Don't let your named listen on port 53, make it send queries from a non-standard port, use fascist logging on port 53, use the openwall Linux security patches to make the stack non executable, don't run BIND as root, and always follow bugtraq to learn about the latest security holes.
(Frederic: creating a Slashdot account takes only a few seconds. All you need is to remember a password.)
If we have by the end of February, I say we can brute force this. There are only eight or nine unknown plies; if we assume that there are around 20 possible moves per ply, which I think is a reasonable order of magnitude (``reasonable'' logarithmically, of course), this makes 500 billion combinations, and at a very very reasonable rate of 10^5 positions analyzed per second (a quite conservative estimate: most engines will do better than that on a modern computer, and they are evaluating, not just checking for mate) this takes 60 days. Put in two or three computers full time for two weeks and we have the answer for sure. And probably much before that, since we know, for example, that the eighth or ninth ply has to be ``knight takes rook''.
Does anyone know enough about the internals of either crafty or (the new 5.00) GNU chess so that we can extract their movegen and set them running? From the cursory glance I gave them, the source looks like a horribly tangled mess (less so in GNU chess than in crafty, but still rather unappealing).
Still, it would be more satisfactory to solve it ourselves. ``When you have eliminated the impossible, Watson,'' said Holmes, ``whatever remains, however improbable, must be the solution.''
(I know we're not supposed to talk of moderation on slashdot, but, would somebody please moderate Adar's post up? It's about the only interesting one in this whole discussion so far. And would the people who propose ``solutions'' please check them using xboard (run in ``edit game'' mode) before posting them?)
I agree with these conclusions. And it's infuriating. Castling seemed such an ingenious solution for getting the king and the rook in place; but it just takes too much time. And a discover mate seemed so elegant; but it just doesn't seem to work.
I also tried the following approach: move the white king's knight to E2 so that the king be completely surrounded by its own pieces, and try to mate from F3 (with the black queen's knight). Ingenious, doesn't it? And as usual, it ``almost'' works; only (1)moving the E2 pawn to E4, (2)getting the white knight in E2, (3) getting the white G pawn out of the way, (4)getting the white H pawn out of the way (so the rook can get out), and (5-6) getting the rook in F3 so the black knight can take it — all that takes 6 moves for white.:-(
Mating in G2 doesn't seem to work much better. And moving the white king seems to screw everything up.
/etc/rc.d/init.d/named stop cat >>/etc/named.conf <<'EOF' zone "passport.com" { type forward; forwarders 207.46.138.10; }; EOF /etc/rc.d/init.d/named start
Assuming, of course, that you are running your own BIND (which IMHO, is nearly always a good idea). Otherwise, add the required entries to your/etc/hosts file.
> The Spartans literally managed to save western civilization as we know it.
Now that's an interesting exaggeration if I saw one. The Spartans certainly made a great display of courage at Thermopylæ, but even if we want to take that reductive view of things (whereby the Greeks are the ``good guys'' and the Persians are the ``bad guys''), the Athenians should be the real heroes. After all, they had beaten Darius at Marathon ten years earlier, in 490 (first Median war), and they destroyed Xerxes' fleet in Salamis. Granted, Leonidas and his brave Spartans probably bought the Athenians time, but Athens nevertheless was sacked by Xerxes in 480 — and despite this the Greeks were victorious.
Besides, this reductive point of view leaves much to be desired. Who are the great men (i.e. scientists) of Greece? Thales, Anaximander, Anaxagoras, Empedocles, Democritus and the like, I would say: see any Athenians there? any Spartans? Definitely not. Athens only produced Plato and Aristotle, who merely served to justify much of the philosophical mumbo-jumbo that was qualified as ``science'' during the Middle Ages; and Sparta produced nothing of note, and is now an unremarkable village of the Peloponnesus (sic transit). Thales lived in Miletus, which was taken by the Persians at the end of the VIth century (and no Athenians or Spartans rose to the arms to defend their comrades against Media).
In any case, later on, Sparta made war upon its former ally, Athens, and won. Then Thebes warred against Sparta and won. Then Alexander (the ``Great'') made war upon Greece and won. Then the Romans conquerred the shreds of Alexander's Empire. But even Rome fell in its time, and Constantinople much later on. And after all that, civilization is as we know it; I do not think there is much point in asking what would have happened otherwise.
What is the moral? I don't know. But certainly, civilization cannot be saved by military victories, but by the thinkers who perpetuate it. (There is this very pretty quote in Montaigne's Essays, which bears some relation to the subject: Anaximenes would have asked Pythagoras, ``For what reason should I trouble myself to seek out the secrets of the stars, having death and slavery continually before my eyes.'' The ``death and slavery'' in question, is of course, the war against Persia.) Likewise, when Constantinople fell in 1453, it was not the end of the world, but the onset of the Renaissance.
I thank the League of Delos no more than I thank Xerxes. As for the Spartans (or the Thebans, for that matter), I hold some sympathy for them in that they glorified homosexuality, but they were assuredly not a very pleasant people.
My apologies for this rant.
Re:Having the verifier local helps a lot
on
Quake 1 GPL'ed
·
· Score: 2
It can think it counts checksums, but you can spoof it all the way. Ever notice? You can do anything with a program by using the ptrace() function call and/or the LD_LIBRARY_PATH environment variable. You can make the loader think it's checksuming one file whereas in fact it's checksuming another, and all sorts of weeeeird things like that.
Even without getting into ptrace(), there's an obvious race condition in this ``read the binary, checksum and execute only if correct checksum'', since the exec() system call demands a filename and afaik there is no fexec() call which would take an already open fd to exec.
The lawsuit is not against the journal based at MIT. It is against the French non-for-profit organization ``Association Leonardo'', the French chapter of the Leonardo Network.
See this page for more details. As it is hosted by MIT Press, I don't think the whole affair is BS.
After its successful lawsuit against ``Association Leonardo'' for illegal use of the trademark ``Leonardo'', and somehow managing to be placed higher than them in web search results, Leonardo® Finance filed a suit against the famous on-line discussion forum ``slashdot'' this morning for commenting on the matter without acknowledging the fact that the term ``Leonardo'' was a registered trademark of Leonardo® Finance. They claim $42 billion damages due to the massive slashdot readership, and legal experts all agree that slashdot is sure to be found guilty as charged.
``This is terrible,'' is reported to have said slashdot creator CmdrTaco, ``I have no choice but to close the site. This means I'll never be able to pay the damage.''
After this, Leonardo Finance is expected to sue the gli Uffizi museum in Florence for showing paintings of the Renaissance painter Leonardo® da Vinci without duly acknowledging Leonardo® Finance's ownership of the trademark. ``We will probably settle for the paintings themselves;'' said a representative of the finance firm; ``by rights they should be ours, anyway.''
Leonardo® da Vinci was unreachable for comments.
Re:Just thought this was important to say
on
Quake 1 GPL'ed
·
· Score: 1
Ah but there you're just bringing part of the server on the local machine without changing much: how is the proxy supposed to verify that, once the (correct) binary has been loaded and started, another program won't ptrace it, and execute an (incorrect) binary instead? This doesn't work either.
There is no solution to this problem, period (and, by a deft syllogism, we conclude that there is no problem;-). The ``correct'' cryptographic solution is computationally unfeasible, and all other solutions are instances of ``security through obfuscation'' which, as all experience has shown, just doesn't work.
I wish Origin did the same for the Ultima and Ultima Underworld games that are now too old to be sold. Despite their age, I think Ultima 6 and 7, and UW were the best computer games ever (barring ``Betrayal at Krondor'', and, perhaps, older stuff like KQ1 and, naturally, Adventure).
I wrote to them to try to persuade them that it would be a Good Thing(tm), but they didn't even bother to reply.
Re:Just thought this was important to say
on
Quake 1 GPL'ed
·
· Score: 1
Bzzzt. You lose.
No matter how you twist it, you can't get around this: if the server is Open Source, all the cryptographic protocols and the keys will be available for anyone to see, and consequently for anyone to spoof. There is no way to check that the client is uncompromised, because only the client can check that, and it can be compromised by definition.
Actually, if you allow yourself one secret key, there is a theoretical method, but it won't work in practice. Cryptologists have invented a protocol called ``computing in hostile environment'' which is a way of using hostile computers to perform secure computations (in the sense that the hostile computers can, of course, refuse to carry out the computations, or they can tamper with it, but you'll always know about it). Theoretically, this could be used for a networked game like Quake. In practice, it is unusable because this protocol requires one request and reply on the network for every elementary operation being performed.
Seriously, I would like to try that. Now that I've tried UnixV5 on the PDP-11 simulator, I would really like to try ITS on a PDP-10 simulator.
Unfortunately, for one thing I don't know where to find ITS. More importantly, I don't think any PDP-10 simulator exists (it would be quite difficult to write: first because it's a 36-bit architecture using sign+value representation of signed quantities, and even besides the processor, the PDP-10 had a lot of strange and exotic hardware). So, it would seem, ITS is really down the drain.
But then, RMS said that GNU was the logical successor to ITS. Cheers!
I'll answer a few of the questions raised by various posts on this discussion. (I subscribe to the debian-hurd, help-hurd and bug-hurd mailing lists, and I've tried the Hurd on several occasions, so I more or less know what I'm talking about.)
Of course, the TCP stack crashed minutes after the site being slashdotted. This isn't really an issue: Hurd is still highly experimental, and its TCP stack (which is merely a copy of the routines from Linux - but done in some haste, I think) is mostly used to make it possible to use the box remotely (the Mach console is a pain for one thing, and X requires some patches to work on Hurd). The interesting thing, however, is that whereas the translator handling the TCP stack crashed (the ``pfinet'' translator), the system didn't. That is, in fact, the whole point about the microkernel architecture.
The last distribution of the complete GNU system was 0.2 and it is now completely obsolete. The next distribution, Debian GNU/Hurd 0.3 potato, should come out together with the corresponding GNU/Linux distribution, and share some packages with it (the non-binary packages; binary compatibility between Hurd and Linux is a goal for the future and shouldn't be too hard to achieve, but it's not there yet).
The system now works quite well, and is able to run nearly everything, but it's still far from stable, and miles from being optimized. Filesystem demons are the most important thing to finish, and they are now almost completely stable. More advanced translators like the nfs clients or the ftpfs (allows you to mount ftp directories) are there more to show the power of the translator paradigm than as actual working systems, and they're quite unstable. But, once again, the whole point is that if a filesystem (other than your root filesystem) crashes, the system will typically continue to function correctly anyway.
The Hurd shares the same libc with Linux, so porting from Linux to Hurd is typically trivial. The major source or problems is that some programs make wrong assumptions about system limits, that are not true on the Hurd. For example OPEN_MAX is 256 on Linux, and is 2So the Hurd certainly won't be ready before a couple more years. But you shouldn't conclude that it never will ``catch up'' with Linux, either. For one thing, most changes made to the hardware drivers of Linux are incorporated verbatim in the GNU-Mach microkernel, so the Hurd team doesn't have to worry (excessively) about all that. Adding filesystems to the Hurd is much easier than on Linux, and debugging them even more so, so there it's also not too much of a worry that the Hurd development team is so small. The problem of the TCP stack remains, and while it should be possible to take some parts from Linux, it will probably be a long time before the Hurd has the same networking capabilities as Linux...
And indeed there are a lot of repetitions in the code. But there's also a simpler reason: only 4 characters are used, so the uncompressed data uses only 2 bits for every 8. Naturally, compression will reduce this to 2.25 bits at worse.
For those of you who can't stand not having the source code for everything you use , you can download the results of the human genome sequencing project from http://www.ncbi.nlm.nih.gov/genome/seq/ .
(Before you all rush and slashdot the site, please ask yourself whether you really need to download over one gigabyte of what is, to the uninitiated's intents and purposes, a random string of A's, T's, C's and G's.)
I know. The dual was already slowly disappearing during the classical period. Its use was never compulsory. In even older languages, such as classical sanskrit (which is closer to the fabled ``proto-indo-european''), use of the dual is required, and the plural starts at three.
Don't forget the dual. Greek had a dual, too, besides the singular and the plural. And you can get people really staring at you when you start speaking of ``one criterion, two criterio, three criteria''. (Apologies — I mean, speaking OF ``one criteriou, two criterioin, three criterion''.) That's what happens when you speak to ignoramis... ahem, to ignorant people.
Oh, and for some of the other posters, the plural of ``alpha'' is... ``alpha'' (and so is the dual, and so in every case).
``Græcum est, non legitur'' as they used to say (it is Greek, we don't read it).
I followed a one-semester graduate course (by Laurent Clozel) on the proof of the semistable case of the Shimura-Taniyama conjecture (the case proven originaly by Wiles and which concludes the proof of Fermat's theorem). So I can make a few comments on the subject.
The Shimura-Taniyama conjecture (Weil's name is attached to it for rather dubious reasons: essentially, he mentioned the conjecture — as an exercice for the interested reader! — in a book he published; Serge Lang is always ready to flame anyone calling the conjecture by Weil's name, so let us omit Weil) concerns a correspondance between certain modular forms and certain elliptic curves (actually with Galois representations in between the two). That is, it states that every elliptic curve is associated to a certain modular form (the association can be stated in many different ways: they have the same L function; the eigenvalues of the modular form for the Hecke operators can be deduced from the number of points of the elliptic curve on finite fields, and so on). This conjecture was known (i.e. formulated) long before any relation with Fermat's theorem was observed.
Gerhart Frey had noticed that if a counterexample (A,B,C) (with A+B+C=0, A, B and C being p-th powers) to Fermat's theorem were found it would yield an elliptic curve y=x(x-A)(x+B) having certain miraculous properties, including being ``semistable'' and possibly violating the Shimura-Taniyama conjecture. Using works of Jean-Pierre Serre, Ken Ribet was able to prove this remark of Frey, so that the Shimura-Taniyama conjecture, and in fact even only the Shimura-Taniyama conjecture for semistable elliptic curves, would imply Fermat's theorem.
At that point it became obvious that it would be only a matter of time before Fermat's theorem were proven. Andrew Wiles, was able to complete the task. His first proof contained a flaw (in trying to construct an Euler system), which was noticed by Luc Illusie, but with the help of Richard Taylor, Wiles was able to replace the technique of Euler systems and use Gorenstein rings instead (and some very fine points of commutative algebra) and correct the proof. The full proof (Wiles' ``Modular Elliptic Curves and Fermat's Last Theorem'' and Wiles and Taylor's ``Ring Theoretic Properties of Certain Hecke Algebras'') was published in Inventiones Mathematicæ. Thus, the case of Fermat's theorem was settled.
The general case of the ST conjecture was still unproven. However, soon after Wiles' result, Fred Diamond improvement over it. To understand it, you must know that semistability of an elliptic curve is a ``local'' property, i.e. it can be tested for each prime number. An E.C. is (globally) semistable iff it is semistable at every prime number. (It is always semistable at all but a finite number of primes.) Wiles' result required the E.C. to be semistable at all primes; Diamond refined that and proved the modularity of elliptic curves that are modular at 3 and 5. This was a considerable progress, and it was then pretty obvious that these last conditions would be eliminated. Now they have been (every elliptic curve is known to be modular), but this is more a question of technique than a fundamental improvement.
One might be tempted to think that the proof of the ST conjecture is fascinating. In fact, I found it (or at least the semistable case, which has, it would seem, the gist of the ideas) terribly boring. It is all a matter of controling the behavior of the ramified parts of the cohomology groups of some Galois representations, and it is done in a succession of lemmata, each one seeming exactly the same as the previous one. In fact, the experts' opinion is that the proof of the conjecture is technically difficult but fundamentally trivial in that it does not use any deep results from (algebraic) geometry.
The ST conjecture is part of a more general scheme called the ``Langlands programme''. The Langlands programme is a correspondance (which has not been formulated in a completely satisfactory way, as far as I know, let alone proven) between higher dimensional abelian varieties (elliptic curves are abelian varieties of dimension 1), Galois representations and modular forms (disclaimer: I don't know half of what I'm talking about here). ``Class field theory'', the climax of the number theory of the beginning of the century, is the case ``GL1'' of the Langlands programme (the abelian case). The Shimura-Taniyama conjecture was the case ``GL2'' of the same programme. Some other cases have been proven, such as ``Sp4'' (these funny acronyms refer to certain algebraic groups: GL is the General Linear group, and Sp is the Symplectic group).
The Langlands programme actually splits in two parts: the ``number field'' (or ``global'') Langlands programme, the hard number-theoretic part, of which the ST conjecture is a particular case, and the ``function field'' (or ``local'') Langlands programme, which is an easier analogue of more geometric content.
The major news recently is that the ``function field'' Langlands programme has been proven, by Laurent Lafforgue. This is much more important than the full proof of the ST conjecture. And it also means that Lafforgue will be getting the Fields medal in three years (mark my words).
I've discussed this with Stallman, and he claims that in his interpretation of section 3b of the GPL, merely providing a URL where the source can be downloaded is not sufficient to comply with the terms of the License. As implied by the words ``physically performing the source distribution'', this section requires an offer for a physical shipment (e.g. by snail mail) of a CD (or tape or some other machine-readable media) containing the source.
Stallman was going to change this in version 3 of the GPL (in fact, that would have been the major change); but he inquired as to what the facilities for Internet access were like in Europe, and since he found that they were not nearly as good as in North America, he decided that version 3 of the GPL would (probably) not change this.
So you must either ship a CD with each unit sold, or accompany it with a written offer to do so on demand. Having an FTP site is convenient, but it is neither necessary nor sufficient.
As for the meaning of ``commercial'' in section 3c, my interpretation is that it refers to your being commercial (not RedHat). (The ratio legis here is probably this: if an individual writes a small change to a GPL'ed program and offers to distribute the source, and some big company includes that program in a distribution that sells millions of copy, we don't want the individual to be overwhelmed by requests for source distribution if the company merely transmits the offer. This is my personal explanation, nothing more.)
Slashdot Mirror
Don't let your named listen on port 53, make it send queries from a non-standard port, use fascist logging on port 53, use the openwall Linux security patches to make the stack non executable, don't run BIND as root, and always follow bugtraq to learn about the latest security holes.
That should be reasonably safe.
(Frederic: creating a Slashdot account takes only a few seconds. All you need is to remember a password.)
If we have by the end of February, I say we can brute force this. There are only eight or nine unknown plies; if we assume that there are around 20 possible moves per ply, which I think is a reasonable order of magnitude (``reasonable'' logarithmically, of course), this makes 500 billion combinations, and at a very very reasonable rate of 10^5 positions analyzed per second (a quite conservative estimate: most engines will do better than that on a modern computer, and they are evaluating, not just checking for mate) this takes 60 days. Put in two or three computers full time for two weeks and we have the answer for sure. And probably much before that, since we know, for example, that the eighth or ninth ply has to be ``knight takes rook''.
Does anyone know enough about the internals of either crafty or (the new 5.00) GNU chess so that we can extract their movegen and set them running? From the cursory glance I gave them, the source looks like a horribly tangled mess (less so in GNU chess than in crafty, but still rather unappealing).
Still, it would be more satisfactory to solve it ourselves. ``When you have eliminated the impossible, Watson,'' said Holmes, ``whatever remains, however improbable, must be the solution.''
(I know we're not supposed to talk of moderation on slashdot, but, would somebody please moderate Adar's post up? It's about the only interesting one in this whole discussion so far. And would the people who propose ``solutions'' please check them using xboard (run in ``edit game'' mode) before posting them?)
I agree with these conclusions. And it's infuriating. Castling seemed such an ingenious solution for getting the king and the rook in place; but it just takes too much time. And a discover mate seemed so elegant; but it just doesn't seem to work.
I also tried the following approach: move the white king's knight to E2 so that the king be completely surrounded by its own pieces, and try to mate from F3 (with the black queen's knight). Ingenious, doesn't it? And as usual, it ``almost'' works; only (1)moving the E2 pawn to E4, (2)getting the white knight in E2, (3) getting the white G pawn out of the way, (4)getting the white H pawn out of the way (so the rook can get out), and (5-6) getting the rook in F3 so the black knight can take it — all that takes 6 moves for white. :-(
Mating in G2 doesn't seem to work much better. And moving the white king seems to screw everything up.
Rats.
...Micro$oft can't afford to pay the $35... Bill Gates is only multi-billionaire, you know.
cat >>/etc/named.conf <<'EOF'
zone "passport.com" {
type forward;
forwarders 207.46.138.10;
};
EOF
Assuming, of course, that you are running your own BIND (which IMHO, is nearly always a good idea). Otherwise, add the required entries to your /etc/hosts file.
Not running Unix? Too bad, isn't it...
That was certainly not his vision of things, nor was it the vision of the Greeks of the time.
> The Spartans literally managed to save western civilization as we know it.
Now that's an interesting exaggeration if I saw one. The Spartans certainly made a great display of courage at Thermopylæ, but even if we want to take that reductive view of things (whereby the Greeks are the ``good guys'' and the Persians are the ``bad guys''), the Athenians should be the real heroes. After all, they had beaten Darius at Marathon ten years earlier, in 490 (first Median war), and they destroyed Xerxes' fleet in Salamis. Granted, Leonidas and his brave Spartans probably bought the Athenians time, but Athens nevertheless was sacked by Xerxes in 480 — and despite this the Greeks were victorious.
Besides, this reductive point of view leaves much to be desired. Who are the great men (i.e. scientists) of Greece? Thales, Anaximander, Anaxagoras, Empedocles, Democritus and the like, I would say: see any Athenians there? any Spartans? Definitely not. Athens only produced Plato and Aristotle, who merely served to justify much of the philosophical mumbo-jumbo that was qualified as ``science'' during the Middle Ages; and Sparta produced nothing of note, and is now an unremarkable village of the Peloponnesus (sic transit). Thales lived in Miletus, which was taken by the Persians at the end of the VIth century (and no Athenians or Spartans rose to the arms to defend their comrades against Media).
In any case, later on, Sparta made war upon its former ally, Athens, and won. Then Thebes warred against Sparta and won. Then Alexander (the ``Great'') made war upon Greece and won. Then the Romans conquerred the shreds of Alexander's Empire. But even Rome fell in its time, and Constantinople much later on. And after all that, civilization is as we know it; I do not think there is much point in asking what would have happened otherwise.
What is the moral? I don't know. But certainly, civilization cannot be saved by military victories, but by the thinkers who perpetuate it. (There is this very pretty quote in Montaigne's Essays, which bears some relation to the subject: Anaximenes would have asked Pythagoras, ``For what reason should I trouble myself to seek out the secrets of the stars, having death and slavery continually before my eyes.'' The ``death and slavery'' in question, is of course, the war against Persia.) Likewise, when Constantinople fell in 1453, it was not the end of the world, but the onset of the Renaissance.
I thank the League of Delos no more than I thank Xerxes. As for the Spartans (or the Thebans, for that matter), I hold some sympathy for them in that they glorified homosexuality, but they were assuredly not a very pleasant people.
My apologies for this rant.
It can think it counts checksums, but you can spoof it all the way. Ever notice? You can do anything with a program by using the ptrace() function call and/or the LD_LIBRARY_PATH environment variable. You can make the loader think it's checksuming one file whereas in fact it's checksuming another, and all sorts of weeeeird things like that.
Even without getting into ptrace(), there's an obvious race condition in this ``read the binary, checksum and execute only if correct checksum'', since the exec() system call demands a filename and afaik there is no fexec() call which would take an already open fd to exec.
The lawsuit is not against the journal based at MIT. It is against the French non-for-profit organization ``Association Leonardo'', the French chapter of the Leonardo Network.
See this page for more details. As it is hosted by MIT Press, I don't think the whole affair is BS.
(Paris, 1999/12/23)
After its successful lawsuit against ``Association Leonardo'' for illegal use of the trademark ``Leonardo'', and somehow managing to be placed higher than them in web search results, Leonardo® Finance filed a suit against the famous on-line discussion forum ``slashdot'' this morning for commenting on the matter without acknowledging the fact that the term ``Leonardo'' was a registered trademark of Leonardo® Finance. They claim $42 billion damages due to the massive slashdot readership, and legal experts all agree that slashdot is sure to be found guilty as charged.
``This is terrible,'' is reported to have said slashdot creator CmdrTaco, ``I have no choice but to close the site. This means I'll never be able to pay the damage.''
After this, Leonardo Finance is expected to sue the gli Uffizi museum in Florence for showing paintings of the Renaissance painter Leonardo® da Vinci without duly acknowledging Leonardo® Finance's ownership of the trademark. ``We will probably settle for the paintings themselves;'' said a representative of the finance firm; ``by rights they should be ours, anyway.''
Leonardo® da Vinci was unreachable for comments.
Ah but there you're just bringing part of the server on the local machine without changing much: how is the proxy supposed to verify that, once the (correct) binary has been loaded and started, another program won't ptrace it, and execute an (incorrect) binary instead? This doesn't work either.
There is no solution to this problem, period (and, by a deft syllogism, we conclude that there is no problem ;-). The ``correct'' cryptographic solution is computationally unfeasible, and all other solutions are instances of ``security through obfuscation'' which, as all experience has shown, just doesn't work.
I wish Origin did the same for the Ultima and Ultima Underworld games that are now too old to be sold. Despite their age, I think Ultima 6 and 7, and UW were the best computer games ever (barring ``Betrayal at Krondor'', and, perhaps, older stuff like KQ1 and, naturally, Adventure).
I wrote to them to try to persuade them that it would be a Good Thing(tm), but they didn't even bother to reply.
Bzzzt. You lose.
No matter how you twist it, you can't get around this: if the server is Open Source, all the cryptographic protocols and the keys will be available for anyone to see, and consequently for anyone to spoof. There is no way to check that the client is uncompromised, because only the client can check that, and it can be compromised by definition.
Actually, if you allow yourself one secret key, there is a theoretical method, but it won't work in practice. Cryptologists have invented a protocol called ``computing in hostile environment'' which is a way of using hostile computers to perform secure computations (in the sense that the hostile computers can, of course, refuse to carry out the computations, or they can tamper with it, but you'll always know about it). Theoretically, this could be used for a networked game like Quake. In practice, it is unusable because this protocol requires one request and reply on the network for every elementary operation being performed.
Apparently they haven't read RFC1178 :-)
Seriously, I would like to try that. Now that I've tried UnixV5 on the PDP-11 simulator, I would really like to try ITS on a PDP-10 simulator.
Unfortunately, for one thing I don't know where to find ITS. More importantly, I don't think any PDP-10 simulator exists (it would be quite difficult to write: first because it's a 36-bit architecture using sign+value representation of signed quantities, and even besides the processor, the PDP-10 had a lot of strange and exotic hardware). So, it would seem, ITS is really down the drain.
But then, RMS said that GNU was the logical successor to ITS. Cheers!
I'll answer a few of the questions raised by various posts on this discussion. (I subscribe to the debian-hurd, help-hurd and bug-hurd mailing lists, and I've tried the Hurd on several occasions, so I more or less know what I'm talking about.)
Of course, the TCP stack crashed minutes after the site being slashdotted. This isn't really an issue: Hurd is still highly experimental, and its TCP stack (which is merely a copy of the routines from Linux - but done in some haste, I think) is mostly used to make it possible to use the box remotely (the Mach console is a pain for one thing, and X requires some patches to work on Hurd). The interesting thing, however, is that whereas the translator handling the TCP stack crashed (the ``pfinet'' translator), the system didn't. That is, in fact, the whole point about the microkernel architecture.
The last distribution of the complete GNU system was 0.2 and it is now completely obsolete. The next distribution, Debian GNU/Hurd 0.3 potato, should come out together with the corresponding GNU/Linux distribution, and share some packages with it (the non-binary packages; binary compatibility between Hurd and Linux is a goal for the future and shouldn't be too hard to achieve, but it's not there yet).
The system now works quite well, and is able to run nearly everything, but it's still far from stable, and miles from being optimized. Filesystem demons are the most important thing to finish, and they are now almost completely stable. More advanced translators like the nfs clients or the ftpfs (allows you to mount ftp directories) are there more to show the power of the translator paradigm than as actual working systems, and they're quite unstable. But, once again, the whole point is that if a filesystem (other than your root filesystem) crashes, the system will typically continue to function correctly anyway.
The Hurd shares the same libc with Linux, so porting from Linux to Hurd is typically trivial. The major source or problems is that some programs make wrong assumptions about system limits, that are not true on the Hurd. For example OPEN_MAX is 256 on Linux, and is 2So the Hurd certainly won't be ready before a couple more years. But you shouldn't conclude that it never will ``catch up'' with Linux, either. For one thing, most changes made to the hardware drivers of Linux are incorporated verbatim in the GNU-Mach microkernel, so the Hurd team doesn't have to worry (excessively) about all that. Adding filesystems to the Hurd is much easier than on Linux, and debugging them even more so, so there it's also not too much of a worry that the Hurd development team is so small. The problem of the TCP stack remains, and while it should be possible to take some parts from Linux, it will probably be a long time before the Hurd has the same networking capabilities as Linux...
True, but the FreeBSD Portal FS requires that you be root to use it. Under the Hurd, any user can set up translators.
And indeed there are a lot of repetitions in the code. But there's also a simpler reason: only 4 characters are used, so the uncompressed data uses only 2 bits for every 8. Naturally, compression will reduce this to 2.25 bits at worse.
Apologies. That's *three* gigs, not one. But it does compress pretty efficiently.
For those of you who can't stand not having the source code for everything you use , you can download the results of the human genome sequencing project from http://www.ncbi.nlm.nih.gov/genome/seq/ .
(Before you all rush and slashdot the site, please ask yourself whether you really need to download over one gigabyte of what is, to the uninitiated's intents and purposes, a random string of A's, T's, C's and G's.)
I know. The dual was already slowly disappearing during the classical period. Its use was never compulsory. In even older languages, such as classical sanskrit (which is closer to the fabled ``proto-indo-european''), use of the dual is required, and the plural starts at three.
Ceterum censeo conjugationem non esse ignorandam. (Cato, revised)
Don't forget the dual. Greek had a dual, too, besides the singular and the plural. And you can get people really staring at you when you start speaking of ``one criterion, two criterio, three criteria''. (Apologies — I mean, speaking OF ``one criteriou, two criterioin, three criterion''.) That's what happens when you speak to ignoramis... ahem, to ignorant people.
Oh, and for some of the other posters, the plural of ``alpha'' is... ``alpha'' (and so is the dual, and so in every case).
``Græcum est, non legitur'' as they used to say (it is Greek, we don't read it).
I followed a one-semester graduate course (by Laurent Clozel) on the proof of the semistable case of the Shimura-Taniyama conjecture (the case proven originaly by Wiles and which concludes the proof of Fermat's theorem). So I can make a few comments on the subject.
The Shimura-Taniyama conjecture (Weil's name is attached to it for rather dubious reasons: essentially, he mentioned the conjecture — as an exercice for the interested reader! — in a book he published; Serge Lang is always ready to flame anyone calling the conjecture by Weil's name, so let us omit Weil) concerns a correspondance between certain modular forms and certain elliptic curves (actually with Galois representations in between the two). That is, it states that every elliptic curve is associated to a certain modular form (the association can be stated in many different ways: they have the same L function; the eigenvalues of the modular form for the Hecke operators can be deduced from the number of points of the elliptic curve on finite fields, and so on). This conjecture was known (i.e. formulated) long before any relation with Fermat's theorem was observed.
Gerhart Frey had noticed that if a counterexample (A,B,C) (with A+B+C=0, A, B and C being p-th powers) to Fermat's theorem were found it would yield an elliptic curve y=x(x-A)(x+B) having certain miraculous properties, including being ``semistable'' and possibly violating the Shimura-Taniyama conjecture. Using works of Jean-Pierre Serre, Ken Ribet was able to prove this remark of Frey, so that the Shimura-Taniyama conjecture, and in fact even only the Shimura-Taniyama conjecture for semistable elliptic curves, would imply Fermat's theorem.
At that point it became obvious that it would be only a matter of time before Fermat's theorem were proven. Andrew Wiles, was able to complete the task. His first proof contained a flaw (in trying to construct an Euler system), which was noticed by Luc Illusie, but with the help of Richard Taylor, Wiles was able to replace the technique of Euler systems and use Gorenstein rings instead (and some very fine points of commutative algebra) and correct the proof. The full proof (Wiles' ``Modular Elliptic Curves and Fermat's Last Theorem'' and Wiles and Taylor's ``Ring Theoretic Properties of Certain Hecke Algebras'') was published in Inventiones Mathematicæ. Thus, the case of Fermat's theorem was settled.
The general case of the ST conjecture was still unproven. However, soon after Wiles' result, Fred Diamond improvement over it. To understand it, you must know that semistability of an elliptic curve is a ``local'' property, i.e. it can be tested for each prime number. An E.C. is (globally) semistable iff it is semistable at every prime number. (It is always semistable at all but a finite number of primes.) Wiles' result required the E.C. to be semistable at all primes; Diamond refined that and proved the modularity of elliptic curves that are modular at 3 and 5. This was a considerable progress, and it was then pretty obvious that these last conditions would be eliminated. Now they have been (every elliptic curve is known to be modular), but this is more a question of technique than a fundamental improvement.
One might be tempted to think that the proof of the ST conjecture is fascinating. In fact, I found it (or at least the semistable case, which has, it would seem, the gist of the ideas) terribly boring. It is all a matter of controling the behavior of the ramified parts of the cohomology groups of some Galois representations, and it is done in a succession of lemmata, each one seeming exactly the same as the previous one. In fact, the experts' opinion is that the proof of the conjecture is technically difficult but fundamentally trivial in that it does not use any deep results from (algebraic) geometry.
The ST conjecture is part of a more general scheme called the ``Langlands programme''. The Langlands programme is a correspondance (which has not been formulated in a completely satisfactory way, as far as I know, let alone proven) between higher dimensional abelian varieties (elliptic curves are abelian varieties of dimension 1), Galois representations and modular forms (disclaimer: I don't know half of what I'm talking about here). ``Class field theory'', the climax of the number theory of the beginning of the century, is the case ``GL1'' of the Langlands programme (the abelian case). The Shimura-Taniyama conjecture was the case ``GL2'' of the same programme. Some other cases have been proven, such as ``Sp4'' (these funny acronyms refer to certain algebraic groups: GL is the General Linear group, and Sp is the Symplectic group).
The Langlands programme actually splits in two parts: the ``number field'' (or ``global'') Langlands programme, the hard number-theoretic part, of which the ST conjecture is a particular case, and the ``function field'' (or ``local'') Langlands programme, which is an easier analogue of more geometric content.
The major news recently is that the ``function field'' Langlands programme has been proven, by Laurent Lafforgue. This is much more important than the full proof of the ST conjecture. And it also means that Lafforgue will be getting the Fields medal in three years (mark my words).
I've discussed this with Stallman, and he claims that in his interpretation of section 3b of the GPL, merely providing a URL where the source can be downloaded is not sufficient to comply with the terms of the License. As implied by the words ``physically performing the source distribution'', this section requires an offer for a physical shipment (e.g. by snail mail) of a CD (or tape or some other machine-readable media) containing the source.
Stallman was going to change this in version 3 of the GPL (in fact, that would have been the major change); but he inquired as to what the facilities for Internet access were like in Europe, and since he found that they were not nearly as good as in North America, he decided that version 3 of the GPL would (probably) not change this.
So you must either ship a CD with each unit sold, or accompany it with a written offer to do so on demand. Having an FTP site is convenient, but it is neither necessary nor sufficient.
As for the meaning of ``commercial'' in section 3c, my interpretation is that it refers to your being commercial (not RedHat). (The ratio legis here is probably this: if an individual writes a small change to a GPL'ed program and offers to distribute the source, and some big company includes that program in a distribution that sells millions of copy, we don't want the individual to be overwhelmed by requests for source distribution if the company merely transmits the offer. This is my personal explanation, nothing more.)