The "Bible Code" isn't cryptography. Well, not cryptography by mere mortals.
Anyway, the idea behind the Bible Code is that the first five books of the Bible were dictated to Moses by God, as tradition says. If you take every Nth character (skipping spaces?) you will get words scattered among the garble. That's standard statistics and nobody sees any significance in it.
The "Bible Code" explores the shocking, *shocking*, discovery that if you look at *two* different periods you occasionally get words that intersect and are actually meaningful. E.g., you might see something like
H K I L L S T L E U R O P E R
Except it would actually look like a scrabble board. Why does/. always strip leading spaces, even when us silly posters use 'pre' tags? Anyway...
Cue spooky music. The authors made a big point of the fact that they warned the late Israeli leader Rabin (?) that his name appeared with "assassinate", but the warnings were ignored. This is a "prediction" like that skeptics demand, right? Not really. The problems with the Bible Code are:
1) there are often multiple hits on the same concept. BC supporters claim that it's proof of humanity's free will, but many of use are skeptical.
2) there are a lot of garbage hits (e.g., something along the lines of "Hitler" and "peacemaker".) Oh yeah, that's free will again!
3) the same algorithms applied to modern texts produce similar amazing hits. I remember one of the skeptic magazines discussed the amazing prophecies encoded in Moby Dick.
In my view, one shared by many statisticians, the Bible Code is nothing more than proof that if you look hard enough you will eventually find a monkey wildly typing away at "Romeo and Julies". If you assume the first five books of the bible contain 2^16 symbols, then explore every pair of periods between 2 and 2^12 (so you'll get sentence of at least 16 characters), you'll have a sequence of (approximately)
2^16 * (2^12) * (2^12)/ 2 = 2^39
symbols, or on the order of one trillion symbols. No wonder it takes powerful computers weeks to find "meaningful" combinations. It's not because God hid His message well, it's that the message space is so huge.
We're all in a church group preparing meals for the homeless and invalid. We all donate food with the understanding that it will be given away for free to anyone to asks for it. Bill Gates could get a free meal from our group, if he wants it.
Bob, a local restaurant owner, offers to give us excess food. This is perfectly fine food, but he can't use leftovers in his four-star restaurant.
Would you claim that you can't use Bob's food because he "discriminates" against his customers by charging them for their meals? Or would you recognize that Bob isn't a single-dimensional caricature of a wild-eyed zealot and he doesn't have to follow an arbitrary standard in all things? Hell, would you even consider the possibility that Bob really wants to serve meals to the homeless and his restaurant is simply a way to acquire and pay for the high quality food for the homeless?
Speaking for myself, my reaction when seeing responses like yours is that the GPL isn't worth the trouble. IIRC the BSD license is still DSFG free but is a lot more tolerant of pragmatic coexistence with unenlightened businesses.
I haven't read the license in question, but it sounds a lot like what I plan to use on the bigger projects that my company produces. Assuming I ever get anything out of the door. (Alternating between paying contracts and OSS projects sounded so easy a year ago...:-)
You can use the code, as is, for free.
You can modify the code, for free, provided you "pay me" by releasing your changes back into the community. (If the changes are substantial and worth folding into the main tree, I'll license the changes from you so I can re-release them under the terms below.) It's important to note that this is a pure GPL license.
If you really, really want to keep your changes "secret," you can pay me in hard cash instead of published code. I prefer code. The licensing rates will make it clear that I prefer code. But if you're unwilling to consider a GPL license, I'll work with you if that's what it takes to keep you from using a totally closed solution. I'm tempted to call it "BSD-for-a-fee" licensing, but that would simply confuse people.:-)
In any case, I don't expect to make money from my OSS projects.... but I *do* expect to make contacts for bigger projects and higher rates. Even without any projects getting beyond early beta, I've found the experience of working full-time on a project has already paid profound dividends on my current (for-profit) job.
It's so late that much or all of this might be garbage, but I thought Xerox invented ethernet (physical layer) and Metcalfe invented TCP/IP (transport layer). The early Xerox networks ran XNS (Xerox Network Service?)
They're a bit retentive about not being able to install their software on your computer and see it work before they leave...
The flip side is US West. They closed my DSL installation order without my signoff. Or a physical check at my junction box. Or hell, even bothering to tell me -- I would see the WAN LINK on my DSL modem, right?!
Wrong. They screwed up the order and I did *not* have DSL service. But the last, and nearly the only, communication I had from them was that my order was delayed due to lack of equipment. So I "had" DSL service for two months before I flaked out and canceled it, right?! (That's why I have to file a formal complaint with the PUC, so the records will show that I waited three months before cancelling the order for nonperformance, not that Linux users are flaky and technically incompetent.)
Re:Hoax or not, there's a point here...
on
Jesux is a Bad Pun
·
· Score: 1
Why couldn't a parent simply use root access to read their child's files, if they felt it necessary?
As I mentioned elsewhere, doing a real two-level hierarchy that allows the parents to read the child's files, but not each others, is a two-line addition to each file system driver... but I still think it's a silly change. I do think that crippled accounts which can only read files they own, regardless of permissions, might have general usefulness for daemons and *maybe* young children (provided you leave hooks for programs!)
I had a university account with usenet, ftp, and mail access in 1983-84. It was a very different world; I might still have a hardcopy map of the entire internet (necessary for manually routing our own mail) around here somewhere. The 1000 or so sites were connected with the best of ASCII artwork and fit into one or two 11x17" DEC WRITER sheets.
Excuse me, I hear the nurse announcing last call for Geritol...
Re:I know I'm taking this too seriously, but...
on
Jesux is a Bad Pun
·
· Score: 1
I'm tempted to build the micro-distribution just for the Eristean energy of it all. It really wouldn't be that hard, and it would be oh-so-easy to toss in little surprises.
E.g., add "mad sniper" code into xterm. It's normally okay, but if uid=0 and pid = 666 then it quietly starts killing other jobs at random and printing taunts in the term window. (Naturally uid=666 cannot be assigned to anyone.)
Or slip in code so that every so often the Biblical quotes are in Hebrew or Greek - in the correct alphabet.
hierarchical file system... maybe easy to set up...
Two lines of kernel code per file system. And that's with the patch done "right" (e.g., having root-like powers over your children's files don't give you similar privileges over your spouse's files.)
I don't think this particular patch is useful, but it gave me ideas for an unusually crippled UID that can only read its own files - it can't even read 0777 files that it doesn't own. This might be useful for network daemons - even if you trick them into sending/etc/passwd, they can't read it.
Ah, but did MS *intend* for hard links to exist in NTFS? Your phrasing leaves that open to question. I've seen hard links under MS-DOS, and it was not pretty.
The details involve MS-DOS hacking (yes, it was done). Some people wrote directory access routines that worked with BIOS calls, and they discovered that they could implement *very* effective write-protected files by writing the file names in lower case letters. Someone else made hard links by having multiple directory entries point to the same FAT entry for the file. This works find until someone deletes any of those files (or directories) and the FAT entry is marked "available for reuse."
Some of the scientists on the Manhattan project didn't want to see the bomb used on Japanese cities; by that time they felt it was clear that Japan would soon surrender and they felt using the weapon was unnecessary. I think one actually quit his job, others simply wrote letters to the President.
This wasn't an entirely pointless position. Nobody doubted that a U-238 bomb would go critical, but U-238 is *extremely* expensive to obtain. (It's something like 0.5% of all uranium, and you can't separate it by usual chemical processes.) In military terms, a few U-238 bombs were worthless because of the "what happens if we use them all and Japan still doesn't surrender?" factor. That's why Tokyo was 3rd or 4th on the list - if it was taken out first the surviving military commanders might not have felt they had the authority to surrender. But if the government refused to react to the first few bombings, it would seem unlikely that their position would change.
Plutonium was easy to produce and extract in a reactor, but nobody knew if they could make a plutonium bomb go critical. Trinity was a test of a plutonium bomb, and when it denotated the US knew that it could drop a few bombs a week on Japan for as long as it took to force them to surrender.
But had trinity failed, nuclear weapons would be remembered as a historical oddity - something that worked but was so expensive all you really did was get a *really* motivated enemy. Until some graduate student ran a good simulation on his computer.... (A lot of the value in the superpower 'codes' is being able to make a big bang with little plutonium, to make it easy to fit several of them on top of an ICBM. But if you don't mind using 10 pounds of flour for a cupcake...)
BTW, I know that many more people died in the firebomb attacks than in both Hiroshima and Nagasaki combined, but did you know that a senior US officer (can't remember his name) demanded that Kyoto be removed from the initial target list? He had spent time there before the war and understood that destroying it would be a grievous harm to the Japanese spirit. He won the argument, it was moved into the second wave with Tokyo.
Underwater nukes... barely made a wave large enough to wiggle those battleships...
Don't confuse shallow- and deep-water waves. In shallow water the "wave" actually extends to the bottom and the excess energy is manifested as water piling up on the surface. In deep water the energy is held in moving hundreds or thousands of feet of water up a few feet.
As I recall those underwater nukes were in deep water. (Many pacific atolls are actually the top of very high, very steep underwater mountains and act like "deep water".) And at least some of those tests were used to evaluate submarine survivability to nuclear torpedoes. Those surface ships only survived because there's very poor energy transfer across the water-air boundary.
As for this idea... it was a very different time. Americans today tend to remember Pearl Harbor but not Nanking or the Korean occupation, nor the mothers jumping off of cliffs with their small children because the American forces were approaching. Anything to help reduce the inevitable (at least to the planners) million+ Allied deaths from the invasion would be welcomed.
A lot of these responses aren't making a clear distinction between non-Win9x "support" and "tolerance." It's reasonable for a company to say that "if you don't run software X.Y.Z we can't offer you help ON YOUR SOFTWARE," it's a far different thing when the company acts like they have *no* responsiblity to answer *any* question if you aren't running that particular program.
As others have pointed out, the bottom line is that *every* network connection comes down to a handful of parameters which easily fit onto an index card. Either the company can provide them or they're blowing smoke and *can't* be trusted. Period.
(That said, some networks, esp. cable modems, use additional authenication methods. But again they should be able to concisely describe it ("kerberos with extensions) instead of waving the magic "proprietary software" wand.)
You've overlooked something important. In Unix, directories are nothing more than pointers to independently managed files and there is *not* a 1:1 correspondence.
Is the file "A" deleted? Nope, you can still access it via the hard link established in/tmp/bar. (Symlinks would be lost, of course.) To a Unix filesystem that file is an equal child of *both* (or all) subdirectories.
I don't know about the internals of NTFS, but earlier MS filesystems did not have the concept of a hard link. Well, not intentionally. Hard links change your semantics in some pretty odd ways, at least when you first encounter them. For instance, in this case the person might be able to delete the file entirely, but he can't change its contents.
Today, hard links are still used. IIRC, gzip uses a couple hard links to a single executable that behaves differently according to the value of argv[0]. If it's 'gzip', it compresses a file or stdin. If it's 'gunzip', it decompresses a file. If it's 'gzcat', it decompresses stdin.
There's a *huge* difference between having your SSN on an ID card in your wallet and having it on a badge which must be visible at all times.
Reducio ad absurdum: I can sit outside of a college campus all day and never learn a single SSN as the students and staff stroll by. I can sit outside of this school with a camcorder and obtain *every* SSN, get a good physical description, etc.
This is not a trivial issue. Suppose Bob has a thing about 10-year-olds. Everyone has been warned about strangers like Bob, but Bob sat in a car a few days ago and got the SSN of several potential victims. He looked up their name on any of several sites that provide this service for a modest fee. Now he asks Heather for help finding his lost kitten *by name* and claims to be a neighbor whom her parents know - how else could he know her name?
It's precisely because of people like Bob that Congress (or the DoE?) decided to prohibit public disclosure of personally identifiable information. IIRC, it was a response to problems, not a blue-sky scenario, and with this system it is only a matter of time until someone exploits this oh-so-brilliant strategy and rapes a child.
The idea of a "Microsoft only" university, at least in the technical disciplines, reminds me of the occasional news stories about former students suing their schools for failure to provide the promised education.
Schools develop reputations based on the quality of the student they turn out. Likewise, development environments develop reputations based on the quality of the developer that they produce. Linux hasn't exactly been the easiest platform to work in (although it that is changing)... but it's been an excellent training ground for developers that can handle almost anything.
MS tools tend to produce developers that have glaring weaknesses. In my experience, a MS developer seems far less likely to consider possible failure modes and is far more likely to give up when confronted by difficulty. More than one, with handed a bug report, has shrugged his shoulders and said it's probably a OS error. Or a library error. Or a mismatched shared library. It's certainly not worth *his* time to investigate. Compare that to the average Linux/Unix programmer who generally accepts that the OS and libraries are probably correct and that the problem is his responsibility.
So what, we should judge everyone as an individual? I agree 100% -- unless you're talking about screening 300 resumes for a single slot. Toss out the non-starters and you have no more than than 20 resumes. Still too many to interview all of them, how do you decide who's worth bringing in for an interview? For better or worse, in any non-MS environment there's a strong predictor of problems: primary MS experience.
If that's a problem with people with general university educations but MS work experience, I don't want to think about what Micros~1 University will produce. And when I'm deciding who to bring in for an interview, or who gets the job offer, I won't. Once they're employed I'll worry about the individual, but until the offer is accepted I have to use the best predictors I have. A MS-U degree is definitely a predictor....
Did I mention another of my graduate classes was chaotic dynamics?:-)
The very definition of "chaos" is high sensitivity to changes in the initial conditions. If a weather front appears in the same place (within the resolution of the data grid) on all 120-hour forecasts despite a reasonable variation in the initial conditions, you can be pretty sure it isn't in a chaotic realm and your forecasts will be fairly accurate.
On the other hand, if a modest amount of variation in the initial conditions result in wildly different predictions, the system is obviously in a chaotic realm and you can't make decent predictions.
As odd as it sounds, for something as large as a planetary atmosphere it's quite reasonable for parts of the system to be chaotic while other parts are boringly predictable. That's why they were starting to compare the predictions from different models, the same models with slightly different initial conditions, etc. That might give the appropriate officials enough information to decide to evacuate a coastline (at $1M/mile), or to hold off another 6 hours since the computers predict the storm will turn away.
P.S., the models do make mistakes, but fewer than you might expect. It's been years since I've thought about it, but as I recall most models work in "isentrophic" coordinates and are mapped to the coordinates that humans care about at the last step. The biggest problem has been the resolution of the grids; when I left I think the RUC model was just dropping to 60km; by now it's probably 40 or 30km. To get good mesoscale forecasts (which cover extended metro areas, and should be able to predict localized flooding) you probably need a grid with 5 or 10 km resolution.
I worked at FSL for several years, although on a different project. I knew people working on the weather models, and I took a class on parallel processing from the CU professor who shared the old Paragon supercomputer with NOAA. I even had an account on the Paragon briefly (for that class) after leaving NOAA.
NOAA needs to solve partial differential equations (PDEs). A *lot* of PDEs. My class spent a lot of time on solving numerical methods, and my entire undergraduate class in the early 80's was covered in the first lecture of my graduate class a few years ago. My Palm Pilot, running multigrid analysis, could beat the pants off a Cray-XMP running the best known algorithm from 15 years ago.
AI programs may not scale well, but the type of work done at NOAA *does*. Furthermore the hot topic a few years ago was applying some ideas from chaos theory to weather forecasts - take a dozen systems, insert just a little bit of noise into the initial data (essentially, instrument noise in your observations), then let them all run. If all models show the same weather phenonema, you can be pretty sure that it will occur. If the models show wildly different results (e.g., Hurricane Floyd slams into Key West in one run, but NYC in the other) you know that you can't make any firm predictions. As an educated layman's guess, I expect that the reason the hurricane forecasts are so much better than just a few years ago is precisely this type of variational analysis.
At the risk overgeneralizing a complex topic, I think the reason why rich geeks rarely buy shiny pebbles with their wealth is because of our experience with computer gear.
In a spare bedroom I probably have about $200 worth of excess computer gear. I easily spent over $10,000 for it. Not much more than a decade ago I paid $500 (over $2000 in terms of today's salary) for a 40 MB hard disk *and was happy to get it at that price* I have a $3000 system which I can't give away today. Fortunately all I have from the 70's are old issue of _Byte_ magazine with ads for 360kb floppy drives for over $1000, or memory at $100+/*KB*. (This is why I roll my eyes when someone is shocked that my main system is "only" a 266 MHz P-II with 256 MB.)
Outside of the computers, my major expenses have been things like TVs and microwaves. The price of each today is less than half of it was in 1984, about 1/10th when you consider salary. Cars? You buy them then drive them until the cost of repairs exceeds the cost of car payments.
In this environment, you feel deep in your gut that money spent on objects is money lost. This isn't always true, but it's certainly true of the baubles most newly rich like to buy. I'm not surprised that most rich geeks aren't interested in buying material objects for their own sake.
(BTW, I'm not a millionaire but I did get a significant inheritance a few years ago. I replaced a 10-year-old car, installed central A/C in my condo, and had LASIK surgery. All boringly utilitarian uses.)
Microsoft will find it far easier to export W2K (which includes e&e Kerberos)
My company *might* be able get an export license for a Kerberized Linux distribution. Or it might not, since my company is still at the "one person in the garage" stage. Red Hat wouldn't have this problem, but if the export license prohibited export of source code they're still dead in the water due to the GPL.
Debian wouldn't have a snowball's chance in Redmond of being able to carry my (US) Kerberos packages on their pages.
To me, this proposal is proof that "social engineering" isn't limited to crackers. This proposal will get industry lobbyists off the administration's back, and it gives them the perceived moral high ground on the Sunday morning talk shows. ("We've removed all but token obstacles to American businesses competing in the world market. Only drug running child pornography terrorists will be impacted, and We Don't Want To Help THEM, Do We?!")
WE know that it also hurts us, but we also know that we're all a bunch of pinko communists. Just look at the "exposes" that appear on a regular basis.
Finally, as others have pointed out Executive Orders can be rescended, often with no basis in reality. E.g., I'm still showing my passport to board domestic flights because TERRORISTS BLEW UP TWA 800. That theory has been discredited for years, but the EO that grew from it is still in effect. I would not be surprised if this EO blocked passage of SAFE, then in 6 months some crisis is manufactured which justifies slamming the door again. Naturally products with licenses (e.g., W2K) will be grandfathered.
Your friendly bank does not send you an unsolicited credit card because the courts (at least in the US) have held the contract is unenforcable. One concern was that credit cards could be stolen from the mail without the person's knowledge, and if the card was unexpected and from an unknown company the consumer/victim would have absolutely no clue there was a problem. A second concern was that many people would not be familiar with credit cards (in the 60's, as I recall) and they could incur substantial liabilities without realizing it.
They can, and do, send you "preapproval" letters that only require you to confirm some information and sign it. Someone can still steal these letters and forge you signature, but theft and forgery are already crimes.
It is legal for a company to issue you a replacement card without prior notice, but it runs the risk of pissing off customers. A bank manager quietly told me that a full third of the customers, including myself, closed our accounts after our bank was bought out and the new bank decided to issue "debit cards" (pre loss caps) to replace "atm cards" without prior notice or consent. It was rude, crude, and socially unacceptable, but legal.
Back to the "generous" NetSol offer, I am outraged. And not just because they keep making me these wonderful offers yet are incapable of changing my contact informaton despite repeated requests.
The currency on much of the net today is reputation, and NetSol's indifferent disregard to the consequences of its actions is as shocking to our sensibilities as the 60's banks disregard to the consequences of it's far-too-open credit card policy was to their peers. Of course nobody should automatically assume that the NetSol accounts are actually controlled by the person whose name appears on them, but a lot of people will. Unlike most (all?) other free mail sites, NetSol accounts can be tied to real names, real addresses and real phone numbers. So they have *far* more intrinsic credibility than "HotMail" or "GeoCities."
It is possible to harden electronics against EMP. In fact, a mild hardening is always done on all long-haul power and phone lines since solar flares can produce the same effect, but at a much lower level. Both caused induced currents in conductor loops, but nuclear explosion EMPs have a far shorter 'rise' time than solar flares, and IIRC it's this rapid rise time, not the total power delivered, that causes problems to unhardened electronics.
Cryptology 101: you only need a cipher strong enough to last as long as you use it.
IIRC, IPsec negotiates a session key for each connection. It definitely uses a different session key for each remote host - that's a simple 'pigeon-hole' proof, and it's easier to use per-session keys than to try to force the same key on all connections to each remote host.
This means that your keys only have to be remain secret for the duration of your TCP/IP connections. After you've closed the connection, an attacker knowing your session key will not be able to impersonate you, and that's one of the primary concerns with network encryption. There is still the risk that someone could scan your datastream for sensitive information, but nothing prevents you from using additional levels of encyption for passwords, sensitive files, etc.
Even if you do slip up and copy an unencrypted sensitive file, IPsec algorithms are not lightweight. A couple spooks might be able to read your list of porn site passwords, but not the script kiddies (and not-so-kiddies) working for your competition and/or wife's divorce lawyer.
Don't read too much into that sentence. It probably parses as
Losers running Windows 9x and NT4 are out of luck - this product will *not* run on these platforms unless marketing runs amok
instead of
We spit in the face of Linux users everywhere! Ha ha ha!
A second concern might be US export restrictions. Windows allows you to write drivers that verify they're running on a US distribution, but that's impossible with Linux.
(For security reasons, it's possible that someday each kernel will validate the modules it loads with cryptographic signatures, so Red Hat (to pick a name at random) could implement zoned distributions, but there's nothing to prevent Blue Jacket from rebuilding the same modules with its own keys. Encryption keys are private, source code is public.)
Nobody is claiming that *every* geek has mild autism, but the comment about startle reactions struck a nerve. If I'm startled, it takes me a *long* time to recover, and I'm sure that it's a large part of the reason why I pay such intense attention to my environment.
As for the idea that many of us have shadow autism, why is this so objectionable? It's fairly well accepted that there's a high incidence of bipolar disorders in this field, yet you don't see people bemoaning that label. Is it simply a matter of "good press" for the latter, since it's associated with genius?
As to the general idea of "shadow" manifestations of severe mental illnesses, that mirrors what we see in many genetic illnesses. One copy of the gene gives you some benefit, but two copies of the gene causes problems. I guess that's an argument against geek in-breeding.:-)
Slashdot Mirror
The "Bible Code" isn't cryptography. Well, not cryptography by mere mortals.
/. always strip leading spaces, even when us silly posters use 'pre' tags? Anyway...
Anyway, the idea behind the Bible Code is that the first five books of the Bible were dictated to Moses by God, as tradition says. If you take every Nth character (skipping spaces?) you will get words scattered among the garble. That's standard statistics and nobody sees any significance in it.
The "Bible Code" explores the shocking, *shocking*, discovery that if you look at *two* different periods you occasionally get words that intersect and are actually meaningful. E.g., you might see something like
H
K I L L S
T
L
E U R O P E
R
Except it would actually look like a scrabble board. Why does
Cue spooky music. The authors made a big point of the fact that they warned the late Israeli leader Rabin (?) that his name appeared with "assassinate", but the warnings were ignored. This is a "prediction" like that skeptics demand, right? Not really. The problems with the Bible Code are:
1) there are often multiple hits on the same concept. BC supporters claim that it's proof of humanity's free will, but many of use are skeptical.
2) there are a lot of garbage hits (e.g., something along the lines of "Hitler" and "peacemaker".) Oh yeah, that's free will again!
3) the same algorithms applied to modern texts produce similar amazing hits. I remember one of the skeptic magazines discussed the amazing prophecies encoded in Moby Dick.
In my view, one shared by many statisticians, the Bible Code is nothing more than proof that if you look hard enough you will eventually find a monkey wildly typing away at "Romeo and Julies". If you assume the first five books of the bible contain 2^16 symbols, then explore every pair of periods between 2 and 2^12 (so you'll get sentence of at least 16 characters), you'll have a sequence of (approximately)
2^16 * (2^12) * (2^12)/ 2 = 2^39
symbols, or on the order of one trillion symbols. No wonder it takes powerful computers weeks to find "meaningful" combinations. It's not because God hid His message well, it's that the message space is so huge.
Let's try to make an analogy.
We're all in a church group preparing meals for the homeless and invalid. We all donate food with the understanding that it will be given away for free to anyone to asks for it. Bill Gates could get a free meal from our group, if he wants it.
Bob, a local restaurant owner, offers to give us excess food. This is perfectly fine food, but he can't use leftovers in his four-star restaurant.
Would you claim that you can't use Bob's food because he "discriminates" against his customers by charging them for their meals? Or would you recognize that Bob isn't a single-dimensional caricature of a wild-eyed zealot and he doesn't have to follow an arbitrary standard in all things? Hell, would you even consider the possibility that Bob really wants to serve meals to the homeless and his restaurant is simply a way to acquire and pay for the high quality food for the homeless?
Speaking for myself, my reaction when seeing responses like yours is that the GPL isn't worth the trouble. IIRC the BSD license is still DSFG free but is a lot more tolerant of pragmatic coexistence with unenlightened businesses.
I haven't read the license in question, but it sounds a lot like what I plan to use on the bigger projects that my company produces. Assuming I ever get anything out of the door. (Alternating between paying contracts and OSS projects sounded so easy a year ago... :-)
:-)
You can use the code, as is, for free.
You can modify the code, for free, provided you "pay me" by releasing your changes back into the community. (If the changes are substantial and worth folding into the main tree, I'll license the changes from you so I can re-release them under the terms below.) It's important to note that this is a pure GPL license.
If you really, really want to keep your changes "secret," you can pay me in hard cash instead of published code. I prefer code. The licensing rates will make it clear that I prefer code. But if you're unwilling to consider a GPL license, I'll work with you if that's what it takes to keep you from using a totally closed solution. I'm tempted to call it "BSD-for-a-fee" licensing, but that would simply confuse people.
In any case, I don't expect to make money from my OSS projects.... but I *do* expect to make contacts for bigger projects and higher rates. Even without any projects getting beyond early beta, I've found the experience of working full-time on a project has already paid profound dividends on my current (for-profit) job.
It's so late that much or all of this might be garbage, but I thought Xerox invented ethernet (physical layer) and Metcalfe invented TCP/IP (transport layer). The early Xerox networks ran XNS (Xerox Network Service?)
They're a bit retentive about not being able to install their software on your computer and see it work before they leave...
The flip side is US West. They closed my DSL installation order without my signoff. Or a physical check at my junction box. Or hell, even bothering to tell me -- I would see the WAN LINK on my DSL modem, right?!
Wrong. They screwed up the order and I did *not* have DSL service. But the last, and nearly the only, communication I had from them was that my order was delayed due to lack of equipment. So I "had" DSL service for two months before I flaked out and canceled it, right?! (That's why I have to file a formal complaint with the PUC, so the records will show that I waited three months before cancelling the order for nonperformance, not that Linux users are flaky and technically incompetent.)
Why couldn't a parent simply use root access to read their child's files, if they felt it necessary?
As I mentioned elsewhere, doing a real two-level hierarchy that allows the parents to read the child's files, but not each others, is a two-line addition to each file system driver... but I still think it's a silly change. I do think that crippled accounts which can only read files they own, regardless of permissions, might have general usefulness for daemons and *maybe* young children
(provided you leave hooks for programs!)
I had a university account with usenet, ftp, and mail access in 1983-84. It was a very different world; I might still have a hardcopy map of the entire internet (necessary for manually routing our own mail) around here somewhere. The 1000 or so sites were connected with the best of ASCII artwork and fit into one or two 11x17" DEC WRITER sheets.
Excuse me, I hear the nurse announcing last call for Geritol...
I'm tempted to build the micro-distribution just for the Eristean energy of it all. It really wouldn't be that hard, and it would be oh-so-easy to toss in little surprises.
E.g., add "mad sniper" code into xterm. It's normally okay, but if uid=0 and pid = 666 then it quietly starts killing other jobs at random and printing taunts in the term window. (Naturally uid=666 cannot be assigned to anyone.)
Or slip in code so that every so often the Biblical quotes are in Hebrew or Greek - in the correct alphabet.
hierarchical file system... maybe easy to set up...
/etc/passwd, they can't read it.
Two lines of kernel code per file system. And that's with the patch done "right" (e.g., having root-like powers over your children's files don't give you similar privileges over your spouse's files.)
I don't think this particular patch is useful, but it gave me ideas for an unusually crippled UID that can only read its own files - it can't even read 0777 files that it doesn't own. This might be useful for network daemons - even if you trick them into sending
Ah, but did MS *intend* for hard links to exist in NTFS? Your phrasing leaves that open to question. I've seen hard links under MS-DOS, and it was not pretty.
The details involve MS-DOS hacking (yes, it was done). Some people wrote directory access routines that worked with BIOS calls, and they discovered that they could implement *very* effective write-protected files by writing the file names in lower case letters. Someone else made hard links by having multiple directory entries point to the same FAT entry for the file. This works find until someone deletes any of those files (or directories) and the FAT entry is marked "available for reuse."
Some of the scientists on the Manhattan project didn't want to see the bomb used on Japanese cities; by that time they felt it was clear that Japan would soon surrender and they felt using the weapon was unnecessary. I think one actually quit his job, others simply wrote letters to the President.
This wasn't an entirely pointless position. Nobody doubted that a U-238 bomb would go critical, but U-238 is *extremely* expensive to obtain. (It's something like 0.5% of all uranium, and you can't separate it by usual chemical processes.) In military terms, a few U-238 bombs were worthless because of the "what happens if we use them all and Japan still doesn't surrender?" factor. That's why Tokyo was 3rd or 4th on the list - if it was taken out first the surviving military commanders might not have felt they had the authority to surrender. But if the government refused to react to the first few bombings, it would seem unlikely that their position would change.
Plutonium was easy to produce and extract in a reactor, but nobody knew if they could make a plutonium bomb go critical. Trinity was a test of a plutonium bomb, and when it denotated the US knew that it could drop a few bombs a week on Japan for as long as it took to force them to surrender.
But had trinity failed, nuclear weapons would be remembered as a historical oddity - something that worked but was so expensive all you really did was get a *really* motivated enemy. Until some graduate student ran a good simulation on his computer.... (A lot of the value in the superpower 'codes' is being able to make a big bang with little plutonium, to make it easy to fit several of them on top of an ICBM. But if you don't mind using 10 pounds of flour for a cupcake...)
BTW, I know that many more people died in the firebomb attacks than in both Hiroshima and Nagasaki combined, but did you know that a senior US officer (can't remember his name) demanded that Kyoto be removed from the initial target list? He had spent time there before the war and understood that destroying it would be a grievous harm to the Japanese spirit. He won the argument, it was moved into the second wave with Tokyo.
Underwater nukes... barely made a wave large enough to wiggle those battleships...
Don't confuse shallow- and deep-water waves. In shallow water the "wave" actually extends to the bottom and the excess energy is manifested as water piling up on the surface. In deep water the energy is held in moving hundreds or thousands of feet of water up a few feet.
As I recall those underwater nukes were in deep water. (Many pacific atolls are actually the top of very high, very steep underwater mountains and act like "deep water".) And at least some of those tests were used to evaluate submarine survivability to nuclear torpedoes. Those surface ships only survived because there's very poor energy transfer across the water-air boundary.
As for this idea... it was a very different time. Americans today tend to remember Pearl Harbor but not Nanking or the Korean occupation, nor the mothers jumping off of cliffs with their small children because the American forces were approaching. Anything to help reduce the inevitable (at least to the planners) million+ Allied deaths from the invasion would be welcomed.
A lot of these responses aren't making a clear distinction between non-Win9x "support" and "tolerance." It's reasonable for a company to say that "if you don't run software X.Y.Z we can't offer you help ON YOUR SOFTWARE," it's a far different thing when the company acts like they have *no* responsiblity to answer *any* question if you aren't running that particular program.
As others have pointed out, the bottom line is that *every* network connection comes down to a handful of parameters which easily fit onto an index card. Either the company can provide them or they're blowing smoke and *can't* be trusted. Period.
(That said, some networks, esp. cable modems, use additional authenication methods. But again they should be able to concisely describe it ("kerberos with extensions) instead of waving the magic "proprietary software" wand.)
You've overlooked something important. In Unix, directories are nothing more than pointers to independently managed files and there is *not* a 1:1 correspondence.
/tmp/foo /tmp/foo/A /tmp/bar /tmp/foo/A /tmp/bar/A /tmp/foo
/tmp/bar. (Symlinks would be lost, of course.) To a Unix filesystem that file is an equal child of *both* (or all) subdirectories.
Consider the following sequence:
$ mkdir
$ touch
$ mkdir
$ ln
$ rm -f
Is the file "A" deleted? Nope, you can still access it via the hard link established in
I don't know about the internals of NTFS, but earlier MS filesystems did not have the concept of a hard link. Well, not intentionally. Hard links change your semantics in some pretty odd ways, at least when you first encounter them. For instance, in this case the person might be able to delete the file entirely, but he can't change its contents.
Today, hard links are still used. IIRC, gzip uses a couple hard links to a single executable that behaves differently according to the value of argv[0]. If it's 'gzip', it compresses a file or stdin. If it's 'gunzip', it decompresses a file. If it's 'gzcat', it decompresses stdin.
There's a *huge* difference between having your SSN on an ID card in your wallet and having it on a badge which must be visible at all times.
Reducio ad absurdum: I can sit outside of a college campus all day and never learn a single SSN as the students and staff stroll by. I can sit outside of this school with a camcorder and obtain *every* SSN, get a good physical description, etc.
This is not a trivial issue. Suppose Bob has a thing about 10-year-olds. Everyone has been warned about strangers like Bob, but Bob sat in a car a few days ago and got the SSN of several potential victims. He looked up their name on any of several sites that provide this service for a modest fee. Now he asks Heather for help finding his lost kitten *by name* and claims to be a neighbor whom her parents know - how else could he know her name?
It's precisely because of people like Bob that Congress (or the DoE?) decided to prohibit public disclosure of personally identifiable information. IIRC, it was a response to problems, not a blue-sky scenario, and with this system it is only a matter of time until someone exploits this oh-so-brilliant strategy and rapes a child.
The idea of a "Microsoft only" university, at least in the technical disciplines, reminds me of the occasional news stories about former students suing their schools for failure to provide the promised education.
Schools develop reputations based on the quality of the student they turn out. Likewise, development environments develop reputations based on the quality of the developer that they produce. Linux hasn't exactly been the easiest platform to work in (although it that is changing)... but it's been an excellent training ground for developers that can handle almost anything.
MS tools tend to produce developers that have glaring weaknesses. In my experience, a MS developer seems far less likely to consider possible failure modes and is far more likely to give up when confronted by difficulty. More than one, with handed a bug report, has shrugged his shoulders and said it's probably a OS error. Or a library error. Or a mismatched shared library. It's certainly not worth *his* time to investigate. Compare that to the average Linux/Unix programmer who generally accepts that the OS and libraries are probably correct and that the problem is his responsibility.
So what, we should judge everyone as an individual? I agree 100% -- unless you're talking about screening 300 resumes for a single slot. Toss out the non-starters and you have no more than than 20 resumes. Still too many to interview all of them, how do you decide who's worth bringing in for an interview? For better or worse, in any non-MS environment there's a strong predictor of problems: primary MS experience.
If that's a problem with people with general university educations but MS work experience, I don't want to think about what Micros~1 University will produce. And when I'm deciding who to bring in for an interview, or who gets the job offer, I won't. Once they're employed I'll worry about the individual, but until the offer is accepted I have to use the best predictors I have. A MS-U degree is definitely a predictor....
Did I mention another of my graduate classes was chaotic dynamics? :-)
The very definition of "chaos" is high sensitivity to changes in the initial conditions. If a weather front appears in the same place (within the resolution of the data grid) on all 120-hour forecasts despite a reasonable variation in the initial conditions, you can be pretty sure it isn't in a chaotic realm and your forecasts will be fairly accurate.
On the other hand, if a modest amount of variation in the initial conditions result in wildly different predictions, the system is obviously in a chaotic realm and you can't make decent predictions.
As odd as it sounds, for something as large as a planetary atmosphere it's quite reasonable for parts of the system to be chaotic while other parts are boringly predictable. That's why they were starting to compare the predictions from different models, the same models with slightly different initial conditions, etc. That might give the appropriate officials enough information to decide to evacuate a coastline (at $1M/mile), or to hold off another 6 hours since the computers predict the storm will turn away.
P.S., the models do make mistakes, but fewer than you might expect. It's been years since I've thought about it, but as I recall most models work in "isentrophic" coordinates and are mapped to the coordinates that humans care about at the last step. The biggest problem has been the resolution of the grids; when I left I think the RUC model was just dropping to 60km; by now it's probably 40 or 30km. To get good mesoscale forecasts (which cover extended metro areas, and should be able to predict localized flooding) you probably need a grid with 5 or 10 km resolution.
I worked at FSL for several years, although on a different project. I knew people working on the weather models, and I took a class on parallel processing from the CU professor who shared the old Paragon supercomputer with NOAA. I even had an account on the Paragon briefly (for that class) after leaving NOAA.
NOAA needs to solve partial differential equations (PDEs). A *lot* of PDEs. My class spent a lot of time on solving numerical methods, and my entire undergraduate class in the early 80's was covered in the first lecture of my graduate class a few years ago. My Palm Pilot, running multigrid analysis, could beat the pants off a Cray-XMP running the best known algorithm from 15 years ago.
AI programs may not scale well, but the type of work done at NOAA *does*. Furthermore the hot topic a few years ago was applying some ideas from chaos theory to weather forecasts - take a dozen systems, insert just a little bit of noise into the initial data (essentially, instrument noise in your observations), then let them all run. If all models show the same weather phenonema, you can be pretty sure that it will occur. If the models show wildly different results (e.g., Hurricane Floyd slams into Key West in one run, but NYC in the other) you know that you can't make any firm predictions. As an educated layman's guess, I expect that the reason the hurricane forecasts are so much better than just a few years ago is precisely this type of variational analysis.
At the risk overgeneralizing a complex topic, I think the reason why rich geeks rarely buy shiny pebbles with their wealth is because of our experience with computer gear.
In a spare bedroom I probably have about $200 worth of excess computer gear. I easily spent over $10,000 for it. Not much more than a decade ago I paid $500 (over $2000 in terms of today's salary) for a 40 MB hard disk *and was happy to get it at that price* I have a $3000 system which I can't give away today. Fortunately all I have from the 70's are old issue of _Byte_ magazine with ads for 360kb floppy drives for over $1000, or memory at $100+/*KB*. (This is why I roll my eyes when someone is shocked that my main system is "only" a 266 MHz P-II with 256 MB.)
Outside of the computers, my major expenses have been things like TVs and microwaves. The price of each today is less than half of it was in 1984, about 1/10th when you consider salary. Cars? You buy them then drive them until the cost of repairs exceeds the cost of car payments.
In this environment, you feel deep in your gut that money spent on objects is money lost. This isn't always true, but it's certainly true of the baubles most newly rich like to buy. I'm not surprised that most rich geeks aren't interested in buying material objects for their own sake.
(BTW, I'm not a millionaire but I did get a significant inheritance a few years ago. I replaced a 10-year-old car, installed central A/C in my condo, and had LASIK surgery. All boringly utilitarian uses.)
Microsoft will find it far easier to export W2K (which includes e&e Kerberos)
My company *might* be able get an export license for a Kerberized Linux distribution. Or it might not, since my company is still at the "one person in the garage" stage. Red Hat wouldn't have this problem, but if the export license prohibited export of source code they're still dead in the water due to the GPL.
Debian wouldn't have a snowball's chance in Redmond of being able to carry my (US) Kerberos packages on their pages.
To me, this proposal is proof that "social engineering" isn't limited to crackers. This proposal will get industry lobbyists off the administration's back, and it gives them the perceived moral high ground on the Sunday morning talk shows. ("We've removed all but token obstacles to American businesses competing in the world market. Only drug running child pornography terrorists will be impacted, and We Don't Want To Help THEM, Do We?!")
WE know that it also hurts us, but we also know that we're all a bunch of pinko communists. Just look at the "exposes" that appear on a regular basis.
Finally, as others have pointed out Executive Orders can be rescended, often with no basis in reality. E.g., I'm still showing my passport to board domestic flights because TERRORISTS BLEW UP TWA 800. That theory has been discredited for years, but the EO that grew from it is still in effect. I would not be surprised if this EO blocked passage of SAFE, then in 6 months some crisis is manufactured which justifies slamming the door again. Naturally products with licenses (e.g., W2K) will be grandfathered.
Your friendly bank does not send you an unsolicited credit card because the courts (at least in the US) have held the contract is unenforcable. One concern was that credit cards could be stolen from the mail without the person's knowledge, and if the card was unexpected and from an unknown company the consumer/victim would have absolutely no clue there was a problem. A second concern was that many people would not be familiar with credit cards (in the 60's, as I recall) and they could incur substantial liabilities without realizing it.
They can, and do, send you "preapproval" letters that only require you to confirm some information and sign it. Someone can still steal these letters and forge you signature, but theft and forgery are already crimes.
It is legal for a company to issue you a replacement card without prior notice, but it runs the risk of pissing off customers. A bank manager quietly told me that a full third of the customers, including myself, closed our accounts after our bank was bought out and the new bank decided to issue "debit cards" (pre loss caps) to replace "atm cards" without prior notice or consent. It was rude, crude, and socially unacceptable, but legal.
Back to the "generous" NetSol offer, I am outraged. And not just because they keep making me these wonderful offers yet are incapable of changing my contact informaton despite repeated requests.
The currency on much of the net today is reputation, and NetSol's indifferent disregard to the consequences of its actions is as shocking to our sensibilities as the 60's banks disregard to the consequences of it's far-too-open credit card policy was to their peers. Of course nobody should automatically assume that the NetSol accounts are actually controlled by the person whose name appears on them, but a lot of people will. Unlike most (all?) other free mail sites, NetSol accounts can be tied to real names, real addresses and real phone numbers. So they have *far* more intrinsic credibility than "HotMail" or "GeoCities."
It is possible to harden electronics against EMP. In fact, a mild hardening is always done on all long-haul power and phone lines since solar flares can produce the same effect, but at a much lower level. Both caused induced currents in conductor loops, but nuclear explosion EMPs have a far shorter 'rise' time than solar flares, and IIRC it's this rapid rise time, not the total power delivered, that causes problems to unhardened electronics.
Cryptology 101: you only need a cipher strong enough to last as long as you use it.
IIRC, IPsec negotiates a session key for each connection. It definitely uses a different session key for each remote host - that's a simple 'pigeon-hole' proof, and it's easier to use per-session keys than to try to force the same key on all connections to each remote host.
This means that your keys only have to be remain secret for the duration of your TCP/IP connections. After you've closed the connection, an attacker knowing your session key will not be able to impersonate you, and that's one of the primary concerns with network encryption. There is still the risk that someone could scan your datastream for sensitive information, but nothing prevents you from using additional levels of encyption for passwords, sensitive files, etc.
Even if you do slip up and copy an unencrypted sensitive file, IPsec algorithms are not lightweight. A couple spooks might be able to read your list of porn site passwords, but not the script kiddies (and not-so-kiddies) working for your competition and/or wife's divorce lawyer.
Don't read too much into that sentence. It probably parses as
Losers running Windows 9x and NT4 are out of luck - this product will *not* run on these platforms unless marketing runs amok
instead of
We spit in the face of Linux users everywhere! Ha ha ha!
A second concern might be US export restrictions. Windows allows you to write drivers that verify they're running on a US distribution, but that's impossible with Linux.
(For security reasons, it's possible that someday each kernel will validate the modules it loads with cryptographic signatures, so Red Hat (to pick a name at random) could implement zoned distributions, but there's nothing to prevent Blue Jacket from rebuilding the same modules with its own keys. Encryption keys are private, source code is public.)
Nobody is claiming that *every* geek has mild autism, but the comment about startle reactions struck a nerve. If I'm startled, it takes me a *long* time to recover, and I'm sure that it's a large part of the reason why I pay such intense attention to my environment.
:-)
As for the idea that many of us have shadow autism, why is this so objectionable? It's fairly well accepted that there's a high incidence of bipolar disorders in this field, yet you don't see people bemoaning that label. Is it simply a matter of "good press" for the latter, since it's associated with genius?
As to the general idea of "shadow" manifestations of severe mental illnesses, that mirrors what we see in many genetic illnesses. One copy of the gene gives you some benefit, but two copies of the gene causes problems. I guess that's an argument against geek in-breeding.