Any robust networked FS needs strong central authentication. The alternative is NFS where any idiot with local root access can impersonate anyone else.
All existing applications will use the standard calls and either suceed or fail.
I think you're too quick to dismiss the idea of unified ACL tools, though. Could you imagine the chaos if the VFS didn't exist and you had to use "ls" on ext2, "dir" on dos/vfat/iso, "nls" on nfs, etc.? Can you imagine the pain of keeping track of which application works on each directory? Many people would prefer to see a minimal set of ACL semantics that work everywhere (if supported at all) than a more robust set that only works part of the time.
But the key point which I think you're missing is that you're thinking of ACLs as what lives on a Unix disk locally mounted. If you've mounted a NTFS partition, there is no "user/group" in the ACL, there's only a list of UUIDs. If you've mounted an AFS image, there's globally unique user-ids which may not correspond cleanly to your local users. (One thing everyone agrees on is that networked ACLs should not be vulnerable to the same trivial spoofing as NFS ownerships!)
Conceptually, all ACLs are doing the same thing so it should be possible to identify an abstraction. In practice, this hadn't been done at the time I last investigated the issue.
The application (which includes the tools for manipulating ACLs) have to know what semantics are supported.
If there's a single VACL layer, any application that supports one underlying FS will support all.
If there's multiple ACL layers, then you'll need separate tools for each type of filesystem. This means you have to know what FS you're residing on. This is a Bad Thing (TM).
I haven't been following the kernel discussion for some time, but I recall that there was some concern over how to handle ACLs.
The problem is that Linux supports a *lot* of different filesystems, and they often have different ACL semantics. (Think standard Unix ACLs, NT ACLs keyed by UUIDs, and network FS ACLs.) The way to implement any single set of semantics is obvious, but the way to implement a virtual ACL level so you can hide the details from applications is not.
Until this has been figured out -- or the cost of maintaining multiple ACL semantics outweighs the cost of not having ACL support -- all of the ACL patches will remain outside of the main kernel tree.
It sounds like the initial consent was invalid and the GPL is not binding on the code you released.
However, I must admit that my eyebrows went up with the stated intention to incorporate this code into a proprietary system. I know that the government often pays for initial development and turns the results over to a company for deployment, but those companies are usually involved from the start.
More generally, software (and all IP) developed with public money generally belongs to the public. It isn't always released, esp. if it involves national security, but it doesn't sound like that would apply in this case.
Perhaps it's time to investigate a FOIA (Freedom of Information Act) filling. Not because you could use the code obtained by it, but to establish that the code *is* the legal property of the US Government, not a company. A FOIA would also uncover if the software was developed by public funds and improperly given, exclusively, to a private concern. This should give you enough information to take it to your congressman - and local investigative reporters - for further action.
(Finally, for the anal among us IANAL. Get over it - no sane person gets their legal advice from slashdot. Our function is to raise issues that can be pursued further with local counsel.)
Think about it, I'm sure that most of the real "disk hogs" are things like
mp3s, mpgs, tar.gz's and.zips.
You might be surprised. When I was playing with a local news spool I had to reformat the partition because I ran out of inodes. At the same time I dropped the blocksize from the default 4k to 2k, and recovered nearly 1 GB out of a 4 GB partition.
Further research showed that the average file size was around 5k, so it required 8k of disk space (3k unused). A 2k blocksize required 6k of disk space (1k unused). A 1k blocksize freed up even more space.
If you have a lot of small files you can eat up a surprising amount of disk space in the tail of your files.
Memory is recoverable from DRAM/SRAM for some time. Not trivially, but it takes a long time for the electron density in all of the cells to return to a statistically meaningless state.
An excellent example of this was the recent Concorde crash. I recall reading a little blurp about how it used a solid state memory data recorder which had lost power... yet the investigators were still able to extract most of the information from it.
Like all questions with security, the answer depends on your threat. Ensuring data isn't recoverable by your spouse or parents is very different from ensuring it isn't recoverable by a TLA.
PARENTS: <code>dd if=/dev/zero of=/dev/hdc</code> will make the disk appear empty to anyone who uses the standard access hardware.
TABLOID JOURNALISTS: you'll probably want to use one of the multi-pass programs. Civilian data recovery sites might still be able to pull up the data, but multiple writes (properly done) will make it expensive enough to discourage most people. If the material is sufficiently sensitive (e.g., you're protecting medical records of celebrities and the tabloids have been caught dumpster-diving) you might want to proceed to the next step.
TLA: big vat-o-acid to dissolve the platter. Forge to heat the platter to melting temperature, or at least hot enough to completely scramble all magnetic domains. Heavy duty sanders, again producing enough heat to scramble any magnetic domain that survives the abrasion and magnetic fields in the motor.
ALL: don't forget that data rarely exists in only one place. It's a waste of time to carefully scrub hard disks, yet toss backup CD-Rs into the trash as-is.
This occured in Korea, but in the US the part of any business that deals with the public (e.g., everything up to the McDonalds counter) is a "public accomodation" and they can impose very few restrictions on the public in that space. It's not as "free" as a public park, but it's not as restrictive as office or industrial spaces.
The space behind a counter is not a public accomodation and McDonald's could have anyone there arrested for trespassing, no matter what they're wearing, but they can't say anything about a peaceful group wearing PETA shirts in the order line. They can ask protesters waving signs to move on, but only because they're disrupting others and only to the extent that they ask other protesters to do the same.
Finally, telcos in the US are "common carriers" and <b>required</b> to carry all content, in exchange for immunity to conspiracy charges for the same. If a DSL drops a customer's service because he criticized their policy, then that same DSL may find itself named codefendant to a murder conspiracy charge because they permitted other customers to discuss a planned murder.
The students can still obtain bandwith at a private ISP, just like all other citizens. Even if the students can't use the dorm phone lines to connect to their private ISP (common in university-run phone systems), they can almost certainly still telnet/passive ftp into it via their broadband access.
Suppression of ALL political speech is generally considered more acceptable than suppression of SOME political speech, since there's no risk of favoritism. Students do have alternatives to their campus-run ISP.
The student's community, to a large extent, is the university itself. It sounds like this policy will still allow dorm-room servers to be set up, but they will only be visible from within the university.
The university's actions will certainly impose a modest burden on the student's political speech, but it doesn't seem to be an unreasonable one.
One nit: health club memberships are actually two contracts, one to get access for N months for X dollars, and a second financing contract to spread those payments out over N months, plus interest. The contracts are completely unrelated, which is why some people have been forced to pay for their membership for years after the health club itself closes.
The connection with software subscription is that the software may be sold in the same way - pay X dollars for N months of access, and if the software is unusable for any reason (e.g., you had a disk crash and had to reformat/replace it, changing the SDMI(?) keys then you're SOL - you'll have to buy a second, separate subscription).
Something that my friends and I have seen happening with alarming regularity is companies waiting until the first day of employment to do all of this paperwork. The intent is clearly to wait until the new employee is committed - he's already quit his previous job and not able to return to it - before springing these restrictive terms on him. Few "permanent" employees can afford to walk away at that point. (Contractors, on the other hand, often can.)
The solution is straightforward - ask for copies of the NDAs and such before accepting any offer. If they hesitate, it's a giant red flag. Ditto any attempt to substitute different agreements for the ones you were given.
I've never claimed that these groups never carry obscene material, only that when I investigated there was nothing but cross-posted spam. One data point, years out of date, but more than what most other posters were offering.
Obviously the situation is very different if there's a significant amount of obscene material in the group. But that's something that needs to be investigated - simply deleting groups because of their name or an isolated article opens the door to broad attacks on "undesirable" sites. The last thing we want is to implicitly encourage posting this type of material because it's the fastest way to shut down something like alt.abortions or talk.politics.guns.
Assuming that the details involved articles in the local news server spool, what exactly do you want the ISP to do?
Delete the offensive articles? No problem.
Delete the offensive newsgroup? Big problem. Do you delete the entire comp.os.linux.* hierarchy because some idiot spams it with a single explicit picture? A dozen? What about the soc.motss.* hierachy? The alt.pagan.* groups? The soc.catholicism.* groups?
Oh, you said that this is different because it was (at a guess) alt.binaries.pictures.erotica.pre-teen.hardcore? Have you actually looked at the content of that newsgroup? I have, before complaining to *my* ISP, and determined that there was literally nothing there (at the times I checked) which wasn't cross-posted to every other abpe newsgroup. Damn spammers! But since I didn't see anything other than "hot 14-year-old babes" who were clearly old enough to have 14-year-old daughters I didn't see any reason to contact my ISP.
On the one hand, there's nothing "there" so I shouldn't mind if the newsgroup is deleted. On the other hand, I've seen far too many people who don't understand why gay or (legitimate) pre-teen sexuality or wiccan/pagan or illicit drug information or any of a dozen other topics shouldn't also be banned. After all, "in this state sodomy is illegal (and it's against God's law everywhere)!" and "in this state the age of consent is 18 so no teenagers are fucking other teenagers and that's why the schools give absolutely no sex education lessons" and "drugs are illegal so nobody is taking them and therefore nobody needs to know how to recognize their friends are overdosing" or....
Of course the ISP should remove specific articles containing obscene material. (Arguably, it should have forged a "cancel" message for it, so it would have been deleted from other servers as well.) The ISP should have probably had somebody monitor the newsgroup for a while after the complaint.
But it does not follow that it should have immediately deleted that newsgroup, or entire hierarchy, or entire fscking news server, because some of the articles were obscene.
As others have pointed out, this is a common practice.
However, you need to watch for the devil in the details. Reimbursement should only be required after voluntary separation, not after being laid off or fired. Your company might usually let this slide, but if it's in bankruptcy the creditors may demand it go after *everything* it legally can, including laid off employee's educational expenses.
Another "devil" is the details of what's to be reimbursed. Is it your out-of-pocket expenses that were covered (e.g., for a college course), or the company's out-of-pocket expenses (e.g., airfare and the like paid for directly by the company)? What about your salary, if training occured during working hours?
Have you actually looked at these groups for yourself? I mean really looked at it - how many articles are cross-posted spam, how many articles are individually-posted spam to multiple groups?
There's not much "there" there. I'm tempted to say there's nothing there.
All a newsgroup-name based ban would do is establish a precedence for banning newsgroups on the basis of their name, not specific objectionable content.
A slightly simplier problem can give you insights into possible solutions. How do you manage a distributed file system? That is, something that looks like a single file system but can operate and recover from partitioning?
There are a couple solutions, but all (iirc) in turn ultimately reduce to an even simplier question: how do you manage distributed messaging? A classic example of this is "buy" and "sell" orders in a distributed stock exchange - there needs to be some way of ensuring that all parties can agree on <b>the</b> ordering of all messages. Disagreement on ordering can have major ramifications since it can affect the price paid, possibly even whether the stock was obtained at all. Likewise, ordering of file systems reads and writes can determine what gets written to disk and/or what gets fed to running applications.
Once you have that, you can start looking at recovery issues in filesystems. IIRC, all come down to a question of how many systems you write data to, and how many systems you read data from. When you read data you'll often get multiple versions of the same information (because of update latency) and you need to know how to determine which is the most current.
The two extremes are "everyone has everything" (total replication) and "only one server has each item" (multiple independent and disjoint servers). Depending on expected loads (esp. the ratio of reads to writes) you might see a policy of reading from a third of all systems, writing to 2/3 of them. No system will have all data, but all will have most.
All of this points to an unstated assumption in your question. "Distributed" means more than one thing - to someone who has studied algorithms they usually refer to designs that maximize availability despite network partitioning (e.g., line cuts or court injuctions against some servers). These algorithms require substantial, if not complete, data replication.
To many people, "distributed" also means what we would call "partitioned" algorithms where multiple sites work on a small part of the problem and the results are combined later. Examples are factorization efforts and SETI-at-home. These algorithms don't require replication, but they are highly vulnerable to partitioning.
What problem are you trying to solve with this distributed database?
This is fairly risky. You didn't specify the type of work you do, but the employment law (and case law) was all written around situations like inside sales agents moving to a competitor and taking clients, technical recruiters moving to a competitor and taking clients, etc. If your services are "sold" to the clients in any way, you might be covered by the state's general "Faithfulness and Fidelity of Employees" laws (or whatever it's called in your state) - checking your employment contract (if any) and employee handbook (if any) may not be enough.
The general rule is that former employees should not contact former clients for N months (or years), although it is somewhat more acceptable if the clients contact them. But if you've been discussing taking a job with them, a claim that you quit to work on your tan and this client tracked you down and offered a job won't hold much water in court.
However, from what you said it's possible that your current employer sees this client as a pest and won't care if take them away. But they might protest because they want you to stay for other clients. They might not be able to force you continue working for them, but they might be able to prevent you from working for their former client.
This is one case where you really should consult a local lawyer. Second best would probably be asking to speak to your company's HR person "in confidence" and explaining the situation - do NOT say you're definitely leaving, but essentially give them a "right of first refusal." They can still be assholes, but you'll be in a better position if the companies start fighting. And you might get lucky - the HR person may be competent and offer to investigate how your current employer will respond without identifying you specifically.
Asking the question that everyone else seems to be missing, was OpenSSH named after SSH-the-application or SSH-the-protocol?
For countless reasons, I'm sure it's the latter. But that begs the question of why SSH-the-company was so incredibly incompetent that they named SSH-the-protocol after SSH-the-application even though virtually all servers and clients try to incorporate their protocol into the name. TELNET, FTP, FINGER, PING, HTTP(D), etc. Sendmail and bind are two notable exceptions, and of course this can't apply to multiprotocol clients (e.g., Mosaic, Navigator/Commuicator).
OpenSSH, to me, says one thing and one thing only - that it's an "open" implementation of the "SSH" protocol. It has absolutely no connection to SSH-the-program or SSH-the-company other than the historical curiosity that the latter originated the protocol and is pushing it on the standards track. (Something which is undoubtably dead in the water until they (SSH, not ISO) pull their head out of their corporate assh.)
If SSH-the-company wants to keep the identity of SSH-the-program distinct from SSH-the-protocol, they should change the name of SSH-the-program.
Skipping the details (partly because I've forgotten them:-), the local rec center was very non-responsive to complaints. Eventually there was strong evidence that someone was taking pictures in the women's locker room.
The response? A rewritten waiver that made it clear that patrons could be photographed ANYWHERE IN THE FACILITY and they gave permission for this. Only people following the news would know that this included the shower, the toilet, and other areas where most people expect privacy.
Another part of the waiver was an acceptance of all risk on rec center sponsored events. I can accept the need to protect the facility from lawsuits because, e.g., someone felt that they didn't really need to have a physical before joining a high impact aerobics class. But this disclaimer looked like it would also cover an accident on an art gallery tour caused by a drunk driver employeed by the city, someone injured by a lightning strike because a nature hike tour ignored numerous warning signs of an approaching storm, and other clearly negligent acts.
I doubt you'll get anywhere with the bureaucrat running the Rec Department. You might, but it's unlikely. You should probably expect to speak at city council meetings and hope someone will listen. But the city is dealing with some legitimate concerns (minors need parental contact information, most other people desire emergency contact information, the feds provide a lot of funding and demand proof that the money isn't being used at a de facto country club).
Bob O. Roberts, a senior officer of the largest soda vending machine, announced a major PR initiative to fight "free soda" policies common at many companies, most notably Microsoft.
"These companies claim it is just a cheap HR trick that the inhabitants of the cube farm really suck up", Roberts claimed, "but they overlook that this kills a lot of entry- and mid-level support jobs. With a vending machine, you have the guys working in the factory making the vending machines, you have the guys on their runs stocking the machines, emptying the change box, etc. You have repairmen. You even have a white colar sales force. That's a lot of jobs, many of them some of the few jobs still available to working class 'joes' without a college diplomma, that these companies are wiping out by having an intern run over to Costco to stock up on soda to just GIVE OUT to the employees!"
Roberts continues: "what made America the leading industrial power? Was it white collar workers sipping free drinks in their office? Hell, no, it was INDUSTRY. Henry Ford and his mass production assembly line! Steel mills! Railroad lines stretched from coast to coast! None of those workers got free soda from their boss! They all paid for what they got, supporting additional jobs, and that's what made this country great!"
Microsoft executives refused to comment on this story.
In order to have rights, a creature must also be responsible
This is absolute crap. Rights are never "absolute" in the sense of one right always trumping another, but they ARE absolute in the sense that all humans retain these rights no matter how irresponsibly they behave. That's why they are call "rights," not "concessions."
The classic example from the past few years is the Oklahoma City bombers. Despite their actions, they still had the right to a fair trail (even if it required moving the trial hundreds of miles and killing the political future of several participants), the right to freedom from cruel and unusual punishment, and ultimately the right to a humane execution.
Taking on a more controversial issue, "gun rights" are a current hot topic but very, very few people dispute the concept of the right of individual self-defense. A person can walk nude through a neighborhood shouting that he's looking for (offensive racist epitath) (offensive sexist epitath) to (offensive sexual act) and he still has not only the right to be free from physical assault (meaning that the people who attack him will be charged with a crime), he has the right to defend himself with deadly force if necessary to save his own life. The fact that he was acting so irresponsibly that he would be facing serious prison time himself (for inciting a riot) doesn't diminish his right to defend himself one iota.
Now, applying this to the music industry, we see that the sale of an album to the consumer necessarily involves the right to listen to the music in the time and manner that the customer prefers. That is what customers expect and demand - every attempt to sell restricted media in exchange for a lower price has failed. (E.g., the unlamented "DivX" players.) Commercial use of the music clearly conflicts with the publisher's and artist's rights, but there is absolutely no justification for the music industry to claim they are "harmed" if I elect to transfer the content from a CD to cassette tape so I can listen to the song while commuting to work, or if I elect to transfer the content to an MP3 file that I can listen to with my laptop without risking damage to the original media.
Do some people abuse this technology? Of course. But that's completely irrelevant - the reason "rights" are so powerful is that the rights of a single person can (and often do) trump the desire of millions of other people for "convenience." These proposals would be convenient for the record industry, but they stomp all over the right of people such as myself to use CD burners and CD-R media to back up my computers and produce small-volume software releases without being forced to pay my hard-earned cash to a third party in exchange for absolutely nothing of value to myself. I would literally get more value from burning the cash in an ashtray - at least it would warm my house by a fraction of a degree!
UIDs aren't just required for shell access and mail. Most ISPs provide web space now, and some mechanism to allow the user - and that user alone - to modify the content. Maybe HTTP PUT, maybe FTP. The standard file systems ownership fields are one way to handle this if you're using the standard servers.
Since most ISPs operate interstate, I'm not sure if one state can regulate them.
Unless there's Federal law which supercedes this (which I doubt), the Michigan law will only apply to Michigan users. ISPs then face four alternatives:
1) The ISP ignores the law and tries to force the issue into court.
2) The ISP tells Michigan users that their service is terminated, effective immediately, until they elect some representatives with some common sense. Anomynity protects child molesters, but it also protects whistle-blowers, rape and other crime victims, even witnesses to crimes or people providing information about dangerous suspects and escapees.
3) The ISP decides to collect this information from Michigan users only... which is a bit problematic since it requires the users to identify themselves in order to determine if the users need to identify themselves. Maybe they could get around this catch-22 by only collecting this information when the "set up" call comes from Michigan. Since this option requires the most work, it's the least likely.
4) The ISP decides to collect this information nationwide... and prays that they never run into a set of laws that are mutually exclusive.
As for the issue of anonymous communications, there was an important case a few years ago where a man challenged the right of (LA?) police to stop him and demand identification while he was peacefully walking down the street. The Supreme Court ruled (unanimously?) that the police do <b>not</b> have the right to demand people to identify themselves unless there is some specific reason to suspect criminal activity. (Before you ask, the situation is slightly different if you're operating a vehicle. Drivers have to identify themselves, passengers have mixed rights.)
Another point to consider is that club membership is protected by the First Amendment. Racists were not able to get the membership lists to the NAACP in the 50s, and the Southern Poverty Law Center (?) was not able to get the membership list to the KKK (or a similiar group) a few years ago. Many small ISPs are actually communities that also happen to provide internet access and their membership information would be highly protected.
(Think rape victims, battered spouses, AA recovery groups, even environmentalists who discuss political rallies.) This is not absolute protection, but it's easy to see how the Michigan law could be "improved" in a few years to require each ISP to provide lists of users to police on a yearly basis... and that would clearly violate the rights of community-based ISPs.
I don't think there's any doubt that requiring people identify themselves, on the behalf of the police, while signing up for internet access will be found unconstitutional. An ISP can certainly make this demand on its own behalf, e.g., to ensure payment for services or in an attempt to avoid problems with known spammers, but many ISPs serve communities where such considerations are secondary.
Slashdot Mirror
Any robust networked FS needs strong central authentication. The alternative is NFS where any idiot with local root access can impersonate anyone else.
All existing applications will use the standard calls and either suceed or fail.
I think you're too quick to dismiss the idea of unified ACL tools, though. Could you imagine the chaos if the VFS didn't exist and you had to use "ls" on ext2, "dir" on dos/vfat/iso, "nls" on nfs, etc.? Can you imagine the pain of keeping track of which application works on each directory? Many people would prefer to see a minimal set of ACL semantics that work everywhere (if supported at all) than a more robust set that only works part of the time.
But the key point which I think you're missing is that you're thinking of ACLs as what lives on a Unix disk locally mounted. If you've mounted a NTFS partition, there is no "user/group" in the ACL, there's only a list of UUIDs. If you've mounted an AFS image, there's globally unique user-ids which may not correspond cleanly to your local users. (One thing everyone agrees on is that networked ACLs should not be vulnerable to the same trivial spoofing as NFS ownerships!)
Conceptually, all ACLs are doing the same thing so it should be possible to identify an abstraction. In practice, this hadn't been done at the time I last investigated the issue.
The application (which includes the tools for manipulating ACLs) have to know what semantics are supported.
If there's a single VACL layer, any application that supports one underlying FS will support all.
If there's multiple ACL layers, then you'll need separate tools for each type of filesystem. This means you have to know what FS you're residing on. This is a Bad Thing (TM).
I haven't been following the kernel discussion for some time, but I recall that there was some concern over how to handle ACLs.
The problem is that Linux supports a *lot* of different filesystems, and they often have different ACL semantics. (Think standard Unix ACLs, NT ACLs keyed by UUIDs, and network FS ACLs.) The way to implement any single set of semantics is obvious, but the way to implement a virtual ACL level so you can hide the details from applications is not.
Until this has been figured out -- or the cost of maintaining multiple ACL semantics outweighs the cost of not having ACL support -- all of the ACL patches will remain outside of the main kernel tree.
It sounds like the initial consent was invalid and the GPL is not binding on the code you released.
However, I must admit that my eyebrows went up with the stated intention to incorporate this code into a proprietary system. I know that the government often pays for initial development and turns the results over to a company for deployment, but those companies are usually involved from the start.
More generally, software (and all IP) developed with public money generally belongs to the public. It isn't always released, esp. if it involves national security, but it doesn't sound like that would apply in this case.
Perhaps it's time to investigate a FOIA (Freedom of Information Act) filling. Not because you could use the code obtained by it, but to establish that the code *is* the legal property of the US Government, not a company. A FOIA would also uncover if the software was developed by public funds and improperly given, exclusively, to a private concern. This should give you enough information to take it to your congressman - and local investigative reporters - for further action.
(Finally, for the anal among us IANAL. Get over it - no sane person gets their legal advice from slashdot. Our function is to raise issues that can be pursued further with local counsel.)
You might be surprised. When I was playing with a local news spool I had to reformat the partition because I ran out of inodes. At the same time I dropped the blocksize from the default 4k to 2k, and recovered nearly 1 GB out of a 4 GB partition.
Further research showed that the average file size was around 5k, so it required 8k of disk space (3k unused). A 2k blocksize required 6k of disk space (1k unused). A 1k blocksize freed up even more space.
If you have a lot of small files you can eat up a surprising amount of disk space in the tail of your files.
Memory is recoverable from DRAM/SRAM for some time. Not trivially, but it takes a long time for the electron density in all of the cells to return to a statistically meaningless state.
An excellent example of this was the recent Concorde crash. I recall reading a little blurp about how it used a solid state memory data recorder which had lost power... yet the investigators were still able to extract most of the information from it.
Like all questions with security, the answer depends on your threat. Ensuring data isn't recoverable by your spouse or parents is very different from ensuring it isn't recoverable by a TLA.
PARENTS: <code>dd if=/dev/zero of=/dev/hdc</code> will make the disk appear empty to anyone who uses the standard access hardware.
TABLOID JOURNALISTS: you'll probably want to use one of the multi-pass programs. Civilian data recovery sites might still be able to pull up the data, but multiple writes (properly done) will make it expensive enough to discourage most people. If the material is sufficiently sensitive (e.g., you're protecting medical records of celebrities and the tabloids have been caught dumpster-diving) you might want to proceed to the next step.
TLA: big vat-o-acid to dissolve the platter. Forge to heat the platter to melting temperature, or at least hot enough to completely scramble all magnetic domains. Heavy duty sanders, again producing enough heat to scramble any magnetic domain that survives the abrasion and magnetic fields in the motor.
ALL: don't forget that data rarely exists in only one place. It's a waste of time to carefully scrub hard disks, yet toss backup CD-Rs into the trash as-is.
This occured in Korea, but in the US the part of any business that deals with the public (e.g., everything up to the McDonalds counter) is a "public accomodation" and they can impose very few restrictions on the public in that space. It's not as "free" as a public park, but it's not as restrictive as office or industrial spaces.
The space behind a counter is not a public accomodation and McDonald's could have anyone there arrested for trespassing, no matter what they're wearing, but they can't say anything about a peaceful group wearing PETA shirts in the order line. They can ask protesters waving signs to move on, but only because they're disrupting others and only to the extent that they ask other protesters to do the same.
Finally, telcos in the US are "common carriers" and <b>required</b> to carry all content, in exchange for immunity to conspiracy charges for the same. If a DSL drops a customer's service because he criticized their policy, then that same DSL may find itself named codefendant to a murder conspiracy charge because they permitted other customers to discuss a planned murder.
The university's actions will certainly impose a modest burden on the student's political speech, but it doesn't seem to be an unreasonable one.
One nit: health club memberships are actually two contracts, one to get access for N months for X dollars, and a second financing contract to spread those payments out over N months, plus interest. The contracts are completely unrelated, which is why some people have been forced to pay for their membership for years after the health club itself closes.
The connection with software subscription is that the software may be sold in the same way - pay X dollars for N months of access, and if the software is unusable for any reason (e.g., you had a disk crash and had to reformat/replace it, changing the SDMI(?) keys then you're SOL - you'll have to buy a second, separate subscription).
Something that my friends and I have seen happening with alarming regularity is companies waiting until the first day of employment to do all of this paperwork. The intent is clearly to wait until the new employee is committed - he's already quit his previous job and not able to return to it - before springing these restrictive terms on him. Few "permanent" employees can afford to walk away at that point. (Contractors, on the other hand, often can.)
The solution is straightforward - ask for copies of the NDAs and such before accepting any offer. If they hesitate, it's a giant red flag. Ditto any attempt to substitute different agreements for the ones you were given.
I've never claimed that these groups never carry obscene material, only that when I investigated there was nothing but cross-posted spam. One data point, years out of date, but more than what most other posters were offering.
Obviously the situation is very different if there's a significant amount of obscene material in the group. But that's something that needs to be investigated - simply deleting groups because of their name or an isolated article opens the door to broad attacks on "undesirable" sites. The last thing we want is to implicitly encourage posting this type of material because it's the fastest way to shut down something like alt.abortions or talk.politics.guns.
Assuming that the details involved articles in the local news server spool, what exactly do you want the ISP to do?
....
Delete the offensive articles? No problem.
Delete the offensive newsgroup? Big problem. Do you delete the entire comp.os.linux.* hierarchy because some idiot spams it with a single explicit picture? A dozen? What about the soc.motss.* hierachy? The alt.pagan.* groups? The soc.catholicism.* groups?
Oh, you said that this is different because it was (at a guess) alt.binaries.pictures.erotica.pre-teen.hardcore? Have you actually looked at the content of that newsgroup? I have, before complaining to *my* ISP, and determined that there was literally nothing there (at the times I checked) which wasn't cross-posted to every other abpe newsgroup. Damn spammers! But since I didn't see anything other than "hot 14-year-old babes" who were clearly old enough to have 14-year-old daughters I didn't see any reason to contact my ISP.
On the one hand, there's nothing "there" so I shouldn't mind if the newsgroup is deleted. On the other hand, I've seen far too many people who don't understand why gay or (legitimate) pre-teen sexuality or wiccan/pagan or illicit drug information or any of a dozen other topics shouldn't also be banned. After all, "in this state sodomy is illegal (and it's against God's law everywhere)!" and "in this state the age of consent is 18 so no teenagers are fucking other teenagers and that's why the schools give absolutely no sex education lessons" and "drugs are illegal so nobody is taking them and therefore nobody needs to know how to recognize their friends are overdosing" or
Of course the ISP should remove specific articles containing obscene material. (Arguably, it should have forged a "cancel" message for it, so it would have been deleted from other servers as well.) The ISP should have probably had somebody monitor the newsgroup for a while after the complaint.
But it does not follow that it should have immediately deleted that newsgroup, or entire hierarchy, or entire fscking news server, because some of the articles were obscene.
As others have pointed out, this is a common practice.
However, you need to watch for the devil in the details. Reimbursement should only be required after voluntary separation, not after being laid off or fired. Your company might usually let this slide, but if it's in bankruptcy the creditors may demand it go after *everything* it legally can, including laid off employee's educational expenses.
Another "devil" is the details of what's to be reimbursed. Is it your out-of-pocket expenses that were covered (e.g., for a college course), or the company's out-of-pocket expenses (e.g., airfare and the like paid for directly by the company)? What about your salary, if training occured during working hours?
Have you actually looked at these groups for yourself? I mean really looked at it - how many articles are cross-posted spam, how many articles are individually-posted spam to multiple groups?
There's not much "there" there. I'm tempted to say there's nothing there.
All a newsgroup-name based ban would do is establish a precedence for banning newsgroups on the basis of their name, not specific objectionable content.
A slightly simplier problem can give you insights into possible solutions. How do you manage a distributed file system? That is, something that looks like a single file system but can operate and recover from partitioning?
There are a couple solutions, but all (iirc) in turn ultimately reduce to an even simplier question: how do you manage distributed messaging? A classic example of this is "buy" and "sell" orders in a distributed stock exchange - there needs to be some way of ensuring that all parties can agree on <b>the</b> ordering of all messages. Disagreement on ordering can have major ramifications since it can affect the price paid, possibly even whether the stock was obtained at all. Likewise, ordering of file systems reads and writes can determine what gets written to disk and/or what gets fed to running applications.
Once you have that, you can start looking at recovery issues in filesystems. IIRC, all come down to a question of how many systems you write data to, and how many systems you read data from. When you read data you'll often get multiple versions of the same information (because of update latency) and you need to know how to determine which is the most current.
The two extremes are "everyone has everything" (total replication) and "only one server has each item" (multiple independent and disjoint servers). Depending on expected loads (esp. the ratio of reads to writes) you might see a policy of reading from a third of all systems, writing to 2/3 of them. No system will have all data, but all will have most.
All of this points to an unstated assumption in your question. "Distributed" means more than one thing - to someone who has studied algorithms they usually refer to designs that maximize availability despite network partitioning (e.g., line cuts or court injuctions against some servers). These algorithms require substantial, if not complete, data replication.
To many people, "distributed" also means what we would call "partitioned" algorithms where multiple sites work on a small part of the problem and the results are combined later. Examples are factorization efforts and SETI-at-home. These algorithms don't require replication, but they are highly vulnerable to partitioning.
What problem are you trying to solve with this distributed database?
This is fairly risky. You didn't specify the type of work you do, but the employment law (and case law) was all written around situations like inside sales agents moving to a competitor and taking clients, technical recruiters moving to a competitor and taking clients, etc. If your services are "sold" to the clients in any way, you might be covered by the state's general "Faithfulness and Fidelity of Employees" laws (or whatever it's called in your state) - checking your employment contract (if any) and employee handbook (if any) may not be enough.
The general rule is that former employees should not contact former clients for N months (or years), although it is somewhat more acceptable if the clients contact them. But if you've been discussing taking a job with them, a claim that you quit to work on your tan and this client tracked you down and offered a job won't hold much water in court.
However, from what you said it's possible that your current employer sees this client as a pest and won't care if take them away. But they might protest because they want you to stay for other clients. They might not be able to force you continue working for them, but they might be able to prevent you from working for their former client.
This is one case where you really should consult a local lawyer. Second best would probably be asking to speak to your company's HR person "in confidence" and explaining the situation - do NOT say you're definitely leaving, but essentially give them a "right of first refusal." They can still be assholes, but you'll be in a better position if the companies start fighting. And you might get lucky - the HR person may be competent and offer to investigate how your current employer will respond without identifying you specifically.
Infidel! This only works on DOS/Windows systems!
Asking the question that everyone else seems to be missing, was OpenSSH named after SSH-the-application or SSH-the-protocol?
For countless reasons, I'm sure it's the latter. But that begs the question of why SSH-the-company was so incredibly incompetent that they named SSH-the-protocol after SSH-the-application even though virtually all servers and clients try to incorporate their protocol into the name. TELNET, FTP, FINGER, PING, HTTP(D), etc. Sendmail and bind are two notable exceptions, and of course this can't apply to multiprotocol clients (e.g., Mosaic, Navigator/Commuicator).
OpenSSH, to me, says one thing and one thing only - that it's an "open" implementation of the "SSH" protocol. It has absolutely no connection to SSH-the-program or SSH-the-company other than the historical curiosity that the latter originated the protocol and is pushing it on the standards track. (Something which is undoubtably dead in the water until they (SSH, not ISO) pull their head out of their corporate assh.)
If SSH-the-company wants to keep the identity of SSH-the-program distinct from SSH-the-protocol, they should change the name of SSH-the-program.
Local rec centers are often nightmares.
:-), the local rec center was very non-responsive to complaints. Eventually there was strong evidence that someone was taking pictures in the women's locker room.
Skipping the details (partly because I've forgotten them
The response? A rewritten waiver that made it clear that patrons could be photographed ANYWHERE IN THE FACILITY and they gave permission for this. Only people following the news would know that this included the shower, the toilet, and other areas where most people expect privacy.
Another part of the waiver was an acceptance of all risk on rec center sponsored events. I can accept the need to protect the facility from lawsuits because, e.g., someone felt that they didn't really need to have a physical before joining a high impact aerobics class. But this disclaimer looked like it would also cover an accident on an art gallery tour caused by a drunk driver employeed by the city, someone injured by a lightning strike because a nature hike tour ignored numerous warning signs of an approaching storm, and other clearly negligent acts.
I doubt you'll get anywhere with the bureaucrat running the Rec Department. You might, but it's unlikely. You should probably expect to speak at city council meetings and hope someone will listen. But the city is dealing with some legitimate concerns (minors need parental contact information, most other people desire emergency contact information, the feds provide a lot of funding and demand proof that the money isn't being used at a de facto country club).
Bob O. Roberts, a senior officer of the largest soda vending machine, announced a major PR initiative to fight "free soda" policies common at many companies, most notably Microsoft.
"These companies claim it is just a cheap HR trick that the inhabitants of the cube farm really suck up", Roberts claimed, "but they overlook that this kills a lot of entry- and mid-level support jobs. With a vending machine, you have the guys working in the factory making the vending machines, you have the guys on their runs stocking the machines, emptying the change box, etc. You have repairmen. You even have a white colar sales force. That's a lot of jobs, many of them some of the few jobs still available to working class 'joes' without a college diplomma, that these companies are wiping out by having an intern run over to Costco to stock up on soda to just GIVE OUT to the employees!"
Roberts continues: "what made America the leading industrial power? Was it white collar workers sipping free drinks in their office? Hell, no, it was INDUSTRY. Henry Ford and his mass production assembly line! Steel mills! Railroad lines stretched from coast to coast! None of those workers got free soda from their boss! They all paid for what they got, supporting additional jobs, and that's what made this country great!"
Microsoft executives refused to comment on this story.
In order to have rights, a creature must also be responsible
This is absolute crap. Rights are never "absolute" in the sense of one right always trumping another, but they ARE absolute in the sense that all humans retain these rights no matter how irresponsibly they behave. That's why they are call "rights," not "concessions."
The classic example from the past few years is the Oklahoma City bombers. Despite their actions, they still had the right to a fair trail (even if it required moving the trial hundreds of miles and killing the political future of several participants), the right to freedom from cruel and unusual punishment, and ultimately the right to a humane execution.
Taking on a more controversial issue, "gun rights" are a current hot topic but very, very few people dispute the concept of the right of individual self-defense. A person can walk nude through a neighborhood shouting that he's looking for (offensive racist epitath) (offensive sexist epitath) to (offensive sexual act) and he still has not only the right to be free from physical assault (meaning that the people who attack him will be charged with a crime), he has the right to defend himself with deadly force if necessary to save his own life. The fact that he was acting so irresponsibly that he would be facing serious prison time himself (for inciting a riot) doesn't diminish his right to defend himself one iota.
Now, applying this to the music industry, we see that the sale of an album to the consumer necessarily involves the right to listen to the music in the time and manner that the customer prefers. That is what customers expect and demand - every attempt to sell restricted media in exchange for a lower price has failed. (E.g., the unlamented "DivX" players.) Commercial use of the music clearly conflicts with the publisher's and artist's rights, but there is absolutely no justification for the music industry to claim they are "harmed" if I elect to transfer the content from a CD to cassette tape so I can listen to the song while commuting to work, or if I elect to transfer the content to an MP3 file that I can listen to with my laptop without risking damage to the original media.
Do some people abuse this technology? Of course. But that's completely irrelevant - the reason "rights" are so powerful is that the rights of a single person can (and often do) trump the desire of millions of other people for "convenience." These proposals would be convenient for the record industry, but they stomp all over the right of people such as myself to use CD burners and CD-R media to back up my computers and produce small-volume software releases without being forced to pay my hard-earned cash to a third party in exchange for absolutely nothing of value to myself. I would literally get more value from burning the cash in an ashtray - at least it would warm my house by a fraction of a degree!
UIDs aren't just required for shell access and mail. Most ISPs provide web space now, and some mechanism to allow the user - and that user alone - to modify the content. Maybe HTTP PUT, maybe FTP. The standard file systems ownership fields are one way to handle this if you're using the standard servers.
Since most ISPs operate interstate, I'm not sure if one state can regulate them.
Unless there's Federal law which supercedes this (which I doubt), the Michigan law will only apply to Michigan users. ISPs then face four alternatives:
1) The ISP ignores the law and tries to force the issue into court.
2) The ISP tells Michigan users that their service is terminated, effective immediately, until they elect some representatives with some common sense. Anomynity protects child molesters, but it also protects whistle-blowers, rape and other crime victims, even witnesses to crimes or people providing information about dangerous suspects and escapees.
3) The ISP decides to collect this information from Michigan users only... which is a bit problematic since it requires the users to identify themselves in order to determine if the users need to identify themselves. Maybe they could get around this catch-22 by only collecting this information when the "set up" call comes from Michigan. Since this option requires the most work, it's the least likely.
4) The ISP decides to collect this information nationwide... and prays that they never run into a set of laws that are mutually exclusive.
As for the issue of anonymous communications, there was an important case a few years ago where a man challenged the right of (LA?) police to stop him and demand identification while he was peacefully walking down the street. The Supreme Court ruled (unanimously?) that the police do <b>not</b> have the right to demand people to identify themselves unless there is some specific reason to suspect criminal activity. (Before you ask, the situation is slightly different if you're operating a vehicle. Drivers have to identify themselves, passengers have mixed rights.)
Another point to consider is that club membership is protected by the First Amendment. Racists were not able to get the membership lists to the NAACP in the 50s, and the Southern Poverty Law Center (?) was not able to get the membership list to the KKK (or a similiar group) a few years ago. Many small ISPs are actually communities that also happen to provide internet access and their membership information would be highly protected.
(Think rape victims, battered spouses, AA recovery groups, even environmentalists who discuss political rallies.) This is not absolute protection, but it's easy to see how the Michigan law could be "improved" in a few years to require each ISP to provide lists of users to police on a yearly basis... and that would clearly violate the rights of community-based ISPs.
I don't think there's any doubt that requiring people identify themselves, on the behalf of the police, while signing up for internet access will be found unconstitutional. An ISP can certainly make this demand on its own behalf, e.g., to ensure payment for services or in an attempt to avoid problems with known spammers, but many ISPs serve communities where such considerations are secondary.