I don't see that not having a flashy GUI means anything. I grew up in a world where I saw flashy GUI's for exactly what they were. I was much happier hacking DOS to get that extra few KB of base memory than I was playing about in Windows 3.1.
The problem is that you can't foster curiosity, which is the main driver here. Nothing will make you sit down and learn a programming language more than curiosity for what you can make the computer do, whether you can do something better than Microsoft, etc. You can try very hard to keep interest, though, and there practical results tend to have greater effect - this is why most basic ICT in schools is based around roaming turtles, Lego RCX, "traffic-light" kits etc. Computer-controlled with visible, physical effect.
Personally, I think the best way to foster the right computer skills isn't to use a computer much at all (this is a philosophy I've held for most of my life - the best way to program is in your head, not a machine - the best way to write a story is on paper, not a word-processor, etc.). The best things to use to learn are simple gadgets. I'm not a gadget person. I'm not even very good at electronics but I struggle along and get a lot done.
Wire your house for a burglar alarm, controlled by a computer, and involve your children in every step. If your practical skills aren't up to scratch (good, you can "learn" by your mistakes together and your child can try to "out-think" you when you both hit the same problem), you can get X10/DMX-style equipment that makes it a cinch. But there's nothing like a bug that'll scare the crap out of you when the alarm goes off because you didn't cater for a niche-case (opening the back-door while the power was out etc.). It only needs an ancient "sacrifical" computer that doesn't matter if you blow its parallel port, and it introduces every single reason behind having computers - automate tasks that a human could do using simple, cheap components.
You can learn programming, you can learn embedded programming, you learn about the importance of bug-checking and clean code, you learn about interfacing, buses, serial/parallel data transfer, physical and real-world effects and how to counter them in software (e.g. switch debouncing). You even get to learn how the damn computer does its job so that it's no longer a magic box that does stuff. You get to interface with all types of cool gear. You get to bring practical, real-life skills into the learning environment which can help immensely if your child learns better that way. (And I don't count "how to write a letter in Office", I mean REAL life skills, like practical problems, electricity and electronics, wiring, why the bloody ladder won't stay still and why Daddy put his foot through the roof).
The rewards are instant, visible, practical, extendible and "show-off-able". The "reward" of having the whole family laugh at a a doorbell that plays a WAV when someone presses it is very rewarding especially when "it was all my son's work". My particular favourite is a doorbell that goes "knock knock" when you ring it. I also bought an old-fashioned door knocker which has an integrated switch in it and want it to set off a "ding-dong" sound, just to see the postman's face. I'm doing it with simple electronics and one of those recorable greetings-card chips but you can do it with a PC easily. Ten minutes of very basic wiring to an old-fashioned joystick port (ancient laptops are great for this sort of thing), a WAV file off a free website and a twenty line program. You can see exactly where his skills lie. Is he a better programmer? Is he a better thinker? Is he better at practicalities? But no matter what he is, it's so simple to do that you can have great fun wiring it up (probably with Mum in the background tapping her feet because she's getting sick of "Yankee Doodle" every time the neighbour's call).
Then you need to get to the point, as quickly as possible, where he can *think* of new stuff to do himself. You started with a doorbell
Okay, I don't dabble deep in DNS but I have a few quick questions. The RR thing is nasty because sub-domain authority implies domain authority. That's just silly and I'm stunned that something so simple is still true. I imagine there are a million and one "good" reasons for it, but it appears to be a gaping hole that could easily have been removed.
However, on the "let's spoof a DNS response" front - if a DNS server/client is being sent lots of spoof reponses, how long until they are picked up by a filter and blacklisted, tarpit'd or similar at the ISP end? This is the solution surely, even if you can send millions of packets with incorrect QID's and similar identifiers at a DNS server, like any other service at some point it has to say "you're trying to be naughty" and blacklist any packets, sound an alert, get the upstream filters to block such traffic etc. (This is, of course, assuming that there are at least some systems in place to stop or limit source-IP forgery in the first place). It might even be a good idea, at this point, for such servers to not trust their data, and constantly compare their copies with those available from the nameservers. If "fluctuation" of the data (between real and spoofed responses) is detected, then sound an alert on that domain.
How many responses does an average DNS server get that are invalid because of purely accidental causes (e.g. corrupted packets, mis-configured routers etc.)? Surely it's so few that it can instantly blacklist any suspicious activity, like trying to poison recursive caches in this manner.
I imagine that most home routers are extremely stupid and can't stop such things because they rely almost exclusively on the ISP's DNS servers to do their job and a flood of fake packets will not be picked up (this is, however, one of the reasons that I've always used "DMZ" or PPP half-bridge settings on ADSL routers to throw all external packets towards a real server rather than relying on some VxWorks firmware to handle IP-based attacks). But the servers? They *should* be filtering, cleansing and blacklisting packets even before you get into whether they have the most up-to-date patches, and a security fix to enhance the randomness of X etc.
It seems that the DNS servers are too trusting of "correct" packets that come as part of packet-floods of incoming data that is *obviously* false. DNS clients accepting data appearing to come from a trusted host is not nice, I agree, but recursive DNS servers should know better.
Or have I missed something incredibly obvious here?
I don't really care because my ISP wasn't vulnerable to this attack when I first tested it about 10 minutes after the first posting about its potential on the blog, and I'm pretty sure that they wouldn't have had any more advanced warning than anyone else.
Having said that, the DNS servers provided by LGfL's broadband supplier are, apparently, vulnerable. (London Grid for Learning, a London-wide schools extranet that virtually every London school, of which there are hundreds, use for their Internet connection, DNS servers, content filtering, etc. as well as their external content host). But, knowing LGfL and the way UK IT operations that are in any way involved with government work, that's not surprising at all.
But you should be testing things like this first, and whenever you upgrade you should really be looking at/for all.rpmsave or equivalent files first to make sure nothing has changed in the meantime. Otherwise, you're just removing your config and replacing it with the default whatever happens. You should also be checking.rpmnew (or equivalent) each time to check that it hasn't changed in terms of syntax, defaults etc. (which, let's be honest, is quite likely for such an important update - especially given that we hardly know what the exact problem is yet). I wouldn't go so far as to suggest intimate analysis of packages while they are still packed unless the systems you are running are quite critical to the operation of a business.
Part human-error on RH's part (it happens). Part incompetence in not testing the updates yourself first. Chances are that if I were affected by this, I would catch it as part of "right, what did that package change?", or notice as part of usual testing later, and then just move the file. I probably wouldn't even bother to send RH a note.
If you have a DNS server, that suggests that there are reliant computers. As courtesy to all those reliant computers you HAVE to test changes and check carefully what they are doing first. If you were "stung" by it, it suggests you hit this problem on ALL your DNS servers and/or that you only have one DNS server anyway. To deploy packages like this on such a setup is just asking for trouble.
Which suggests that Ethernet-derived products are, indeed, used in critical systems (although this seems to be on-aircraft rather than in ATC). It (apparently) has seen wide deployment on common "famous" aircraft.
And the UK has been "upgrading" its air traffic control for years and years - so much so that they now appear to be nothing more than an office with some multi-head display if the footage shown on news-reports of a year or so ago are to be believed. It's concievable that this is truer than you would think.
However, I bow down to your knowledge as I know nothing about aviation at all.
First, we have NO idea what you actually want. Are these going to be running dumb terminals, displays, "embedded device" roles, what? What sort of machines are we talking about? What sort of budget do you consider acceptable?
Seriously, if you want things to boot THAT quick, you're either going to have to spend money (LinuxBIOS, replacing with ARM or other embedded devices etc.) or you're going to have to compromise (DOS or some other really-cut-down OS). FreeDOS is used in these sorts of things all the time, even for networking appliances with appropriate drivers loaded. People have FreeDOS MP3 players in place of their CD-players in their car. Virtually-instant to boot.
Back in the day, you could get an old DOS machine to boot really quickly if you optimised everything and cut out all the cruft (BIOS boot times were actually a large part of it, unfortunately, what with memory-checks, floppy-checks etc.) . Guess what, you won't get that same machine to boot any quicker today without replacing parts.
If you have minimal actual software requirements (i.e. they ain't doing anything fancy and need to boot REALLY fast), then you're looking at DOS. Otherwise you're looking at Linux (if you want to keep licensing, support, compatibility costs down) unless you want to buy XP licenses for them all. Wouldn't like to think what Windows 98 would work like in this on/off scenario. I suspect that it would start crashing out, hitting filesystem checks, etc. eventually no matter what you tried. And Windows 98 is SLOW to boot. Incredibly so. For a start, it loads DOS first and then kicks itself in after that!
After you've sorted the OS, if you're still struggling then you can look at things like LinuxBIOS (sorry, but that's the only way you'll speed up the BIOS boot times on older PC's but the chances are that it's just not supported for your chipset).
To be honest, from a power-saving perspective, just bin the lot (see if you can get a few quid for them first) and then buy some Gumstix or similar embedded board, Mini-ITX etc. You can literally leave something like that on 24/7 and not pull anywhere near the power you would draw with an old PC in one hour. And you can have them boot extremely fast and minimally.
Re-using old hardware is great. Expecting it to perform brilliantly isn't. Booting reliably into a powerful, full-featured OS in a handful of seconds *is* performing brilliantly. We couldn't do it back in the days of DOS devices with standard PC's, you aren't going to manage it now without making some cutbacks on your expectations. And then for about £50 each, you can get tiny, powerful, power-saving, fan-free, embedded ARM units with Linux that'll do anything you want.
Having had this (and other similar) conversations follow through LWN.net, LKML and various other places that just won't let me escape it, all I can do is express surprise that the article wasn't "Sponsored by PaXTeam".
Similar arguments keep getting raised by various people affiliated with that name and again and again they just don't listen. It took weeks to get them to bring up such problems in a proper, public forum and now they are just shouting for nothing more than attention.
Nobody cares, because they can't be bothered to 1) listen. 2) Use appropriate forums. 3) Express alternatives 4) Take no for an answer. I tired of the arguments on LWN, and increasingly I'm getting tired of visiting websites/forums/mailing lists where the same people are starting the same arguments again.
If you're worried about security, keep your software updated. You WILL hear about anything REALLY important. If you don't keep it updated, that's much more of a problem than anything else.
First, nothing says this is gameplay footage, not even the page itself. It says "trailer".
Secondly, if it IS gameplay, it's going to be the worst game in the world to control. The camera zooms about absolutely everywhere, in silly places, with little or no thought of what it's looking at or why it's chosen that angle (which suggests a bad camera director of a trailer than a game THAT poor at picking an angle).
Third, some parts of it look absolutely grotesque. All the character's 3D models have outlines, ffs. The "grass" at the end looks like something out of Doom. The only decent parts are the far-off windmills over the town.
Fourth, there is nothing of actual GAMEPLAY here, such as what you're doing, how you fight, how you see where to go next. NOTHING. It's some 3D models in an empty arena doing lots of jumping about to random locations.
If it's gameplay, count me out. If it's a trailer, it's a truly pitiful trailer, that really doesn't deserve a link, let alone a front-page one.
1) Manufacturing fault - not every router is identical and I wouldn't be surprised if the hardware in sub-£50 hardware isn't top-of-the-range (e.g. memory that just had enough banks working even though it's specc'ed to be more etc. - this has been going on back as far as the ZX Spectrum, a quote from the wiki article: "To reduce the price, the 32 KB extension used eight faulty 64 kilobit chips with only one half of their capacity working and/or available.", and Intel/AMD are still doing the same thing with multi-core chips). Things fail randomly too. That's life.
2) Environment - Power, heat, humidity, physical shock, cabling specifications, static-shocks, etc. Any and all of these can fluctuate in any location, let alone if you are talking about a million units in different people's houses. They won't behave the same in every location.
3) Crap software - The firmware isn't designed to NASA longevity standards. It's designed for home users to get on broadband once a day to check their email. Live with it, or replace it with one of the Open Source ones. This is why hard P2P use craps out most basic hardware - the software isn't built to cope. This has been true since the very first broadband modems/routers came out.
4) It's you - Personally, I've seen identical hardware, from identical batches, of very expensive models go into two people's houses. One person will treat it kindly, site it well, treat it with care upon unpacking, basically treat it as a sensitive electrical device (hell, sometimes they're so frightened of damaging the thing that they go overboard). The other will throw it around, plug the thing on/off/on/off while testing it, site it poorly, drop it, leave it in damp locations etc. without even realising they've done it.
No. 1 is a fact of life. Pay more = get more. No. 2 = Avoidable to some degree. No. 3 = Completely avoidable, but you may have to try something other than the default firmware.
No matter what hardware you're talking about, No. 4 will hit you if you are like that. I've seen home PC's that have been running for less than a year which people ASSURE me have received no damage, been locked away from the kids, etc. and yet the hard drive registers SMART failures for sheer number of bad sectors. Identical batch harddrives in identical PC's in other people's homes last forever without a single error.
Personally, my WRT54GS has been working fantastically for about a year now. Over that, in fact. Bog-standard firmware (I think it's even out of date, because I just used the factory firmware). Used every single day by many wireless clients, tons of traffic of every kind goes through it. Periods of dozens of config changes an hour, periods of months of unattended operation. Periods of massive wireless interference, periods of none. No crashes, no weird behaviour. Real power cycles, software power cycles, brown-outs, black-outs, no problem. I have it on a UPS now but it ran for ages without one. About the only problem I have with it is that I forget to put the 's' in https:/// whenever I try to access its configuration page.
Similarly for my ADSL Router (some cheap Conexant thing, doesn't even have a brand name on it, think it's eTec). That's been going for nearly five years now. It carried itself well through several speed upgrades, several changes of location (by many, many miles), half a dozen powercuts, several ISP faults (where the connection died but the router stayed up and endlessly tried to reconnect).
And my brother's equipment (printers, print servers, ADSL Routers, ancient wireless access points). And all of the cheap rubbish they buy in work (including three consumer wireless ADSL routers on different Wifi channels, used as a mobile hotspot for a laptop trolley).
In actual fact, the only things that I've seen actually lock hard on a regular basis or a predictable one are:
Several very expensive Ethernet switches that lock REALLY hard if you get a network loop that goes un
The only "defences" you could have against such MITM attacks would be either chains of trusted keys for every site that uses the system (a hefty burden and a central repository of trusted keys makes it the main target for attack, either DoS or infiltration) or: have sites supply their public key information via DNS or similar and have clients cache it, which is easily spoofed, but at least you'd know when something "changed". A bit like SSH's authorized_keys.
There seem to be a lot of distributions whose package managers rely on the keys/hashes to "secure" the packages, where the mirrors are providing those keys/hashes. Silly idea - always has been, what makes this news?
What this article is basically saying is "anyone can be a mirror" (Yes, that's the point, without that you wouldn't be able to get a release/security update for ages after its release, or you could just take one website offline and stop all package updates worldwide - both are worse for security than the alternative) and "some package managers don't properly check the authenticity of a package from a mirror". The second is a problem that's easily fixed and shouldn't be present, granted. What idiot would accept a valid signed package without first checking that the root key it's signed with isn't current, valid and not revoked? This is like your web browser navigating to random SSL websites without first checking that the certificate chain is correct and valid and ends in a trusted root.
1) Download key from "redhat.com" or wherever (DO NOT USE MIRRORS), or from the CD, on first install. 2) Everytime you are asked to fetch a list of available packages, check the authenticity of that key against "redhat.com" directly (DO NOT USE MIRRORS), check the expiry date, check for revocation information, or allow the user to override (their fault), or check public keychains. 3) If the key ever changes, ALERT THE USER before you do anything with it (don't try and get smart by signing a package with the old key that introduces the new key to the world, or automatically accepting a new key). Then the distribution should NEVER use that old key ever again, and maybe even resign all old packages with the new key. 4) Use that key to verify all packages downloaded from any mirror against the GPG signature from that package (for ultra-security, get that from a second, random mirror, or the official website).
There's a small window of opportunity for compromise on machines that install packages without checking first, or assume that because a key was once valid it always will be, or are significantly out of date and don't check the "definitive" source for a new key first but you'll never remove that completely. The way to do that is to check the root key, reliably, on a regular basis. But then if you have an old machine that still has the key from the install CD, and that key is compromised, and the machine does not have reliable (read SSL with significant trusted chain) means of contacting the main server without possibility of spoofing for a new key, then you have a problem.
I don't see why this is "news" or even vaguely important except to show up distros that aren't ALREADY doing it this way.
BTW: This is why I do package management on Slackware using a script that makes *me* get the GPG-KEY from slackware.com first if it ever changes (including checking if the IP of ftp.slackware.com has changed, the date of the file has changed, the key itself has changed etc. but if they can compromise my access to Slackware.com without hitting one of those checks, I'm stuffed anyway), why I have an RSS feed of Slackware and check the website myself regularly (just in case the key requires changing and news is posted about it), why I only use trusted mirrors, why I download the GPG signature and package from seperate mirrors and why nothing gets installed without that GPG check succeeding. To be honest, I see this just as being sensible for anything that goes into production. I'm still waiting for a rogue Windows Update, but it surprises me that some distros (or administrators) don't ALREADY do all this...
Absolutely correct, in some respects. Misleading in the case of this article.
What you are missing is that (if, as has been done before and incorrectly) the creationists wish to teach their religion, there is a time and a place. Creationists have so far, undeniably, chosen to teach religion in Science lessons. In my country, you can't even teach religion in Religious Education lessons - you have to teach what the curriculum tells you to teach even if you're a satanist and satanism isn't on the curriculum. If you disagree, get the curriculum changed - but the curriculum SHOULD always be set by experts in the SUBJECT CONCERNED. Hence, religious experts should get as much say in a Science lesson as Scientists do in a Religious Education lesson. NONE.
Teaching creationism (as it currently stands using their previously-displayed tactics) in a Science lesson is the equivalent of me coming into your church/mosque/other place of worship, forcing science textbooks into your congregation's hands, demanding that Bibles all carry warning stickers about how unverified their sources are, lecturing to them about how wrong they all are, and FORCING THEM TO LISTEN.
In fact, it's worse than that... it's the equivalent of me doing this to YOUR CHILD'S SUNDAY SCHOOL, with nobody but a scientist "at the front of the classroom" and you not being present, for MANY HOURS a week. That's what creationists are asking, trying and in fact to some extent have achieved in certain states for a limited time (until uproar ensued and EVERY governor was thrown off the board and replaced with someone who DIDN'T believe this was a good idea).
Nobody cares about what anybody "believes in", what most people are concerned about are the methods, the venue and, to a much greater extent, the back-handed forced-ignorance of established curricula. Creationism in Science is the equivalent of being forced to learn that Pi is four in Maths, that full stops and commas don't exist in English, that sitting around makes you fit in PE or, indeed, that electricity runs through cables not by the transference of electrons but by the "magic angel dust" that a God put there in Science. They aren't relevant or correct within the scope of the subject being taught.
This is a SECOND underhanded attempt to change the law in a state in order to teach religion in something not a religious lesson (which is illegal in my country, by the way, even in a school with a stated religious bent). They call it a "Science Education Act" when it has NOTHING to do with Science. They slip it in after previously-dirty tactics failed. That's the problem, not what they actually WANT to teach (even if they were fighting for the teaching of the existence of the spaghetti monster, they are DOING IT WRONG, and the same people would STILL be up in arms).
That said, I'm a scientist. I think creationism is a load of pretentious, fabricated, illogical bunkum, more so than most religions that I hold to be merely completely untrue. But I don't go into RE lessons in the schools I work in and tell them that, or force them to recite it. If I did, I would be sacked. If any teacher in the schools in my country did, they would be sacked and quite possibly sued (and if the school allowed it, the school would be sued, etc.).
It's bad if an *outbound* software firewall is your ONLY form of defence. But it is an INBOUND firewall too and it does a damn good job of that, considering. I've had people back in the dial-up / USB broadband modem days who used it exclusively as a defence and there were no problems at all. They frequently got attack probes aimed at them and they all bounced off harmlessly. For five minutes work and a free download, it's much better value for money than trying to put a hardware firewall into computer novice's homes, with their 56k's and Speedtouch's.
But its main use is to turn off things that ask for the Internet that cannot be otherwise turned off, and does so without requiring TCP port rules etc. It also alerts even the knowledgeable user to strange Internet requests ("Opera is acting as a server"... is it? Why? Oh, I've hit an IRC address and it's trying to act as an IDENT server). If I could afford it, I'd put it on every Windows PC in the schools I work in (if I could move them off Windows, I would do that too) - it has an especially nice, centrally-configured network version so you can stop ANY program on ANY client that does happen to get executed from accessing the network/Internet unless it's on your whitelist - perfect for stopping a virus outbreak in its tracks.
Most importantly, however, it's fantastic as a basic Windows firewall for places where YOU CAN'T GET HARDWARE FIREWALLS. Say you have a wireless laptop that connects through your home network (a not-unusual scenario). The laptop is protected against Internet-based attacks but not against local wireless-based ones. So you either have to 1) rely on your wireless to be perfectly secure for the course of its life (WEP should have taught you that that is a silly thing to do), 2) Provide a hardware firewall on the laptop itself (means carrying another gadget like that USB stick that is a Linux firewall), 3) Using a VPN (which means forcing its use for everything Windows tries to transmit) or 4) using a software firewall. Zonealarm happens to be great at 3 AND 4.
For example, I have the following setup:
Windows laptop with wireless Wireless access point PC in the house with wireless card and OpenVPN Internal network Broadband connection
Everything past the Windows laptop is Linux and locked down (and I have Linux on a laptop to that connects in the same way). In my case, I use Zonealarm on the Windows laptop to MAKE SURE that nothing gets out across the (secured with WPA2) wireless connection except OpenVPN packets. This FORCES Windows to use OpenVPN (which it likes to avoid whenever possible, i.e. I plug another Ethernet interface into it and it changes routes etc.) for everything. I have an "insecure" network running behind the LAN but the only transit across it is via a secured VPN.
Without Zonealarm, you get hundreds of DNS, Samba, etc. requests coming out of the laptop, flying across the wireless, affecting speed, bandwidth and (potentially) security of the network. With a decent software firewall on Windows (or a decent TCP outbound firewall on Linux), I'm able to make sure that NOTHING but OpenVPN can talk to the wireless network - I could even turn off the wireless points encryption (or it be compromised, or obsoleted, or removed for incompatibility/speed/bandwidth/latency reasons) and it wouldn't matter because nothing but OpenVPN can talk out.
Without ZoneAlarm, Windows is VERY chatty on any external network, plus it's difficult (but not impossible) to make it use only ONE route (your OpenVPN tunnel) out of many possible routes without something like ZoneAlarm, especially if things change often (e.g. you put a second wireless card in, or plug in an Ethernet card etc.). I also found that Windows Firewall was absolutely useless for this, and presented problems using OpenVPN in the particular mode I wanted it to (UDP I think, but it's been a while since I've had to touch any config files for that).
With Windows Firewall, OpenVPN connections died before they could complete
More importantly, is handwriting even that relevant any more? Yes, they still teach "good" handwriting in schools but it's rarely about legibility as much as it is "follow these rules". I was taught to do a stupid "tidal wave" shape lower-case, joined-up "s" when I was at school and I was very pleased when they STOPPED that rubbish and just let me hand-write how I needed to. Their way took me several seconds per character, no matter how much I practiced, my way took me several characters per second and was always and still is clearly an "s" to everyone who reads it. And even my rapid-scrawl isn't anywhere near quick enough to get ideas down in time for my brain to move on to the next thing. Typing isn't perfect, but is much, much closer to my natural "thinking speed" when it comes to writing out letters. As it is, I can still type and spell/grammar check the previous paragraph without having to interrupt the flow of writing.
From working in schools, I know that the majority of handwriting is done to a school-specific style (so it's not even that we've "standardised" handwriting across schools). Handwriting-aid software typically has dialogs of configuration options because school X wants the lower case A to look like this, school Y wants it to look like that etc. And what happens when people stop "teaching" handwriting? The kids revert to their own, individual, perfectly-legible style that's much more comfortable to them. So why do we waste the time?
My mother, when I was much younger, had her first argument with the school about my handwriting. My teacher was trying to imply that I was stupid because I couldn't hand-write as neatly as the other kids, until my mother pointed out that it was because, at home, I was taught "It doesn't matter what it looks like, so long as someone else can read it." Making me sit in school at lunchtime copying hundreds of hand-written characters was a waste of time, because I was doing joined-up writing while the other kids were still on the "trace an A, then trace an N, then trace a D" phase of writing. What the school wanted was for me to join the rest of the class, having already "gone past" them. And to do it in a writing style that, trying to copy as an adult, is extremely uncomfortable and unnecessary.
Additionally, I've witnessed the slow but undeniable emphasis on computer use rather than handwriting in schools. Some of the "beacon" schools don't even use pen and paper at all any more, everything is laptops and PC's. It's still got a way to go before it's universal but kids now learn QWERTY at the same time as they learn to write. Give it another decade of two and hand-writing will become one of those ancient arts only practiced by people who bother to study it.
And in the end, that's a good thing. It's a nice skill to be able to handwrite in a legible way, but that's as far as it goes. In my own life, I handwrite about once a week or less, usually on Post-It's, or scraps of paper to sketch out ideas. 99% of the time, I'm the only person who needs to read them. Give me a Palm touchscreen that can print on Post-It's and I'd do away even with that little. Handwriting "neatly" is a waste of time, as is teaching handwriting by rote. Get the kids to the point where they can write any word and the majority of people can read it back instantly, then you're done.
Roll on the days where handwriting is a niche skill that you'll do adult-college courses in on a Sunday afternoon, and the only time you'll ever use it is to send a letter to a woman to impress her with some old fashioned romantic verse.
How do you know that the people whose OS code you use every day isn't that of a convicted felon? Or proprietry code for that matter? How do you know that MS aren't employing convicted felons? Employees may well have to DECLARE that they are of that type, but it doesn't automatically stop employment.
Personally, I wouldn't shake hands with the man (actually I wouldn't want to be near him for my own personal safety and that of my family) but I don't need to do that to use his code. This is the point of Open Source, nobody cares where the contributions come from (novice, hobbyist, professional, paid-for, etc.) so long as the code is good. It's all about the code.
Myself, I always found his mailing list postings slightly more than obnoxious and couldn't stand him before all this started, but that doesn't affect the technical work of his code. I'm less likely to choose to pick up his code and run with it if the only person I can ask help from is a person I can't get on with, but that's universal in coding. It's nothing to do with the existence or not of a criminal record.
That said, I've never used ReiserFS anyway, because it wasn't the default (basically) and the person trying to make it default was brash, rude and plainly horrible.
Yes, I agree. There are problems with line-of-sight but they can't be worse than radio-interference and also, light also makes interception virtually impossible for practical purposes (you can't see directed laser light easily without somehow affecting the signal - and in some circumstances you wouldn't be able to notice that laser-links were being used at all).
Unfortunately, the hardware just isn't there or mainstream enough. There is a project somewhere that I stumbled upon that had people building their own laser-light interconnects for serious distances (km's). It was all very technical, highly specialist and extremely expensive, but the bandwidth/latency was more than good enough to replace wifi without a second thought.
I've even seen homebrew "RS232 -> light" convertors that use infrared LED's. I think they could do short distances (10's of metres) at fast RS232 speeds (119,200+ bps) reliably. People were using them for things in their garden and stuff like that.
Imagine a world where instead of TV aerials, phone lines, satellite dishes, etc. every house has a set of light sensors/transmitters on the roof connecting to their neighbours, who connect to their neighbours. With enough connections, line of sight wouldn't matter in urban cities because you'd be able to route round the neighbourhood so long as you could see someone, who could see someone, who could see your destination etc. It's do-able TODAY, if you want to spend money, or if you don't mind about speed. Internet regulation really is a dead-end idea.
First, if it's Student/Home versions, then who cares? That's the junk that they bundle with the PC's sold in supermarkets (or, worse, you get Works with a "trial" of Office). Most people who use that are using it against the licensing conditions anyway - I would have put a four-year expiry on "Student" versions of Office if I was Microsoft.
If you're willing to pay for Office because some salesman in PC World tells you that you "need" it, then you shouldn't be buying a PC. Find a friend who bought (or preferably built) their own PC and get them to pick one from mail-order for you. They'll probably get a real copy of Office bundled with it for less than the price of the computer store PC's without it.
Seriously, mail-order actually gets a higher rate of technical people buying the PC's, so you end up getting more for your money but only the bits you NEED. I regularly recommend people to buy PC's, and when they come to me they are of two sorts: 1) "Saw it in PC World, bought it because the salesman said so, very expensive, lots of junk on it, can you do anything with it for me or did I make the wrong decision, oops too late now, I'll struggle along with it", or 2) "Saw this advert on Dell's website - do you think it'll do me?". The first ones literally just buy on the spot. Idiots.
The second category of people end up with cheaper, better PC's. The first category invariably end up replacing the thing next year because they find out it only came with an Office trial, it didn't have DVD playback software, the AV ran out, several dozen windows pop up all the time saying "upgrade this" or "buy that" from all the bundled software. And usually they do exactly the same when they replace it - buy what the salesman wants to sell them.
I usually tell them that I'll take their old PC off their hands if they are just going to throw it away, I wipe it clean, put an old license of "real" Office on it (or OpenOffice if I haven't been to a bootsale recently) and then sell it to the people from the second category at a bargain price. (In fact, most home users just want Word... they are perfectly happy with OpenOffice once they are past the scary "learning" stage, those who "need" Office are usually perfectly happy with just Word 2000 - I've actually had a few people that I've got Word 2000-only install CD's/licenses for and they are over the moon with them. If they insist on the complete Office suite, the exact Office version really doesn't matter, so long as they have the Office Import Filters - you can install that for them).
I can see this whole rental causing major problems next time I go into one of those computer stores, though. Now I'll be able to snigger quietly at the people who bring their PC's back because "Office says I need to pay again this year". Normally I can only snigger at the salesmen ("Dual core, sir, yeah, that means there's twice as much memory so you can save twice as many word documents on it, that's why it comes with a larger hard disk.")
And now, my universal rules of "knowledge about computers for use at home":
- Buy the cheapest machine that has all the bits you know you need. - Never pay for any "extras" that you don't see yourself using at least once a week (scanners, faxes, webcams, skype phones, etc.). - Never pay anything more than the base hardware / OS / software price (no warranties, insurance, support, installation etc. except possibly if it's a very expensive laptop). - Don't sign up with the bundled ISP's, or the first one you see on television. Ask a friendly local expert what they would recommend. They WILL be able to save you time and money with their recommendation in the long run. (PLEASE: No more AOL!) - In use, never, ever click on any dialog that you don't understand. If it's in your way, learn how to move windows offscreen. Maybe even make a printout and ask your friendly computer expert about it later. - Never pay for updates, upgrades or "new versions" of anything (you can invariably just carry on with the old v
The common theme within some of the comments here seems to be "let's build an open network". Although this is somewhat idealistic, it's not outside the realms of possibility. Cities are already smothered with open wireless networks, whether intentionally or not, and there's no way you can regulate the traffic among them. And P2P, although used on the "International Network", is essentially a local service... a closed group of people, usually from countries that speak the same language, sharing files with each other internally without a *requirement* for international transit.
P2P moving to such networks is an obvious possibility. Again, by heavy-handed and back-handed approaches (suing people without evidence, slipping clauses/laws into other laws by political maneouvering, etc.), the media industries are forcing people to use more and more ingenious solutions to sensibly meet their requirements (i.e. they'd like some sensibly-priced music that they can use, please). And as each solution's flaws are found, new solutions (without those flaws) present themselves. Regulation of traffic flowing over regulated internet channels? Remove the regulation by using *other* channels.
We seem to have come full circle - from the initial Internet, where private, unregulated networks joined up to decrease costs and increase connectivity, to a world where everyone has their own private network behind an ISP's public network, to (hopefully) a place where all the private networks peer with each other *without the intervention of an ISP*, except this time via radios. The only problem is international transit (Joe Bloggs can't exactly run a fibre over the English Channel), but the chances are that programs like Tor, etc. as well as the odd rogue network that connects to someone's actual ISP connection will solve that.
Maybe when 802.11n or its successor grows in popularity, we will see home networks that, even with enormous interference, crowded channels, limited range, primitive routing etc. are quite capable of peering with a number of geographical neighbours and passing traffic intelligently at a reasonable speed. You don't even have to take account of "ISP T&C's" because you don't NEED to pass the traffic to the Internet at every possible point, only to be able to pass it on to someone else.
I had a quick look and all of the community wifi projects I can find in my country are very small and localised, or don't exist any more. If there was one operating near me, I'd gladly hook up an old Linksys and an enormous antenna and let it freely pass traffic - everything would have to be encrypted, anyway, because an open network is an open network but if all it needs is to be "plugged in", and not actually connected to anything else physically, or to the Internet, there's no reason we can't each have a little cube in our homes that costs about £10 and lets us connect to every house in the street and pass traffic. If there was the possibility of such a "darknet" running over it (free VoIP calls, free music, free movies, no Internet charges, etc.) I'm sure every student would have one.
Then, not only do the music industry etc. run into the problem of *detecting* the traffic in the first place (no black boxes on a private net, a physical presence required in every locality, and being able to defeat the encryption), but that if done properly, traffic's transit route, origin, etc. are impossible to determine. They may try to close the system down, of course, but then you have a much larger problem - you're effectively trying to shut down the entire Internet. Except all the "nodes" are private individuals, without contracts, without liability, without regulation, and, if they are cheap enough, rogue solar-powered blackboxes stuck in hidden locations around towns and cities and replaced whenever they are discovered. Just how do you shut that down without bringing a country into riots?
The real Internet2 isn't going to be an academic project aimed at pushing Gb/s over international fibre, it's going to be a nationwide collection of cheap Gumstix with a solar panel and wifi, sold at cost price, one per home, that let's people escape most of the communication regulation foisted upon them.
For a start, "crawlable" does not mean it WILL be crawled. More likely, most flash will contain nothing but junk and internals that were never meant to be seen anyway. I wonder when the first "we recovered a password that was stored inside a flash file" / "we googled for vulnerable flash apps and found these" hits will come about. And, as someone's already pointed out, if you *can* extract the text from them, you can't do much useful with it besides say "it's in this Flash somewhere". You can't even do "find in page" once you've clicked on such a link. And if it's at the end of an hour-long Flash animation, you're not going to sit through it.
Then you'll have some people who have actually used bitmaps instead of text inside the Flash for various reasons, etc. The only useful thing to come out of this may well be a "View as HTML" version of Flash-only pages. But they will still be second-class pages because the designer didn't want to do it theirselves.
Given that people who use Flash aren't exactly the most popular people in the world (e.g. if you want it to appear in Google, be read by people, to be bookmarked, to be quoted/cited/linked etc.), this won't affect much - Finding content in a Flash file is like looking for a needle in a haystack. That's the problem solved by this announcement. However, finding *useful* content in that file is going to be even worse, and actually getting users TO that data will be almost impossible.
I imagine that the same thing will happen as it did with images, PDF's, etc. Those who design their Flash well will get something indexed and it'll actually get a hit or two from "View HTML Version" on Google. Those who don't (i.e. 99% of the people who make them) won't see any difference at all.
I'm not even sure "copyright" applies to the letter here, either. Received personal correspondence doesn't automatically count. Although, this may vary depending on territory etc. I should imagine that they have to make exceptions for certain things (i.e. I may not be able to scan in an advert I receive as junk mail and post it verbatim online... but then again, I may be able to).
Otherwise, you'd be in all sorts of stupid situations where threatening letters cannot be reproduced, copies of correspondence cannot be forwarded to the correct person, you can't quote from previously received letters, photocopies cannot be given to your lawyer etc.
If there *are* restrictions, I imagine that they don't apply to personally targeted correspondence which you reproduce faithfully (i.e. you don't just put their letterhead on another letter) and post yourself. Even if there WERE restrictions on such activities, there probably isn't a court in any reasonably sensible country that would do anything to do for doing so, and *thousands* of people have done this without more than fist-shaking threats.
It's 2 & 3. Speed camera's only make the road safer indirectly - by slowing penalising bad drivers. If you wanted to improve road safety, it's simple - make everyone re-take their test every X years and heavily punish people who drive unlicensed. You'd solve congestion, road safety and pollution in a second. And why shouldn't they make you re-take it regularly to ensure driver's are still fit to drive? Most similar professions demand this.
Of course speed cameras are a cash cow, because plonkers who speed MAKE them one. If you don't break the law, you won't get fined. It's incredibly easy.
And, I'm sorry, but your justification for 2 is possibly the most ludicrous thing I've ever heard. "Enforcing the law just because it's the law". And it's not blindly - it catches anyone who breaks the law, proven by simple physics. If you don't like the law, GET IT CHANGED, but you can't just break it because you disagree with it. Nobody ever tries this. Nobody ever sends round a petition asking for higher speed limits. Nobody ever lobbies with a scientific study of how faster speeds could improve road safety etc. and you even have compelling scientific evidence already present in developed countries which have roads without limits. Not one person that I've heard disagree with the use of speed cameras lobbies to change the speed limits (probably because they KNOW they are reasonable - 30mph is a built-up area is too fast when a kid runs out in front of you, etc.), but they would make themselves heard in a second if they thought the police would remove speed cameras.
And people are NOT safely exceeding the speed limit, by definition. The speed limit is the SAFE limit (do you want that "80% of people struck over 30mph die, 80% struck under 30mph live" statistic repeated?). If you disagree, present evidence and get the law changed, but in the mean time STICK by that law.
I think speeding offences seriously embarass certain countries - we have a strict, accurate, reasonable measure of a scientifically-accurate value which is prominently displayed on all roads and in all cars and yet when people DELIBERATELY and DEFINITELY break that (with a far-too-reasonable margin of error), we give them a slap on the wrist so many times and allow them to continue to do the same almost indefinitely (if you don't believe me, go to a UK court that deals with speeding offences and listen out for the phrase "I need to drive to earn a living" - very, very, very rarely do licenses get taken away, no matter the number of previous offences/points/fines).
And don't get me started on the "you're now banned from driving for six months" when it's said to someone who didn't have a valid license in the first place.
What other activity do you do that requires you to control a piece of explosive machinery (that contains more legally-mandated safety features than a Formula One car), that carries passengers, moves at incredible speeds within inches of other such machinery/people/property on public property, that requires you to be insured in order to legally do so, that requires an extensive proficiency test that you MUST pass but which, when you deliberately and beyond doubt break the laws surrounding it, gets you a small fine and a "don't do it again"?
The GPS is not the problem here, it merely exposes an already-present problem. Stupid drivers who don't know the height/width of their vehicle (despite having driving qualifications that require them to do so). Stupid drivers who can't read signs. Stupid drivers who LOOK AT THEIR GPS while they are driving - every single GPS has a warning on it about this, some of them even announce it every time you turn them on. EYES ON THE ROAD. Then, using a GPS is no more dangerous than taking a driving test - you are following oral instructions from something within the car but your FULL attention is on the road. If your driving examiner tells you to mow the old lady down or speed up to 80 in a 30 area, you wouldn't do it, so don't follow what the GPS tells you blindly.
It's like saying that speed cameras are at fault because people brake heavily before them. They are not, they are exposing the problem that stupid drivers have always existed and yet nothing is done about them. You should ALREADY be at the speed limit (in fact, significantly less than, in almost all circumstances). If you have to brake heavily, the problem is YOU. YOU have created the hazard yourself. In the same way, you can't "blame" a plastic bag flying in front of your car for the accident that meant you hit someone in front, who was not a safe distance away. YOU were too close. YOU shouldn't be. YOU did not have a safe braking distance between you and the car in front. The plastic bag didn't press the throttle for you or cut your brake lines.
The solution to these problems is not to jam GPS or get rid of speed cameras, but to START TAKING PEOPLE'S LICENSES AWAY. If you do either of the above, you are NOT fit to drive. You would not pass the legally-required driving standard that you HAD to pass to get a license in the first place. We know you're CAPABLE of doing it because you have done it at some point in the past. So you have NO excuse. If a pilot crashed his plane because he was going too low, he'd not only have his license revoked, he'd be before a serious court very, very quickly. What makes you think a ton of solid metal on four wheels should be any different? Or worse, in the case of lorries, up to 18 tons in the hands of someone who can't tell they won't fit under a bridge! Do you want drivers like that on the road, who can't judge to within a foot or so whether they'll make contact?
Don't blame the GPS, blame the idiot who didn't read the signs.
But the statistics for the top500.org show that over 9000 processors is way above normal for a supercomputer cluster up there. In fact less than 5% of machines in the entire 500 have more than 8000 processors, with the majority around the 1-4k mark. Oh, and 85% run Linux-only with an amazing 5 (not percent, actual projects) running Microsoft-only. So it looks like MS did this through hardware brute-force, not some amazing feat of programming. But then, that's true of them all. Although being in the top500 list is "good PR", it doesn't mean that much.
I wonder what the licensing is like for a 9000-processor Windows Server, though?
"And that means connecting a huge amount of strange hardware."
I would differ on this point. Most hardware works. Most of the hardware that doesn't is niche, old, obscure or rare. This doesn't mean we should be supporting it all, because most people who own it will KNOW that - every OS they try with have limited support for it. I own a vast array of hardware collected over the last decade from schools - there are esoteric, unusual, low-production, specialist, ancient, homebrew, brand-new and just plain weird hardware in my boxes. The vast majority of PC-compatible stuff works on Linux. The only examples I've personally found that DON'T work at all are:
- A £2 USB IrDA adaptor (the other ten just work). It's not detected and looking up the usb.ids list shows me that almost nobody else has one the same model - I suspect it was recalled or had a very limited production run. - An ISA "video backer" card (uses VHS tape for backup through component video - 4Gb on a 180min tape!), actually, there is software for it but I couldn't get it to work (I wasn't trying hard). I reckon it's just too old for the kernel I was trying on. But then, I had to hunt around to find a computer with an ISA card - I found several dozen but most of them were too old to boot up or couldn't run even an ancient version of Linux/Windows/DOS. - A handful of Winmodems that work with the proprietry "Linuxant" drivers if I pay for it. About a one in five ratio between working modems and non-working Winmodems out of the dozens I store. That's pretty damn good but still the worst ratio for any hardware I know. - A parallel port scanner that I can't even connect to anything past Windows 95 without it crashing the machine dead. It gets conflicts if you have a soundcard installed at all, it crashes all the time, it doesn't allow ANYTHING to use its passthrough parallel port.
I estimate less than 1% of the hardware fails to work entirely, and less than 2% will load if you can use a binary driver. The rest is just pure hardware that just works. And this is in schools, where cheap crap gets priority and teachers buy things because a salesman says so. Examples of things that work include:
- PCI S3Virge card with FOUR S3 chips and four D-Sub outputs each (possibly the largest interface card you've ever seen in your life), for multi-displays back when SLI hadn't even been heard of. - Electronic microscopes designed for Windows only. - Various "control" hardware, including Lego, robots, the original floor turtles, hardware originally made to work with BBC Micro D->A convertors. - Fingerprint scanners for library control systems (we don't use them for legal reasons). - Card readers/writers - Scanners that plug direct into ISA sockets (literally - the interface card is little more than a voltage-regulator with a plug on the back of the computer to plug the scanner in) - Interface cables for Psion organisers that have been "customised" for educational use.
And most of that's before you get near the stuff made in the era when Open Source started to take hold. The Wiimote, for instance, was supported very, very quickly without any help from Nintendo. The OS drivers mean it works on all platforms now. It's being used in everything from military research to "over-the-net" hospital operations. All without Nintendo's help. But *with* Nintendo's help, it could be the de-facto controller for just about anything.
"So yes, having open source drivers for everything would be great. However I think that we can agree that this wont happen"
I don't think we *can* agree here. I don't see it happening *any time soon* and it will never be for *everything* but the vast majority of hardware that's out there already has OS drivers, whether by the manufacturer or third-parties.
"I think you greatly exaggerate the issue of kernel versions."
I honestly don't. Taking, for instance, the drivers for my ATI/nVidia cards (the closed-source binary in an open source wrapper) - every few mo
"Is it technically impossible to provide for closed-source drivers in Linux?"
No. But it provides an ENORMOUS technical and legal hurdle (nobody's even sure yet if binary kernel modules are legal in most countries, although the *intention* is that they are). Supporting closed-source means, at some point, freezing interfaces, which means supporting every version of every interface created indefinitely. That's an AWFUL lot of work that would have to be done by precisely the people who don't want to do it and have enough to do already. You are doubling their workload by this simple request.
"Many people simply want Linux as an alternative to Windows, and a good alternative it is already."
Correct. Unfortunately, that's up to THEM to do something about, because that's not why Linux existed, exists or continues to exist. Linux is an OS, so in that sense it's an alternative. But it's not Windows. It won't ever BE Windows. It's just an OS. Who here complains to Apple because the Mac doesn't work with their Windows-only printer? Very, very few people.
"But insisting on open-source drivers will make the situation worse, not better in the long run: more and more special-purpose hardware is getting attached to the computer; mobile devices, chipcard readers, entertainment devices, GPS devices... the list goes on and on."
Yep. And none of it we know how to drive, how to support, how to operate, how to upgrade, how to interface or how to port to other machines (like, I don't know, all those other alternative OS's that don't have compatibility layers). It's all just "black boxes" that sometimes (often, actually) the manufacturer's don't even know how they work. Just throwing in drivers "because they work now" isn't any good in the future, and certainly isn't any better than saying "Well, you'll have to run DOS if you want X to work". What's the difference between that and "You have to use Linux kernel 2.5.12 and our binary-only driver v 1.4.1"? The latter is available now for all current closed-source Linux drivers too... I can run my ATI card on Linux 2.6.1 with an old ATI driver just dandy. I could never upgrade that machine, though. They stopped supporting my card and they made the last compatible release for kernel 2.6.15.
Closed source drivers work now and break (for certain) in the future. Open source drivers have trouble working now (although that's not certain) but work the same or better in the future. With company co-operation, that can turn into "works before the product is out, works until there aren't any products that use the same driver in the general marketplace". Look at some of the 10Gig cards, or NX-capable processsors - there were drivers in Linux for them before anyone had even put their products out on the market.
"It is simply naive to think that we will get open-source drivers for all of these."
But experience shows you wrong - every single network card vendor on the planet had the same idea of not supporting their cards. Now almost every single network card, from token ring to wireless-N, on the planet is supported, and usually supported under Linux first. The only hardware that *doesn't* work is stuff that people don't care enough about to reverse-engineer or to build a compatibility layer for, or where there are legal issues. For those same hardware, even the closed-source drivers are now usually, or will be soon. And to be honest, most of that stuff won't work in Vista, or ME, or 98, or DOS, or Mac or anything else. And in a few years time, it'll break BEYOND REPAIR even in Windows either by a Window Service Pack or the next version of Windows.
Intel have Open-Source chipsets. AMD/ATI are open-sourcing. RaLink release a set of GPL drivers for their wireless cards. *Virtually* every piece of hardware in the world (as a percentage of overall items sold, e.g. the "production-run-of-ten" cheap knock-off PCI cards that don't have OS drivers don't really count against the 10 million sound cards sold which run
I don't see that not having a flashy GUI means anything. I grew up in a world where I saw flashy GUI's for exactly what they were. I was much happier hacking DOS to get that extra few KB of base memory than I was playing about in Windows 3.1.
The problem is that you can't foster curiosity, which is the main driver here. Nothing will make you sit down and learn a programming language more than curiosity for what you can make the computer do, whether you can do something better than Microsoft, etc. You can try very hard to keep interest, though, and there practical results tend to have greater effect - this is why most basic ICT in schools is based around roaming turtles, Lego RCX, "traffic-light" kits etc. Computer-controlled with visible, physical effect.
Personally, I think the best way to foster the right computer skills isn't to use a computer much at all (this is a philosophy I've held for most of my life - the best way to program is in your head, not a machine - the best way to write a story is on paper, not a word-processor, etc.). The best things to use to learn are simple gadgets. I'm not a gadget person. I'm not even very good at electronics but I struggle along and get a lot done.
Wire your house for a burglar alarm, controlled by a computer, and involve your children in every step. If your practical skills aren't up to scratch (good, you can "learn" by your mistakes together and your child can try to "out-think" you when you both hit the same problem), you can get X10/DMX-style equipment that makes it a cinch. But there's nothing like a bug that'll scare the crap out of you when the alarm goes off because you didn't cater for a niche-case (opening the back-door while the power was out etc.). It only needs an ancient "sacrifical" computer that doesn't matter if you blow its parallel port, and it introduces every single reason behind having computers - automate tasks that a human could do using simple, cheap components.
You can learn programming, you can learn embedded programming, you learn about the importance of bug-checking and clean code, you learn about interfacing, buses, serial/parallel data transfer, physical and real-world effects and how to counter them in software (e.g. switch debouncing). You even get to learn how the damn computer does its job so that it's no longer a magic box that does stuff. You get to interface with all types of cool gear. You get to bring practical, real-life skills into the learning environment which can help immensely if your child learns better that way. (And I don't count "how to write a letter in Office", I mean REAL life skills, like practical problems, electricity and electronics, wiring, why the bloody ladder won't stay still and why Daddy put his foot through the roof).
The rewards are instant, visible, practical, extendible and "show-off-able". The "reward" of having the whole family laugh at a a doorbell that plays a WAV when someone presses it is very rewarding especially when "it was all my son's work". My particular favourite is a doorbell that goes "knock knock" when you ring it. I also bought an old-fashioned door knocker which has an integrated switch in it and want it to set off a "ding-dong" sound, just to see the postman's face. I'm doing it with simple electronics and one of those recorable greetings-card chips but you can do it with a PC easily. Ten minutes of very basic wiring to an old-fashioned joystick port (ancient laptops are great for this sort of thing), a WAV file off a free website and a twenty line program. You can see exactly where his skills lie. Is he a better programmer? Is he a better thinker? Is he better at practicalities? But no matter what he is, it's so simple to do that you can have great fun wiring it up (probably with Mum in the background tapping her feet because she's getting sick of "Yankee Doodle" every time the neighbour's call).
Then you need to get to the point, as quickly as possible, where he can *think* of new stuff to do himself. You started with a doorbell
Okay, I don't dabble deep in DNS but I have a few quick questions. The RR thing is nasty because sub-domain authority implies domain authority. That's just silly and I'm stunned that something so simple is still true. I imagine there are a million and one "good" reasons for it, but it appears to be a gaping hole that could easily have been removed.
However, on the "let's spoof a DNS response" front - if a DNS server/client is being sent lots of spoof reponses, how long until they are picked up by a filter and blacklisted, tarpit'd or similar at the ISP end? This is the solution surely, even if you can send millions of packets with incorrect QID's and similar identifiers at a DNS server, like any other service at some point it has to say "you're trying to be naughty" and blacklist any packets, sound an alert, get the upstream filters to block such traffic etc. (This is, of course, assuming that there are at least some systems in place to stop or limit source-IP forgery in the first place). It might even be a good idea, at this point, for such servers to not trust their data, and constantly compare their copies with those available from the nameservers. If "fluctuation" of the data (between real and spoofed responses) is detected, then sound an alert on that domain.
How many responses does an average DNS server get that are invalid because of purely accidental causes (e.g. corrupted packets, mis-configured routers etc.)? Surely it's so few that it can instantly blacklist any suspicious activity, like trying to poison recursive caches in this manner.
I imagine that most home routers are extremely stupid and can't stop such things because they rely almost exclusively on the ISP's DNS servers to do their job and a flood of fake packets will not be picked up (this is, however, one of the reasons that I've always used "DMZ" or PPP half-bridge settings on ADSL routers to throw all external packets towards a real server rather than relying on some VxWorks firmware to handle IP-based attacks). But the servers? They *should* be filtering, cleansing and blacklisting packets even before you get into whether they have the most up-to-date patches, and a security fix to enhance the randomness of X etc.
It seems that the DNS servers are too trusting of "correct" packets that come as part of packet-floods of incoming data that is *obviously* false. DNS clients accepting data appearing to come from a trusted host is not nice, I agree, but recursive DNS servers should know better.
Or have I missed something incredibly obvious here?
I don't really care because my ISP wasn't vulnerable to this attack when I first tested it about 10 minutes after the first posting about its potential on the blog, and I'm pretty sure that they wouldn't have had any more advanced warning than anyone else.
Having said that, the DNS servers provided by LGfL's broadband supplier are, apparently, vulnerable. (London Grid for Learning, a London-wide schools extranet that virtually every London school, of which there are hundreds, use for their Internet connection, DNS servers, content filtering, etc. as well as their external content host). But, knowing LGfL and the way UK IT operations that are in any way involved with government work, that's not surprising at all.
Yeah, it's a silly mistake.
But you should be testing things like this first, and whenever you upgrade you should really be looking at/for all .rpmsave or equivalent files first to make sure nothing has changed in the meantime. Otherwise, you're just removing your config and replacing it with the default whatever happens. You should also be checking .rpmnew (or equivalent) each time to check that it hasn't changed in terms of syntax, defaults etc. (which, let's be honest, is quite likely for such an important update - especially given that we hardly know what the exact problem is yet). I wouldn't go so far as to suggest intimate analysis of packages while they are still packed unless the systems you are running are quite critical to the operation of a business.
Part human-error on RH's part (it happens). Part incompetence in not testing the updates yourself first. Chances are that if I were affected by this, I would catch it as part of "right, what did that package change?", or notice as part of usual testing later, and then just move the file. I probably wouldn't even bother to send RH a note.
If you have a DNS server, that suggests that there are reliant computers. As courtesy to all those reliant computers you HAVE to test changes and check carefully what they are doing first. If you were "stung" by it, it suggests you hit this problem on ALL your DNS servers and/or that you only have one DNS server anyway. To deploy packages like this on such a setup is just asking for trouble.
A quick google turns up:
http://en.wikipedia.org/wiki/Avionics_Full-Duplex_Switched_Ethernet
Which suggests that Ethernet-derived products are, indeed, used in critical systems (although this seems to be on-aircraft rather than in ATC). It (apparently) has seen wide deployment on common "famous" aircraft.
And the UK has been "upgrading" its air traffic control for years and years - so much so that they now appear to be nothing more than an office with some multi-head display if the footage shown on news-reports of a year or so ago are to be believed. It's concievable that this is truer than you would think.
However, I bow down to your knowledge as I know nothing about aviation at all.
Windows 98 is okay but DOS is too old? Eh?
First, we have NO idea what you actually want. Are these going to be running dumb terminals, displays, "embedded device" roles, what? What sort of machines are we talking about? What sort of budget do you consider acceptable?
Seriously, if you want things to boot THAT quick, you're either going to have to spend money (LinuxBIOS, replacing with ARM or other embedded devices etc.) or you're going to have to compromise (DOS or some other really-cut-down OS). FreeDOS is used in these sorts of things all the time, even for networking appliances with appropriate drivers loaded. People have FreeDOS MP3 players in place of their CD-players in their car. Virtually-instant to boot.
Back in the day, you could get an old DOS machine to boot really quickly if you optimised everything and cut out all the cruft (BIOS boot times were actually a large part of it, unfortunately, what with memory-checks, floppy-checks etc.) . Guess what, you won't get that same machine to boot any quicker today without replacing parts.
If you have minimal actual software requirements (i.e. they ain't doing anything fancy and need to boot REALLY fast), then you're looking at DOS. Otherwise you're looking at Linux (if you want to keep licensing, support, compatibility costs down) unless you want to buy XP licenses for them all. Wouldn't like to think what Windows 98 would work like in this on/off scenario. I suspect that it would start crashing out, hitting filesystem checks, etc. eventually no matter what you tried. And Windows 98 is SLOW to boot. Incredibly so. For a start, it loads DOS first and then kicks itself in after that!
After you've sorted the OS, if you're still struggling then you can look at things like LinuxBIOS (sorry, but that's the only way you'll speed up the BIOS boot times on older PC's but the chances are that it's just not supported for your chipset).
To be honest, from a power-saving perspective, just bin the lot (see if you can get a few quid for them first) and then buy some Gumstix or similar embedded board, Mini-ITX etc. You can literally leave something like that on 24/7 and not pull anywhere near the power you would draw with an old PC in one hour. And you can have them boot extremely fast and minimally.
Re-using old hardware is great. Expecting it to perform brilliantly isn't. Booting reliably into a powerful, full-featured OS in a handful of seconds *is* performing brilliantly. We couldn't do it back in the days of DOS devices with standard PC's, you aren't going to manage it now without making some cutbacks on your expectations. And then for about £50 each, you can get tiny, powerful, power-saving, fan-free, embedded ARM units with Linux that'll do anything you want.
You have unrealistic expectations.
Having had this (and other similar) conversations follow through LWN.net, LKML and various other places that just won't let me escape it, all I can do is express surprise that the article wasn't "Sponsored by PaXTeam".
Similar arguments keep getting raised by various people affiliated with that name and again and again they just don't listen. It took weeks to get them to bring up such problems in a proper, public forum and now they are just shouting for nothing more than attention.
Nobody cares, because they can't be bothered to 1) listen. 2) Use appropriate forums. 3) Express alternatives 4) Take no for an answer. I tired of the arguments on LWN, and increasingly I'm getting tired of visiting websites/forums/mailing lists where the same people are starting the same arguments again.
If you're worried about security, keep your software updated. You WILL hear about anything REALLY important. If you don't keep it updated, that's much more of a problem than anything else.
First, nothing says this is gameplay footage, not even the page itself. It says "trailer".
Secondly, if it IS gameplay, it's going to be the worst game in the world to control. The camera zooms about absolutely everywhere, in silly places, with little or no thought of what it's looking at or why it's chosen that angle (which suggests a bad camera director of a trailer than a game THAT poor at picking an angle).
Third, some parts of it look absolutely grotesque. All the character's 3D models have outlines, ffs. The "grass" at the end looks like something out of Doom. The only decent parts are the far-off windmills over the town.
Fourth, there is nothing of actual GAMEPLAY here, such as what you're doing, how you fight, how you see where to go next. NOTHING. It's some 3D models in an empty arena doing lots of jumping about to random locations.
If it's gameplay, count me out. If it's a trailer, it's a truly pitiful trailer, that really doesn't deserve a link, let alone a front-page one.
1) Manufacturing fault - not every router is identical and I wouldn't be surprised if the hardware in sub-£50 hardware isn't top-of-the-range (e.g. memory that just had enough banks working even though it's specc'ed to be more etc. - this has been going on back as far as the ZX Spectrum, a quote from the wiki article: "To reduce the price, the 32 KB extension used eight faulty 64 kilobit chips with only one half of their capacity working and/or available.", and Intel/AMD are still doing the same thing with multi-core chips). Things fail randomly too. That's life.
2) Environment - Power, heat, humidity, physical shock, cabling specifications, static-shocks, etc. Any and all of these can fluctuate in any location, let alone if you are talking about a million units in different people's houses. They won't behave the same in every location.
3) Crap software - The firmware isn't designed to NASA longevity standards. It's designed for home users to get on broadband once a day to check their email. Live with it, or replace it with one of the Open Source ones. This is why hard P2P use craps out most basic hardware - the software isn't built to cope. This has been true since the very first broadband modems/routers came out.
4) It's you - Personally, I've seen identical hardware, from identical batches, of very expensive models go into two people's houses. One person will treat it kindly, site it well, treat it with care upon unpacking, basically treat it as a sensitive electrical device (hell, sometimes they're so frightened of damaging the thing that they go overboard). The other will throw it around, plug the thing on/off/on/off while testing it, site it poorly, drop it, leave it in damp locations etc. without even realising they've done it.
No. 1 is a fact of life. Pay more = get more. No. 2 = Avoidable to some degree. No. 3 = Completely avoidable, but you may have to try something other than the default firmware.
No matter what hardware you're talking about, No. 4 will hit you if you are like that. I've seen home PC's that have been running for less than a year which people ASSURE me have received no damage, been locked away from the kids, etc. and yet the hard drive registers SMART failures for sheer number of bad sectors. Identical batch harddrives in identical PC's in other people's homes last forever without a single error.
Personally, my WRT54GS has been working fantastically for about a year now. Over that, in fact. Bog-standard firmware (I think it's even out of date, because I just used the factory firmware). Used every single day by many wireless clients, tons of traffic of every kind goes through it. Periods of dozens of config changes an hour, periods of months of unattended operation. Periods of massive wireless interference, periods of none. No crashes, no weird behaviour. Real power cycles, software power cycles, brown-outs, black-outs, no problem. I have it on a UPS now but it ran for ages without one. About the only problem I have with it is that I forget to put the 's' in https:/// whenever I try to access its configuration page.
Similarly for my ADSL Router (some cheap Conexant thing, doesn't even have a brand name on it, think it's eTec). That's been going for nearly five years now. It carried itself well through several speed upgrades, several changes of location (by many, many miles), half a dozen powercuts, several ISP faults (where the connection died but the router stayed up and endlessly tried to reconnect).
And my brother's equipment (printers, print servers, ADSL Routers, ancient wireless access points).
And all of the cheap rubbish they buy in work (including three consumer wireless ADSL routers on different Wifi channels, used as a mobile hotspot for a laptop trolley).
In actual fact, the only things that I've seen actually lock hard on a regular basis or a predictable one are:
Several very expensive Ethernet switches that lock REALLY hard if you get a network loop that goes un
The only "defences" you could have against such MITM attacks would be either chains of trusted keys for every site that uses the system (a hefty burden and a central repository of trusted keys makes it the main target for attack, either DoS or infiltration) or: have sites supply their public key information via DNS or similar and have clients cache it, which is easily spoofed, but at least you'd know when something "changed". A bit like SSH's authorized_keys.
There seem to be a lot of distributions whose package managers rely on the keys/hashes to "secure" the packages, where the mirrors are providing those keys/hashes. Silly idea - always has been, what makes this news?
What this article is basically saying is "anyone can be a mirror" (Yes, that's the point, without that you wouldn't be able to get a release/security update for ages after its release, or you could just take one website offline and stop all package updates worldwide - both are worse for security than the alternative) and "some package managers don't properly check the authenticity of a package from a mirror". The second is a problem that's easily fixed and shouldn't be present, granted. What idiot would accept a valid signed package without first checking that the root key it's signed with isn't current, valid and not revoked? This is like your web browser navigating to random SSL websites without first checking that the certificate chain is correct and valid and ends in a trusted root.
1) Download key from "redhat.com" or wherever (DO NOT USE MIRRORS), or from the CD, on first install.
2) Everytime you are asked to fetch a list of available packages, check the authenticity of that key against "redhat.com" directly (DO NOT USE MIRRORS), check the expiry date, check for revocation information, or allow the user to override (their fault), or check public keychains.
3) If the key ever changes, ALERT THE USER before you do anything with it (don't try and get smart by signing a package with the old key that introduces the new key to the world, or automatically accepting a new key). Then the distribution should NEVER use that old key ever again, and maybe even resign all old packages with the new key.
4) Use that key to verify all packages downloaded from any mirror against the GPG signature from that package (for ultra-security, get that from a second, random mirror, or the official website).
There's a small window of opportunity for compromise on machines that install packages without checking first, or assume that because a key was once valid it always will be, or are significantly out of date and don't check the "definitive" source for a new key first but you'll never remove that completely. The way to do that is to check the root key, reliably, on a regular basis. But then if you have an old machine that still has the key from the install CD, and that key is compromised, and the machine does not have reliable (read SSL with significant trusted chain) means of contacting the main server without possibility of spoofing for a new key, then you have a problem.
I don't see why this is "news" or even vaguely important except to show up distros that aren't ALREADY doing it this way.
BTW: This is why I do package management on Slackware using a script that makes *me* get the GPG-KEY from slackware.com first if it ever changes (including checking if the IP of ftp.slackware.com has changed, the date of the file has changed, the key itself has changed etc. but if they can compromise my access to Slackware.com without hitting one of those checks, I'm stuffed anyway), why I have an RSS feed of Slackware and check the website myself regularly (just in case the key requires changing and news is posted about it), why I only use trusted mirrors, why I download the GPG signature and package from seperate mirrors and why nothing gets installed without that GPG check succeeding. To be honest, I see this just as being sensible for anything that goes into production. I'm still waiting for a rogue Windows Update, but it surprises me that some distros (or administrators) don't ALREADY do all this...
Absolutely correct, in some respects. Misleading in the case of this article.
What you are missing is that (if, as has been done before and incorrectly) the creationists wish to teach their religion, there is a time and a place. Creationists have so far, undeniably, chosen to teach religion in Science lessons. In my country, you can't even teach religion in Religious Education lessons - you have to teach what the curriculum tells you to teach even if you're a satanist and satanism isn't on the curriculum. If you disagree, get the curriculum changed - but the curriculum SHOULD always be set by experts in the SUBJECT CONCERNED. Hence, religious experts should get as much say in a Science lesson as Scientists do in a Religious Education lesson. NONE.
Teaching creationism (as it currently stands using their previously-displayed tactics) in a Science lesson is the equivalent of me coming into your church/mosque/other place of worship, forcing science textbooks into your congregation's hands, demanding that Bibles all carry warning stickers about how unverified their sources are, lecturing to them about how wrong they all are, and FORCING THEM TO LISTEN.
In fact, it's worse than that... it's the equivalent of me doing this to YOUR CHILD'S SUNDAY SCHOOL, with nobody but a scientist "at the front of the classroom" and you not being present, for MANY HOURS a week. That's what creationists are asking, trying and in fact to some extent have achieved in certain states for a limited time (until uproar ensued and EVERY governor was thrown off the board and replaced with someone who DIDN'T believe this was a good idea).
Nobody cares about what anybody "believes in", what most people are concerned about are the methods, the venue and, to a much greater extent, the back-handed forced-ignorance of established curricula. Creationism in Science is the equivalent of being forced to learn that Pi is four in Maths, that full stops and commas don't exist in English, that sitting around makes you fit in PE or, indeed, that electricity runs through cables not by the transference of electrons but by the "magic angel dust" that a God put there in Science. They aren't relevant or correct within the scope of the subject being taught.
This is a SECOND underhanded attempt to change the law in a state in order to teach religion in something not a religious lesson (which is illegal in my country, by the way, even in a school with a stated religious bent). They call it a "Science Education Act" when it has NOTHING to do with Science. They slip it in after previously-dirty tactics failed. That's the problem, not what they actually WANT to teach (even if they were fighting for the teaching of the existence of the spaghetti monster, they are DOING IT WRONG, and the same people would STILL be up in arms).
That said, I'm a scientist. I think creationism is a load of pretentious, fabricated, illogical bunkum, more so than most religions that I hold to be merely completely untrue. But I don't go into RE lessons in the schools I work in and tell them that, or force them to recite it. If I did, I would be sacked. If any teacher in the schools in my country did, they would be sacked and quite possibly sued (and if the school allowed it, the school would be sued, etc.).
It's bad if an *outbound* software firewall is your ONLY form of defence. But it is an INBOUND firewall too and it does a damn good job of that, considering. I've had people back in the dial-up / USB broadband modem days who used it exclusively as a defence and there were no problems at all. They frequently got attack probes aimed at them and they all bounced off harmlessly. For five minutes work and a free download, it's much better value for money than trying to put a hardware firewall into computer novice's homes, with their 56k's and Speedtouch's.
But its main use is to turn off things that ask for the Internet that cannot be otherwise turned off, and does so without requiring TCP port rules etc. It also alerts even the knowledgeable user to strange Internet requests ("Opera is acting as a server"... is it? Why? Oh, I've hit an IRC address and it's trying to act as an IDENT server). If I could afford it, I'd put it on every Windows PC in the schools I work in (if I could move them off Windows, I would do that too) - it has an especially nice, centrally-configured network version so you can stop ANY program on ANY client that does happen to get executed from accessing the network/Internet unless it's on your whitelist - perfect for stopping a virus outbreak in its tracks.
Most importantly, however, it's fantastic as a basic Windows firewall for places where YOU CAN'T GET HARDWARE FIREWALLS. Say you have a wireless laptop that connects through your home network (a not-unusual scenario). The laptop is protected against Internet-based attacks but not against local wireless-based ones. So you either have to 1) rely on your wireless to be perfectly secure for the course of its life (WEP should have taught you that that is a silly thing to do), 2) Provide a hardware firewall on the laptop itself (means carrying another gadget like that USB stick that is a Linux firewall), 3) Using a VPN (which means forcing its use for everything Windows tries to transmit) or 4) using a software firewall. Zonealarm happens to be great at 3 AND 4.
For example, I have the following setup:
Windows laptop with wireless
Wireless access point
PC in the house with wireless card and OpenVPN
Internal network
Broadband connection
Everything past the Windows laptop is Linux and locked down (and I have Linux on a laptop to that connects in the same way). In my case, I use Zonealarm on the Windows laptop to MAKE SURE that nothing gets out across the (secured with WPA2) wireless connection except OpenVPN packets. This FORCES Windows to use OpenVPN (which it likes to avoid whenever possible, i.e. I plug another Ethernet interface into it and it changes routes etc.) for everything. I have an "insecure" network running behind the LAN but the only transit across it is via a secured VPN.
Without Zonealarm, you get hundreds of DNS, Samba, etc. requests coming out of the laptop, flying across the wireless, affecting speed, bandwidth and (potentially) security of the network. With a decent software firewall on Windows (or a decent TCP outbound firewall on Linux), I'm able to make sure that NOTHING but OpenVPN can talk to the wireless network - I could even turn off the wireless points encryption (or it be compromised, or obsoleted, or removed for incompatibility/speed/bandwidth/latency reasons) and it wouldn't matter because nothing but OpenVPN can talk out.
Without ZoneAlarm, Windows is VERY chatty on any external network, plus it's difficult (but not impossible) to make it use only ONE route (your OpenVPN tunnel) out of many possible routes without something like ZoneAlarm, especially if things change often (e.g. you put a second wireless card in, or plug in an Ethernet card etc.). I also found that Windows Firewall was absolutely useless for this, and presented problems using OpenVPN in the particular mode I wanted it to (UDP I think, but it's been a while since I've had to touch any config files for that).
With Windows Firewall, OpenVPN connections died before they could complete
More importantly, is handwriting even that relevant any more? Yes, they still teach "good" handwriting in schools but it's rarely about legibility as much as it is "follow these rules". I was taught to do a stupid "tidal wave" shape lower-case, joined-up "s" when I was at school and I was very pleased when they STOPPED that rubbish and just let me hand-write how I needed to. Their way took me several seconds per character, no matter how much I practiced, my way took me several characters per second and was always and still is clearly an "s" to everyone who reads it. And even my rapid-scrawl isn't anywhere near quick enough to get ideas down in time for my brain to move on to the next thing. Typing isn't perfect, but is much, much closer to my natural "thinking speed" when it comes to writing out letters. As it is, I can still type and spell/grammar check the previous paragraph without having to interrupt the flow of writing.
From working in schools, I know that the majority of handwriting is done to a school-specific style (so it's not even that we've "standardised" handwriting across schools). Handwriting-aid software typically has dialogs of configuration options because school X wants the lower case A to look like this, school Y wants it to look like that etc. And what happens when people stop "teaching" handwriting? The kids revert to their own, individual, perfectly-legible style that's much more comfortable to them. So why do we waste the time?
My mother, when I was much younger, had her first argument with the school about my handwriting. My teacher was trying to imply that I was stupid because I couldn't hand-write as neatly as the other kids, until my mother pointed out that it was because, at home, I was taught "It doesn't matter what it looks like, so long as someone else can read it." Making me sit in school at lunchtime copying hundreds of hand-written characters was a waste of time, because I was doing joined-up writing while the other kids were still on the "trace an A, then trace an N, then trace a D" phase of writing. What the school wanted was for me to join the rest of the class, having already "gone past" them. And to do it in a writing style that, trying to copy as an adult, is extremely uncomfortable and unnecessary.
Additionally, I've witnessed the slow but undeniable emphasis on computer use rather than handwriting in schools. Some of the "beacon" schools don't even use pen and paper at all any more, everything is laptops and PC's. It's still got a way to go before it's universal but kids now learn QWERTY at the same time as they learn to write. Give it another decade of two and hand-writing will become one of those ancient arts only practiced by people who bother to study it.
And in the end, that's a good thing. It's a nice skill to be able to handwrite in a legible way, but that's as far as it goes. In my own life, I handwrite about once a week or less, usually on Post-It's, or scraps of paper to sketch out ideas. 99% of the time, I'm the only person who needs to read them. Give me a Palm touchscreen that can print on Post-It's and I'd do away even with that little. Handwriting "neatly" is a waste of time, as is teaching handwriting by rote. Get the kids to the point where they can write any word and the majority of people can read it back instantly, then you're done.
Roll on the days where handwriting is a niche skill that you'll do adult-college courses in on a Sunday afternoon, and the only time you'll ever use it is to send a letter to a woman to impress her with some old fashioned romantic verse.
How do you know that the people whose OS code you use every day isn't that of a convicted felon? Or proprietry code for that matter? How do you know that MS aren't employing convicted felons? Employees may well have to DECLARE that they are of that type, but it doesn't automatically stop employment.
Personally, I wouldn't shake hands with the man (actually I wouldn't want to be near him for my own personal safety and that of my family) but I don't need to do that to use his code. This is the point of Open Source, nobody cares where the contributions come from (novice, hobbyist, professional, paid-for, etc.) so long as the code is good. It's all about the code.
Myself, I always found his mailing list postings slightly more than obnoxious and couldn't stand him before all this started, but that doesn't affect the technical work of his code. I'm less likely to choose to pick up his code and run with it if the only person I can ask help from is a person I can't get on with, but that's universal in coding. It's nothing to do with the existence or not of a criminal record.
That said, I've never used ReiserFS anyway, because it wasn't the default (basically) and the person trying to make it default was brash, rude and plainly horrible.
Yes, I agree. There are problems with line-of-sight but they can't be worse than radio-interference and also, light also makes interception virtually impossible for practical purposes (you can't see directed laser light easily without somehow affecting the signal - and in some circumstances you wouldn't be able to notice that laser-links were being used at all).
Unfortunately, the hardware just isn't there or mainstream enough. There is a project somewhere that I stumbled upon that had people building their own laser-light interconnects for serious distances (km's). It was all very technical, highly specialist and extremely expensive, but the bandwidth/latency was more than good enough to replace wifi without a second thought.
I've even seen homebrew "RS232 -> light" convertors that use infrared LED's. I think they could do short distances (10's of metres) at fast RS232 speeds (119,200+ bps) reliably. People were using them for things in their garden and stuff like that.
Imagine a world where instead of TV aerials, phone lines, satellite dishes, etc. every house has a set of light sensors/transmitters on the roof connecting to their neighbours, who connect to their neighbours. With enough connections, line of sight wouldn't matter in urban cities because you'd be able to route round the neighbourhood so long as you could see someone, who could see someone, who could see your destination etc. It's do-able TODAY, if you want to spend money, or if you don't mind about speed. Internet regulation really is a dead-end idea.
First, if it's Student/Home versions, then who cares? That's the junk that they bundle with the PC's sold in supermarkets (or, worse, you get Works with a "trial" of Office). Most people who use that are using it against the licensing conditions anyway - I would have put a four-year expiry on "Student" versions of Office if I was Microsoft.
If you're willing to pay for Office because some salesman in PC World tells you that you "need" it, then you shouldn't be buying a PC. Find a friend who bought (or preferably built) their own PC and get them to pick one from mail-order for you. They'll probably get a real copy of Office bundled with it for less than the price of the computer store PC's without it.
Seriously, mail-order actually gets a higher rate of technical people buying the PC's, so you end up getting more for your money but only the bits you NEED. I regularly recommend people to buy PC's, and when they come to me they are of two sorts: 1) "Saw it in PC World, bought it because the salesman said so, very expensive, lots of junk on it, can you do anything with it for me or did I make the wrong decision, oops too late now, I'll struggle along with it", or 2) "Saw this advert on Dell's website - do you think it'll do me?". The first ones literally just buy on the spot. Idiots.
The second category of people end up with cheaper, better PC's. The first category invariably end up replacing the thing next year because they find out it only came with an Office trial, it didn't have DVD playback software, the AV ran out, several dozen windows pop up all the time saying "upgrade this" or "buy that" from all the bundled software. And usually they do exactly the same when they replace it - buy what the salesman wants to sell them.
I usually tell them that I'll take their old PC off their hands if they are just going to throw it away, I wipe it clean, put an old license of "real" Office on it (or OpenOffice if I haven't been to a bootsale recently) and then sell it to the people from the second category at a bargain price. (In fact, most home users just want Word... they are perfectly happy with OpenOffice once they are past the scary "learning" stage, those who "need" Office are usually perfectly happy with just Word 2000 - I've actually had a few people that I've got Word 2000-only install CD's/licenses for and they are over the moon with them. If they insist on the complete Office suite, the exact Office version really doesn't matter, so long as they have the Office Import Filters - you can install that for them).
I can see this whole rental causing major problems next time I go into one of those computer stores, though. Now I'll be able to snigger quietly at the people who bring their PC's back because "Office says I need to pay again this year". Normally I can only snigger at the salesmen ("Dual core, sir, yeah, that means there's twice as much memory so you can save twice as many word documents on it, that's why it comes with a larger hard disk.")
And now, my universal rules of "knowledge about computers for use at home":
- Buy the cheapest machine that has all the bits you know you need.
- Never pay for any "extras" that you don't see yourself using at least once a week (scanners, faxes, webcams, skype phones, etc.).
- Never pay anything more than the base hardware / OS / software price (no warranties, insurance, support, installation etc. except possibly if it's a very expensive laptop).
- Don't sign up with the bundled ISP's, or the first one you see on television. Ask a friendly local expert what they would recommend. They WILL be able to save you time and money with their recommendation in the long run. (PLEASE: No more AOL!)
- In use, never, ever click on any dialog that you don't understand. If it's in your way, learn how to move windows offscreen. Maybe even make a printout and ask your friendly computer expert about it later.
- Never pay for updates, upgrades or "new versions" of anything (you can invariably just carry on with the old v
The common theme within some of the comments here seems to be "let's build an open network". Although this is somewhat idealistic, it's not outside the realms of possibility. Cities are already smothered with open wireless networks, whether intentionally or not, and there's no way you can regulate the traffic among them. And P2P, although used on the "International Network", is essentially a local service... a closed group of people, usually from countries that speak the same language, sharing files with each other internally without a *requirement* for international transit.
P2P moving to such networks is an obvious possibility. Again, by heavy-handed and back-handed approaches (suing people without evidence, slipping clauses/laws into other laws by political maneouvering, etc.), the media industries are forcing people to use more and more ingenious solutions to sensibly meet their requirements (i.e. they'd like some sensibly-priced music that they can use, please). And as each solution's flaws are found, new solutions (without those flaws) present themselves. Regulation of traffic flowing over regulated internet channels? Remove the regulation by using *other* channels.
We seem to have come full circle - from the initial Internet, where private, unregulated networks joined up to decrease costs and increase connectivity, to a world where everyone has their own private network behind an ISP's public network, to (hopefully) a place where all the private networks peer with each other *without the intervention of an ISP*, except this time via radios. The only problem is international transit (Joe Bloggs can't exactly run a fibre over the English Channel), but the chances are that programs like Tor, etc. as well as the odd rogue network that connects to someone's actual ISP connection will solve that.
Maybe when 802.11n or its successor grows in popularity, we will see home networks that, even with enormous interference, crowded channels, limited range, primitive routing etc. are quite capable of peering with a number of geographical neighbours and passing traffic intelligently at a reasonable speed. You don't even have to take account of "ISP T&C's" because you don't NEED to pass the traffic to the Internet at every possible point, only to be able to pass it on to someone else.
I had a quick look and all of the community wifi projects I can find in my country are very small and localised, or don't exist any more. If there was one operating near me, I'd gladly hook up an old Linksys and an enormous antenna and let it freely pass traffic - everything would have to be encrypted, anyway, because an open network is an open network but if all it needs is to be "plugged in", and not actually connected to anything else physically, or to the Internet, there's no reason we can't each have a little cube in our homes that costs about £10 and lets us connect to every house in the street and pass traffic. If there was the possibility of such a "darknet" running over it (free VoIP calls, free music, free movies, no Internet charges, etc.) I'm sure every student would have one.
Then, not only do the music industry etc. run into the problem of *detecting* the traffic in the first place (no black boxes on a private net, a physical presence required in every locality, and being able to defeat the encryption), but that if done properly, traffic's transit route, origin, etc. are impossible to determine. They may try to close the system down, of course, but then you have a much larger problem - you're effectively trying to shut down the entire Internet. Except all the "nodes" are private individuals, without contracts, without liability, without regulation, and, if they are cheap enough, rogue solar-powered blackboxes stuck in hidden locations around towns and cities and replaced whenever they are discovered. Just how do you shut that down without bringing a country into riots?
The real Internet2 isn't going to be an academic project aimed at pushing Gb/s over international fibre, it's going to be a nationwide collection of cheap Gumstix with a solar panel and wifi, sold at cost price, one per home, that let's people escape most of the communication regulation foisted upon them.
For a start, "crawlable" does not mean it WILL be crawled. More likely, most flash will contain nothing but junk and internals that were never meant to be seen anyway. I wonder when the first "we recovered a password that was stored inside a flash file" / "we googled for vulnerable flash apps and found these" hits will come about. And, as someone's already pointed out, if you *can* extract the text from them, you can't do much useful with it besides say "it's in this Flash somewhere". You can't even do "find in page" once you've clicked on such a link. And if it's at the end of an hour-long Flash animation, you're not going to sit through it.
Then you'll have some people who have actually used bitmaps instead of text inside the Flash for various reasons, etc. The only useful thing to come out of this may well be a "View as HTML" version of Flash-only pages. But they will still be second-class pages because the designer didn't want to do it theirselves.
Given that people who use Flash aren't exactly the most popular people in the world (e.g. if you want it to appear in Google, be read by people, to be bookmarked, to be quoted/cited/linked etc.), this won't affect much - Finding content in a Flash file is like looking for a needle in a haystack. That's the problem solved by this announcement. However, finding *useful* content in that file is going to be even worse, and actually getting users TO that data will be almost impossible.
I imagine that the same thing will happen as it did with images, PDF's, etc. Those who design their Flash well will get something indexed and it'll actually get a hit or two from "View HTML Version" on Google. Those who don't (i.e. 99% of the people who make them) won't see any difference at all.
I'm not even sure "copyright" applies to the letter here, either. Received personal correspondence doesn't automatically count. Although, this may vary depending on territory etc. I should imagine that they have to make exceptions for certain things (i.e. I may not be able to scan in an advert I receive as junk mail and post it verbatim online... but then again, I may be able to).
Otherwise, you'd be in all sorts of stupid situations where threatening letters cannot be reproduced, copies of correspondence cannot be forwarded to the correct person, you can't quote from previously received letters, photocopies cannot be given to your lawyer etc.
If there *are* restrictions, I imagine that they don't apply to personally targeted correspondence which you reproduce faithfully (i.e. you don't just put their letterhead on another letter) and post yourself. Even if there WERE restrictions on such activities, there probably isn't a court in any reasonably sensible country that would do anything to do for doing so, and *thousands* of people have done this without more than fist-shaking threats.
It's 2 & 3. Speed camera's only make the road safer indirectly - by slowing penalising bad drivers. If you wanted to improve road safety, it's simple - make everyone re-take their test every X years and heavily punish people who drive unlicensed. You'd solve congestion, road safety and pollution in a second. And why shouldn't they make you re-take it regularly to ensure driver's are still fit to drive? Most similar professions demand this.
Of course speed cameras are a cash cow, because plonkers who speed MAKE them one. If you don't break the law, you won't get fined. It's incredibly easy.
And, I'm sorry, but your justification for 2 is possibly the most ludicrous thing I've ever heard. "Enforcing the law just because it's the law". And it's not blindly - it catches anyone who breaks the law, proven by simple physics. If you don't like the law, GET IT CHANGED, but you can't just break it because you disagree with it. Nobody ever tries this. Nobody ever sends round a petition asking for higher speed limits. Nobody ever lobbies with a scientific study of how faster speeds could improve road safety etc. and you even have compelling scientific evidence already present in developed countries which have roads without limits. Not one person that I've heard disagree with the use of speed cameras lobbies to change the speed limits (probably because they KNOW they are reasonable - 30mph is a built-up area is too fast when a kid runs out in front of you, etc.), but they would make themselves heard in a second if they thought the police would remove speed cameras.
And people are NOT safely exceeding the speed limit, by definition. The speed limit is the SAFE limit (do you want that "80% of people struck over 30mph die, 80% struck under 30mph live" statistic repeated?). If you disagree, present evidence and get the law changed, but in the mean time STICK by that law.
I think speeding offences seriously embarass certain countries - we have a strict, accurate, reasonable measure of a scientifically-accurate value which is prominently displayed on all roads and in all cars and yet when people DELIBERATELY and DEFINITELY break that (with a far-too-reasonable margin of error), we give them a slap on the wrist so many times and allow them to continue to do the same almost indefinitely (if you don't believe me, go to a UK court that deals with speeding offences and listen out for the phrase "I need to drive to earn a living" - very, very, very rarely do licenses get taken away, no matter the number of previous offences/points/fines).
And don't get me started on the "you're now banned from driving for six months" when it's said to someone who didn't have a valid license in the first place.
What other activity do you do that requires you to control a piece of explosive machinery (that contains more legally-mandated safety features than a Formula One car), that carries passengers, moves at incredible speeds within inches of other such machinery/people/property on public property, that requires you to be insured in order to legally do so, that requires an extensive proficiency test that you MUST pass but which, when you deliberately and beyond doubt break the laws surrounding it, gets you a small fine and a "don't do it again"?
The GPS is not the problem here, it merely exposes an already-present problem. Stupid drivers who don't know the height/width of their vehicle (despite having driving qualifications that require them to do so). Stupid drivers who can't read signs. Stupid drivers who LOOK AT THEIR GPS while they are driving - every single GPS has a warning on it about this, some of them even announce it every time you turn them on. EYES ON THE ROAD. Then, using a GPS is no more dangerous than taking a driving test - you are following oral instructions from something within the car but your FULL attention is on the road. If your driving examiner tells you to mow the old lady down or speed up to 80 in a 30 area, you wouldn't do it, so don't follow what the GPS tells you blindly.
It's like saying that speed cameras are at fault because people brake heavily before them. They are not, they are exposing the problem that stupid drivers have always existed and yet nothing is done about them. You should ALREADY be at the speed limit (in fact, significantly less than, in almost all circumstances). If you have to brake heavily, the problem is YOU. YOU have created the hazard yourself. In the same way, you can't "blame" a plastic bag flying in front of your car for the accident that meant you hit someone in front, who was not a safe distance away. YOU were too close. YOU shouldn't be. YOU did not have a safe braking distance between you and the car in front. The plastic bag didn't press the throttle for you or cut your brake lines.
The solution to these problems is not to jam GPS or get rid of speed cameras, but to START TAKING PEOPLE'S LICENSES AWAY. If you do either of the above, you are NOT fit to drive. You would not pass the legally-required driving standard that you HAD to pass to get a license in the first place. We know you're CAPABLE of doing it because you have done it at some point in the past. So you have NO excuse. If a pilot crashed his plane because he was going too low, he'd not only have his license revoked, he'd be before a serious court very, very quickly. What makes you think a ton of solid metal on four wheels should be any different? Or worse, in the case of lorries, up to 18 tons in the hands of someone who can't tell they won't fit under a bridge! Do you want drivers like that on the road, who can't judge to within a foot or so whether they'll make contact?
Don't blame the GPS, blame the idiot who didn't read the signs.
"spair time"? Seriously, who edited or approved an article with that in the summary, not to mention the punctuation?
Maybe THAT's why IT jobs are boring - you're required to spell!
But the statistics for the top500.org show that over 9000 processors is way above normal for a supercomputer cluster up there. In fact less than 5% of machines in the entire 500 have more than 8000 processors, with the majority around the 1-4k mark. Oh, and 85% run Linux-only with an amazing 5 (not percent, actual projects) running Microsoft-only. So it looks like MS did this through hardware brute-force, not some amazing feat of programming. But then, that's true of them all. Although being in the top500 list is "good PR", it doesn't mean that much.
I wonder what the licensing is like for a 9000-processor Windows Server, though?
"And that means connecting a huge amount of strange hardware."
I would differ on this point. Most hardware works. Most of the hardware that doesn't is niche, old, obscure or rare. This doesn't mean we should be supporting it all, because most people who own it will KNOW that - every OS they try with have limited support for it. I own a vast array of hardware collected over the last decade from schools - there are esoteric, unusual, low-production, specialist, ancient, homebrew, brand-new and just plain weird hardware in my boxes. The vast majority of PC-compatible stuff works on Linux. The only examples I've personally found that DON'T work at all are:
- A £2 USB IrDA adaptor (the other ten just work). It's not detected and looking up the usb.ids list shows me that almost nobody else has one the same model - I suspect it was recalled or had a very limited production run.
- An ISA "video backer" card (uses VHS tape for backup through component video - 4Gb on a 180min tape!), actually, there is software for it but I couldn't get it to work (I wasn't trying hard). I reckon it's just too old for the kernel I was trying on. But then, I had to hunt around to find a computer with an ISA card - I found several dozen but most of them were too old to boot up or couldn't run even an ancient version of Linux/Windows/DOS.
- A handful of Winmodems that work with the proprietry "Linuxant" drivers if I pay for it. About a one in five ratio between working modems and non-working Winmodems out of the dozens I store. That's pretty damn good but still the worst ratio for any hardware I know.
- A parallel port scanner that I can't even connect to anything past Windows 95 without it crashing the machine dead. It gets conflicts if you have a soundcard installed at all, it crashes all the time, it doesn't allow ANYTHING to use its passthrough parallel port.
I estimate less than 1% of the hardware fails to work entirely, and less than 2% will load if you can use a binary driver. The rest is just pure hardware that just works. And this is in schools, where cheap crap gets priority and teachers buy things because a salesman says so. Examples of things that work include:
- PCI S3Virge card with FOUR S3 chips and four D-Sub outputs each (possibly the largest interface card you've ever seen in your life), for multi-displays back when SLI hadn't even been heard of.
- Electronic microscopes designed for Windows only.
- Various "control" hardware, including Lego, robots, the original floor turtles, hardware originally made to work with BBC Micro D->A convertors.
- Fingerprint scanners for library control systems (we don't use them for legal reasons).
- Card readers/writers
- Scanners that plug direct into ISA sockets (literally - the interface card is little more than a voltage-regulator with a plug on the back of the computer to plug the scanner in)
- Interface cables for Psion organisers that have been "customised" for educational use.
And most of that's before you get near the stuff made in the era when Open Source started to take hold. The Wiimote, for instance, was supported very, very quickly without any help from Nintendo. The OS drivers mean it works on all platforms now. It's being used in everything from military research to "over-the-net" hospital operations. All without Nintendo's help. But *with* Nintendo's help, it could be the de-facto controller for just about anything.
"So yes, having open source drivers for everything would be great. However I think that we can agree that this wont happen"
I don't think we *can* agree here. I don't see it happening *any time soon* and it will never be for *everything* but the vast majority of hardware that's out there already has OS drivers, whether by the manufacturer or third-parties.
"I think you greatly exaggerate the issue of kernel versions."
I honestly don't. Taking, for instance, the drivers for my ATI/nVidia cards (the closed-source binary in an open source wrapper) - every few mo
"Is it technically impossible to provide for closed-source drivers in Linux?"
No. But it provides an ENORMOUS technical and legal hurdle (nobody's even sure yet if binary kernel modules are legal in most countries, although the *intention* is that they are). Supporting closed-source means, at some point, freezing interfaces, which means supporting every version of every interface created indefinitely. That's an AWFUL lot of work that would have to be done by precisely the people who don't want to do it and have enough to do already. You are doubling their workload by this simple request.
"Many people simply want Linux as an alternative to Windows, and a good alternative it is already."
Correct. Unfortunately, that's up to THEM to do something about, because that's not why Linux existed, exists or continues to exist. Linux is an OS, so in that sense it's an alternative. But it's not Windows. It won't ever BE Windows. It's just an OS. Who here complains to Apple because the Mac doesn't work with their Windows-only printer? Very, very few people.
"But insisting on open-source drivers will make the situation worse, not better in the long run: more and more special-purpose hardware is getting attached to the computer; mobile devices, chipcard readers, entertainment devices, GPS devices ... the list goes on and on."
Yep. And none of it we know how to drive, how to support, how to operate, how to upgrade, how to interface or how to port to other machines (like, I don't know, all those other alternative OS's that don't have compatibility layers). It's all just "black boxes" that sometimes (often, actually) the manufacturer's don't even know how they work. Just throwing in drivers "because they work now" isn't any good in the future, and certainly isn't any better than saying "Well, you'll have to run DOS if you want X to work". What's the difference between that and "You have to use Linux kernel 2.5.12 and our binary-only driver v 1.4.1"? The latter is available now for all current closed-source Linux drivers too... I can run my ATI card on Linux 2.6.1 with an old ATI driver just dandy. I could never upgrade that machine, though. They stopped supporting my card and they made the last compatible release for kernel 2.6.15.
Closed source drivers work now and break (for certain) in the future. Open source drivers have trouble working now (although that's not certain) but work the same or better in the future. With company co-operation, that can turn into "works before the product is out, works until there aren't any products that use the same driver in the general marketplace". Look at some of the 10Gig cards, or NX-capable processsors - there were drivers in Linux for them before anyone had even put their products out on the market.
"It is simply naive to think that we will get open-source drivers for all of these."
But experience shows you wrong - every single network card vendor on the planet had the same idea of not supporting their cards. Now almost every single network card, from token ring to wireless-N, on the planet is supported, and usually supported under Linux first. The only hardware that *doesn't* work is stuff that people don't care enough about to reverse-engineer or to build a compatibility layer for, or where there are legal issues. For those same hardware, even the closed-source drivers are now usually, or will be soon. And to be honest, most of that stuff won't work in Vista, or ME, or 98, or DOS, or Mac or anything else. And in a few years time, it'll break BEYOND REPAIR even in Windows either by a Window Service Pack or the next version of Windows.
Intel have Open-Source chipsets. AMD/ATI are open-sourcing. RaLink release a set of GPL drivers for their wireless cards. *Virtually* every piece of hardware in the world (as a percentage of overall items sold, e.g. the "production-run-of-ten" cheap knock-off PCI cards that don't have OS drivers don't really count against the 10 million sound cards sold which run