> The agents told Afifi they had other agents outside Khaled’s house. > > “If you want us to call them off and not talk to him we can do that,” Afifi said they told him. “That was weird. [...] I didn’t really believe anything they were saying.”
So it was worth covertly monitoring Khaled, but OK to mention it to his friend? And then ask if they wanted them to stop?
Dear FBI, who are presumably listening, neither myself nor any of my friends are terrorists, so you don't need to monitor us or infringe any of our rights. We're boring. Thanks.
Similar experience here - they called, got me to run event viewer. I lied and told them there were only Info and Warning messages - but he still exclaimed "OMG! you have a virus!" it was when he said "Now, it's very important - do not click anywhere or your computer will break" that I couldn't hold back and gave him a rant at how ludicrous he was being and asking what he's trying to scam. They hung up.
Of course, warnings and errors are completely run of the mill in Event Viewer (mine are mostly the DHCP service noting that I lose my address whenever I suspend my laptop)
> Regardless of Theo's opinion of himself, he is right in that more complexity means more bugs.
That more complexity means more bugs I agree with. However:
While the points of interaction are probably more complex (virtualizing interrupts, memory faults), there is a smaller number than in the typical kernel interface - so it's not clear whether the overall complexity is larger or smaller.
The amount of code in a typical kernel includes many device drivers and other such features (filesystems, etc), which must all be written correctly. A Virtualization layer is providing a simpler set of primitives (block devices rather than filesystems), so there's likely to be less code.
VM code is much less mature and hasn't had the security focus that OS's have. Unix-like OS's have been around for best part of 30 years, virtualization on x86 for, what, 10 years? Figures that Virtualization has had less security-related scrutiny (and almost certainly less than OpenBSD)
So I think there's potentially less code to be worried about in virtualization, but the code that is is still prone to security bugs, just the way page faults and the like are in conventional kernels. The lack of noise that's been made about virtualization security (until now) is a sign to pessimissists (or just those that are experienced) that it's not had the thorough peer review and battering that most OS kernels have. There's potential there for a smaller codebase to be worried about (thus more security), but in the short term, it's an unknown factor, which translates to less security. Long term, I think virtualization is a win, but there's no shortcut to a secure system.
During the week of Sept. 11-18, 2001, terrorist attacks and the Nimda virus changed the public's perspective on security
<rant> Am I the only one who found it a bit inappropriate comparing September 11th's attacks to the nimda virus? OK, Nimda probably caused a few million dollars worth of wasted time, but how can they compare that to September 11th, when thousands died?
And really, are there that many people who after September 11 though much more about computer security? </rant>
Prior to September 11th, 2001, it was inconceivable that anyone would be capable of using airplanes as guided missiles and then fly them into buildings. Look where we are now.
Read the end of Debt of Honour by Tom Clancy. Same instrument (plane), same city (Washington), different building, different nationality of the pilot.
More to the point, the only way I can see of getting 100% by their rating system is to not spend any money. If the record store had sold a non copy protected CD at a reasonable price, (which to my mind is the best solution, if available), the score would be 92: 100-8 for spending money.
Does the EFF think that you should be able to obtain artist's work and not pay any money?
Indeed. Just like trying to measure the quality of a product by counting the number of bugfixes that have been released. Poor quality programs may not have bugs fixed/ tracked, high quality programs do.
While I've not tried it, I don't see any reason that a PC with PS/2 mouse and keyboard, two VGA cards, and a USB mouse and keyboard, couldn't be configured to do exactly the same; run 2 X servers, one configured for the first video card and PS/2 mouse, keyboard, the second for the second video card and USB mouse and keyboard. (you may be able to use several USB mice and keyboards, in order to get as many heads as you can fit video cards in for). As ever, the pig is setting it up.
Of course, you'd need a second sound card for seperate audio, but again that's not too hard.
As for the suggestion that you could do that with X11, well, I laughed when I read that. That's exactly what X and XDMCP is designed for! Have you never heard of X terminals (not xterms)?
When X was developed, the idea was to have lots of thin X terminals and then one big beefy UNIX box to run the applications. Then windows and PCs came along, and they didn't run apps over the network (or at least not until recently).
When I was at college, I had my PC running Linux as a single head, and an NCD X terminal which I'd scrounged from my brother in my room, and in the college's computer room they had some old HP workstation being used as an X terminal. I could easily have 3 people running web browsers, e-mail and news through the one PC (+2 dumb X terminals)
Both of these X terminals were cut-down custom made machines which booted over the network, ran an X server, and broadcasted XDM/CP for any hosts that wanted to offer them a session. It presents a list of machines running XDM, and you simply double click on one, and you get a login screen. Main problem is that both of these "thin terminals" were crap - fixed resolution (at 1280x1024, so usable), but only 8 bit colour depth. Of course, a PC with no hard drive and a decent graphics card would make a better X terminal. NCD still make them - here's a more modern and useful X terminal
The problem is though, that bandwidth over the network is very much less than you get on a PCI or AGP bus - not enough for comfortably doing very graphics intensive stuff with.(back then, I was using 10Mbit, but there are still problems at 100Mbit). Fine for checking e-mail, reading news, even web browsing, but 2D graphics was painful. 3D graphics would be as well - remember that to use things like the renderer extension, (i.e. any fancy 3D GL stuff, or alpha-blending), requires the application to run on the same host as the video card is in, as the app talks directly to the video card; X is only used for the windowing bit, and for drawing basic stuff like text and buttons.
Really, to do this properly requires compressing the X traffic, like lbx or (plug) Tarantella, otherwise it's unusable.
Is there any mechanism by which members of the public can make available to the PTO examples of commonly used, prior-art software, prior-art biotech, prior-art whatever takes your fancy? If not, I think that is something that is necessary - we can moan all day about the PTO granting patents on "obvious" stuff, but perhaps we need to give the PTO a list, to help make their job easier. As another poster pointed out, a PTO clark can't do a Google search for the details of a new patent application, as that leaks information to Google.
What I'm thinking of is a place where I could describe, say, shopping on a website (to pick an example from bustpatents), and describe in very general terms how shopping on a website works (e.g. "You fill out forms in a web browser, and submit what you want to buy along with your credit card number preferrably over some form of cryptographically secured link such as HTTPS"). It needn't be an especially good example, and (I would say) the more general the better.
The PTO may well require the information to be public, which makes sense (no-one would post anything of value on it). And perhaps the PTO could somehow penalise applicants who apply for something already described on this list (or on a "small" number of other lists)
I can see that it would need a form of moderation system in order to avoid abuse, as I'm sure the PTO probably don't want a few thousand "common examples" of spam. But unless we the software community describe (preferrably in a concise manner, and definitely in one place that the PTO can grab a complete copy for its own searching) what stuff is obvious, the patent office doesn't stand a chance.
PS: I live in the UK, where software patents are not legal. However, you'd be amazed at the number of "mechanisms" that most people would describe as "software"
Bear in mind this is a home backup solution. I'd be pretty annoyed if I lost the data on my home PC, but it's not going to be a disaster if it gets lost. The small percentage I really care about (PGP key, password lists, etc) are static and are on floppy/ CD-R, and can be kept elsewhere.
What I'd recommend is a combination of RAID and vbackup - it gives you intelligent incremental backups on e2fs and similar filesystems. You get a complete copy of your original filesystem for every time you ran vbackup, with unchanged files hardlinked together to save space. This is way more convenient then tape, because:
It's all automated - no changing tapes.
I have a full snapshot of what my home directory looked like 3,4,5, however many days ago.
Restoring is easy - cp -a
Restoring individual files is easy too. - cp
Depending on what fraction of your filesystem changes on a day-to-day basis, you don't need very much more space. So, you get incremental-type backups with the speed and convenience of hard disks.
Unmounting/ remounting the filesystem read-only when it's not in use minimises OS failure, and speeds up backups. So that's nearly all of the above failure modes apart from disasters. And backing up over a network can help minimise that too.
In all seriousness, an advantage of open source software is that there's less need of backups. The few scripts/ programs I find really useful I've also made open source and uploaded to a bunch of web servers I have accounts on - if my computer is stolen/ house blown up, I can just download them again. (There's a Linus quote in here somwhere as well, IIRC).
As a computer geek/ part-time sound engineer, this looks quite interesting. Forget guitars, though - that's the wrong place. I'd want it on keyboards (why should they have anything analog in them anyway, apart from maybe a headphone output? Digital all the way to the amps, please), and mics (digital as soon as you can and still keep the musos happy).
Guitarists like their analog setups, and you'd have to do a lot of hard work to reproduce the sound of an amp in software. I'm not against it, I just don't think that's where digital will get onto the stage first. I'd say keyboards (pretty much already digital) and mics.
The real winner for me is when you start wanting to have more than one mixing desk (maybe one for broadcasting, one for foldback, and one for FOH, and then another set of outputs for recording onto multitrack). For example, the sound setup at my church is:
up to 24 channels on stage - mainly mics (singers, drumkit, mic'd up amps), and a couple of DI'd instruments (keyboards, acoustic guitars). (Typically, we only use 16)
seperate mixing desk for foldback (this gives us more flexibility in the foldback mix). This is only 16 channel (the drums don't go through it)
24 channel FOH desk.
The splitter alone has 96 connections on it - 1 in, 2 out * 24 channels. And unlike a hub, things stop working properly if any two are switched round.
To connect all this together for a single channel, we have:
XLR cable from mic to a stage multicore.
Multicore to splitter
Short multicore from splitter to foldback mixer
Short multicore from splitter to main multicore box
Multicore cable to desk
Multicore end to XLR on desk.
If we could replace all that with:
3 hubs on stage
another hub to connect the stage hubs to the mixers
a single Cat5 cable to FOH desk
we would be down from getting on for 200 connections to about 30. And more siginificantly, as long as everything was connected, there's much less worry about which plug goes in which port. Want to record it all? One connection for power, one for data. Press record. Done. (at the moment, we'd have to use another 24 cables and use the direct outs from the desk to a multi-channel tape)
(On a point of practicality: we keep the splitters always plugged in; we don't have to connect them up every week. The multicore to the main desk has a big bath-plug, so it's one connection with up to 32 channels going through it). In addition to all that, we have a couple of broken connections on the desks/ splitters, so you sometimes have to swap channels round to workaround it.
The other problem I have with this is why use RJ45 connectors? It's not bad for connecting computers (even laptops don't get moved all that much), but I doubt they'd last very long when being used by a band on the road. Compare XLR connectors - look at the cable relief system built into them, and any decent XLR connector has a metal body. You don't do them any damage by jumping on them.
I'd recommend investigating the remote display approach. Terminal server licenses are cheaper, and the management is a lot easier on a room full of servers, all of the similar spec, then a couple of thousand desktop machines. Also, you probably don't want to rule out:
people wanting to use Windows apps
people wanting to use Linux apps
people wanting to use a Windows desktop machine
people wanting to use a Linux desktop machine
Tarantella can deploy windows and X apps to windows or linux clients. It can also use your directory server for authentication (if you have one), and has a powerful mechanism for determining which users get access to what apps.
Linux/Staroffice cannot replace Windows/MSOffice completely, in any combination.
[Disclaimer: I work for Tarantella]
The Amulet project has been going for over 10 years (it's an asynchronous ARM-like core, IIRC). I remember seeing a circuit that did asynchronous addition (or was it multiplication?) in a lecture about 2 years ago.
Another advantage to power is also the speed; the clock speed isn't determined by the worse case of the most expensive instruction. (e.g. adding 0 and 1 can be done a lot quicker than adding (2^31)-1 and 1, because of no overflow)
Slashdot Mirror
From the fine article:
> The agents told Afifi they had other agents outside Khaled’s house.
>
> “If you want us to call them off and not talk to him we can do that,” Afifi said they told him. “That was weird. [...] I didn’t really believe anything they were saying.”
So it was worth covertly monitoring Khaled, but OK to mention it to his friend? And then ask if they wanted them to stop?
Dear FBI, who are presumably listening, neither myself nor any of my friends are terrorists, so you don't need to monitor us or infringe any of our rights. We're boring. Thanks.
Similar experience here - they called, got me to run event viewer. I lied and told them there were only Info and Warning messages - but he still exclaimed "OMG! you have a virus!" it was when he said "Now, it's very important - do not click anywhere or your computer will break" that I couldn't hold back and gave him a rant at how ludicrous he was being and asking what he's trying to scam. They hung up.
Of course, warnings and errors are completely run of the mill in Event Viewer (mine are mostly the DHCP service noting that I lose my address whenever I suspend my laptop)
That more complexity means more bugs I agree with. However:
- While the points of interaction are probably more complex (virtualizing interrupts, memory faults), there is a smaller number than in the typical kernel interface - so it's not clear whether the overall complexity is larger or smaller.
- The amount of code in a typical kernel includes many device drivers and other such features (filesystems, etc), which must all be written correctly. A Virtualization layer is providing a simpler set of primitives (block devices rather than filesystems), so there's likely to be less code.
- VM code is much less mature and hasn't had the security focus that OS's have. Unix-like OS's have been around for best part of 30 years, virtualization on x86 for, what, 10 years? Figures that Virtualization has had less security-related scrutiny (and almost certainly less than OpenBSD)
So I think there's potentially less code to be worried about in virtualization, but the code that is is still prone to security bugs, just the way page faults and the like are in conventional kernels. The lack of noise that's been made about virtualization security (until now) is a sign to pessimissists (or just those that are experienced) that it's not had the thorough peer review and battering that most OS kernels have. There's potential there for a smaller codebase to be worried about (thus more security), but in the short term, it's an unknown factor, which translates to less security. Long term, I think virtualization is a win, but there's no shortcut to a secure system.<rant>
Am I the only one who found it a bit inappropriate comparing September 11th's attacks to the nimda virus? OK, Nimda probably caused a few million dollars worth of wasted time, but how can they compare that to September 11th, when thousands died?
And really, are there that many people who after September 11 though much more about computer security?
</rant>
Prior to September 11th, 2001, it was inconceivable that anyone would be capable of using airplanes as guided missiles and then fly them into buildings. Look where we are now.
Read the end of Debt of Honour by Tom Clancy. Same instrument (plane), same city (Washington), different building, different nationality of the pilot.
More to the point, the only way I can see of getting 100% by their rating system is to not spend any money. If the record store had sold a non copy protected CD at a reasonable price, (which to my mind is the best solution, if available), the score would be 92: 100-8 for spending money.
Does the EFF think that you should be able to obtain artist's work and not pay any money?
Indeed. Just like trying to measure the quality of a product by counting the number of bugfixes that have been released. Poor quality programs may not have bugs fixed/ tracked, high quality programs do.
While I've not tried it, I don't see any reason that a PC with PS/2 mouse and keyboard, two VGA cards, and a USB mouse and keyboard, couldn't be configured to do exactly the same; run 2 X servers, one configured for the first video card and PS/2 mouse, keyboard, the second for the second video card and USB mouse and keyboard. (you may be able to use several USB mice and keyboards, in order to get as many heads as you can fit video cards in for). As ever, the pig is setting it up.
Of course, you'd need a second sound card for seperate audio, but again that's not too hard.
As for the suggestion that you could do that with X11, well, I laughed when I read that. That's exactly what X and XDMCP is designed for! Have you never heard of X terminals (not xterms)?
When X was developed, the idea was to have lots of thin X terminals and then one big beefy UNIX box to run the applications. Then windows and PCs came along, and they didn't run apps over the network (or at least not until recently).
When I was at college, I had my PC running Linux as a single head, and an NCD X terminal which I'd scrounged from my brother in my room, and in the college's computer room they had some old HP workstation being used as an X terminal. I could easily have 3 people running web browsers, e-mail and news through the one PC (+2 dumb X terminals)
Both of these X terminals were cut-down custom made machines which booted over the network, ran an X server, and broadcasted XDM/CP for any hosts that wanted to offer them a session. It presents a list of machines running XDM, and you simply double click on one, and you get a login screen. Main problem is that both of these "thin terminals" were crap - fixed resolution (at 1280x1024, so usable), but only 8 bit colour depth. Of course, a PC with no hard drive and a decent graphics card would make a better X terminal. NCD still make them - here's a more modern and useful X terminal
The problem is though, that bandwidth over the network is very much less than you get on a PCI or AGP bus - not enough for comfortably doing very graphics intensive stuff with.(back then, I was using 10Mbit, but there are still problems at 100Mbit). Fine for checking e-mail, reading news, even web browsing, but 2D graphics was painful. 3D graphics would be as well - remember that to use things like the renderer extension, (i.e. any fancy 3D GL stuff, or alpha-blending), requires the application to run on the same host as the video card is in, as the app talks directly to the video card; X is only used for the windowing bit, and for drawing basic stuff like text and buttons.
Really, to do this properly requires compressing the X traffic, like lbx or (plug) Tarantella, otherwise it's unusable.
Is there any mechanism by which members of the public can make available to the PTO examples of commonly used, prior-art software, prior-art biotech, prior-art whatever takes your fancy? If not, I think that is something that is necessary - we can moan all day about the PTO granting patents on "obvious" stuff, but perhaps we need to give the PTO a list, to help make their job easier. As another poster pointed out, a PTO clark can't do a Google search for the details of a new patent application, as that leaks information to Google.
What I'm thinking of is a place where I could describe, say, shopping on a website (to pick an example from bustpatents), and describe in very general terms how shopping on a website works (e.g. "You fill out forms in a web browser, and submit what you want to buy along with your credit card number preferrably over some form of cryptographically secured link such as HTTPS"). It needn't be an especially good example, and (I would say) the more general the better.
The PTO may well require the information to be public, which makes sense (no-one would post anything of value on it). And perhaps the PTO could somehow penalise applicants who apply for something already described on this list (or on a "small" number of other lists)
I can see that it would need a form of moderation system in order to avoid abuse, as I'm sure the PTO probably don't want a few thousand "common examples" of spam. But unless we the software community describe (preferrably in a concise manner, and definitely in one place that the PTO can grab a complete copy for its own searching) what stuff is obvious, the patent office doesn't stand a chance.
PS: I live in the UK, where software patents are not legal. However, you'd be amazed at the number of "mechanisms" that most people would describe as "software"
What I'd recommend is a combination of RAID and vbackup - it gives you intelligent incremental backups on e2fs and similar filesystems. You get a complete copy of your original filesystem for every time you ran vbackup, with unchanged files hardlinked together to save space. This is way more convenient then tape, because:
- It's all automated - no changing tapes.
- I have a full snapshot of what my home directory looked like 3,4,5, however many days ago.
- Restoring is easy - cp -a
- Restoring individual files is easy too. - cp
Depending on what fraction of your filesystem changes on a day-to-day basis, you don't need very much more space. So, you get incremental-type backups with the speed and convenience of hard disks.Unmounting/ remounting the filesystem read-only when it's not in use minimises OS failure, and speeds up backups. So that's nearly all of the above failure modes apart from disasters. And backing up over a network can help minimise that too.
In all seriousness, an advantage of open source software is that there's less need of backups. The few scripts/ programs I find really useful I've also made open source and uploaded to a bunch of web servers I have accounts on - if my computer is stolen/ house blown up, I can just download them again. (There's a Linus quote in here somwhere as well, IIRC).
Guitarists like their analog setups, and you'd have to do a lot of hard work to reproduce the sound of an amp in software. I'm not against it, I just don't think that's where digital will get onto the stage first. I'd say keyboards (pretty much already digital) and mics.
The real winner for me is when you start wanting to have more than one mixing desk (maybe one for broadcasting, one for foldback, and one for FOH, and then another set of outputs for recording onto multitrack). For example, the sound setup at my church is:
- up to 24 channels on stage - mainly mics (singers, drumkit, mic'd up amps), and a couple of DI'd instruments (keyboards, acoustic guitars). (Typically, we only use 16)
- seperate mixing desk for foldback (this gives us more flexibility in the foldback mix). This is only 16 channel (the drums don't go through it)
- 24 channel FOH desk.
The splitter alone has 96 connections on it - 1 in, 2 out * 24 channels. And unlike a hub, things stop working properly if any two are switched round.To connect all this together for a single channel, we have:
- XLR cable from mic to a stage multicore.
- Multicore to splitter
- Short multicore from splitter to foldback mixer
- Short multicore from splitter to main multicore box
- Multicore cable to desk
- Multicore end to XLR on desk.
If we could replace all that with:- 3 hubs on stage
- another hub to connect the stage hubs to the mixers
- a single Cat5 cable to FOH desk
we would be down from getting on for 200 connections to about 30. And more siginificantly, as long as everything was connected, there's much less worry about which plug goes in which port. Want to record it all? One connection for power, one for data. Press record. Done. (at the moment, we'd have to use another 24 cables and use the direct outs from the desk to a multi-channel tape)(On a point of practicality: we keep the splitters always plugged in; we don't have to connect them up every week. The multicore to the main desk has a big bath-plug, so it's one connection with up to 32 channels going through it). In addition to all that, we have a couple of broken connections on the desks/ splitters, so you sometimes have to swap channels round to workaround it.
The other problem I have with this is why use RJ45 connectors? It's not bad for connecting computers (even laptops don't get moved all that much), but I doubt they'd last very long when being used by a band on the road. Compare XLR connectors - look at the cable relief system built into them, and any decent XLR connector has a metal body. You don't do them any damage by jumping on them.
- people wanting to use Windows apps
- people wanting to use Linux apps
- people wanting to use a Windows desktop machine
- people wanting to use a Linux desktop machine
Tarantella can deploy windows and X apps to windows or linux clients. It can also use your directory server for authentication (if you have one), and has a powerful mechanism for determining which users get access to what apps.Linux/Staroffice cannot replace Windows/MSOffice completely, in any combination.
[Disclaimer: I work for Tarantella]
Well, as was reported on /. a few days ago, there's a known security bug in all 2.2 kernels;
/*
/*
... which just happens to be in the diff for 2.2.20pre11... Now, please don't arrest me. (you could arrest michael instead)
This is the fix:
@@ -552,12 +568,11 @@
}
- * We mustn't allow tracing of suid binaries, unless
- * the tracer has the capability to trace anything..
+ * We mustn't allow tracing of suid binaries, no matter what.
*/
static inline int must_not_trace_exec(struct task_struct * p)
{
- return (p->flags & PF_PTRACED) && !cap_raised(p->p_pptr->cap_effective,
CAP_SYS_PTRACE);
+ return (p->ptrace & PT_PTRACED);
}
> [can measure how many operations it can do per second]
Yes, but the point is that even on the same processor may take a different amount of time to do the same operation albeit on different data.
The Amulet project has been going for over 10 years (it's an asynchronous ARM-like core, IIRC). I remember seeing a circuit that did asynchronous addition (or was it multiplication?) in a lecture about 2 years ago.
Another advantage to power is also the speed; the clock speed isn't determined by the worse case of the most expensive instruction. (e.g. adding 0 and 1 can be done a lot quicker than adding (2^31)-1 and 1, because of no overflow)