Slashdot Mirror


User: jc42

jc42's activity in the archive.

Stories
0
Comments
6,784
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,784

  1. Re:Questions... on Spyware for Corporate Espionage · · Score: 2, Insightful

    If there isn't a browser window up and visible on the screen (software CAN detect this), why should it allow ANY 443 or 80 traffic through ?

    So you would, for example, block all attempts to use the lynx browser (which runs in a terminal window)? Be a bit careful about answering, because in a lot of jurisdictions, there can be serious fine for knowingly discriminating against the visually impaired.

    And, on a more general basis, port 80 is used by a lot of software other than browsers. If a file my app needs to use is available via some centralized web archive, why shouldn't my app be allowed to get at the data? It's easy enough to code. Just a TCP connection to port 80 on the archive machine, and an HTTP "GET" command. I've worked on any number of projects where data is provided across the whole LAN this way, because it's simple and convenient. This presents no danger at all of any spyware being installed and run.

    Some time back, I got a lot of geek points on a project by writing a makefile entry that created a particular .h file by using wget to fetch the latest copy of a particular man page from a standard org's web site, and feeding it to a little perl program. This program grovelled through the text, built #defines and C structs from data that it found, and wrote the .h file. "What, your program reads a man page and generates C?" "Well, yeah; you got a problem with that?"

    Remember that the original function of the Web was for physicists who wanted to make their data files easily available to software on machines scattered around the Net. Browsers were added later. But the Web isn't only for browsers.

    And on a lot of server machines, the windowing software isn't even installed, because there's no display. Requiring an open browser window would prevent any use of any Web software on such machines.

    I for one wouldn't want to do without lynx and wget. And they are not sources of the sort of spyware being discussed here. Blocking their use wouldn't solve the problem at all.

  2. Re:Who give more? on The Riches of Open Source · · Score: 3, Insightful

    Considering Gates is responsible for BILLIONS of dollars going toward schools, scholarships, charitible work, health care improvements, etc, ...

    Except that, when you look past the first paragraph, you always seem to find the Bill Gates isn't actually giving anyone those dollars.

    Most often, he is giving software, and the value is the "full retail price", i.e., it's a fake price. And he only gives out the first version; you have to pay for upgrades and transfers to new machines. So it's really just a dealer's first sample to get you hooked.

    In the highly-publicised cases of "gifts" to Africa to fight diseases, the fine print informs us that these are actually loans a full market-price interest rates. And the money can only be spent for drugs from the companies that Bill has stock in.

    When you read the details, it seems that Bill is mostly engaged in marketing, not philanthropy. His "gifts" lead to further profit going to his stock accounts.

  3. Re:Apple? on SCO Hints at *BSD Lawsuits Next Year, And More · · Score: 2, Funny

    Yeah, it almost certainly includes OSX, since it includes a lot of BSD.

    What I've been thinking is: I'm running linux and OSX at home. I need to revive one of those old machines down in the basement and get, say, FreeBSD running on it. Then I'll be in the line of fire for all of SCO's attacks.

    Or maybe I'm missing something? What else should I have running?

  4. Re: Esperanto as UN translation language on Whistle While You Work · · Score: 1

    Yeah, you might think so, but you'd be wrong. ;-)

    The primary use of a good archival language would be that you could get good (i.e., both correct and readable) computer translations to other languages. This disqualifies all "natural" human languages. Simple inspection of the results of computer translators shows that they are good for a laugh, but not usable for much more than trivial translation work. This has been true for a quarter century or so, and there's no prospect of it improving in the forseeable future.

    The fundamental problem is that it's easy to produce human languages via software, but attempts to write valid parsers for human language have been dismal failures. All of our languages are far too ambiguous and inconsistent for the feeble parsing ability of computer software.

    If you want good translations, what you need is a source language that can be easily and unambiguously parsed by software. Esperanto itself doesn't satisfy this, but experimenting has shown that only small changes are needed to remove its problems. The result is a language that is understandable by both humans and computers.

    You also need a dictionary of base morphemes that each have exactly one meaning. But that's just a matter of setting up a central archive and a procedure for adding morphemes to the list.

    Actually, there's nothing magical about Esperanto for this purpose. If all you want is a standardizes archival language for translation purposes, there are many others that would do as well. But Esperanto has a few advantages. It's easily pronouncable by most humans, for example. If you don't care about that, a purely computer-readable language would do, perhaps based on XML.

    A century of experience has shown that Esperanto is easy for people to learn, and there are a million or so fluent speakers around the world. This simplifies the job of developing a population of translators to the archival language. Again, there are other artificial languages that are about as easy to learn; Esperantos only advantage is the number of its speakers at present.

    The main remaining problem is translation to the archival language. At present, this can only be done by people fluent in the source languages. Software can be developed to speed the task, but it still takes humans to do part of the translation.

    BTW, note that English isn't that old a language, spoken or written. It has existed for only around 1000 years, so it might just be a fad. The "Old English" of the 10th century is not readable by native speakers of modern English. The Greeks can read text from 2500 years ago, though sometimes with a bit of difficulty. So if you want a language that has stood the test of time, you'd be better off going with Greek than English.

    OTOH, Esperanto was primarily based on Latin. Its morphemes come from many languages, but mostly from Latin and/or its modern descendants. The grammar is radically simplified, of course, and much less ambiguous than Latin was. So you could argue that Esperanto has a pedigree going back over 2000 years. But this isn't relevant when considering it for archival purposes. What's important is how usable the language is by computers.

    It's more likely that we'll just stumble around and not develop a real archival language. We'll probably end up with a jumbled mish-mash of XML dialects, and a real nightmare of a task trying to write the translators.

  5. Re:Cockatiels ! on Whistle While You Work · · Score: 1

    Yeah; not too many cockatiels learn to talk. But the males are often good musical mimics. So if you have a male, try teaching him some tunes. My wife and I both play flute, recorder and pennywhistle, and these are excellent instruments for communicating with tiels. Or you can just whistle tunes to them.

    One problem we seem to have: We've had a couple of pairs of tiels, and the females lay eggs, but they are never fertilized. We think the reason is that, to a female cockatiel, what makes a male sexy is a large repertoire. Around our place, that's me. So when they get in the mood, the female hangs around me and does her sexy display. I try to explain to her that it isn't going to work, and she should try the little guy. But does she listen?

    With our current pair, it probably doesn't help that the male's idea of nice tunes is things like sparrow chatter, blue jay calls and smoke alarms ...

  6. Re: Esperanto as UN translation language on Whistle While You Work · · Score: 3, Informative

    A project to handle translations using Esperanto as an intermediary and archival language was started some years ago. It has had some interesting and useful partial successes, even without any official support to speak of.

    To work well, the programmers writing the translation code did make a few tweaks to written Esperanto. This is to simplify the parsing task, and help in generating things required in the target language that aren't in Esperanto, as well as to clarify some of the few ambiguities in Esperanta syntax.

    You can read about it at http://www.langmaker.com/db/mdl_esperantodedlt.htm if you're interested. (Needless to say, most of the site is in Esperanto. ;-)

  7. You should have seen my cockatiels' reaction ... on Whistle While You Work · · Score: 1

    When I played the sample conversation from the site, our two cockatiels really reacted. I don't know whether the Silbo speakers would have understood the tiels' replies, though.

    There have been a few other highly-tonal languages described in the linguistics literature, for which such whistled conversations are possible. I recall one from Mexico that was described (with recordings) in a linguistic class that I took once. I don't remember how large the vocabulary was; Silbo may well have more morphemes.

    One point the prof made was that a lot of languages can be understood even if some major parts of the phonetics are lost. In English, we can understand whispered speech, though that loses all voicing and voicing is significant in English.

    But such whistled languages are extremes, where nearly everything but the tones are lost. It is impressive.

    OTOH, an info theory person should be able to explain why any language can be reduced to just two phonemes without loss. But I probably don't need to explain this here.

    Morse code comes close to this, with only three symbols (dot, dash and space). I'd bet that this could be used for a whistled version of English.

    Probably the most fun computer example of such reduction is the Whitespace language, in which the only characters are space, tab and newline.

  8. Re:Are they psychic? on Apple Claims Ownership of Shareware · · Score: 1

    Again, this is a bit naive. Many employers can get "voluntary" signatures from most of their employees, simply by letting them know that if they don't sign, they'll never have another job in the town again.

    I had the experience a couple of decades back of working for the only software-development company in a somewhat isolated small city. When presented with this sort of "choice", my response was to immediately start mailing out my resume. I found a new job in a big city with lots of software employers (Boston), and I never intend to move back to a place where an employer has this sort of power over my life.

    But many people can't do this so easily.

    There is a long history of employers claiming 24 hours per control over employees. It's common for people to face problems at work for things they do in their "free time". If you are able to resist this, then good for you. I hope you can stay free. Many people don't have that kind of power.

  9. Typo correction on Microsoft to Launch MSN Music Service in 2004 · · Score: 2, Insightful

    Observers expect that the company will use Windows or the bundled Windows Media Player to gain a competitive advantage over other services ...

    I think you meant "to gain an anti-competitive advantage ..."

    That's what tie-ins with the OS are all about, y'know.

  10. Yeah; I want all the links. on Apple Claims Ownership of Shareware · · Score: 1

    Would ...an online news source post a political story that links to an article they read on the Drudge Report?

    Sure. Go to news.google.com and check out their links. They do this all the time.

    With a site like news.google.com, this can be tremendously useful. They give you links to all the reports on a story that their search bots can find. You can compare them and make up your own mind. You can have fun pointing out the differences in the ways that different news sources spin the story. You can compare the facts with the editorial spin. And so on. If they only gave links to purportedly "objective" news sites, you couldn't research the different ways that the media reports a story.

  11. Re:Are they psychic? on Apple Claims Ownership of Shareware · · Score: 5, Insightful

    Do you think he should have been PLANNING on Apple trying to steal his work?

    Yes, he should have. He was naive. He probably won't make this mistake in the future.

    It's fairly common for companies to let employees develop things on their own time. If nothing comes of it, it's ignored. If the employee starts making money from it, the company claims it. Employees who object to this (perhaps by citing the law) are laid off.

    It's a win-win situation from the company's viewpoint. No-risk, no-cost software development, and if it works, the company gets the profit.

    Of course, treating employees this way is disastrous policy in the long run. It really kills morale, and usually loses you your most inventive employees. But how many American corporations are capable of looking past the current quarter's revenues?

    You folks really oughta learn more about how the world really works.

  12. Re:As well as.... on Brazil Moves Away From Microsoft · · Score: 1

    There is a place for proprietary software ...

    Well, actually, there is a straightforward argument (brought up here on many occasions by many people) that in government operations, there are good reasons for a total ban on proprietary software.

    The use of proprietary software in a government operation should throw up a big red flag. It nearly always means that the government agency and the software vendor are hiding the inner working of the agency from the citizenry. If they don't want the citizens to be able to see what's going on with the agency's data, there are probably reasons, and we pretty much all know what those reasons are.

    The case of Microsoft software is even more blatant. Ever since MS caught on to the idea of networking, they have been caught over and over supplying software that sends information about the computer back to some (usually undocumented) .microsoft.com address. In some cases, when people have been able to decode the packets' contents, this has often included lots of details about what's on the hard disk. This is generally known as "spyware", of course. It's no surprise that governments would look on such software very skeptically.

    (Of course, one could argue that what we really need is for this information to be sent to public web sites, rather than just to Microsoft. But that's another discussion.)

    The only possible defense against all this is to require that the workings of government computers be open to inspection by the public. This is so we can find out what it's doing and not just take the word of the PR people.

    A very reasonable law would forbid government use of software whose source code isn't available to the general public. Without this, there's no way you can keep your government honest.

    An article by Hiawatha Bray in this morning's Boston Globe had an elegant explanation of this. He quoted someone (on the topic of electronic voting) as saying that "It's not a computing problem, it's an auditing problem."

    You can't properly audit a computer's behavior if you can't read the code.

  13. Re:Why personal websites matter on Why Personal Websites Matter · · Score: 1

    Many people set up websites intended to be viewed by a small group of people ...

    Indeed. And people who criticise this are missing one of the main points of the web.

    Now that browsers are ubiquitous, I no longer need to build huge email messages that include everything. I can send a brief message that's just a summary, and include links to pages in my web site. People who are interested can follow the links; the rest can ignore them.

    This is what hyperlinking is all about, y'know.

    Recently my wife and I went on a cross-country driving vacation. I put a few hundred pictures on the web site, and built a page of thumbnails to rule over them. I sent just a 3-line message giving the URL to a lot of friends. Looking at the logs, I can see a lot of fetches for the page of thumbnails. In most cases, there are a few fetches of the big pictures. A few people looked at all of them.

    Overall, this saves a tremendous amount of bandwidth, and avoids filling up everyone's mailbox with huge messages. It's a real improvement over what we had before the Web.

    Now if we could get our local ISP to stop blocking port 80. Oh, well; I know how to run a server on another port, and most people don't even notice the ':' and number in the URL.

  14. Fun with name googlers on Why Personal Websites Matter · · Score: 1

    Google for the person's name, check them out, their hobbies, their faith, their habits....

    This is one of the reasons that, on my home page, I've included a list of links to other people with the same name as mine. Yeah, this is basically silly. But people do make this sort of stupid mistake. You can have a bit of fun with them by including such a frivolous list, and making them think a bit before they decide that they really have found your web site. With a bit of thought, you can design your site so that they're never quite sure.

    And sometimes you meet someone with your name who you really like.

    Some years back, I got into a music festival free by telling the folks at the gate my name. Another fellow with the same name was a performer, so they just waved me in. I found him and told him about it, and he thought it was pretty funny. It turned out that we both had very similar collections of instruments in our cars. We ended up on stage together ...

  15. Re:hmm on Why Personal Websites Matter · · Score: 1

    This is similar to the story from the early 90's, about the biologist who put his papers online, and after adding a new paper, found his server suddenly swamped by millions of hits per day. They were all looking at the new paper, on some obscure biochemistry of some obscure insect species. The mystery was finally solved when a colleague told him to go to any of the big search sites and ask it for "explicit sex images". Those three words were in his paper, in three different paragraphs.

    This has often been used as an example of the inherent limits of keyword searches.

  16. Re:Great! But I'm a bit puzzled ... on Defense and Detection Against Internet Worms · · Score: 1

    Ah! You've explained it in a memorable theological fashion.

    So I guess it wasn't OT after all. ;-)

  17. That Windows recommendation ... on Ask Red Hat CEO Matthew Szulik · · Score: 1

    We've all read your recent recommendation that home users should run Windows rather than Linux. Why would you recomment Windows over, say, OS X. As someone who routinely uses all three, I find this mystifying, as the Mac seems clearly a better system for nearly all home users than Windows or Linux.

  18. Gteat! But I'm a bit puzzled ... on Defense and Detection Against Internet Worms · · Score: 1

    It's not at all obvious to me what this has to do with defending against and detecting Internet worms.

    Yes, I've RtFTC (Read the F***ing Ten Commandments), and maybe I'm being dense, but I don't see anything there that is applicable to Internet worms. Not even the wildest metaphorical stretch seems to make any of them fit.

    Maybe some kind soul can enlighten me ... ;-)

  19. Re:And no matter how many worms on Defense and Detection Against Internet Worms · · Score: 1

    The only reason we see swarms of worms on windows is it is the number one used platform ...

    <SIGH/> Time to debunk this argument once again.

    The most blatantly-obvious counter example is web servers. These are tremendously attractive to attackers, for obvious reasons, and a lot of web sites have been defaced or brought down by security holes in the web server.

    The main web server is apache. It is on nearly three times as many sites as Microsoft's IIS server, the second-place server. But almost all of the successful attacks have been on IIS servers. Despite its overwhelming numeric lead, apache is hardly ever compromised. When it is, it's because someone has done something stupid that's outside of apache's control (such as installing CGI programs with holes). The fault has hardly ever been with apache itself.

    It's true that you can point at a good list of apache security holes. But if you look closely, you'll find that almost all are fixed before an exploit appears. And webmasters have been good enough at upgrading apache servers that when an exploit appears in the wild, it only finds a few servers that are vulnerable.

    Meanwhile, over in IIS land, security holes tend to be kept secret until Microsoft has a patch. Users don't hear about potential exploits, and programmers outside Microsoft can't work on fixes. Also, IIS webmasters seem to be exceedingly lax about installing the patches. The result is that IIS worms can flood large parts of the Internet and DoS large neighborhoods, often before anyone outside Microsoft is aware that there's a problem.

    This situation is made worse by Microsoft's tendency to prosecute people who do the work that it takes to find and document security holes.

    It takes more than a large installed base for attacks to work. The popular software also has to be vulnerable to attack. The support programmers have to be slow at fixing the holes. And the users have to be lax about installing the fixes. These properties often hold for the Microsoft developer and user communities. They usually don't hold for any of the other platforms.

    The main effect of Microsoft's market lead is that it gives them the arrogance to market software with major holes. They know that they won't be held liable for the results. The smaller vendors know that serious security problems are likely to wipe out their business. The Open Source community doesn't have this worry, but it's full of people who take security very seriously, want their own computers to be secure, and have access to the source code.

    This situation isn't going to end soon.

  20. Re:And no matter how many worms on Defense and Detection Against Internet Worms · · Score: 2, Interesting

    The first worm was the Morris Worm, in 1988,

    Nah; I clearly recall being bemused by the release (on a couple of newsgroups) of PDP-11 and VAX worms and viri in '83. I know it was that year, because I know where I was working when they came out. I don't recall that we gave them official names then, though.

    Needless to say, when the proof-of-concept was published, the main reaction back then was to study them, figure out how to prevent such things "in the wild", and tell the vendors in no uncertain terms that they would add the fixes to their systems or they would make no more sales. Since then, There have been only a handful of actual wild worms and viri in the entire unix part of the industry, and they used exploits that were fairly new at the time.

    In a very real sense, tha majore reason that the Microsoft user community has such problems is that they permit Microsoft to continue to sell software that's full of security holes. As long as their customers continue to pay them good money for insecure software, they will continue to build and sell it.

    Anyway, there were probably worm/virus prototypes before 1983. Anyone know of them?

  21. Something worth publicising ... on Defense and Detection Against Internet Worms · · Score: 2, Interesting

    The FAQ includes the interesting sentence:

    Oddly, under the Bush administration, there has been a massive contraction in research funding into Internet Security.

    It would be interesting to see details of this charge. Is it really true? If so, we should be publicising it.

    Contrary to much of the marketing hype, the Internet was in fact developed primarily with US government funding. DoD funding, in particular, through (D)ARPA.

    The commercial world is trying to take credit, but they did very little to help develop the Internet. So far, the commercial guys also seem to be not terribly interested in Internet security, with the obvious exception of the handful of companies that were created to sell after-the-fact security-related software. Meanwhile, the big vendors continue to turn out new network apps with little regard for the new security holes those apps may contain.

    If history is any guide, the only likely source of real Internet security is the academic community that built it in the first place. And the only likely source of the funding is from the US and a few other governments.

    Reading of cutbacks in this funding just as the really serious worms are appearing is somewhat unsettling.

    So what are the numbers? What is the history of funding for Internet security research? Can we collect the details, and publicise the situation? Has it already been done?

    (A quick check via google turned up a few tantalizing details, but no obvious site with a complete summary.)

  22. Re:i am pleased on Motorola+Qtopia=Linux Smart Phone · · Score: 1

    Yeah. And as for alternatives, where are the itron cellphone/pda toys?

  23. Re:Save Some Time on Motorola+Qtopia=Linux Smart Phone · · Score: 1

    Specs? There ain't no numbers in that page. Just lots of superlatives.

    Where are the specs?

    Also, which cell-phone companies support/permit it?

  24. Re:Reversing entropy? on 'Reversible' Computers More Energy Efficient · · Score: 1

    If this is what people mean, then the implementation is obvious: For every bit, you have a second bit that's its complement. You put them right next to each other, so that flipping their contents will be fast. (In fact, what you probably do is combine them into a single thingy, and call it a "bit". ;-)

    But somehow, doubling the amount of memory on a computer doesn't really seem like the way to decrease power consumption.

    Anyone know about this?

  25. Re:Reversing entropy? on 'Reversible' Computers More Energy Efficient · · Score: 1

    I've long been curious about this idea of destroying data inside a computer. It seems to me that before and after any opcode, your typical computer contains exactly the same amount of data. A few bits have changed from 0 to 1 or vice-versa. But the number of bits is the same, and each contains only one bit of data, so the amount of data is the same.

    So far, when I've questioned people about this, I always get a response that amounts to saying "Boy, you must be a real idiot if you don't understand this." This may be true, but it's not an explanation, it's just a way of refusing to explain anything.

    So whatever does it mean to talk about a computer destroying data?