Since the warrant is sealed, we shouldn't be too quick to jump to the conclusion that the raid is somehow directed at the Muslim clients. If it is, we can be outraged when the truth comes out. If it is not, we're just reinforcing the stereotype that Muslims are somehow always doing things shady enough to warrant 80-some FBI agents at a time. Few people will learn or remember that this was a false alarm.
Consider another possibility: wasn't that recent big kiddie porn case also based in Texas? It's hardly unreasonable to ask if this might be that site reborn. It would certainly explain the agents keeping quiet, especially if they're actively monitoring attempts to connect to that site since they took control.
Subject pretty much says it all. You either understand that conflicts come and go, but munitions last forever (mustard gas from WW-I is still occasionally found in Europe), and you accept the need to minimize that damage to the extent possible, or you don't.
It's also important to realize that, prior to the 20th Century, wars simply didn't leave much (non-biodegradable) hazardous material behind on the battlefield. Some lead from the bullets, but that's about it. Land mines, nerve gas and blistering agents, all are fairly recent inventions and we're just now learning how much long-lasting damage they cause.
(I know, some battles involved salting fields to kill off crops, etc., but you didn't have land mines in those fields that will blow off the legs of children gleaning the little food that does grow there.)
Information leaking from one site is annoying, esp. if it's something like a credit card number, but it's nothing compared to aggregated information being leaked.
As a silly example, let's say you buy rat poison. No big thing, people buy it all the time.
Let's say you buy a book about "perfect murders... and how they were caught." No big deal, people buy true crime books all the time.
Now let's say you recently bought a bunch of lingerie. And had it delivered. But not to your home address. You're having an affair, sleazy, but not unheard of.
Now finally let's toss in the fact that you just consulted a lawyer. A divorce lawyer. One who specializes in breaking prenuptial agreements.
Suddenly things are much more interesting.
Most of us aren't planning to murder our spouse, or even to look like we're thinking about it. But it's certainly possible for mindless data aggregation to cause people to jump to the wrong conclusion. E.g., you bought a couple books on alcoholism, and a few cases of wine? You obviously have a problem, don't you. (Nope, the wnie is a gift to newlyweds and the book is to help me understand if my nephew needs help.) Etc and so forth.
Even with all of this information centralized with Microsoft (and make no mistake that the Passport/Hailstorm system will not collect this information), my biggest concern isn't that it will be leaked. My concern is that it will have bogus information feed into it. There's a nice market opportunity for nasty companies to put bad information into these records, then offer to clean it up for you. For a modest price, of course. All of the potential damage of a credit report, but with none of the legal safeguards.
Of course, that same problem exists today with the aggregated data provided by from credit card companies, but again it isn't a *single* point of failure. Even if you crack Citibank (still the largest CC issuer?), it does nothing about the hundreds of millions of people who don't have Citibank cards. But crack Hailstorm and you'll have information on almost everyone online.
I'll head to Europe... but I'll be taking my share of the high tech stuff with me. The people who want to create a Christian Sharia can do so with the technology it creates. Historically, that's the dark ages of Europe, although I'm sure we can find it in our hearts to let you live at least as well as the Amish today.
But no TV or radio or telephones, damn it, because there's nothing in the Good Book about electrons. No remote power generation, no internal combustion engines, no antibiotics.
This sounds harsh, but we're not the ones who are trying to make this an "all or nothing" proposition.
When you talk to *your* PHB....
on
ACM vs. RIAA
·
· Score: 2
The ACM can give you a lot of leverage when you deal with your own PHBs. If you tell him (or them) that an idea is bad because of some stuff you read on Slashdot, he'll ignore you.
But if you can cite position papers from the ACM and IEEE, it's a lot harder for them to brush off your concerns as ill-informed ramblings of a bunch of geeks with no grasp of business or the law. If it comes down to it, you can even use this as the basis for a resignation if they insist on proceeding with something that you feel strongly about. If you do it for your own reasons, unfortunately, a lot of PHBs will just call you a flake. If you do it while citing an ACM "Code of Ethics" and position papers, it should be a wakeup call to them. It's hard to implement and maintain a program if the most knowledgeable workers resign over it!
High school students and retirees are good for usability testing, but anyone who thinks they'll be good for security testing is crazy.
N.B., I am not saying that no teenager (or retiree) can do good security testing work, but they're the exception. They'll be able to provide valuable usability feedback (e.g., no more butterfly ballots, or multiple selections made by shaky hands), but thinking it will say anything at all about security is a joke.
Good security testing requires a specific mindset and a good knowledge of previous attacks. This is rare, at any age, and requires the type of behavior that I'm sure the administrators will try to discourage. This sounds like a situation set up to guarantee a false sense of security.
Meanwhile, while you're downloading your cracking tools you might want to reread my comment. I know that it's possible to break past a masquerading firewall, but I doubt I can do much to stop someone with that much technical expertise anyway.
You might also want to look into modern package managers, especially <tt>apt-get update</tt>. It's not that hard to check for security patches once a week, or whenever I learn of a new release.
Actually, I particularly enjoy having BIND running locally. Since I fired it up:
1) I haven't had outages because my @home DNS servers have gone to lunch, and
2) I've gotten rid of a lot of junk after setting up some bogus entries for doubleclick.{net|com} and x11.com.
I agree that there's no reason for most home users to have a BIND system visible to the net at large, but there are some pretty good reasons for one if it can be located behind your firewall.
You're thinking about aluminum production after the discovery of the electrical refinement process. Before this was developed, the metal was extremely expensive, more expensive than gold on an ounce-by-once basis.
Since that new refining technique has been developed nobody thinks twice about tossing out an item containing pounds of aluminum. Recycling it would be nice, of course, but nobody is going into bankruptcy if they toss out old lawn furniture or the like. Try doing that with an equivalent amount of gold!
It's interesting to note that a similar change may be pending with another metal - I can't remember if it's titanium or platinum. Today the metal is still very expensive, but in a few years it may be as affordable as aluminum today.
Nobody will complain if the ISPs punish users for their individual indifference to numerous warnings. In this case, that would be disabling the cable/DSL modem of any user sending out Code Red requests.
But that's not what's happening. EVERY user, including the responsible IIS user who patched their system and all Apache, NCSA, et al users are being punished for the inactions of others.
If the reason why this is so offensive isn't already clear, let me ask you a question: if I'm going to be punished for the actions of others anyway, why should I give a flying fuck about cleaning up my own act? If you don't hold people individually responsible, most behavior quickly falls to the lowest common demoninator.
I can't speak for others, but I deliberately left my default Apache/Debian web page up. Anyone who has a need to see the real content can find it easily enough, and in the meanwhile I don't have to worry about some random visitor stumbling across sensitive information. (E.g., detailed information about the packages I have installed, which might tell people what attacks I'm vulnerable to, etc.)
1) there is an obvious, less-intrusive solution to the problem. Log the IP addresses, notify their ISP, and (assuming the ISP is on the ball) they "go dark" until they clean up their act. It's not like it's hard to verify the information provided to the ISP.
This will guarantee that 1) that system infects nobody else and 2) the owner is aware of the problem.
2) The second problem is contained in the comments above - quietly patching the system does nothing to undo the damage (it might close a few doors, but *anyone* could have run *anything* on that system while it was open) and does not teach the owner to take responsibility for their system.
However, this requires the ISP to take action. To be honest, some of these systems are starting to remind me of car alarms that run for hours (e.g., because of high winds) and the owner can't be bothered to shut them off. Breaking some glass on that car is illegal... but few cops or DAs would consider anger vented at car alarm which kept neighbors up all night a crime without a compelling mitigating factor.
Maybe I'm an idiot, but precisely how does DeCSS support these illegal acts?
Does DeCSS enable me to copy a DVD? Nope - any bitwise copy program will produce a copy identical to the original. Assuming there isn't some issue with the physical media (e.g., how some CD players can't read CD-R media) that copy can be used anywhere. Pirates don't need DeCSS to produce their bootleg copies.
Does DeCSS enable me to *distribute* a DVD? Of course not - distribution either means taking those bootleg discs to a mail box or a bitwise copy (see above) to a server somewhere on the net. Pirates sure as hell don't need DeCSS to distribute their bootleg copies.
What illegal act does DeCSS enable? Exactly one - circumvention of the "country code" so that a DVD produced for the US market can be viewed in Europe. These codes, it should be noted, were created solely to create artifically limited markets so the studios can make more money.
In contrast, any reasonable analysis must consider the legal uses of this software. Namely, the ability of people to view DVDs they legally purchased in the time/manner/place they prefer. The fact that this is even an issue says just how screwed up the current legal environment is. It's one thing for THX to insist on certain standards for commercial theaters who wish to use their logo, it's another for a studio to insist on the OS and, to a lesser extent, computer hardware of any person who wishes to view a DVD they legally purchased (or rented) from the corner store.
Postscript is a complete language
on
PDF Virus Spotted
·
· Score: 4, Interesting
Postscript is a complete language, the only reason it doesn't make a good viral platform is that the standard library is extremely limited (some disk I/O, no network I/O iirc) and there's no well-known way to call external libraries.
But make no mistake - it would not be hard to define an extension which allows PS functions to call native libraries. This is the type of extension that could be easily added to support some purpose, without consideration of how this will increase the risk of a viral load.
Finally, to ask the obvious question of why you would do extensive programming in PS, the reason is simple - it allows your file to adjust itself to the printer. E.g., you might have a file which contains meteorological information on a map. If you print the file on a standard printer you get two dozen reports. But if you print it on a large format printer, you get 4x as much information because the file knows it can push additional information onto the map. Or you might get basic information on a monochrome printer, and additional information on a color printer where you can provide visual distinction between the layers.
In some limited cases, you can even have the PS file compute its own content. I've seen that done with some fractal graphics - you might send a <1k file which causes the printer to sit and think for an hour. Great stuff for confusing MCSEs - the print queue says it's printing a 1k file, but it's been churning away for looooon time.
ASN.1 achieves good compression because the designer must specify every single and parameter for all time. The ASN.1 compiler, among other things, then figures out that that "Letterhead, A4, landscape" mode flag should be encoded as something like 4.16.3.23.1.5, which is actually a sequence of bits that can fit into 2 bytes because the ASN.1 grammar knows exactly how few bits are sufficient for every possible case.
In contrast, XML starts with *X* because it's designed to be extensible. The DTDs are not cast in stone, and in fact a well-behaved application should read the DTD for each session, and only extracting the items of interest. It's not an error if one site decides to extend their DTD locally, provided they don't remove anything.
But if you use ASN.1 compression, you either need to cast those XML DTDs into stone (defeating the main reason for XML in the first place), or compile the DTD into an ASN.1 compiler on the fly (an expensive operation, at least at the moment).
This idea is actually pretty clever if you control both sides of the connection and can ensure that the ASN.1 always matches the DTD, but as a general solution it's the wrong idea at the wrong time.
I think it's possible that the time when MS could "lock up" SMB/CIFS via patents may have passed. Samba is used by too many "mainstream" IT sites to provide Unix/Windows integration - sites that have already spent huge sums of money trying to port their business critical applications to Windows and failed.
If they actually tried to do this, the effect would be akin to the results if they tried to change MSIE to break on Apache servers (to create pressure to switch to IIS). Even before Code Red, very few sites would switch from Apache to IIS. Making the browser break on Apache would break so many sites that it would not force servers to switch to IIS, it would force users to switch from MSIE.
Likewise, if some future version of Windows breaks Samba, IT managers would simply insist on the old versions of Windows until they found a workaround, e.g., third-party SMB drivers for the "improved" Windows on new systems. Or they would investigate whether it's cheaper, and less risky, to convert every single workstation to Linux than to try, again, to port their key application to run on Windows. Combined with the other major headaches MS is trying to force down IT's staff (e.g., some early reports that the "new and improved" licenses sometimes go *poof* without warning, but it can take days to arrange a replacement. If that happens at the wrong moment, a company could lose a contract or a court case, costing millions of dollars. Are you willing to bet your company - and your personal savings - that Windows will never barf on you?) and this could be the straw that finally breaks the camel's back.
If I had to guess what's happening, MS is floating a trial balloon. They won't pay attention to us, but if InfoWorld starts reporting on the rumors and has some Fortune 500 IT managers saying they'll seriously evaluate alternatives if Samba is locked out of a latter-day CIFS, we'll never hear of this idea again.
@Home could block inbound HTTP queries (port 80, destination address in their block) without affecting outbound HTTP queries or their responses.
However, is this practical? It's hard to say - it should really be done at the lowest subnets, and that would take some effort to set up. Then again, the cost of doing nothing is rapidly adding up - my modem light has been on continuously for 24 hours. I haven't see this since I downloaded the ~20GB TIGR GIS data set.:-)
Let me guess - your version is BEFSR41 V.1, right? I saw those boxes at CompUSA, but picked up a BEFSR41 V.2 instead so I could avoid an immediate update cycle. That's why I found it so incredible that Linksys customer support claimed that they don't support Linux for these boxes.
I rarely contact customer support precisely because my problems never fit their scripts, but when the modem appeared to be non-responsive (I could modify a few pages, but hitting "submit" did nothing) I had no choice but to call customer support.
Their incompetence made a five-minute problem ("turn on javascript") into a 3-hour ordeal as I followed their suggestion to load new firmware, something which required a TFTP client "enhanced" to support a password. Which meant it wasn't really TFTP, but I digress. I had to dig out and set up a Windows box to run the executable, etc.
And the modem was still non-responsive. For this much invested time, I could have set up a Linux box as the firewall (which I was trying to avoid, primarily due to the extra power consumption.) That wasted time is why I was so pissed at their indifference.
You're right that they might have just farmed out their support, but the bottom line is that they gave me bad advice, then tried to claim it was MY fault because I wasn't using an approved browser. That's a combination of indifference and arrogance that I refuse to support - I will not reward it with additional business.
You didn't specify if you're having problems accessing information about the current season, or earlier ones.
There is extremely little information available about episodes until after they air. Even after they air the synopsis and screen shots might not appear for some time. If you're not seeing information about the current season, it's probably because they haven't release it yet, not because of your location.
Stargate SG-1 airs at 10 PM on the east and west coast feeds. Since my cable provider normally uses the east-coast feeds, I get it at 8 PM.
If you're seeing it at midnight, you're either on a tape delay or in the CTZ but getting the west coast feed for some reason. Either way, you should complain to your cable provider.
(If I had to guess, this is to "protect the children" from the nudity and sexual situations in their late-night programming. Heaven forbid we expect parents to monitor what their children are watching on TV in the late evening.)
Stargate SG-1, based on the movie Stargate is original programming on Showtime, and syndicated a year later. The new Outer Limits followed the same approach.
The movie and early episodes were occasionally painful to watch as a writer tried to include some pseudoscientific nonsense, but they seem to have put that past them.
The benefits of Stargate SG-1?
Excellent continuity, but with a good mix of new material. A welcome change from Star Trek, which alternates between total amnesia and years-long story arcs.
Solid backstory. They have a USAF advisor to make sure the military procedures make sense - and even had a brief appearance by an USAF general on active duty. They do enough research into ancient cultures that watching the History Channel is surreal - all of the names are familiar.
Sane technology. A lot of bad SF lets the technology dominate the story. Stargate SG-1 generally uses standard (or near standard) contemporary technology. Alien tech is rarely used by the SG teams, and aliens generally only use a handful of devices. No sudden solution to the problem by generating an inverse tachyon pulse or other crap like that.
Strong characters. There's only a half-dozen major characters, each with well-defined roles (the four members of the team, General Hammond, and the doctor.) There's maybe a dozen recurring minor characters, each well-defined. There's no sense of having seen the same character a dozen times before, only with a slightly different forehead.
Most importantly, a good sense of humor. Some of the episodes are deliberately over the top (Urgo), but there are also a lot of serious episodes with extremely funny, but totally natural, sequences. (E.g., the alien who constructed a new stargate in Sam's basement with hundreds of pounds of titanium(?), 7 100kW lamps,... and her toaster.)
I've seen a lot of people talking about how their Linksys Cable/DSL modem hides the PPPoE.
Unfortunately, Linksys does NOT support Linux. Even though the configuration is all done through a web browser, they do NOT support Linux. Even though the box says they support/require Netscape 4.x, the Linux version of Netscape does NOT qualify.
I know this makes absolutely no sense. But this is what I was told by Linksys customer service when I was having problems with my Cable/DSL modem.
My problem, incidently, was that I had javascript disabled (to kill all of the popups, popdowns, redirects to porn sites, etc.) and their pages lack the standard <noscript> clause to remind me to turn on javascript. This is apparently not a problem with MSIE, and the customer service person made it damn clear that my stupidity was why Linksys does NOT support Linux. I got the distinct impression that he would not be forwarding on my (polite) suggestion that adding that extra clause would reduce headaches for both of us.
YMMV, and I don't understand this attitude since other Linksys products had prominent notes on their boxes that they do support Linux, but for some reason they decided to be real *******s to Linux users for this box. Keep that in mind if you're counting on using one of these boxes to hide the PPPoE conversion - there may be a long-term plan to ultimately support a protocol which requires a MS box to "unlock" the upstream connection.
Slashdot Mirror
Since the warrant is sealed, we shouldn't be too quick to jump to the conclusion that the raid is somehow directed at the Muslim clients. If it is, we can be outraged when the truth comes out. If it is not, we're just reinforcing the stereotype that Muslims are somehow always doing things shady enough to warrant 80-some FBI agents at a time. Few people will learn or remember that this was a false alarm.
Consider another possibility: wasn't that recent big kiddie porn case also based in Texas? It's hardly unreasonable to ask if this might be that site reborn. It would certainly explain the agents keeping quiet, especially if they're actively monitoring attempts to connect to that site since they took control.
Subject pretty much says it all. You either understand that conflicts come and go, but munitions last forever (mustard gas from WW-I is still occasionally found in Europe), and you accept the need to minimize that damage to the extent possible, or you don't.
It's also important to realize that, prior to the 20th Century, wars simply didn't leave much (non-biodegradable) hazardous material behind on the battlefield. Some lead from the bullets, but that's about it. Land mines, nerve gas and blistering agents, all are fairly recent inventions and we're just now learning how much long-lasting damage they cause.
(I know, some battles involved salting fields to kill off crops, etc., but you didn't have land mines in those fields that will blow off the legs of children gleaning the little food that does grow there.)
Information leaking from one site is annoying, esp. if it's something like a credit card number, but it's nothing compared to aggregated information being leaked.
As a silly example, let's say you buy rat poison. No big thing, people buy it all the time.
Let's say you buy a book about "perfect murders... and how they were caught." No big deal, people buy true crime books all the time.
Now let's say you recently bought a bunch of lingerie. And had it delivered. But not to your home address. You're having an affair, sleazy, but not unheard of.
Now finally let's toss in the fact that you just consulted a lawyer. A divorce lawyer. One who specializes in breaking prenuptial agreements.
Suddenly things are much more interesting.
Most of us aren't planning to murder our spouse, or even to look like we're thinking about it. But it's certainly possible for mindless data aggregation to cause people to jump to the wrong conclusion. E.g., you bought a couple books on alcoholism, and a few cases of wine? You obviously have a problem, don't you. (Nope, the wnie is a gift to newlyweds and the book is to help me understand if my nephew needs help.) Etc and so forth.
Even with all of this information centralized with Microsoft (and make no mistake that the Passport/Hailstorm system will not collect this information), my biggest concern isn't that it will be leaked. My concern is that it will have bogus information feed into it. There's a nice market opportunity for nasty companies to put bad information into these records, then offer to clean it up for you. For a modest price, of course. All of the potential damage of a credit report, but with none of the legal safeguards.
Of course, that same problem exists today with the aggregated data provided by from credit card companies, but again it isn't a *single* point of failure. Even if you crack Citibank (still the largest CC issuer?), it does nothing about the hundreds of millions of people who don't have Citibank cards. But crack Hailstorm and you'll have information on almost everyone online.
I've seen this attitude so many times I'll bite.
I'll head to Europe... but I'll be taking my share of the high tech stuff with me. The people who want to create a Christian Sharia can do so with the technology it creates. Historically, that's the dark ages of Europe, although I'm sure we can find it in our hearts to let you live at least as well as the Amish today.
But no TV or radio or telephones, damn it, because there's nothing in the Good Book about electrons. No remote power generation, no internal combustion engines, no antibiotics.
This sounds harsh, but we're not the ones who are trying to make this an "all or nothing" proposition.
The ACM can give you a lot of leverage when you deal with your own PHBs. If you tell him (or them) that an idea is bad because of some stuff you read on Slashdot, he'll ignore you.
But if you can cite position papers from the ACM and IEEE, it's a lot harder for them to brush off your concerns as ill-informed ramblings of a bunch of geeks with no grasp of business or the law. If it comes down to it, you can even use this as the basis for a resignation if they insist on proceeding with something that you feel strongly about. If you do it for your own reasons, unfortunately, a lot of PHBs will just call you a flake. If you do it while citing an ACM "Code of Ethics" and position papers, it should be a wakeup call to them. It's hard to implement and maintain a program if the most knowledgeable workers resign over it!
High school students and retirees are good for usability testing, but anyone who thinks they'll be good for security testing is crazy.
N.B., I am not saying that no teenager (or retiree) can do good security testing work, but they're the exception. They'll be able to provide valuable usability feedback (e.g., no more butterfly ballots, or multiple selections made by shaky hands), but thinking it will say anything at all about security is a joke.
Good security testing requires a specific mindset and a good knowledge of previous attacks. This is rare, at any age, and requires the type of behavior that I'm sure the administrators will try to discourage. This sounds like a situation set up to guarantee a false sense of security.
It's been a while since I read the stories, but I'm pretty sure this is the system of the Kzinti homeworld!
Quick, somebody get Larry Niven on the phone for a comment!
Go for it, dude.
Meanwhile, while you're downloading your cracking tools you might want to reread my comment. I know that it's possible to break past a masquerading firewall, but I doubt I can do much to stop someone with that much technical expertise anyway.
You might also want to look into modern package managers, especially <tt>apt-get update</tt>. It's not that hard to check for security patches once a week, or whenever I learn of a new release.
Actually, I particularly enjoy having BIND running locally. Since I fired it up:
1) I haven't had outages because my @home DNS servers have gone to lunch, and
2) I've gotten rid of a lot of junk after setting up some bogus entries for doubleclick.{net|com} and x11.com.
I agree that there's no reason for most home users to have a BIND system visible to the net at large, but there are some pretty good reasons for one if it can be located behind your firewall.
You're thinking about aluminum production after the discovery of the electrical refinement process. Before this was developed, the metal was extremely expensive, more expensive than gold on an ounce-by-once basis.
Since that new refining technique has been developed nobody thinks twice about tossing out an item containing pounds of aluminum. Recycling it would be nice, of course, but nobody is going into bankruptcy if they toss out old lawn furniture or the like. Try doing that with an equivalent amount of gold!
It's interesting to note that a similar change may be pending with another metal - I can't remember if it's titanium or platinum. Today the metal is still very expensive, but in a few years it may be as affordable as aluminum today.
Nobody will complain if the ISPs punish users for their individual indifference to numerous warnings. In this case, that would be disabling the cable/DSL modem of any user sending out Code Red requests.
But that's not what's happening. EVERY user, including the responsible IIS user who patched their system and all Apache, NCSA, et al users are being punished for the inactions of others.
If the reason why this is so offensive isn't already clear, let me ask you a question: if I'm going to be punished for the actions of others anyway, why should I give a flying fuck about cleaning up my own act? If you don't hold people individually responsible, most behavior quickly falls to the lowest common demoninator.
I can't speak for others, but I deliberately left my default Apache/Debian web page up. Anyone who has a need to see the real content can find it easily enough, and in the meanwhile I don't have to worry about some random visitor stumbling across sensitive information. (E.g., detailed information about the packages I have installed, which might tell people what attacks I'm vulnerable to, etc.)
There are two problems with an anti-worm:
1) there is an obvious, less-intrusive solution to the problem. Log the IP addresses, notify their ISP, and (assuming the ISP is on the ball) they "go dark" until they clean up their act. It's not like it's hard to verify the information provided to the ISP.
This will guarantee that 1) that system infects nobody else and 2) the owner is aware of the problem.
2) The second problem is contained in the comments above - quietly patching the system does nothing to undo the damage (it might close a few doors, but *anyone* could have run *anything* on that system while it was open) and does not teach the owner to take responsibility for their system.
However, this requires the ISP to take action. To be honest, some of these systems are starting to remind me of car alarms that run for hours (e.g., because of high winds) and the owner can't be bothered to shut them off. Breaking some glass on that car is illegal... but few cops or DAs would consider anger vented at car alarm which kept neighbors up all night a crime without a compelling mitigating factor.
Maybe I'm an idiot, but precisely how does DeCSS support these illegal acts?
Does DeCSS enable me to copy a DVD? Nope - any bitwise copy program will produce a copy identical to the original. Assuming there isn't some issue with the physical media (e.g., how some CD players can't read CD-R media) that copy can be used anywhere. Pirates don't need DeCSS to produce their bootleg copies.
Does DeCSS enable me to *distribute* a DVD? Of course not - distribution either means taking those bootleg discs to a mail box or a bitwise copy (see above) to a server somewhere on the net. Pirates sure as hell don't need DeCSS to distribute their bootleg copies.
What illegal act does DeCSS enable? Exactly one - circumvention of the "country code" so that a DVD produced for the US market can be viewed in Europe. These codes, it should be noted, were created solely to create artifically limited markets so the studios can make more money.
In contrast, any reasonable analysis must consider the legal uses of this software. Namely, the ability of people to view DVDs they legally purchased in the time/manner/place they prefer. The fact that this is even an issue says just how screwed up the current legal environment is. It's one thing for THX to insist on certain standards for commercial theaters who wish to use their logo, it's another for a studio to insist on the OS and, to a lesser extent, computer hardware of any person who wishes to view a DVD they legally purchased (or rented) from the corner store.
Postscript is a complete language, the only reason it doesn't make a good viral platform is that the standard library is extremely limited (some disk I/O, no network I/O iirc) and there's no well-known way to call external libraries.
But make no mistake - it would not be hard to define an extension which allows PS functions to call native libraries. This is the type of extension that could be easily added to support some purpose, without consideration of how this will increase the risk of a viral load.
Finally, to ask the obvious question of why you would do extensive programming in PS, the reason is simple - it allows your file to adjust itself to the printer. E.g., you might have a file which contains meteorological information on a map. If you print the file on a standard printer you get two dozen reports. But if you print it on a large format printer, you get 4x as much information because the file knows it can push additional information onto the map. Or you might get basic information on a monochrome printer, and additional information on a color printer where you can provide visual distinction between the layers.
In some limited cases, you can even have the PS file compute its own content. I've seen that done with some fractal graphics - you might send a <1k file which causes the printer to sit and think for an hour. Great stuff for confusing MCSEs - the print queue says it's printing a 1k file, but it's been churning away for looooon time.
This idea totally misses the point.
ASN.1 achieves good compression because the designer must specify every single and parameter for all time. The ASN.1 compiler, among other things, then figures out that that "Letterhead, A4, landscape" mode flag should be encoded as something like 4.16.3.23.1.5, which is actually a sequence of bits that can fit into 2 bytes because the ASN.1 grammar knows exactly how few bits are sufficient for every possible case.
In contrast, XML starts with *X* because it's designed to be extensible. The DTDs are not cast in stone, and in fact a well-behaved application should read the DTD for each session, and only extracting the items of interest. It's not an error if one site decides to extend their DTD locally, provided they don't remove anything.
But if you use ASN.1 compression, you either need to cast those XML DTDs into stone (defeating the main reason for XML in the first place), or compile the DTD into an ASN.1 compiler on the fly (an expensive operation, at least at the moment).
This idea is actually pretty clever if you control both sides of the connection and can ensure that the ASN.1 always matches the DTD, but as a general solution it's the wrong idea at the wrong time.
It's still used for many, many things. One of the major current uses is X.509 digital certificate encoding.
I think it's possible that the time when MS could "lock up" SMB/CIFS via patents may have passed. Samba is used by too many "mainstream" IT sites to provide Unix/Windows integration - sites that have already spent huge sums of money trying to port their business critical applications to Windows and failed.
If they actually tried to do this, the effect would be akin to the results if they tried to change MSIE to break on Apache servers (to create pressure to switch to IIS). Even before Code Red, very few sites would switch from Apache to IIS. Making the browser break on Apache would break so many sites that it would not force servers to switch to IIS, it would force users to switch from MSIE.
Likewise, if some future version of Windows breaks Samba, IT managers would simply insist on the old versions of Windows until they found a workaround, e.g., third-party SMB drivers for the "improved" Windows on new systems. Or they would investigate whether it's cheaper, and less risky, to convert every single workstation to Linux than to try, again, to port their key application to run on Windows. Combined with the other major headaches MS is trying to force down IT's staff (e.g., some early reports that the "new and improved" licenses sometimes go *poof* without warning, but it can take days to arrange a replacement. If that happens at the wrong moment, a company could lose a contract or a court case, costing millions of dollars. Are you willing to bet your company - and your personal savings - that Windows will never barf on you?) and this could be the straw that finally breaks the camel's back.
If I had to guess what's happening, MS is floating a trial balloon. They won't pay attention to us, but if InfoWorld starts reporting on the rumors and has some Fortune 500 IT managers saying they'll seriously evaluate alternatives if Samba is locked out of a latter-day CIFS, we'll never hear of this idea again.
@Home could block inbound HTTP queries (port 80, destination address in their block) without affecting outbound HTTP queries or their responses.
:-)
However, is this practical? It's hard to say - it should really be done at the lowest subnets, and that would take some effort to set up. Then again, the cost of doing nothing is rapidly adding up - my modem light has been on continuously for 24 hours. I haven't see this since I downloaded the ~20GB TIGR GIS data set.
Let me guess - your version is BEFSR41 V.1, right? I saw those boxes at CompUSA, but picked up a BEFSR41 V.2 instead so I could avoid an immediate update cycle. That's why I found it so incredible that Linksys customer support claimed that they don't support Linux for these boxes.
I rarely contact customer support precisely because my problems never fit their scripts, but when the modem appeared to be non-responsive (I could modify a few pages, but hitting "submit" did nothing) I had no choice but to call customer support.
Their incompetence made a five-minute problem ("turn on javascript") into a 3-hour ordeal as I followed their suggestion to load new firmware, something which required a TFTP client "enhanced" to support a password. Which meant it wasn't really TFTP, but I digress. I had to dig out and set up a Windows box to run the executable, etc.
And the modem was still non-responsive. For this much invested time, I could have set up a Linux box as the firewall (which I was trying to avoid, primarily due to the extra power consumption.) That wasted time is why I was so pissed at their indifference.
You're right that they might have just farmed out their support, but the bottom line is that they gave me bad advice, then tried to claim it was MY fault because I wasn't using an approved browser. That's a combination of indifference and arrogance that I refuse to support - I will not reward it with additional business.
You didn't specify if you're having problems accessing information about the current season, or earlier ones.
There is extremely little information available about episodes until after they air. Even after they air the synopsis and screen shots might not appear for some time. If you're not seeing information about the current season, it's probably because they haven't release it yet, not because of your location.
Stargate SG-1 airs at 10 PM on the east and west coast feeds. Since my cable provider normally uses the east-coast feeds, I get it at 8 PM.
If you're seeing it at midnight, you're either on a tape delay or in the CTZ but getting the west coast feed for some reason. Either way, you should complain to your cable provider.
(If I had to guess, this is to "protect the children" from the nudity and sexual situations in their late-night programming. Heaven forbid we expect parents to monitor what their children are watching on TV in the late evening.)
No final decision has been made yet whether Showtime will pick up a 6th season.
The movie and early episodes were occasionally painful to watch as a writer tried to include some pseudoscientific nonsense, but they seem to have put that past them.
The benefits of Stargate SG-1?
I've seen a lot of people talking about how their Linksys Cable/DSL modem hides the PPPoE.
Unfortunately, Linksys does NOT support Linux. Even though the configuration is all done through a web browser, they do NOT support Linux. Even though the box says they support/require Netscape 4.x, the Linux version of Netscape does NOT qualify.
I know this makes absolutely no sense. But this is what I was told by Linksys customer service when I was having problems with my Cable/DSL modem.
My problem, incidently, was that I had javascript disabled (to kill all of the popups, popdowns, redirects to porn sites, etc.) and their pages lack the standard <noscript> clause to remind me to turn on javascript. This is apparently not a problem with MSIE, and the customer service person made it damn clear that my stupidity was why Linksys does NOT support Linux. I got the distinct impression that he would not be forwarding on my (polite) suggestion that adding that extra clause would reduce headaches for both of us.
YMMV, and I don't understand this attitude since other Linksys products had prominent notes on their boxes that they do support Linux, but for some reason they decided to be real *******s to Linux users for this box. Keep that in mind if you're counting on using one of these boxes to hide the PPPoE conversion - there may be a long-term plan to ultimately support a protocol which requires a MS box to "unlock" the upstream connection.