Instead of putting a warning, can I have a provider that just doesn't track me? That lets me turn tracking on and off when I need it for a specific application, or track on a specific application basis?
Someone figure out how this works and just upload random bullshit. Tomtoms are half hacked anyway, I remember loading a customized firmware on mine when I had one. Enough bullshit uploaded from enough phones/tomtoms/whatever and hopefully eventually the data becomes worthless to all but the most statistical scrutiny.
Could be a "fudge" mode that varies your true speed up or down by x percent Could be a "sunday driver" mode that sets your max speed to 35mph/kph and lowers your true speed to a percentage of that speed Could be "foreign holiday" mode which shows your location as Antarctica for most of the afternoon
Would probably need more work since if they're sending raw points and timestamps you would need to recalculate speed and position, possibly inserting more points or removing data points. I'm sure if it's possible to collect this data it should be possible to fake it. And of course if you make it too obvious it would be easy to detect and filter the bullshit values.
I'd like to see rotating macs/ssid based on something like s/key or secureID, or Kerberos. I know those don't quite do whats needed, but the concept is that both user and server has a seed they both know, and they both know what time it is so they can calculate what values should be in use. It would do very little for security but a lot for privacy. It would require a rework of all the wifi drivers though.
Just because a privacy flaw big enough to drive trucks through (with the acknowledgement that it's in a protocol designed 10 years before modern data mining) exists doesn't mean it will ever get fixed. Probably half the people want reliability more than privacy and like targeted advertisements.
Way to show you just don't care.. "hey, fill out this survey so a computer can determine how to rate your game. No, we aren't going to play it."
From the wikipedia article:
"To obtain a rating for a game, a publisher sends the ESRB videotaped footage of the most graphic and extreme content found in the game. The publisher also fills out a questionnaire describing the game's content and pays a fee based on the game's development cost:[5]
$800 fee for development costs under USD $250k
$4,000 fee for development costs over $250k"
So, the game developer is going to do all the work and pay you to certify their game and you aren't doing anything but running a website and pocketing money? You're trading on the name you've built as a "reliable standard" and you're going to be gone as soon as Sony/Microsoft/Apple/any other app store marketplace, realizes they can take your piece of the pie and do this same thing and take money for it.
I could understand if not enough games were being submitted and you were contemplating going out of business because nobody used you anymore, but you're claiming the exact opposite. Too many people are giving you money wanting you to rate games so you're stepping out of the game rating business?
I don't have any kids and have never cared what rating a game received, but I consider this move to be counterproductive to the people who are paying you. The first slip-up isn't going to be a publishers ass it's going to be the ESRB when people ask "who's minding the store?" and the answer is nobody.
At least they used Seiverts. Could be worse, the could have said "1000 times the amount of radiation you get on a hot sunny day when riding in a plane, eating a banana and delivering a baby" or some other random unit of measure that doesn't tell you anything.
How about the hygiene issues of having a cop tell you to blow on something when you don't know where it's been?
If you fail a "walk the line" test thats one thing. Being caught weaving is one thing. Stopping everyone and saying "blow here or we'll put a needle in you" is saying "Hey, do you want Strep throat or AIDS? Your choice we're giving out both tonight."
I don't want anyone short of a qualified nurse touching me because I know those people have a bit of knowledge about hygiene and they'll wear gloves, change gloves between each patient, and wash their hands. Most roadsides don't have a sink so thats strike one against this being a good idea.
Besides which I think everyone should be bothered with the invasiveness of it. I don't like the mandatory stops in some states asking for your drivers license and proof of insurance. Sure it's their right because you're operating a motor vehicle and thats one of the conditions of your ability to operate it, but that doesn't make it a good feeling knowing the state knows when you're coming and going.
Ever been pulled over and (as a passenger) been "asked" to show your drivers license? I have. It's completely legal for me to turn them down but I know under the circumstances I would've been detained a long time if I had not complied (it was a bust of some kind 4 doors from my house. 10 police cars and cops with shotguns standing around. I went down there with a friend because I wanted to know if it was safe to stay around or if we needed to be worried about stray bullets. They told me not to be curious and to leave, after harassing us both)
So, knowing that cops have the ability to deprive you of your liberties at will right now even with the powers they already have, do you want to give them more power in the name of stopping drunk driving?
Seems an easily solvable offense through other means.. bars could cut you off after one drink unless you prove you have other means of getting home. Stores could stop selling alcohol except in some controlled means. Sure, prohibition might come back but drunk driving would go down. I can't imagine the violence from "new prohibition" would be as bad as the current drug violence, so if DUI deaths go down our safety might increase. I'd rather people punish those that drink alcohol than take liberties away from the sober drivers just because they can't catch the drunk drivers in a reasonable way.
You don't even have to stop buying crap. We just need to buying/selling crap at what it really costs to ship it. My sister got some wooden blocks for her 1 year old to play with, they were made in France.
Painted blocks could be made anywhere, they don't have to be shipped across the world, packaged in America and sold here.
Aside from the pollutants, container ships burn 217 tons of fuel per day (source http://wiki.answers.com/Q/How_much_fuel_does_a_container_ship_burn). Lets assume that this could be converted to run in cars or whatever other things we care about. Then you have to ask how much oil are we wasting to ship wooden blocks around the world?
The same should be asked about cruise ships where a weeks trip is cheap, the food is free and it all seems like a good deal. Except what damage is it doing?
OK, a 68 year old white American disabled Vietnam Vet, with a 50 year old Hawaiian wife, traveling on a domestic flight has to go through all this BULLSHIT, while everybody knows that TERRORISTS aren't elderly white cripples!
Kinda makes you think that they really don't want people to travel by air, don't it?
It's not about profiling or random screening, it's about protection and once you realize that you'll realize a little of their bullshit isn't bullshit. I see pilots with the signature of "Trusted in the air, not on the ground." but what they're overlooking is that it only takes one person who has "a pass" through the line and is willing to sell that access because they're disgruntled and don't care anymore.
You're crippled and you love this country so you should be safe right? But did you pack your bags yourself and always have them in sight? Even if you said yes to all those questions the TSA has no clue if it's really true. Even if it's true for you, what about someone else with your same conditions?
I wouldn't normally defend the TSA because they're awful at the job they do. Prudes in a nanny bible state who want to see you naked but don't want you to take your clothes off. There are tons of things they could be doing better and there are even more ways we could fight terrorism if we were even more facist than we already are. Intelligence gathering requires almost no effort if the burden of proof of innocence is on the flyer. I wouldn't be suprised if they start data mining peoples facebook entries to determine flight status soon.
I don't really care what their excuse is. I think we've given up too much freedom for a little safety. I'd rather see 3000 people die a year than this country eaten up from within by facism under the guise of protecting us from terrorism. I would accept the roll of the dice that I would be one of those people.
So what is my solution to this mess? I would like to see more travel options. More long distance fast train lines (which would take at least 20 years to be effective)
I would accept prison like conditions for transport as long as everyone was subjected to the same rules. Changing into jumpers at the airport, permitted into a controlled area with nothing but your wallet/boarding pass, all your gear flys on a separate cargo jet.
Sure it's even more facism, but if you know what to expect it's less invasive than their current shit and makes it more of a novalty. I would expect airlines to compensate with better amenities (no more baggage means more room).
Just remove the monetary incentive. Fines are a stupid idea for a punishment even in a capitalist system. They favor the rich and abuse the poor. Instead make the punishment for all minor infractions be community service. What you would see is:
People not speeding so they don't get caught because they don't want to do community service. Cops not pulling people over that don't deserve it because it doesn't help their quota/benefit them in some way. Cleaner streets, etc from people doing actual community service that benefits the community (once they run out of "good" jobs to give all the people who want to spend 120 hours reading to kids)
You could argue this benefits the rich even more at least the idle rich since they have more free time for community service, but they are less likely to want to waste their time on it.
There is a flip-side to this. No matter how careful you think you are, you will one day expose your password in the clear. Once that happens you have no way of knowing if anyone was watching.
Typing a password in the wrong terminal, typing a password in the wrong web field and having it autosearch google for your password. Typing your password over a bluetooth wireless keyboard with unknown encryption. Using a telnet session, etc. Logging in using a friend or co-workers PC that may have been compromised, etc.
Because of all this, it's still a good policy to change passwords on an annual basis, with an immediate password change if you know it's been leaked.
I encourage companies to move to single sign-on, since I consider having to memorize 17 passwords for one company to be more hassle than having to change a password frequently.
Or having to change a password on a system you only login to once every 6 months, every time you login. I hate that.:)
Unfortunately, it doesn't always work out because one centralized password means you trust one department of a company with access to everything (there are workarounds for this, but still company politics gets in the way)
I just called it and got through to someone calling themselves Danny Archer. They did not provide a company name in their greetings instead asking immediately for my first name.
For provisioning, yes a database would probably be better than text files, but I'd still want a DNS server to do what bind does now with the information.
Read it into memory and serve it out from there.
To that, I'd say what it needs is more logical separation. One process reading the data in (via flat files or database or whatever) and another process that accepts data on port whatever via a secure manner, serves it out on port 53 in whatever manner is standard.
Most of the pieces are already there (with rndc and nsupdate), they would just need to ground up refactor everything. This may be the route their actually going with bind, just slowly so it doesn't break anything.
Of course they'd probably rewrite it in Java so it'd be ultra-portable and crappy.
So people spent the last 30 years building the internet so they could steal music from him? Way to criminalize innocents and shit on peoples life work. Hell, he's not even an artist. As the manager he's just been paid by the band to... manage things, so he hardly has a right to claim his hard work is being stolen. I'll tell you what Mr Manager, make something. Design anything. Build something you're proud of so when we shit on it and tell you it's a tool for criminals you'll get an idea how we feel.
I just recently got a tomtom, and I'm very impressed with the actual unit. It's highly functional and useful and the menu system (while sometimes cumbersome) is generally really good. The only thing I find its missing is trip time and average speed (something I have on another portable GPS, so I don't miss it much)
The Windows software though, blows.
It's super super super awful. Some of the things they could've done (contact list synchronization, or just a csv based import of addresses for favorites aren't possible. About the only thing you can do is download new maps to it and update the software. Granted, I only used the software for 5 minutes to make sure I was running the latest version, but thats my impressions of it. If you truly want to, you can control your tomtom through your computer (via an onscreen representation of the tomtom screen, not an API).. it might be possible to use the tomtom as a GPS for one of the windows mapping programs but I dunno.
I used to have that opinion and in some ways I still do. As a user, I claim I want a fixed rate for passing data traffic, any data traffic I want. What I really want is a CIR (committed information rate) or Minimum rate I can pass data. If I truly had that and it was say 6Mb then I might be happy for a while.
The problem is that none of us are paying what it costs the ISPs to deliver 6Mb download. We're still paying the same prices or less for what we were paying for ISDN 10 years ago, or DSL 3 years ago. Now companies are upgrading their pipes over and over, mainly the "last mile" so they can provide as much bandwidth as possible to the users.
The problem is all this has to go through upstream "choke points" where 5000 people on 100Mbit connections to the internet all go through one or two Gigabit links (at least in our ISP, this is the case).
You can say "upgrade" if you want, but you're not paying enough. So we look at other ways to make it work. We're not rate limiting usually, just "smoothing" the traffic. If one person is using 45Mbit for a while and nothing else is going on then fine.. but rarely is that the case. Usually if it's during peak hours we want to throttle back the 45Mbit torrenter and open up the bursty traffic. The torrent guy doesn't really notice (he's probably not even sitting at his computer, and it just takes a little longer to get the file) and it keeps the web browser people and the mail sending people from complaining.
Having been on both sides of the fence several times I can say this:
If you want real bandwidth, pay for it. Sprint doesn't throttle anyone and almost never lets their pipes get oversubscribed (at least not at the edge). They're massively expensive though.
Don't want to pay for the cake but still want cake? Open an ISP that provides "true 10Mbit up and down to users, no gimmicks no rate limits no oversubscription" and market the hell out of it. Most people would say the business model would fail, but as a customer you know what you want, maybe you can make it work?:)
Maybe we have a fully licensed copy but they didn't ship the CD with the new computer and want you to do a "backup" of whatever POS install they have with their 5000 addon programs. So you install from scratch using an existing CD you have, but because it doesn't exactly match the 8000 different versions of Windows XP Professional Microsoft released, the CD key won't work.
I remember when I bought DOS 5.0, 6.0 and 6.2. I paid alot of money for it, and sometimes the upgrade wasen't worth it. But I got floppies that I really could use to reinstall, and I always had the option of formatting a PC back to nothing and installing the OS on my new machine.
I remember the same thing for Windows 3.1, Windows 95 and Windows 98. Windows NT4, OS/2 2.1. None of these had genuine advantage, and none of them had the installation problems that Windows XP has.
So let me ask you. Coming from a UNIX environment, specifically Linux. Where on a good day, everything is detected during an install and just works, why do I have to put up with this crap?
I'm hoping vista is better. I honestly don't mind buying software when I perceive it to be worth a damn. Why ship a DVD full of out of date drivers that don't support your SCSI card? Why not have at least basic support for Network based install?
Instead of prompting for a license key that nobody has anymore, why not connect to the net and ask for a username/password. Then the company IT admin can see that he's purchased 80 licenses, 5 are unused and he can use one of them to activate this new computer (or, while uninstalling he could deactivate one of the other licenses)
Why do companies insist on designing something in a crappy way then blaming the users for not wanting to buy/use it in the way they intended? If everyone is doing things their own way, why not adapt to what your users obviously want? (Why are all Slipstream SP2 disks a user created thing? Why can't we get virus free ISO's from MS that do this for us?)
I've worked for companies that got audited by the BSA. Their licensing was a mess.. there were hundreds of copies of legit windows but half the machines ethier weren't stickered or were stickered wrong. Imagine keeping hundreds of "Windows seals" and 30 other things because nobody knows what exactly should be retained in the case of an audit. Imagine half your workforce has laptops and is on the road..
Sure, Microsoft has programs that make this easier.. especially for large companies, but alot of it is time consuming BS that shouldn't be needed.
Thats not how it works, and I suspect these guys are running into the same problem we did.
I used to work for a national NSP and during my tenure there we developed a few ways to block IP's despite the fact that half the linecards in our network didn't support packet filtering.
The best way to do this was with a global null route. We'd add a route on all the routers pointing one of our unused IPs to the null0 interface. Then we ran a "null route server" where anything we wanted to block was routed to that IP address (causing all traffic to it to get blocked at the entry point, rather than routed through the network)
We used these measures exclusively for spammers and for large DOS attacks. (For DOS attacks it was less effective because you actually had to block the victim instead of the source, but it was better than nothing)
The point behind this is, many times we had virtual hosting providers call us up and tell us we'd blocked thousands of sites, some even went on to name names. We told them to get the spammer off their server before service would be restored.
This is the normal policy of most ISPs. No Collateral damage involved, you violated the terms of service and I'm sorry your business revolves around the idea of putting a thousand customers on one point of failure.
Now, I'm not saying this is what Telus did. I'm saying this is what they probably did and you guys are jumping to conclusions. The fact is, from a router standpoint it's extrodinarly hard to block "www.example.com" without doing it by IP address.
You might say "but but but but but but" this is going to be different, more secure, stronger.
Or something. But you're still going to be selling the public hardware, that they control. Hell, some of these computers will never be accessing the internet or any network at all. How will you control what they do after you turn them into the hands of the customer?
You made hardware dongles for expensive programs, they were broken. You made hardware copy protection for console game platforms, it was broken (even when games were shipped as a cartridge, eventually people made cloners)
You've made DVD players you thought were unbreakable, unleashed them on the masses, then they were broken, so to spite everyone you created new laws to try to stop people from doing it (DMCA)
You created directTV and dish network. They're hacked. And before that? Satallite TV was scrambled, but there were descramblers.
ANY hardware based "encryption" or "dongle" or "trusted computing initiative" is security through obscurity. Do you think every person who ever worked for all these conglomerate companies will be able to keep a secret?
The first person who finds out you use pins 1 and 6 on the chip to pass keying information will end up leaking it to the public. Said public will start watching those pins and find out what needs to be sent to "ok" a program running.
So you tell me your "dongle" is smack dab in the middle of the CPU, no sniffing possible?
Someone will just realease the keys then. It's only a matter of time. In the meantime, you're just blowing smoke up the asses of all the customers you have who want this product, and pissing off all the customers who don't want this product.
Give it a rest. PC's were pretty cool until you started breaking them. If you make them too hard to use, the world as a whole will find something new to play with.
HP is already on the fritz because they've merged too many times and found out they can't be the next IBM. Imagine if everyone stops buying from you and starts buying from a toaster company?
As a long time freeswan user I have to say this sucks pretty hard. Having used isakmpd and racoon on openbsd and freebsd respectivly, I've always thought freeswan was easier to configure (but not always easier to get working)
The UNIX mindset isn't to rewrite the whole app, it's for the app to privide a healthy backend so scripting against it is possible.
Think of programs like kazaa. Say you have a home network and five users who all connect and use kazaa. Wouldn't it be nice if you could connect to your kazaa session from any machine? Or allow all users to use one kazaa "daemon" and run a seperate client to search for and download files?
So in UNIX you write a server that runs as a daemon on one host, then you connect to it to check download status or queue files. The nice thing about this is, you're not limited to one client. You can use a graphical client when you want, or if you need to *script* something you can write a bash, perl, or other script to handle your scripted event. Say, automatically searching for Britney Spears pictures once a day, and downloading any new ones you don't have.
So, lets talk about how to do this with Office.
MS Office is a horribly shitty program, and the main reason for that is the document format is closed.
Personally, I used to have to submit weekly reports each week, in word format. Usually this was just a bunch of text that needed to have a pretty header and footer attached to it.
What I would've loved to do is keep a list of things I'd done that week in a text file on my harddrive, then have a cron job that ran a perl script to convert the incoming text into a word document, then email it to my boss.
Well, with OpenOffice you can do that.
You can also autogenerate spreadsheets if you want.
OpenOffice apparently supports Macro's too, if you like loading bloated applications to do simple tasks.
I've personally never needed to write a screen-scraping script on a GUI app for UNIX, mainly because most of them were designed with these things in mind.
Nobody verifys keys for webpages, email or ssh right now. How many times have you seen "HOST KEY HAS CHANGED" or "host key not found" and typed "yes" anyway?
The good news is that if people really understood crypto, key exchange would be easy. You meet in person, establish a bluetooth link, swap public keys and verify fingerprints.
The bad news is that nobody will do this, or the phone won't support it (article didn't say how key exchange happens)
So when Joe calls and it says "incoming encrypted call" are you going to answer it because you know and like Joe, even though you've never exchanged keys with him?
Key exchange can't be done through a trusted third party (except the company you work for) because there is no trusted third party. Even if you trust Bob, and he trusts Mary, you don't know where their dirty phones have been.
If your work is the trusted third party, they'll probably hold copies of your private keys so calls can be monitored later if needed. (Hopefully the phone ethier allows you to generate a new key whenever you want, or doesn't allow exporting of it's private key. Hopefully both)
Don't get me wrong, I want one. Real bad, but not $4k bad, not to test out someones (probably flawed) cryptosystem.
Even if they understand crypto and got it right, the user still has to understand it to make it all work.
If I had about 10 of these I'd give one to each of my friends and make sure they only accept encrypted calls from known keys. I'd also make the screen light up in red or green or something to show it's an encrypted call.
Then we could talk about Joe behind his back, with no chance of interception from governments.
I run a 6x120Gb software raid here. The redundency is nice but when you get that much storage in one place you start having other concerns.
Drive failures are scary. Note, if you're going with a hardware highpoint 1540 controller: forget raid 5. The array takes forever to rebuild (like 4 days) and sometimes fails midway though causing total data loss. (Other people may have different luck though, my friend is doing hardware on 4x160Gb and not enjoying it). I've had 2 drives fail on my software raid and the rebuild went well enough. I suspect the failures were due to inadequate power from the UPS causing a "brownout" condition when my power went off, since both failures happened after a power outage.
So other problems: thats 600Gb of disk space. Nobody in their right mind wants to sit through an fsck, so a journalling filesystem is needed.
but, all the journalling filesystems are new and untested. New your saying? They're a few years old.. and yes, thats true but they're new in comparision to all the other filesystems. And when you're talking about 600Mb of data on one filesystem it really starts to concern you.
(Even so, I've been running raid 5 with journalling on 4 to 6 drives for the last 1.5 years or so and haven't had filesystem corruption)
A friend of mine is running mixed drive sizes in his fileservr and doing no raid. He occasionally has failures and loses stuff, but at least he doesn't lose everything. Still, I'd be pissed if I lost an 80 gig chunk at a time.
The problem with raid is, you gain some redundency but you completely lose the ability to make sensable backups. Unless you're a corporation and can afford $3k for a tape drive (and an additional $500 for tapes) you're faced with the idea of mostly redundent, but no backups. Offsite backups become really appealing, but then you need to shell out the same money for drives that won't be put to use (until something happens)
I still don't have a solution for offsite backups.
As an aside, I started playing with encrypted partitions (not raided). That has the same sort of scaryness. One filesystem screwup and you lose everything. No backups unless you have a second hard drive. Then you're faced with raid 1 which would corrupt both drives, or copying the encrypted volume from drive to drive each night.
I've got no answer for that one ethier, except that encrypting a tape backup would probably be good in a corporate situation.
Slashdot Mirror
Instead of putting a warning, can I have a provider that just doesn't track me? That lets me turn tracking on and off when I need it for a specific application, or track on a specific application basis?
Someone figure out how this works and just upload random bullshit. Tomtoms are half hacked anyway, I remember loading a customized firmware on mine when I had one. Enough bullshit uploaded from enough phones/tomtoms/whatever and hopefully eventually the data becomes worthless to all but the most statistical scrutiny.
Could be a "fudge" mode that varies your true speed up or down by x percent
Could be a "sunday driver" mode that sets your max speed to 35mph/kph and lowers your true speed to a percentage of that speed
Could be "foreign holiday" mode which shows your location as Antarctica for most of the afternoon
Would probably need more work since if they're sending raw points and timestamps you would need to recalculate speed and position, possibly inserting more points or removing data points. I'm sure if it's possible to collect this data it should be possible to fake it. And of course if you make it too obvious it would be easy to detect and filter the bullshit values.
I'd like to see rotating macs/ssid based on something like s/key or secureID, or Kerberos. I know those don't quite do whats needed, but the concept is that both user and server has a seed they both know, and they both know what time it is so they can calculate what values should be in use. It would do very little for security but a lot for privacy. It would require a rework of all the wifi drivers though.
Just because a privacy flaw big enough to drive trucks through (with the acknowledgement that it's in a protocol designed 10 years before modern data mining) exists doesn't mean it will ever get fixed. Probably half the people want reliability more than privacy and like targeted advertisements.
Way to show you just don't care.. "hey, fill out this survey so a computer can determine how to rate your game. No, we aren't going to play it."
From the wikipedia article:
"To obtain a rating for a game, a publisher sends the ESRB videotaped footage of the most graphic and extreme content found in the game. The publisher also fills out a questionnaire describing the game's content and pays a fee based on the game's development cost:[5]
$800 fee for development costs under USD $250k
$4,000 fee for development costs over $250k"
So, the game developer is going to do all the work and pay you to certify their game and you aren't doing anything but running a website and pocketing money? You're trading on the name you've built as a "reliable standard" and you're going to be gone as soon as Sony/Microsoft/Apple/any other app store marketplace, realizes they can take your piece of the pie and do this same thing and take money for it.
I could understand if not enough games were being submitted and you were contemplating going out of business because nobody used you anymore, but you're claiming the exact opposite. Too many people are giving you money wanting you to rate games so you're stepping out of the game rating business?
I don't have any kids and have never cared what rating a game received, but I consider this move to be counterproductive to the people who are paying you. The first slip-up isn't going to be a publishers ass it's going to be the ESRB when people ask "who's minding the store?" and the answer is nobody.
At least they used Seiverts. Could be worse, the could have said "1000 times the amount of radiation you get on a hot sunny day when riding in a plane, eating a banana and delivering a baby" or some other random unit of measure that doesn't tell you anything.
How about the hygiene issues of having a cop tell you to blow on something when you don't know where it's been?
If you fail a "walk the line" test thats one thing. Being caught weaving is one thing. Stopping everyone and saying "blow here or we'll put a needle in you" is saying "Hey, do you want Strep throat or AIDS? Your choice we're giving out both tonight."
I don't want anyone short of a qualified nurse touching me because I know those people have a bit of knowledge about hygiene and they'll wear gloves, change gloves between each patient, and wash their hands. Most roadsides don't have a sink so thats strike one against this being a good idea.
Besides which I think everyone should be bothered with the invasiveness of it. I don't like the mandatory stops in some states asking for your drivers license and proof of insurance. Sure it's their right because you're operating a motor vehicle and thats one of the conditions of your ability to operate it, but that doesn't make it a good feeling knowing the state knows when you're coming and going.
Ever been pulled over and (as a passenger) been "asked" to show your drivers license? I have. It's completely legal for me to turn them down but I know under the circumstances I would've been detained a long time if I had not complied (it was a bust of some kind 4 doors from my house. 10 police cars and cops with shotguns standing around. I went down there with a friend because I wanted to know if it was safe to stay around or if we needed to be worried about stray bullets. They told me not to be curious and to leave, after harassing us both)
So, knowing that cops have the ability to deprive you of your liberties at will right now even with the powers they already have, do you want to give them more power in the name of stopping drunk driving?
Seems an easily solvable offense through other means.. bars could cut you off after one drink unless you prove you have other means of getting home. Stores could stop selling alcohol except in some controlled means. Sure, prohibition might come back but drunk driving would go down. I can't imagine the violence from "new prohibition" would be as bad as the current drug violence, so if DUI deaths go down our safety might increase. I'd rather people punish those that drink alcohol than take liberties away from the sober drivers just because they can't catch the drunk drivers in a reasonable way.
You don't even have to stop buying crap. We just need to buying/selling crap at what it really costs to ship it. My sister got some wooden blocks for her 1 year old to play with, they were made in France.
Painted blocks could be made anywhere, they don't have to be shipped across the world, packaged in America and sold here.
Aside from the pollutants, container ships burn 217 tons of fuel per day (source http://wiki.answers.com/Q/How_much_fuel_does_a_container_ship_burn). Lets assume that this could be converted to run in cars or whatever other things we care about. Then you have to ask how much oil are we wasting to ship wooden blocks around the world?
The same should be asked about cruise ships where a weeks trip is cheap, the food is free and it all seems like a good deal. Except what damage is it doing?
OK, a 68 year old white American disabled Vietnam Vet, with a 50 year old Hawaiian wife, traveling on a domestic flight has to go through all this BULLSHIT, while everybody knows that TERRORISTS aren't elderly white cripples!
Kinda makes you think that they really don't want people to travel by air, don't it?
It's not about profiling or random screening, it's about protection and once you realize that you'll realize a little of their bullshit isn't bullshit. I see pilots with the signature of "Trusted in the air, not on the ground." but what they're overlooking is that it only takes one person who has "a pass" through the line and is willing to sell that access because they're disgruntled and don't care anymore.
You're crippled and you love this country so you should be safe right? But did you pack your bags yourself and always have them in sight? Even if you said yes to all those questions the TSA has no clue if it's really true. Even if it's true for you, what about someone else with your same conditions?
I wouldn't normally defend the TSA because they're awful at the job they do. Prudes in a nanny bible state who want to see you naked but don't want you to take your clothes off. There are tons of things they could be doing better and there are even more ways we could fight terrorism if we were even more facist than we already are. Intelligence gathering requires almost no effort if the burden of proof of innocence is on the flyer. I wouldn't be suprised if they start data mining peoples facebook entries to determine flight status soon.
I don't really care what their excuse is. I think we've given up too much freedom for a little safety. I'd rather see 3000 people die a year than this country eaten up from within by facism under the guise of protecting us from terrorism. I would accept the roll of the dice that I would be one of those people.
So what is my solution to this mess? I would like to see more travel options. More long distance fast train lines (which would take at least 20 years to be effective)
I would accept prison like conditions for transport as long as everyone was subjected to the same rules. Changing into jumpers at the airport, permitted into a controlled area with nothing but your wallet/boarding pass, all your gear flys on a separate cargo jet.
Sure it's even more facism, but if you know what to expect it's less invasive than their current shit and makes it more of a novalty. I would expect airlines to compensate with better amenities (no more baggage means more room).
Just remove the monetary incentive. Fines are a stupid idea for a punishment even in a capitalist system. They favor the rich and abuse the poor. Instead make the punishment for all minor infractions be community service. What you would see is:
People not speeding so they don't get caught because they don't want to do community service.
Cops not pulling people over that don't deserve it because it doesn't help their quota/benefit them in some way.
Cleaner streets, etc from people doing actual community service that benefits the community (once they run out of "good" jobs to give all the people who want to spend 120 hours reading to kids)
You could argue this benefits the rich even more at least the idle rich since they have more free time for community service, but they are less likely to want to waste their time on it.
There is a flip-side to this. No matter how careful you think you are, you will one day expose your password in the clear. Once that happens you have no way of knowing if anyone was watching.
Typing a password in the wrong terminal, typing a password in the wrong web field and having it autosearch google for your password. Typing your password over a bluetooth wireless keyboard with unknown encryption. Using a telnet session, etc. Logging in using a friend or co-workers PC that may have been compromised, etc.
Because of all this, it's still a good policy to change passwords on an annual basis, with an immediate password change if you know it's been leaked.
I encourage companies to move to single sign-on, since I consider having to memorize 17 passwords for one company to be more hassle than having to change a password frequently.
Or having to change a password on a system you only login to once every 6 months, every time you login. I hate that. :)
Unfortunately, it doesn't always work out because one centralized password means you trust one department of a company with access to everything (there are workarounds for this, but still company politics gets in the way)
I just called it and got through to someone calling themselves Danny Archer. They did not provide a company name in their greetings instead asking immediately for my first name.
If they're shut down they need to be shut down.
For provisioning, yes a database would probably be better than text files, but I'd still want a DNS server to do what bind does now with the information.
Read it into memory and serve it out from there.
To that, I'd say what it needs is more logical separation. One process reading the data in (via flat files or database or whatever) and another process that accepts data on port whatever via a secure manner, serves it out on port 53 in whatever manner is standard.
Most of the pieces are already there (with rndc and nsupdate), they would just need to ground up refactor everything. This may be the route their actually going with bind, just slowly so it doesn't break anything.
Of course they'd probably rewrite it in Java so it'd be ultra-portable and crappy.
It seems like there's a billion of these companies now. All of them somehow able to create a playlist based on your previous likes or dislikes.
Finetune from what I've heard is a ton better than Pandora, but I don't keep track of either of them.
As of 2007, Finetune was available outside the US where Pandora wasn't. http://lifehacker.com/234553/finetune-pandora+like-internet-radio
Things may have changed though.
About a year or two ago
What I wanted was for face recognition software to become more general so you could search for movies using vague memories from your childhood:
"Girl on boat", "Wheat field", "Yellow flag"
With an advanced enough search engine, you could tag everything automatically.
I didn't think of privacy concerns though, I guess thats a good point.
So people spent the last 30 years building the internet so they could steal music from him? Way to criminalize innocents and shit on peoples life work. Hell, he's not even an artist. As the manager he's just been paid by the band to... manage things, so he hardly has a right to claim his hard work is being stolen. I'll tell you what Mr Manager, make something. Design anything. Build something you're proud of so when we shit on it and tell you it's a tool for criminals you'll get an idea how we feel.
I just recently got a tomtom, and I'm very impressed with the actual unit. It's highly functional and useful and the menu system (while sometimes cumbersome) is generally really good. The only thing I find its missing is trip time and average speed (something I have on another portable GPS, so I don't miss it much)
The Windows software though, blows.
It's super super super awful. Some of the things they could've done (contact list synchronization, or just a csv based import of addresses for favorites aren't possible. About the only thing you can do is download new maps to it and update the software. Granted, I only used the software for 5 minutes to make sure I was running the latest version, but thats my impressions of it. If you truly want to, you can control your tomtom through your computer (via an onscreen representation of the tomtom screen, not an API).. it might be possible to use the tomtom as a GPS for one of the windows mapping programs but I dunno.
Anyway, the software sucks.
I used to have that opinion and in some ways I still do. As a user, I claim I want a fixed rate for passing data traffic, any data traffic I want. What I really want is a CIR (committed information rate) or Minimum rate I can pass data. If I truly had that and it was say 6Mb then I might be happy for a while.
:)
The problem is that none of us are paying what it costs the ISPs to deliver 6Mb download. We're still paying the same prices or less for what we were paying for ISDN 10 years ago, or DSL 3 years ago. Now companies are upgrading their pipes over and over, mainly the "last mile" so they can provide as much bandwidth as possible to the users.
The problem is all this has to go through upstream "choke points" where 5000 people on 100Mbit connections to the internet all go through one or two Gigabit links (at least in our ISP, this is the case).
You can say "upgrade" if you want, but you're not paying enough. So we look at other ways to make it work. We're not rate limiting usually, just "smoothing" the traffic. If one person is using 45Mbit for a while and nothing else is going on then fine.. but rarely is that the case. Usually if it's during peak hours we want to throttle back the 45Mbit torrenter and open up the bursty traffic. The torrent guy doesn't really notice (he's probably not even sitting at his computer, and it just takes a little longer to get the file) and it keeps the web browser people and the mail sending people from complaining.
Having been on both sides of the fence several times I can say this:
If you want real bandwidth, pay for it. Sprint doesn't throttle anyone and almost never lets their pipes get oversubscribed (at least not at the edge). They're massively expensive though.
Don't want to pay for the cake but still want cake? Open an ISP that provides "true 10Mbit up and down to users, no gimmicks no rate limits no oversubscription" and market the hell out of it. Most people would say the business model would fail, but as a customer you know what you want, maybe you can make it work?
Maybe we have a fully licensed copy but they didn't ship the CD with the new computer and want you to do a "backup" of whatever POS install they have with their 5000 addon programs. So you install from scratch using an existing CD you have, but because it doesn't exactly match the 8000 different versions of Windows XP Professional Microsoft released, the CD key won't work.
I remember when I bought DOS 5.0, 6.0 and 6.2. I paid alot of money for it, and sometimes the upgrade wasen't worth it. But I got floppies that I really could use to reinstall, and I always had the option of formatting a PC back to nothing and installing the OS on my new machine.
I remember the same thing for Windows 3.1, Windows 95 and Windows 98. Windows NT4, OS/2 2.1. None of these had genuine advantage, and none of them had the installation problems that Windows XP has.
So let me ask you. Coming from a UNIX environment, specifically Linux. Where on a good day, everything is detected during an install and just works, why do I have to put up with this crap?
I'm hoping vista is better. I honestly don't mind buying software when I perceive it to be worth a damn. Why ship a DVD full of out of date drivers that don't support your SCSI card? Why not have at least basic support for Network based install?
Instead of prompting for a license key that nobody has anymore, why not connect to the net and ask for a username/password. Then the company IT admin can see that he's purchased 80 licenses, 5 are unused and he can use one of them to activate this new computer (or, while uninstalling he could deactivate one of the other licenses)
Why do companies insist on designing something in a crappy way then blaming the users for not wanting to buy/use it in the way they intended? If everyone is doing things their own way, why not adapt to what your users obviously want? (Why are all Slipstream SP2 disks a user created thing? Why can't we get virus free ISO's from MS that do this for us?)
I've worked for companies that got audited by the BSA. Their licensing was a mess.. there were hundreds of copies of legit windows but half the machines ethier weren't stickered or were stickered wrong. Imagine keeping hundreds of "Windows seals" and 30 other things because nobody knows what exactly should be retained in the case of an audit. Imagine half your workforce has laptops and is on the road..
Sure, Microsoft has programs that make this easier.. especially for large companies, but alot of it is time consuming BS that shouldn't be needed.
Thats not how it works, and I suspect these guys are running into the same problem we did.
I used to work for a national NSP and during my tenure there we developed a few ways to block IP's despite the fact that half the linecards in our network didn't support packet filtering.
The best way to do this was with a global null route. We'd add a route on all the routers pointing one of our unused IPs to the null0 interface. Then we ran a "null route server" where anything we wanted to block was routed to that IP address (causing all traffic to it to get blocked at the entry point, rather than routed through the network)
We used these measures exclusively for spammers and for large DOS attacks. (For DOS attacks it was less effective because you actually had to block the victim instead of the source, but it was better than nothing)
The point behind this is, many times we had virtual hosting providers call us up and tell us we'd blocked thousands of sites, some even went on to name names. We told them to get the spammer off their server before service would be restored.
This is the normal policy of most ISPs. No Collateral damage involved, you violated the terms of service and I'm sorry your business revolves around the idea of putting a thousand customers on one point of failure.
Now, I'm not saying this is what Telus did. I'm saying this is what they probably did and you guys are jumping to conclusions. The fact is, from a router standpoint it's extrodinarly hard to block "www.example.com" without doing it by IP address.
Just ignore fdisk and use disklabel.
/dev/null
/dev/null
Here's the process we use for pxeboot/custom cd installs:
echo "Wiping drive.."
echo y | fdisk -i wd0 >
echo "Running disklabel.."
disklabel -E wd0
d
*
a
a
400M
a
b
400M
swap
a
d
2G
a
e
w
q
EOF
echo -n "Creating filesystems.. a "
newfs wd0a >/dev/null
echo -n "d "
newfs wd0d >/dev/null
echo -n "e "
newfs wd0e >/dev/null
echo "done."
This creates 3 partitions and a swap partition, then puts the fs on them. You can mount them whereever you like.
hardware dongles? Or DVD CSS for that matter?
You might say "but but but but but but" this is going to be different, more secure, stronger.
Or something. But you're still going to be selling the public hardware, that they control. Hell, some of these computers will never be accessing the internet or any network at all. How will you control what they do after you turn them into the hands of the customer?
You made hardware dongles for expensive programs, they were broken. You made hardware copy protection for console game platforms, it was broken (even when games were shipped as a cartridge, eventually people made cloners)
You've made DVD players you thought were unbreakable, unleashed them on the masses, then they were broken, so to spite everyone you created new laws to try to stop people from doing it (DMCA)
You created directTV and dish network. They're hacked. And before that? Satallite TV was scrambled, but there were descramblers.
ANY hardware based "encryption" or "dongle" or "trusted computing initiative" is security through obscurity. Do you think every person who ever worked for all these conglomerate companies will be able to keep a secret?
The first person who finds out you use pins 1 and 6 on the chip to pass keying information will end up leaking it to the public. Said public will start watching those pins and find out what needs to be sent to "ok" a program running.
So you tell me your "dongle" is smack dab in the middle of the CPU, no sniffing possible?
Someone will just realease the keys then. It's only a matter of time. In the meantime, you're just blowing smoke up the asses of all the customers you have who want this product, and pissing off all the customers who don't want this product.
Give it a rest. PC's were pretty cool until you started breaking them. If you make them too hard to use, the world as a whole will find something new to play with.
HP is already on the fritz because they've merged too many times and found out they can't be the next IBM. Imagine if everyone stops buying from you and starts buying from a toaster company?
As a long time freeswan user I have to say this sucks pretty hard. Having used isakmpd and racoon on openbsd and freebsd respectivly, I've always thought freeswan was easier to configure (but not always easier to get working)
:)
Hopefully openswan will be a good replacement
The UNIX mindset isn't to rewrite the whole app, it's for the app to privide a healthy backend so scripting against it is possible.
Think of programs like kazaa. Say you have a home network and five users who all connect and use kazaa. Wouldn't it be nice if you could connect to your kazaa session from any machine? Or allow all users to use one kazaa "daemon" and run a seperate client to search for and download files?
So in UNIX you write a server that runs as a daemon on one host, then you connect to it to check download status or queue files. The nice thing about this is, you're not limited to one client. You can use a graphical client when you want, or if you need to *script* something you can write a bash, perl, or other script to handle your scripted event. Say, automatically searching for Britney Spears pictures once a day, and downloading any new ones you don't have.
So, lets talk about how to do this with Office.
MS Office is a horribly shitty program, and the main reason for that is the document format is closed.
Personally, I used to have to submit weekly reports each week, in word format. Usually this was just a bunch of text that needed to have a pretty header and footer attached to it.
What I would've loved to do is keep a list of things I'd done that week in a text file on my harddrive, then have a cron job that ran a perl script to convert the incoming text into a word document, then email it to my boss.
Well, with OpenOffice you can do that.
You can also autogenerate spreadsheets if you want.
OpenOffice apparently supports Macro's too, if you like loading bloated applications to do simple tasks.
I've personally never needed to write a screen-scraping script on a GUI app for UNIX, mainly because most of them were designed with these things in mind.
Nobody verifys keys for webpages, email or ssh right now. How many times have you seen "HOST KEY HAS CHANGED" or "host key not found" and typed "yes" anyway?
The good news is that if people really understood crypto, key exchange would be easy. You meet in person, establish a bluetooth link, swap public keys and verify fingerprints.
The bad news is that nobody will do this, or the phone won't support it (article didn't say how key exchange happens)
So when Joe calls and it says "incoming encrypted call" are you going to answer it because you know and like Joe, even though you've never exchanged keys with him?
Key exchange can't be done through a trusted third party (except the company you work for) because there is no trusted third party. Even if you trust Bob, and he trusts Mary, you don't know where their dirty phones have been.
If your work is the trusted third party, they'll probably hold copies of your private keys so calls can be monitored later if needed. (Hopefully the phone ethier allows you to generate a new key whenever you want, or doesn't allow exporting of it's private key. Hopefully both)
Don't get me wrong, I want one. Real bad, but not $4k bad, not to test out someones (probably flawed) cryptosystem.
Even if they understand crypto and got it right, the user still has to understand it to make it all work.
If I had about 10 of these I'd give one to each of my friends and make sure they only accept encrypted calls from known keys. I'd also make the screen light up in red or green or something to show it's an encrypted call.
Then we could talk about Joe behind his back, with no chance of interception from governments.
So yeah, anyone got a real use for these?
I run a 6x120Gb software raid here. The redundency is nice but when you get that much storage in one place you start having other concerns.
Drive failures are scary. Note, if you're going with a hardware highpoint 1540 controller: forget raid 5. The array takes forever to rebuild (like 4 days) and sometimes fails midway though causing total data loss. (Other people may have different luck though, my friend is doing hardware on 4x160Gb and not enjoying it). I've had 2 drives fail on my software raid and the rebuild went well enough. I suspect the failures were due to inadequate power from the UPS causing a "brownout" condition when my power went off, since both failures happened after a power outage.
So other problems: thats 600Gb of disk space. Nobody in their right mind wants to sit through an fsck, so a journalling filesystem is needed.
but, all the journalling filesystems are new and untested. New your saying? They're a few years old.. and yes, thats true but they're new in comparision to all the other filesystems. And when you're talking about 600Mb of data on one filesystem it really starts to concern you.
(Even so, I've been running raid 5 with journalling on 4 to 6 drives for the last 1.5 years or so and haven't had filesystem corruption)
A friend of mine is running mixed drive sizes in his fileservr and doing no raid. He occasionally has failures and loses stuff, but at least he doesn't lose everything. Still, I'd be pissed if I lost an 80 gig chunk at a time.
The problem with raid is, you gain some redundency but you completely lose the ability to make sensable backups. Unless you're a corporation and can afford $3k for a tape drive (and an additional $500 for tapes) you're faced with the idea of mostly redundent, but no backups. Offsite backups become really appealing, but then you need to shell out the same money for drives that won't be put to use (until something happens)
I still don't have a solution for offsite backups.
As an aside, I started playing with encrypted partitions (not raided). That has the same sort of scaryness. One filesystem screwup and you lose everything. No backups unless you have a second hard drive. Then you're faced with raid 1 which would corrupt both drives, or copying the encrypted volume from drive to drive each night.
I've got no answer for that one ethier, except that encrypting a tape backup would probably be good in a corporate situation.