your car can't send signaling through the inductive system and do the same identification. I'm mainly concerned about efficiency concerns, but if they find a way to make it work then it opens up a bunch of other practical uses (the drawbacks being living and working forever in giant EM fields, but again they have problems to solve..)
I sign email on one machine, but encryption and even signing requires copying your private key to all the machines you actively use mail clients on, including your phone. Nobody has made a simple and secure protocol for private key download or message upload/sign/encrypt on the remote server. For that matter, nobody bothered making a protocol for contact list sharing, settings sharing, installed plugin sharing, etc, which is why people moved to web mail and things that sync with a phone.
So I have a machine at home I occasionally check mail on, a laptop, a desktop at work, several virtual machines I might need to access email on, a phone or two, etc.. But even if that were all solved there's the problem of replying to encrypted emails, and the fact the subject and recipients aren't encrypted. (Recipient, fine.. that's impractical. Subject: nono.)
So you sent an encrypted message and want to review it later. How? Hope you included a copy encrypted with your own public key (cc'd yourself). Maybe your mail client does this for you. If not the message in your Sent folder is unrecoverable. Want to continue an encrypted conversation? Better make sure your phone or whatever you send mail from this second supports things, and you have it properly configured.
Then there's the fact email wasn't made to be secure and therefore it's broken. DKIM? Sounds good but mailing lists that append things mess things up. GPG should be signing parts of the email and clearly saying what it's signed, but the new idea is to put the signature in the email header where it can be mangled by the next MTA.
Mail headers pretty much make no sense. How do you know which parts weren't spoofed? Can you believe any of it besides whats in your maillog? The answer is yes 99% of the times but only because we still have some trust in the sending MTA if it's a reliable provider.
Mail and it's headers should be append only with clear distinctions of what MTA appended what and everyone signing things for verifiability. That would require a rewrite of the protocol though.
The PSU is still a point of failure, a heat source, and is costing 6% efficiency per server at the start. DC has a bunch of advantages in this type of environment, one being that redundant power is easy.
The only real downside to DC is the lack of standardized plugs, and the lack of jumpers. Wiring harnesses eliminate some of this, but having to run and terminate wires of various sizes tends to turn off everyone but electricians.
You're right DNSSEC is not the answer, but Convergence has problems.
From a previous post I made:
"The problem I foresee is that users won't change notaries based on trust. Most users click yes to anything, don't know what's going on 99% of the time and have no clue/don't want to know how crypto works on the internet."
There is also the privacy issue of sending a certificate request to number of notaries, meaning someone out there knows what sites you're browsing and when.
Or the bandwidth consideration of asking number of people for trust information about a certificate.
Proxying the information means you're back to trusting one person (who you might as well call your CA, since that's the business a CA will get into if we switch).. and it still doesn't fix the privacy concerns (unless you use multiple proxies and then it's bandwidth, unless you use only one at a time in rotation and then there's the issue of who to trust)
They're using outdated perl syntax. And taking advantage of things you shouldn't be doing even if they're allowed. Lots of languages let you do things and caution you not to. Not saying "return" or using good variable names or declaring scope on variables isn't good.
Regardless of how hard a language is to learn, once you "get it" you pretty much "get it" for 90% of other languages too. For instance, I can read and translate both Quorum and Randomo just by looking at the examples provided. That doesn't make the languages easy to use or better, or make perl worse, they're just different cases.
Users have to learn the fundamentals of programming before they can program. Conditionals, loops, subroutines, Boolean logic. All of which were touched on by their sample. To me, changing "sub" or "function" to "action" doesn't make things any clearer, it just seems like you're trying to reinvent pascal. Repeat b-a times is kind of nice, but you could do the same by saying for($a..$b) { } (which arguably is less clear than the repeat statement but just as true, you want it to repeat for all integers between $a and $b)
Also, removing parenthesis might make things clearer for simple logic but what about if d + e > 4 * x? Now you've introduced ambiguity, or at least forced the user to memorize order of operations rather than letting them be clear in their statement.
They also acknowledge they only tested 18 people, which isn't a big enough sample set to know if they're on to something. They've essentially asked "which is easier to understand, psuedocode or badly written real languages with no comments" and the answer is pseudocode, but it's still not intuitive what the program does.
I think they're failing to understand that people writing code now might not even understand modulus. While that's sad, it's also important to grasp what level of novice you're dealing with before training them. Visual Basic will let you write a minesweeper game without doing any math. Does that count as easier, or does math still have a place? (When I see novice programmers writing logic that doesn't use math it generally means they've unrolled what you would be doing mathematically and done a bad job of it)
In summary, I like perl. Many people from the python/ruby/php communities have already had their fun pooping on the party so if you're going to attack the language please make sure your arguments hold some weight. There are definitely problems but syntax isn't one of them unless you run with scissors every time your parents hand them to you. Perl has very few training wheels and therefor you get people giving bad examples, but if you ignore those it just gets things done.
My guess is that helium containment is hard for balloons and the limited range is caused by helium loss?
http://www.rcgroups.com/forums/archive/index.php/t-265008.html
Helium atom's are very small giving them a diffusion rate through solids that's 3x that of air.
http://en.wikipedia.org/wiki/Helium
The other factor is, all helium we currently have is produced through alpha particle emissions due to radioactive decay. This is a non-renewable and finite resource that if exploited would run out long before we cooked ourselves in a carbonated atmosphere.
Tiny carbon footprint indeed, but possibly still wasteful. Once the helium escapes the balloon it floats up to the upper atmosphere and escapes into space via some method I'm forgetting. Never to be used again. The same thing applies to your birthday balloons but nobody is particularly worried about those unless you try to lift your house with them.
I consider firefox to be in the "just fine" range. Their releases aren't world changing so much as they are irritating. I'd rather they improved the download process in windows (since windows package management is awful) and released only when needed, or tried breaking functionality into multiple modular branches then releasing those more often. Perhaps inspiring people to build other browsers, or browser distributions around the different core features. I know to some extent that was what was done, but there is more to modularize if people wanted to.
Stabilizing the extension API, or making component versioning would also be nice so if you're whizzyfoo widget was terribly old but only touched a component that hadn't changed in years, it wouldn't need a revision bump every time they released a new version. (It's been a long time, but I think World of Warcraft did this with it's addons eventually, making them include the libraries they needed and updating versions based on those)
Alternatively, a killer feature for me would be "private browsing" in a tab, so I could login to facebook and google+, and other social sites in some tabs without them spreading their cookie porn all over the other sites I visited.
The concept is sound, but the practice is probably too lofty to take off (armchair assessment)
The problem I foresee is that users won't change notaries based on trust. Most users click yes to anything, don't know what's going on 99% of the time and have no clue/don't want to know how crypto works on the internet. Asking my mom to manage trust relationships is what I am imagining is ridiculous.
So, you need a mediator to manage notaries for you. Your browser vendor can do it, but trusting them is no more a reasoned argument than trusting a CA.
I'm also curious what the analytical benefits would be of running a notary. You wouldn't be able to know exactly who's trusting you for what, but you would be getting lots of information all the time about what users are doing.
I don't have anything new to contribute, but I've visited this site for over a decade. People have sometimes complained of issues, or new features they didn't like, I know I personally have found other "daily sites" to visit as well, but that never stopped my love of the site you built.
I know this was the first place I've turned to for world-changing news. Not the only news site, but the first news site because this was the first place people really used for meta-discussion, back before CNN/Fox/BBC/everyone had a comment list, or read twitter on air.
This was one of the first "hugely popular" sites to opensource their code. Something that never had to be done, but was great for the community.
My point is that this site has been innovative and inspiring to many people and to many other sites. I hope that you find success with your next venture as well, and I appreciate everything you've done for the Linux/web/opensource/whatever communities.
So we've got to manage infrastructure in a way that's counter to it's purpose. They propose this already knowing the workarounds and that it's technically not a feasible solution for anything, and yet they want it to go through anyway.
Laws shouldn't be there to force third parties to operate in an inefficient or insecure manner. Laws are supposed to be to punish the guilty party, or get restitution for the wronged party. Yes, there are criminal laws that say "don't do this." Don't speed, or don't murder would be examples of those. But I'm having trouble remembering a law that required a 3rd party to censor things at someones request.
If libraries weren't dying as an instituion I'm sure the most obvious similarity would be a librarian being asked to pull books and hide them in the back room because they weren't allowed to show them to the public anymore. I find it interesting that people in America are scared to go to certain websites or look at some of these leaked documents online because it might be illegal or might be used against them. Not only have we bowed down to censorship, we're running scared that someone will find out we aren't so pure and innocent.
People even here are asking "will it be legal to circumvent this?" when the true question should be "why is censorship suddenly a part of the US federal governments mandate?"
I don't think it's as bad as you guys are making it out to be. I run my own mail server using postfix, postgrey, spamassassin and dovecot. There are several things to worry about when starting out that seem daunting and it's best to tackle it in stages. Getting postfix + dovecot working in debian is easy and gets you mail. Getting spamassassin should also be easy but will barely help unless you tweak the rules to your liking. Postgrey cut my spam by 95% and from what I recall was easy to setup.
The important thing is that once it's setup it's simple to maintain and doesn't break often. The thing to remember is to write down all the steps you took to get things installed (preferably in a wiki so you can keep the documentation updated. You should do this for all complex projects you take on that are hard to setup but easy to maintain, just so you don't forget how to set it up again)
The other important thing is to use an OS that supports easy updates that don't break config files. Your OS of choice is a flame war waiting to happen, but I think debian is very good about this.
Third thing, mentioning because it's important if you're running mail for a company: Use Maildir for the mail spool format, and overspec the server for I/O. SAS, raid 0+1 and solid state drives are all viable options. 30+ users hitting a mail spool hurts a server like almost nothing else.
Also, I know I didn't touch on web-based mail clients. That's more work that is probably going to involve apache and zimbra or another program of your choice. Squirellmail works if you just want mail, but if you want mail+calendar there are several options and you'll have to find what you like. I would do this after you get everything else working first though.
I'm mostly excited about all the choices we have here in America and the fact that all of them give you the same bandwidth throttling option. In a world out there filled with choice it's important to know that we can go to any provider and get the same thing no matter what we want.
Had some interesting points to make but they're halfway not relevant so I removed them. Leaving these because they're just about relevant.
The government at all levels can and does misuse this kind of data. They think giving "illegal" drugs to cancer patients is something worth prosecuting for. They're more interested in speed traps than stolen cars because one requires doing work and the other makes money.
You know what doesn't require sophisticated algorithms to reduce crime? Increasing patrols in neighborhoods and business areas that are frequent targets. I know you can't write press releases about it because it's nothing new, but burglars tend to move on if a patrol car passes a place every 5 minutes.
Arguably that's exactly what they're looking to do. Increase patrols in areas that computers flag as being high targets, but that is also reactive rather than proactive, meaning someone has to suffer crime until it reaches some threshold where they give a damn. There's nothing more predictive here than a monitoring system that turns red when it sees a percentage.
I've never heard of Mailinator. Now that I have I guess I'm still not interested. I have my own domain and create fake accounts to track who sells my name but I generally get more spam due to mailing list posts I make than anything else, and you can't have a one-way email for mailing list accounts (although I guess you could set them to only accept mail from the mailing list, if you're willing to not accept personal replies to things you send out)
But this guy is full of himself. "Look at me, I setup a system to facilitate hiding your email address. Oh, people want to ban it? Lets see about that, hah!"
A normal response would be to just give out your list, or as he claims, stop accepting mail for that website (although that's opt-out so it's automatically less good than the alternative)
Now us evil web site owners will just have to come up with some other way to ban his bullshit.. like sharing the list publicly despite his efforts.. or.. banning his IP:
mailinator.com. 86400 IN A 66.135.37.96
spamherelots.com. 86400 IN A 66.135.37.96
thisisnotmyrealemail.com. 86400 IN A 66.135.37.96
shrug.. none of my business I suppose since I haven't heard of him, but I would be furious if I got that kind of response from an "anti-spam" company when asking them to stop spamming me.
It's a good thing I don't reward people who do stupid stuff by giving them money though. Maybe I don't even care to be the first consumer of a game that has this shit-ass sales model?
It seems like this release doesn't really bring anything the user will want bad enough to upgrade. I like the new speedier release schedule because it always seemed like we never got new versions, but I'd also like to see more than just minor bug fixes rolled into a major release.
On a personal soapbox: We've been promised for a while now that sqllite would replace mork for address books. Has it? Being able to synchronize address books between mutt and thunderbird (or an iphone or android contact list) without the use of ldap has been something I've wanted for years. LDAP has never been a complete solution because it was read only from most (all?) common mail clients.
Linkies for reference:
http://www.ceveni.com/2009/03/thunderbird-addressbook-mork-format.html
http://en.wikipedia.org/wiki/Mork_(file_format)
5 year old bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=382876
Perhaps this whole idea can be replaced with mozilla sync/weave if they integrate that. I've been worried about the direction of thunderbird since mozilla "spun it off" though. It seems they don't want it/don't want to work on it, but don't really want to let it go either.
After installing and playing with the new version, it looks like mostly a UI change.
At first I thought the citizens were going to have to pay for the cleanup and fixing of all the problems, along with the trial and all that. Now that I know this criminal with no job prospects will be paying the $1.5M I can sleep better at night.
My personal ideas about job integrity end at or a little before the threat of getting arrested so I could argue I don't think what he did was wise (I would've made the guy wanting the passwords put it in writing and then quietly laughed when they broke things), but I don't think the punishment fits the crime at all. Why is there never a middle ground in the justice system between ruining someones life and letting them go free?
And why can't the city just let this one go? They won a long time ago.. back when he was fired, jailed, etc and he surrendered the passwords without the network ever going down.
If I came to work and someone had stolen something off my desk I would be mad. If I found out it was management and they had taken it because they saw it as a resource they could use better elsewhere I would quit.
Personal workspace items given to a user shouldn't be taken back without their consent. It's no different if they stole someones stapler or pens. Dual or triple monitors might be seen as a luxury still, but they're cheap now. If the company can't afford to pay $100 for the accounting department to pick up a new monitor then they don't need you. They're either underpaying you or just don't give a damn about you as an employee or a human being.
Seems a big failure on design. If I designed a credit card payment system I would have it only be active in the portion of the network that required people to pay for something.
So... your playstation comes online and you want to sign in and play a game. Ok, the console has been authorized before it should be able to send a token saying "I'm whois let me play games."
In fact, PSN shouldn't really care who you are unless you're trying to buy something. Buying something and playing a game are two fundamentally different things. Your credit card should probably not be linked to the same username that you use for web browsing. There should be two accounts or two privilege levels that require different types of sign-on.
Why does the PSN network care who you are until you buy something? The entire store should still be online and all free downloads available, just no payed downloads until they fix that part. You should be able to play Black Ops without risking your financial future right?
You might say the customer wouldn't put up with the bullshit of having two accounts, or everyone will use the same password twice but:
1. If you explain how it works some people will do the right thing and be protected.
2. We've already put up with crazy amounts of bullshit, like weekly system updates that can't be backgrounded and take forever. Loss of features some people specifically payed for (ps2 compatibility, running Linux), and just a bad UI that can't do simple things like play your mp3 collection while you game or browse the store.