My brother got one of these on my recommendation, and can't be happier. It's CF-based (though I'm not sure if it'll do Type II), small, and works really well. Not the absolute smallest thing on the planet, but he's pretty happy with it. And it was produced in pretty sizable quantities, and you can still get them. They've got an upgrade as well. $110 for a IIe sans media.
You really only need enough storage space for one track, I suppose. I've got an iRiver MP3/CD player, and much like the Rio Volt, what it does is spin up the CD drive, buffer what basically amounts to a whole song (more if you're doing Track Order on the iRiver), and then stop it. So it only even tries to use the CD player in between songs.
But I've never tried to use it while jogging. That's what I've got my Yepp (old-skool "Hip Hop" model, which is damn near indestructable) for.
But the problem is that they aren't doing it because the lawyers are necessarily being overly cautious. Every single thing that you see that seems strange is almost certainly the result of:
A law;
A regulation (slightly different than a law); or
A lawsuit
That means that the lawyers aren't just sitting there making stuff up (although I'm sure that happens as well), but they're acting on the best wishes of their clients.
For example, I believe that the "many will enter, few will win" thing is probably to overcome the law that requires that sweepstakes must indicate the chances of winning whenever advertising it, but that they won't know the precise odds for a while after running that ad.
The blurred text thing is probably an artifact of Tivo compression or something. There actually are requirements in the US for most of the legal disclaimers that you see on screen and read by announcers (my dad explained some of them to me; he works in advertising and had some clients who had products that had to be covered by those types of disclaimers). Although if the disclaimer isn't mandated by law, but is rather a result of lawsuits, then there may not be.
So don't decide that it's a lawyer going on. There are actual laws and regulations covering a lot of this stuff, and even when there isn't, the fact that lawsuits HAVE happened is probably enough to keep the lawyer in good stead.
Luckily in California you can do that year round. In Illinois, where I grew up, you wouldn't be able to use the patio about 4 months out of the year.
Re:Are you sure the problem is primarily with SMTP
on
Replacing SMTP?
·
· Score: 1
I think the AC reply to your post hits on one solution: which is that if this is done very commonly at the MUA, then it can also be done by the MTA. For example, classification rules (move all email from Fred to the folder named FredMail) were originally just part of the MUA, but now some MTAs can have configurable rules to do that for you (as long as they're not just MTA but mail stores as well). So over time, you'd find that if it's common enough in the MUA, and it CAN be done by the "mail server", then it will be.
But the second point is more important to cover, which is that if the marginal benefit of sending spam truly does drop to zero because all emails sent go into a global bit bucket, and nobody ever actually sees them, then there will be no point in sending email. The reason why spam happens is that it either works, or is perceived by morons to work (I think it's a little of both). If all spam disappeared before getting to its sender, then there would actually be no reason to send it at all. These guys aren't doing it for their health, they're doing it to make money. The moment that enough of their outbound email is dropped at the MUA that it's not profitable to send it anymore, and they have no technical workaround they can use, they'll stop.
Re:Be wary of 'trusted' protocols
on
Replacing SMTP?
·
· Score: 4, Insightful
Oh, come on now. You're being just a little bit crazy/paranoid/Slashdotty here.
First of all, they're applying a common practice used elsewhere (i.e. the use of PKI and trust metrics to control authentication and non-repudiation) to email. It's not like they've invented the special Microsoft Email System which is radically different from everything that's happened before.
Second of all, PGP and its web of trust are designed explicitly to avoid CA issues like you're describing. If the system is based on X509V3 certs and your web MUA controls your trusted roots, then yeah, they'd be in charge of what you'd be able to see (but presumably you'd have the ability to at least specify that you trust particular certificates).
Third of all, even if they then "sell the ability to send spam," it'd be pretty easy to tell that they've done it, tell who sent the spam, and take your business elsewhere! The whole point of authenticated, non-repudiatable email is that you actually CAN determine WHO sent the email in the first place, so that you can then track said person down and tell them (politely of course) not to do that anymore. Spam becomes much less of an issue if everybody has to legitimately say who sent every email.
So stop trying to bring about some type of scare tactic about what is probably the only real way to combat spam anyway.
Are you sure the problem is primarily with SMTP?
on
Replacing SMTP?
·
· Score: 4, Interesting
It seems like the issue that you're trying to solve, implicit from your original post, is that SMTP allows a lot of spam. Are you sure that this is a problem with SMTP? In other words, is this a protocol problem or an application problem?
Non-email messaging systems have been thinking about virtually the same problem quite a bit, and have come up with a set of solutions that try to solve what are fundamentally the same issues: message integrity, message non-repudiation, and message authentication. And the surprising part of this is that nobody really focused on the protocol, because it doesn't provide the path to a meaningful solution to the problem.
Case in point: web services. While initially the people who were playing iwth web services started out doing security at the transport level (i.e. with SSL and various derivatives thereof), but realized that something like WS-Security (where the security of a message is a part of the message itself) is the more optimal approach.
Why not just force the issue into the realm of S/MIME (and similar extensions to rfc822) and handle it at MUA space? You can cover virtually all the problems with SPAM by following the example of the reliable messaging systems and doing more with the contents of the message itself, rather than trying to say that messages have to transmit over a particular protocol. For example, depending on your trust environment, S/MIME signatures solve the authentication, non-repudiation, and integrity problems perfectly. What more do you need/want?
Well, that's sorta the point from what I can tell from the memorandum: the judge originally ordered that hte entire network, essentially, be disconnected from the internet, and only reconnected as the DoI could prove that each machine that was connected had a reasonable level of security. Then the Special Master (the guy doing the checkup) had to make sure that the machine stayed secure over time. The Special Master basically handled a lot of the politicing with the other Big Government Dicks from the various departments responsible but subcontracted at least part of the work to some private sector firms to do the vulnerability analysis.
So in fact, it's almost like the judge did the right thing: said "y'all are too insecure to live, you have to prove it to get back online, and this is the guy who you have to prove it to." Then the gov't decided they didn't like proving it to that guy anymore and here we go.
Rather than everybody babbling about crap based on the original case, I read the memorandum document. Basically, the status here is:
The government agreed to secure machines that had certain types of sensitive information, and to allow someone to verify that those machines were secure.
One machine was discovered to be insecure because apparently it WAS in the DMZ for a legitimate use and thus could be portscanned (it was just insecure)
The people scanning it told the gov't that they were going to do a full penetration scan (so that they didn't get prosecuted), which everybody had agreed to and agreed would be private (i.e. nobody would try to secure the box in advance of the penetration)
The machine magically vanished off the network right before the penetration scan with a bit of a bogus explaination
The government and the guy responsible for doing the scans got into a big pissing contest that they refused to settle peacefully.
In other words, it seems like some parts of the government was attempting to do the right thing here, but some other parts got seriously upset when they discovered that the Special Master (the guy responsible for verifying compliance that the machines were actually secure) was actually doing his job and not just taking their word that they hadn't leaked information about the machine that was going to be penetrated, fearing the consequences.
Quite frankly, I'm a little confused as to why the government had to allow a full exploit to take place rather than accepting the warning of "this machine is insecure, secure it now," except that maybe it's with an eye towards preparing for the day when the courts aren't constantly portscanning them.
No, I think the argument is that a (L)GPL body of code can link with a proprietary body of code, but vice versa is not the case. Otherwise, I wouldn't be able to run GPL code on Solaris, since it would potentially link against a non-free libc.
I agree that it could be done. But note that I was pretty specifically referring to the problem where there would be so much critiquing going on that the teacher would be unable to stay in the process, and thus would end up in bad critiquing. The fact that you have a moderator there to help with the critiquing process is the way that critiquing helps.
Of course, if it's not a creative writing course, and it's something like freshman literature, where they might not really know what they're talking about, I'm not sure how much peer critiquing would help anyway.
Well, that's assuming that he's spent a lot on a GSM phone. If he's spent a lot on a CDMA phone, he's SOOL. Remember, such large players as SprintPCS are CDMA in the US, meaning that tri-mode doesn't help much.
It seems like you're looking at a situation where everybody's going to be roughly on the same level, which probably means that they're not going to be too advanced. Remember, you're the instructor. That presumably means that you have more insight than they do, and that they're in your class to gain your insight. With that in mind, do you think having Sally critique Bob's work is going to be more useful than your critiqing Bob's work in the first place? In fact, if you then posted the results to the class saying "this is what made Bob's work good; this is what made Bob's work bad," that would probably be far more useful than having Sally spout out drivel at Bob. After all, you're not going to be able to review every comment, so how do you know that Sally won't tell Bob lies (inadvertant or not) and overall reduce Bob's skills even more?
This is not to say that you will end up with a bunch of people who are morons critiquing everybody else's work and ending up with them all dumbing down even more, but it's a possibility. Another possibility is that they'll all rise to a level of Borg-like hive mind and produce amazing work. Personally, I'd bet on the former more often than the latter. Although in classroom settings people often open up the door to peer review and discussion about works and ideas, it's almost always moderated and on subject, so that the instructor/moderator immediately has the opportunity to call "Bullshit" when Sally is full of it, or "Bravo" when she has a deep insight. If you've got blogs gone crazy, you don't have that control.
Peer review on something technical probably works much better because you're focused on getting something done, and on getting the correct results.
It might be better if we knew what type of English class this is? Are you teaching them the basics of the English language? Are you teaching creative writing? Is it literature, comparative or not? Is it focused on a particular style of writing and literature? English covers so many different things that the possibilities for effective use of technology are really different for each of them.
But something that you probably should do if you don't pay heed to the many people telling you to get the heck out of hte computer lab for the English class is something I've seen for business meetings. They're systems which are essentially whiteboards where students can post questions online for you to cover during the lecture, as well as comments, anonymous or not. So if you're covering Wuthering Heights and aren't properly covering the psychosis of Heathcliff, someone can say something like "Please cover more Heathcliff's obvious lack of proper seratonin function" or even just "slow down, you're going too fast" and you (and/or everybody else) can see and/or respond live.
Probably. But what if he's just on a green card, rather than already being a citizen? I don't think that would allow her to also get a green card.
Also, what about gay couples? They're not entitled to your point #4.
I've seen this comment elsewhere, and this isn't a problem with OWA at all, it's a procedural/methodology problem. Basically, you're not storing your mail on the server. Of course a webmail interface isn't going to access everything you've got, because it's not on the server.
But what if it WAS on the server? What if you DID have that 3GB of archived mail on the server? Would OWA be okay for you then?
And what's keeping you from putting it on the server? Your mailadmins setting quotas? Concerned about privacy? Performance?
One thing that struck me in one of the responses was that Dan's fixated on trying to find some type of blame for what happened in the internet bubble, and my favorite example of this is where he says that VCs and Investment Bankers shifted all the risk to the public markets, as though that's a terrible thing. But what he doesn't point out is that the markets were screaming to take on that type of risk. Remember, this wasn't a case of a bunch of evil VCs and investment bankers breaking down Aunt Tillie's door in the middle of the night, taking her money, and leaving her with shares in buy.com, this is a case where the markets were paying a risk premium, paying more for riskier plays.
In a situation like that, you have two options:
Give the market what it wants, regardless of whether that's what the market should actually have in your opinion
Tell the market how foolish it is for wanting that, and watch other people make money off providing it.
I suppose it really comes down to whether you believe market theorists, who claim that the market is always smarter than any individual. While bubbles can be proven wrong, I think it's hardly facetious to be criticizing VCs for doing what the market demanded of them at the time, since they are chartered with making money for their investors, not making Silicon Valley a nice place to live.
As near as I can understand from my legal education of many episodes of "Law And Order" and "The Practice," many American journalists believe on a matter of principal that there is no circumstance under which they must (morally) reveal the identity of a source, or that they have a significant obligation to the source to not reveal the identity of a source (i.e. a mob informant or something).
However, there are situations where a judge is allowed to force a journalist to reveal a source (such as when they have material evidence in a trial which will not impact them, such as a witness to a murder who refuses to come forward at trial, but has spoken to a journalist). In this case, the general point is that while protecting a source is good in a democracy, the interests of justice in that particular case outweigh both the principal of journalists protecting their sources and the specific reasons why that source chooses to remain unidentified. Many a journalist has gone to jail as a result, usually under contempt charges.
Of course, I'm talking completely out of my ass, just like any slashdotter about legal matters! Tra-la!
Yeah, I think what I was trying to get at in the end is that the actual source of that component of the report isn't the number of arrests, it's the perception of likelihood of arrest by journalists: they point out in the methodology that the point isn't to count up the number of arrests, but rather to quantify how much fear journalists have that they'll be arrested for doing their job. I agree with you, it's the fear that's sufficient to do the job in a suitably repressive state, and you can achieve that with nothing more than a statement of "we WILL arrest you if you say bad things about us" and a single arrest (although that's much more explicit, I suppose). At least that's what the methodology page seems to imply.
Well, that depends on whether you consider Mein Kampf to be journalism or some other work. The report isn't about freedom of expression, as I pointed out, it's about the freedoms of journalists, an altogether different subject. That's the point of the post, is that I saw a lot of "they don't have the same liberties as we do, how can they be higher," and it's not the point of the report.
Slashdot Mirror
And I'm still waiting for my hoverbike.
Check it out
But I've never tried to use it while jogging. That's what I've got my Yepp (old-skool "Hip Hop" model, which is damn near indestructable) for.
- A law;
- A regulation (slightly different than a law); or
- A lawsuit
That means that the lawyers aren't just sitting there making stuff up (although I'm sure that happens as well), but they're acting on the best wishes of their clients.For example, I believe that the "many will enter, few will win" thing is probably to overcome the law that requires that sweepstakes must indicate the chances of winning whenever advertising it, but that they won't know the precise odds for a while after running that ad.
The blurred text thing is probably an artifact of Tivo compression or something. There actually are requirements in the US for most of the legal disclaimers that you see on screen and read by announcers (my dad explained some of them to me; he works in advertising and had some clients who had products that had to be covered by those types of disclaimers). Although if the disclaimer isn't mandated by law, but is rather a result of lawsuits, then there may not be.
So don't decide that it's a lawyer going on. There are actual laws and regulations covering a lot of this stuff, and even when there isn't, the fact that lawsuits HAVE happened is probably enough to keep the lawyer in good stead.
I thought it was an ad for MIT, Stanford, and Berkeley, personally.
Even better: UC Berkeley, the #1 public school in the country, #21 overall, and #3 engineering school, is the 40th best value. Huh?
Luckily in California you can do that year round. In Illinois, where I grew up, you wouldn't be able to use the patio about 4 months out of the year.
But the second point is more important to cover, which is that if the marginal benefit of sending spam truly does drop to zero because all emails sent go into a global bit bucket, and nobody ever actually sees them, then there will be no point in sending email. The reason why spam happens is that it either works, or is perceived by morons to work (I think it's a little of both). If all spam disappeared before getting to its sender, then there would actually be no reason to send it at all. These guys aren't doing it for their health, they're doing it to make money. The moment that enough of their outbound email is dropped at the MUA that it's not profitable to send it anymore, and they have no technical workaround they can use, they'll stop.
First of all, they're applying a common practice used elsewhere (i.e. the use of PKI and trust metrics to control authentication and non-repudiation) to email. It's not like they've invented the special Microsoft Email System which is radically different from everything that's happened before.
Second of all, PGP and its web of trust are designed explicitly to avoid CA issues like you're describing. If the system is based on X509V3 certs and your web MUA controls your trusted roots, then yeah, they'd be in charge of what you'd be able to see (but presumably you'd have the ability to at least specify that you trust particular certificates).
Third of all, even if they then "sell the ability to send spam," it'd be pretty easy to tell that they've done it, tell who sent the spam, and take your business elsewhere! The whole point of authenticated, non-repudiatable email is that you actually CAN determine WHO sent the email in the first place, so that you can then track said person down and tell them (politely of course) not to do that anymore. Spam becomes much less of an issue if everybody has to legitimately say who sent every email.
So stop trying to bring about some type of scare tactic about what is probably the only real way to combat spam anyway.
Non-email messaging systems have been thinking about virtually the same problem quite a bit, and have come up with a set of solutions that try to solve what are fundamentally the same issues: message integrity, message non-repudiation, and message authentication. And the surprising part of this is that nobody really focused on the protocol, because it doesn't provide the path to a meaningful solution to the problem.
Case in point: web services. While initially the people who were playing iwth web services started out doing security at the transport level (i.e. with SSL and various derivatives thereof), but realized that something like WS-Security (where the security of a message is a part of the message itself) is the more optimal approach.
Why not just force the issue into the realm of S/MIME (and similar extensions to rfc822) and handle it at MUA space? You can cover virtually all the problems with SPAM by following the example of the reliable messaging systems and doing more with the contents of the message itself, rather than trying to say that messages have to transmit over a particular protocol. For example, depending on your trust environment, S/MIME signatures solve the authentication, non-repudiation, and integrity problems perfectly. What more do you need/want?
I'd say you get equal marks for technical merit and artistic impression.
So in fact, it's almost like the judge did the right thing: said "y'all are too insecure to live, you have to prove it to get back online, and this is the guy who you have to prove it to." Then the gov't decided they didn't like proving it to that guy anymore and here we go.
- The government agreed to secure machines that had certain types of sensitive information, and to allow someone to verify that those machines were secure.
- One machine was discovered to be insecure because apparently it WAS in the DMZ for a legitimate use and thus could be portscanned (it was just insecure)
- The people scanning it told the gov't that they were going to do a full penetration scan (so that they didn't get prosecuted), which everybody had agreed to and agreed would be private (i.e. nobody would try to secure the box in advance of the penetration)
- The machine magically vanished off the network right before the penetration scan with a bit of a bogus explaination
- The government and the guy responsible for doing the scans got into a big pissing contest that they refused to settle peacefully.
In other words, it seems like some parts of the government was attempting to do the right thing here, but some other parts got seriously upset when they discovered that the Special Master (the guy responsible for verifying compliance that the machines were actually secure) was actually doing his job and not just taking their word that they hadn't leaked information about the machine that was going to be penetrated, fearing the consequences.Quite frankly, I'm a little confused as to why the government had to allow a full exploit to take place rather than accepting the warning of "this machine is insecure, secure it now," except that maybe it's with an eye towards preparing for the day when the courts aren't constantly portscanning them.
No, I think the argument is that a (L)GPL body of code can link with a proprietary body of code, but vice versa is not the case. Otherwise, I wouldn't be able to run GPL code on Solaris, since it would potentially link against a non-free libc.
Of course, if it's not a creative writing course, and it's something like freshman literature, where they might not really know what they're talking about, I'm not sure how much peer critiquing would help anyway.
Well, that's assuming that he's spent a lot on a GSM phone. If he's spent a lot on a CDMA phone, he's SOOL. Remember, such large players as SprintPCS are CDMA in the US, meaning that tri-mode doesn't help much.
This is not to say that you will end up with a bunch of people who are morons critiquing everybody else's work and ending up with them all dumbing down even more, but it's a possibility. Another possibility is that they'll all rise to a level of Borg-like hive mind and produce amazing work. Personally, I'd bet on the former more often than the latter. Although in classroom settings people often open up the door to peer review and discussion about works and ideas, it's almost always moderated and on subject, so that the instructor/moderator immediately has the opportunity to call "Bullshit" when Sally is full of it, or "Bravo" when she has a deep insight. If you've got blogs gone crazy, you don't have that control.
Peer review on something technical probably works much better because you're focused on getting something done, and on getting the correct results.
It might be better if we knew what type of English class this is? Are you teaching them the basics of the English language? Are you teaching creative writing? Is it literature, comparative or not? Is it focused on a particular style of writing and literature? English covers so many different things that the possibilities for effective use of technology are really different for each of them.
But something that you probably should do if you don't pay heed to the many people telling you to get the heck out of hte computer lab for the English class is something I've seen for business meetings. They're systems which are essentially whiteboards where students can post questions online for you to cover during the lecture, as well as comments, anonymous or not. So if you're covering Wuthering Heights and aren't properly covering the psychosis of Heathcliff, someone can say something like "Please cover more Heathcliff's obvious lack of proper seratonin function" or even just "slow down, you're going too fast" and you (and/or everybody else) can see and/or respond live.
Probably. But what if he's just on a green card, rather than already being a citizen? I don't think that would allow her to also get a green card. Also, what about gay couples? They're not entitled to your point #4.
But what if it WAS on the server? What if you DID have that 3GB of archived mail on the server? Would OWA be okay for you then?
And what's keeping you from putting it on the server? Your mailadmins setting quotas? Concerned about privacy? Performance?
In a situation like that, you have two options:
- Give the market what it wants, regardless of whether that's what the market should actually have in your opinion
- Tell the market how foolish it is for wanting that, and watch other people make money off providing it.
I suppose it really comes down to whether you believe market theorists, who claim that the market is always smarter than any individual. While bubbles can be proven wrong, I think it's hardly facetious to be criticizing VCs for doing what the market demanded of them at the time, since they are chartered with making money for their investors, not making Silicon Valley a nice place to live.Depends on where you are. Here in Taxafornia, you get taxed buying food (or anything else for that matter). So let's hear it for the televangelists!
I posted this after there were only like 20 comments. Must have been modded down by this point.
However, there are situations where a judge is allowed to force a journalist to reveal a source (such as when they have material evidence in a trial which will not impact them, such as a witness to a murder who refuses to come forward at trial, but has spoken to a journalist). In this case, the general point is that while protecting a source is good in a democracy, the interests of justice in that particular case outweigh both the principal of journalists protecting their sources and the specific reasons why that source chooses to remain unidentified. Many a journalist has gone to jail as a result, usually under contempt charges.
Of course, I'm talking completely out of my ass, just like any slashdotter about legal matters! Tra-la!
Yeah, I think what I was trying to get at in the end is that the actual source of that component of the report isn't the number of arrests, it's the perception of likelihood of arrest by journalists: they point out in the methodology that the point isn't to count up the number of arrests, but rather to quantify how much fear journalists have that they'll be arrested for doing their job. I agree with you, it's the fear that's sufficient to do the job in a suitably repressive state, and you can achieve that with nothing more than a statement of "we WILL arrest you if you say bad things about us" and a single arrest (although that's much more explicit, I suppose). At least that's what the methodology page seems to imply.
Well, that depends on whether you consider Mein Kampf to be journalism or some other work. The report isn't about freedom of expression, as I pointed out, it's about the freedoms of journalists, an altogether different subject. That's the point of the post, is that I saw a lot of "they don't have the same liberties as we do, how can they be higher," and it's not the point of the report.