Slashdot Mirror


User: schon

schon's activity in the archive.

Stories
0
Comments
4,413
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,413

  1. Re:Interesting on USL vs BSDI Documents · · Score: 3, Interesting

    Comments and spacing in source code have no effect at all on the result of the compilation (the binary (or whatever) produced).

    That was pretty much my point.

    Perhaps I wasn't clear enough in my explanation, because you're the second person to say this.

    SCO has publically available binaries for each release ("publically" meaning that it's been released to their customers.)

    Theoretically, you can check to see if the code has been modified by compiling it (with the same options, etc.) If the resulting binary matches the one that's publically available, then the code hasn't been modified, which provides a method of dating the code - if the binary was released in (say) 1990, then the code that produced that binary would have to have been written before then.

    The exception to this is the comments, which get thrown away during a compile - so (for example), SCO could take comments from Linux, insert them into their 1990 codebase, and then run the above test, and be able to "prove" that the code was copied from Linux (and 'why would someone copy just the comments into Linux, but not the actual code?')

    Assuming SCO is making this all up, this would explain why SCO is focusing so much effort on the comments - they're a "smoking gun".. it would also explain them requiring NDAs to view the code - if it was publically available, then anyone who was actually a kernel developer would be able to see through the ruse immediately.

  2. Re:Interesting... on USL vs BSDI Documents · · Score: 4, Interesting

    OK, so here's why I think there's so much concern (especially from SCO) over code comments..

    <mode type="conspiracy theory">

    One of the main points is who had the alleged infringing code first? Linux is publically auditable, but there is no such guarantee from SCO, as everything is closed-source.

    It's known that SCO employees (and management) read /. - and it's been posted several times that the way to check if SCO is lying is to take a snapshot of one of their releases, compile the code, and see if it matches the binary they distributed. (Of course, you'd have to make sure that they're using the exact same compiler and options, etc..)

    So, what's the best way around that? The comments! SCO can take two sections of code that perform similar functions, copy and paste the comments from Linux, and viola! instant "evidence" that can be presented to "prove" that the code in Linux is stolen, which can be compiled to produce the same binary that SCO released in the past.
    </mode>

    This would go a long way to explain why SCO is acting the way it is - NDA's to view publically available material, showing the alleged code primarily to non-coders, etc..

    It's something to think about.

  3. Re:He who is willing to sacrifice freedom... on Michigan's Proposed Spam Law Called Toughest In U.S. · · Score: 1
    I do in fact strongly believe in our freedoms (especially our freedom of speech), so I do ultimately side against the anti-spam laws

    Then you're pretty gullible.

    "[Spammers] have come to court not because their freedom of speech is threatened but because their profits are; to dress up their complaints in First Amendment garb demeans the principles for which the First Amendment stands."
    -- US Federal Judge Stanley Sporkin

    Spam is (at best) harrassment, and at worst, theft. By naievely swallowing the spammers "frea speach" nonsense, you're allowing them to wipe their ass with the constitution you claim to hold so dear.

    Another choice quote, this one from the Chief Justice of the Supreme Court:
    "Nothing in the Constitution compels us to listen to or view any unwanted communication, whatever its merit. We categorically reject the argument that a vendor has a right under the Constitution or otherwise to send unwanted material into the home of another. If this prohibition operates to impede the flow of even valid ideas, the answer is that no one has a right to press even 'good' ideas on an unwilling recipient. The asserted right of a mailer, we repeat, stops at the outer boundary of every person's domain."

    Seems some pretty important people in the courts see through the spammers' red herrings. It's just a pity that people like you don't, because by mimicking the spammers' crap, you're validating it to people who may not know better.
  4. Re:Code defects appear to be a small part of the e on Software Code Quality Of Apache Analyzed · · Score: 3, Insightful

    Every time I hear the "obscurity is not security" mantra I chuckle. Of course it isn't, but that doesn't make publishing the information a good idea.

    Nobody's saying that the information should be published - what they're saying is that you can't rely on that information being a secret.

    Is Fort Knox secure? Probably. If so, then why don't they publish the blueprints, guard rotation schedule and security policies?

    That's pretty much the point you're missing - even if that information was published, it wouldn't diminish the security of Fort Knox..

    If the people in charge relied on the fact that they don't publish those details, that would be obscurity, because it would lead them to make errors elsewhere. (Oh, it's OK if we leave the main vault open tonight - nobody knows that there will be no guards around it for 10 minutes at 3:30 AM tonight.)

  5. Re:Horay for Animation on Animated Tron Spoof Coming to UPN · · Score: 1

    Stan Lee has been a hack since almost before I was BORN [1972], and combining him with Pamela "Social Disease" Anderson doesn't do anything for me;

    You may be in for a pleasant surprise. My wife feels the same way you do, but when I was watching it, she came to see what I was laughing at.. she sat down, and found it very funny.. she said it was one of the best shows she's seen in awhile.

  6. Re:Don't make the claim on Protecting Cities from Hijacked Planes · · Score: 1

    Never claim anything is hack-proof if you don't want to get hacked.

    Funny story - last year (or maybe two), the city of Edmonton changed the name of the Capilano Freeway to "Wayne Gretzky Drive".. there was a lot of concern that sports fans might steal the signs..

    So they apparently came up with a "perfect" system to preven the signs from being stolen, and the chief of police went on the news and talked about how the security for the signs was unbreakable.

    That night, someone stole one of the signs.

  7. Re:Monitors. - actually... on Anti-Spam Webforms Leave Out The Blind · · Score: 1

    Audio would discriminate against the deaf

    Would it? Even as an alternative to a visual method?

    the graphics are specifically designed to be difficult to read by OCR

    I never said it wasn't. I'm quite familiar with the technique. What relevance does this have to my suggestion?

    Audio would be much tougher to add "noise" to to make recognition troublesome

    Re-read my post. You don't need to add "noise" - the fact that you're asking simple questions covers that.

    Audio also has the problem that people would have to spell the word on their own, which they would mess up easily

    If someone is gonna mess up a word such as "blue", "dog" or "cat", then they're at a reading level that it won't matter anyway.

    Two methods to cover both blind and deaf would allow two posibilities for page scrapers to automate registrations, halving the liklihood of preventing such an attack.

    In theory. In reality, since this type of attack is so difficult with current technology, it's irrelevant - in essence you're saying "well, sure you should use a 65536-bit key for your encryption, but because you're only using a 32768-bit key you're halving the difficulty of cracking your message."

  8. Re:Same as SMC on Cooling your Access Point? · · Score: 1

    I saw a monitor overheat and destroy itself once because someone left a few magazines on top of it and covered the vents. It was not a particularly warm day, there was just no circulation.

    Waaay back when I ran a C64 BBS, one of my 1581 drives started locking up intermittantly (and as per Murphy's law, never when I was around)... even though it was wintertime, I suspected a thermal fault, so I lowered the thermostat in my apartment..

    Amazingly enough, this caused the drive to lock up even more frequently, and it began happening to one of my other drives as well!

    So one night when I went to sleep, I left a phone plugged into the line, so I could hear if the drive locked up (because the BBS would stop if it couldn't access the drives..) so I could see what was going on when it went down..

    That night, the phone woke me up.. It turned out that it was overheating - I went to the computer room to find my cat, contentedly sleeping on top of one of the drives..

  9. Re:Monitors. - actually... on Anti-Spam Webforms Leave Out The Blind · · Score: 1

    Graphics can be read by computer (OCR) and so can audio

    What about a question?

    Text-to-speech of "what is four plus three", or "how many legs does a cat have", or "what color is the sky", or "what is the first letter of the word 'dog'" (or any other simple question) would stump pretty much any speech-to-text system...

  10. Re:Actually, the GPL hasn't exactly worked.. on GPL May Not Work In German Legal System · · Score: 2, Insightful

    One of those companies stole one of my widget subcomponents and without my knowledge incorporated it into their widget, which was subsequently retailed by my company.

    You didn't finish your (very poor) analogy..

    If you discover the subcomponent, then refuse to tell them what it is, and continue selling your 'product' - WITH FULL KNOWLEDGE, and your contract with them states that THIS IS OK, then you don't have a legal leg to stand on - it's not "theft", because you are saying that it's OK.

  11. Re:Hate the sin, Love the sinner on On The Trail Of Super-Zonda · · Score: 4, Insightful
    Spam is another form of Speech.

    No, it's another form of harrassment.

    it is still protected here in the U.S.

    Really? Cheif Justice Berger, of the US Supreme Court disagrees with you.

    "Nothing in the Constitution compels us to listen to or view any unwanted communication, whatever its merit. We categorically reject the argument that a vendor has a right under the Constitution or otherwise to send unwanted material into the home of another. If this prohibition operates to impede the flow of even valid ideas, the answer is that no one has a right to press even 'good' ideas on an unwilling recipient. The asserted right of a mailer, we repeat, stops at the outer boundary of every person's domain."


    Are you a supreme court justice? Are you a even a lawyer? No, you're just a lousy /. troll.

    So, what, exactly, gives you the authority to claim that the harrassing actions of spammers are "protected"? Please list any relevant quotes that say that harrassment and theft are legal.
  12. Re: Uhm, yeah. on Bill Gates On Linux · · Score: 1

    All you have to do is attach a malicious binary to an email and send it to a Linux user.

    OK, and what happens when they receive it?

    Will it run automatically, just by telling the browser that it's a midi sound file, but having a '.exe' extension?

    No.

    Will it run automatically, when the user clicks on it?

    No.

    When the user saves it to their home directory, will it run automatically when he/she clicks on it, because the system thinks "well, it's name ends in .exe, so therefore it must be an executable"?

    No.

    I think maybe spreading a malicious binary to Linux users might be a tad harder than you try to make it out to be.

  13. Re:Blizzard -- an empty shell of a company on Blizzard North Co-Founders Leave Company · · Score: 1

    Your characters are on their server, so there's no cheating ... It's much like the diablo2 realms

    I'm sorry, but first you say there's no cheating, then you say it's like the D2 realms.. please make up your mind :o)

  14. Re:Cost analysis on US Army Signs $471,000,000 Deal for Microsoft Software · · Score: 1

    He goes on to explain that the ashtray costs $400 to research and to make; however, whenever you are in a sub, the ashtray won't break into millions of bits during combat action.

    Did someone then point out that they could have made the ashtrays out of cast aluminum, saved themselves $390, and had an ashtray that won't break at all during combat action?

  15. Re:Are you sure? on Why Are We on E-mail Blacklists? · · Score: 1

    So, not that they have to match, although I thought I'd read that elsewhere, but that they MAY reject if there is NO rDNS.

    OK, still in violation, but not as bad as you claimed..

    telnet to the IP address in question on port 25 from a different Internet Service Provider and manually initiate an SMTP transaction. If you can send mail from yourself from the different ISP, your server is an open relay.

    I don't see what the problem is with this - if you can do that, then you are an open relay.

  16. Re:Something to consider: Spammer@Home.... on Why Are We on E-mail Blacklists? · · Score: 2, Insightful

    I did something similar here-- all port 25 traffic that originates from behind our firewall must be bound for our mail server. This stops a lot of crappy ad ware and email viruses that pack their own SMTP engine.

    A better solution (ie. one that's less likely to have a customer call your support desk) is to transparently proxy all outbound SMTP traffic to your server.

    An extra step would be to do connection throttling, which would limit the damage caused by the "@home" spammer, or customers who set up an open relay.

    We implemented this years ago, and it's saved a ton of headaches - the one time that we did have a customer who tried spamming, he managed to deliver to a total of ONE address before we shut him down (my pager goes off when the loadavg on our mail server rises above a set limit.)

  17. Are you sure? on Why Are We on E-mail Blacklists? · · Score: 1

    AOL also requires that your R-DNS matches what you claim your domain name to be.

    This is a violation of RFC 2821.

    They say that, if someone not on your network can connect to port 25 on your server, then you're an open relay.

    I highly doubt that - if so, it would eliminate ALL ISPs who use the same server for inbound as for outbound mail. Which is 90% of small ISPs.

    Do you have any links to back up your claims? I find it incredibly hard to believe that techs that are capable of keeping a network the size of AOL's running would be this stupid.

  18. Re:SPAM 101 - HOWTO: on Telstra Denies Selling BigPond Customers' Data · · Score: 1

    I know that - but you didn't answer my question.

    How do you know a piece of information has been removed, INSTEAD OF NEVER ADDED IN THE FIRST PLACE?

    Here's an example:

    Server 'A' removes the IP address.
    Server 'B' never adds the IP address.

    How do you tell which one happened?

  19. Re:MOBS == sprites on Intellivision Operating System Revealed · · Score: 1

    I would suspect 'sprites would have been the term used on the Vic-20 which had come out sometime around then or slightly earlier.

    The Vic-20 never had sprites. That was the C64.

  20. Re:Nope on Intellivision Operating System Revealed · · Score: 1

    BOBs are Blitter OBjects.

    On the Amiga, yes.. I seem to recall that it was used on a different platform, but stood for something else (I didn't remember the acronym for the Atari was PMG, until it was pointed out in a reply.. *sigh* it's been too long since I did any of that.. :o)

  21. Re:8 MOBS... on Intellivision Operating System Revealed · · Score: 4, Informative

    I was curious if someone familiar with older processors could explain the significance of independent MOBS? Are these small independent caches for storing sprites or something?

    Sounds like they are sprites - hardware ones, that is (sometimes called 'BOBs').

    You create a bitmap in video memory (video memory was a section of RAM that was accessible by the video chip), then point a hardware register to it - the hardware takes care of drawing the sprite on the screen.

    Typically you animate the sprite by changing the pointer to point to a different image.

    The sprite hardware typically had location register(s) as well, so you could move the sprite on the screen by changing the X/Y registers.. the C64 had two registers (split over 3 bytes) to control the X/Y location of a sprite, but some systems (such as Atari, IIRC) only had one location register (for horizontal location), and you had to redraw the sprite to move it in the other direction.

  22. Re:Sharing porn on RIAA To Sue Hundreds Of File Swappers · · Score: 1

    Even though the RIAA and MPAA are claming that p2p sharing is killing their business, you never hear the adult industry complaining about p2p

    The thing is though, that P2P (well, actually the internet in general) is killing their business.

    Although not for the reasons one would suppose (ie. the ones that the ??AA is claiming.)

    Before the internet, the entertainment cartels effectively controlled distribution of their works - which meant that if you want to enter the world they control, you had to play by their rules. And as you might guess, their rules aren't very fair.

    Now that the internet is here, recording artists (in particular) can reach a global audience without having to sign their lives away, and the RIAA is scared shitless.

    If all the fancy RIAA and MPAA business managers couldn't figure out something that Ron Jeremy did!

    No, the business managers have realized it. That's why you're seeing such a concerted effort to shut it down. Not because it costs them money (all evidence points to the contrary - the revenues of the RIAA follow exactly the curve of Napster's popularity and usage, despite the RIAA publishing fewer titles) but because they know that the end of their control is near.

  23. Re:SPAM 101 - HOWTO: on Telstra Denies Selling BigPond Customers' Data · · Score: 1

    BLOCK emails that have the original IP address removed

    Can you define "original IP address", and how it's removed?

    Are you talking about the Received: header? If so, how would you tell if the IP address has been 'removed', or if the sending server never added it in the first place (which is the default on many products such as older versions of MS Exchange.)

  24. Re:I have on USENIX Panel On SCO Lawsuit Now Available · · Score: 3, Informative

    3) The code continues to exist, violating SCO's copyrights.

    Not quite.

    The alleged code continues to exist because SCO refuses to tell anyone where it is.

    Do some reading about the Doctrine of Laches. Basically, since SCO refuses to tell anyone where the alleged code is, then the alleged code is worthless to them. Since the code is worthless, SCO can't claim injury.

    That's why the first order of business in a copyright enforcement process is to tell the infringing party what it is they're doing wrong.

    By refusing to tell anyone where the alleged code is, so that it can be removed, they are essentially giving up any copyright claims they might have had.

  25. Re:Wrong fight RMS on RMS Cuts Through Some SCO FUD · · Score: 1

    Where do they claim that? Can you quote it?

    Read this article, where the author makes that claim in the first paragraph under the heading "Derivative Works":

    SCO basically is arguing that any code developed on top of Unix is a derivative work of Unix

    There is no exact quote, but the author mentions that he asked them about it, and they said "that's for the courts to decide."