Comcast could and should have gone ahead user-runtime-reversably blocked all of the common low service ports (1-1024) a long time ago.
By user-runtime-reversable I mean:
Put up a web page that I can connect to from my served address only, that lets me check-mark the common ports I want to allow in/out/both. And, most importantly, *NOT* change billing or pricing by check-box etc.
The default map would never be changed by users that don't care, and thus zombie-spam would be greatly reduced.
The custom map would be useful for those who do care.
Keying this on the "hostname" a paying customer sends with their DHCP requests, or by IP address and giving out nearly-static leases by default and clearing the map when a lease is lost, would be child's play. It is no harder technologically than dynamic DNS.
It could be instanciated anonymously one day and the only legitamate users who cared would even notice. As long as there was an obvious "so your ports were just locked on a service you were running at home and you don't like that? here's how to open them" link obviously placed on an "expert users" page on the corporate web site everythign would be self-healing.
Of course that implies that they have rationally segmented their network so that the routers can leverage this information in reasonable time.
Eveidence suggests that they have-not so segmented. (You would not *beleive* the amount of cyclic arping across multiple address ranges I see from their servers on my cable modem segment...)
Heck, the simple intelegence-test-effect created by requiring a user to find their own hostname string from inside either their active configuration or their setup invoice would be enough to stop all sorts of shenanagans... 8-)
So anyway Comcast, get a nice firewall box, set up a permiable wall, with a nice default mask, and let users instanciate a private mask if they so desire by visiting their service settings web page.
Not that hard, unless you bought your infrastructure *really* cheap... 8-)
No matter how convoluted the system you propose to "track" this stuff, it will *always* come down to whether you beleive or can trust "the first order contributer".
If we knew where every last keystroke came from, there would still be the "bob is lying, that keystroke didn't come from him, he stole it from his bos/frind/company/disassembly-fo-windows or whatever. Or worse, he typed in the code but he got the idea from watching the wonderful-world-of-Disny while reading Cryptonomicon so Eisner and Stephensen are the inventors and deserve X in consideration.
Many jobs worth doing are only worth doing to a certian standard of completeness. The problem with the porely-named Intellectual Property domain is that, reguardless of whether ideas want to be free or $40 a barrel, the boundary and origin of all ideas is undocumented-bastardary at best.
All works of any creative mind are, at least in part, stolen from the fertile field of experience.
There is no fixing that, and the supposition that all the progenitors of what came before do *NOT*, a-prioria, deserve recognition and a stake.
Turning the provenance of each line of code into a preverse kind of Oscal(tm) acceptance speach *still* wont insure that someone isn't slighted somewhere.
"I'd like to thank the academy, and my third grade comp-sci teacher for this for-loop, without them I would have never understood that pre-increment saves a temporary. And of course a shout-out to the CPU manufacturer, without whom I'd have never had a chance at direct increment of non-register memory. And of course my Mom, who never let me leave the table without eating all my peas; if it weren't for her I'd have never learned the value of bounds-checking in the completion of a problem domian. I know I'm forgetting someone, but you have all been so wonderful..." -- Rob White, Linux Kernel 6.2 Changelog for kernel.c line 722.
NOTE: The Above attribution is Under Dispute from the GCC board of optimizers for failure to credit the optimizing community's efforts in envisioning the need for loop unroling and the value of peep-hole allocation of registers...
Really, how bad does "intellectual property" have to get before people get it into their heads that the Founding Fathers *DID* understand that you cannot own an idea. The absence of computer science from their accumen doesn't mean that these topics are sacrocant, wholly new, and innumerable to that prior understanding.
The company will get compaints from the normal lusers when they see that some of their contacts clearly have read the message (because, for instance, they replied to them) but there was no confirmation (because their track-ee has images blocked.)
It's just dot-bomb nonsense.
Besides, how soon will it be before someone figures out that mid-relay tracking for spam (you know, this came through butt-heads-R-us, we will reject it) plus intrusive crap == nobody is reading any of my mail at destination-X
And the web-bug does nothing to tell "how long" a user looked at your mail unless the very next mail message is also bugged, and unless the target user never opens more than one message at a time. (e.g. people who only read their mail in the outlook preview pane.)
"Gee, he really loved that joke." beting the response to clikcing on next-message and going home./sigh... 8-)
As an author and software engineer I understand a lot of the concerns surrounding copyright, trademark, and patent law. Since you might be under a flood of feedback for your institution's position just now, I will attempt to be susinct.
The DMCA essentially assures that your work will die with the technology under which you released it. That is the express purpose of the law. Were this the case before today, the great artists of the past would be lost to us. A. Adams work would be unknown and probably wouldn't have enven been done, since the techniques developed by Kodak and Eastman and such would have died in secret with their developers.
Even as you read this message, the great motion pictures of the twenties, thirties, and forties are turning into dust as the celuloid they are printed on breaks down. These movies cannot be copied because massively extended copyrights cannot be cleared. The loss of movie history is purpitrated on us all by the MPAA, the supposed custodians of film, in a desprate attempt to make sure that you can only buy a dvd player from someone who has paid them a license fee. I know, it seems like a stretch, but it is true if you look beneath behind the retoric.
Consider this, the DMCA makes it illegal to even try own the tools necessary to get a photograph off of a Picture CD(tm). That seems like fine business today. But ten years from now, when Kodak decides to stop supporting this format, what happens to your work? Nothing at first, I suppose. But ten years later, when nobody hast the reader and nobody has the tools, your pictures are trapped. And when the disk itself oxidizes in 25 years?...
If things carry on as they are, in thirty years or so, You yourself won't even be able to compile a retrospective of your own work.
Your legacy will be gone.
How sad would it be if our entire culture only harkened back to the eighties?
This is the empty legacy of closed copy-protected technologies. It is the legacy of eating the chicken today instead of having a lifetime of eggs.
It seems to me that these fees aren't all bad. The tax seems (big disclaimer there) to be computed on the "plan cost" and by moving the recovery fees into a non-taxable line item they should be saving the customers a slight amount of money over the total bill that would be paid if it was just the fee and the tax.
This is the opposite of the "rebate" where you pay sales tax on the whole ammount for the privelege of getting $100 back in the mail next quarter.
The one thing that I found truely unplesant on my 5600, and which religates it to occasional poking instead of regular use, is the complete abscence of a keyboard-accessible way to pipe.
There just isnt a "|" on the dang keyboard. It is very annoying to have to pop up a graphical keyboard thing whenever you want to "|less" something...
Clearly the marketroids didn't ask the linux people before telling the engineers what to put on the thing.
Function Z is unassigned even, and there is clearly some multi-mapping possible (look at the euro and pound-sterling symbols ganged up with the 3 and 4 respectively) so something could be done.
But they are dumb about their linux-geek following.
Considering that blockbuster movies make "no money" and the whole idea falls apart. Production accountancy is the last, greatest legal lie.
The fact of the matter is that the answer is to roll back the bull, get rid of software patents, reduce copyright to the original lengths, get the corporations out of the legislation business...
And then mabye lynch them for being butt-heads. 8-)
Doing these things honestly and functionally isn't all that difficult.
For instance, my company makes a sweet little device that, among other things, has a bunch of FPGAs (Field Programmable Gate Arrays). There is some language (I have never seen) that creates, via a source file (I will never possess) and a compiler (we license for a nut), to create a byte-stream (I have sitting around in a file) that gives the FPGAs their personality.
When my boss came in and started whining about the GPL I pointed out that the three modules were GPL-able and that distributing them under the GPL was about as "wanton with our intellectual property" as sunday school.
The drivers are just not that interesting. From one (the one that loads the FPGA images) you could learn how to copy a byte string into a single register. e.g. "for (int counter = 0; counter image_size; ++counter) { *FPGA_Personality_Register = image_buffer[counter]; }"
Oh yea, there is a lot of boiler-plate around this, and I actually do that inside a fpgaflash_write() etc. But this is *not* rocket science.
In point of fact, virtually all of the "Intellectual Property Issues" people have with respect to software are, frankly, crap.
A bunch of people doing a lot of truely marginal work have created a mythology of value. Somehow the way _*THEY*_ increment an integer is so much more fascinating than the way the rest of us do it. "But Boss," they say, "if everybody out there figures out that we put *our* serial uart at 0x2df instead of 0x2f0 then nobody will need us any more."
Bull.
If you provide a good product at a reasonable rate then people will pay you for it.
Every year I spend $20 to $50 to pay my taxes with one or another tax prepration software product. I do this *despite* the fact that all the forms and things are there and (obfuscated 8-) open source. (And I actually buy the software instead of pirate it, since to steal software when that is how I make my living would be hypocritical.)
The only people who have to worry about Open Source are the people who make crappy software.
Trust me, nobody wants your job. Nobody wants sneak in and rewrite comercial drivers *IF* *THEY* *WORK*. Nobody cares about your "proprietary register mapping" *IF* *IT* *WORKS*. The people who are going to make a nockoff of your board are just going to trace out your hardware if they want to clone it, and its is going to take them how long to disassemble your Windows driver to make their compatable device?
Gee, if they want to compete, they could just make their clone to one of the already-existing drivers they have source too anyway.
There is *NOTHING* *OF* *VALUE* in your drivers. Really. Get over yourselves and start harvesting all that free money by making a product and having the OS community improve your products' drivers for free.
It boggles the mind that people like nVidia and ATI want to keep their drivers closed when their real value is in the chipsets themselves. Everybody knows how Direct-X and OpenGL is going to present the data at that level. Why do they even *care* if someone knows that the data buffers are reformatted and their addresses are crammed into a doorbell register at a particular address. Do they think we can't possibly fathom the concept of laying out data and putting addresses into doorbell registers? Do they expect us to be supprised when it turns out that the eight hardware rendering pipelines they brag about on the box are backed up by eight separate linked lists (or whatever) in the driver?
And you just know that on the flip side, there is someone at each of these companies trying to outsource the driver development even as the first team of idiots are jealously garding their source code.
Back to the example, all the "value" in our product is in the complex and subtle control of state *below* the driver in the hardware, and in the complex and robust interractions of the applications and protocols
And so should each of their executives separately or all together.
People who just want to rub strangers together in the hopes that money will fall out are the kinds of parasties on humantiy that really need to exit the gene-pool.
Those who are proud of their position and goals in this respect need to willfully, and of their own violation, seek and recover the clearly present and valuable "gold like substance that marketers insist will be good for the economy" from within the heart of any really nice hot flame. They do, after all, seem to so enjoy the heat and entropy they try to extract from anything useful that comes near them.
They should do this dressed only in a festive goat skin, or perhaps the flesh of their offspring, equipped with only a cheap aluminium spoon.
First one out with a full jar of plasma gets an executive bonus, a writeup in CIO magazine, and a seat on a board of directors...
Moreso, Linux doesn't accept "John Doe" contributions. If microsoft, or any of its agents, were to contribute code, or cause code to be contributed, to Linux it would be demonstrable that the inclusion of the code was proper.
If someone did it on their own, then as soon as Microsoft did what SCO didn't, that being identify the code, it would removed and replaced.
I Microsoft instead did what SCO did, and not identify the code, then they have failed to even attempt to mitigate their damages, and any copyright case falls apart.
The act of distribution obviates any Trade Secret, so there would be nothing to sue about there, except legal action against "John Doe".
And Patent issues exist or not independent of who provided what, which is why software patents are bad. It would be more valid for microsoft to take patents against things they know are going to be in Linux and then use that to club people over the head. Fortunately Linux has people like IBM who want to use it and have more patents. (But this is the one-paragraph proof that software patents are bad for everbody, so I'l let it go at that.)
In essence, you must remember, that "you cannot cheat an honest man."
For all that the "but they have to be on your segment" argument can be rather true. I suspect that the largest number of script kiddies, by far, are living out their lives on cable modems.
Do you trust the punk next door? I hope you do... he's probably reading your web-mail and pop3 passwords.
Its certianly not that tough to put a cable modem into permiscuous mode, particularly if it is attached to your computer via USB instead of eithernet.
Repeat after me:
There is *NO* *RATIONAL* assumption of physical plant security when you are using a common carrier.
Cable modems are (within the toggle of one bit) the data equivalant of a good old fashioned party line.
Even better, the dynamic range of a CD is really quite limted. It sounds fine enough but for all practical purposes any signal soft or degenerated enough to be subliminal would probably be muted entirely pressed into the "noise floor" either during encoding or playback. The "oversampling" and similar smoothing would degrade the subliminal track to nothing, and then the amps, speakers crossovers, and shuch would finish the job.
The math says that "subliminal CD" is like "land shark", (Classic Cassette Tapes wouldn't be much better anyway, but they would be a little better mathamagically.)
Just get a nice soundscape CD and convince yourself that it has the subliminal message of your choice.
These store-bought products have mucho magic, it is all, however, printed on the packaging.
I patent the process of playing follow-me follow-you all night at a bar, then, when everybody is loitering around after closing, giving that long and lingering last glance, then smuggly walk ing away while simultaneously telling yourself that you could have had your target any time that night, but you realized hours ago that they were probably beneath you (even though you kept following them for the rest of the night).
(It's good to be the bouncer, the night gets all sorts of ironic when the lights come on. 8-)
It occurs to me that all hosting customers should simply require that their hosting company guarantee that they will pay all the legal expenses should their (the hosting company) IP licensing policies and contracts open the customer to litigation.
That is, if I use your (EV1's) hosting service, you (EV1) will guarantee that none of their agreements with third parties (SCO, Microsoft) will be allowed to show-through to me (the customer).
That is, since they (EV1) own the computers you are using, they (EV1) will bear full responsibility if what I (the customer) do would breach their agreement with the third party (SCO, Microsoft).
That is, if my hosting company promises someone else that their machines will or wont be used in particular ways or to particular ends, that shouldn't be my problem in any way.
See it seems that a real SCO strategy here is that most of EV1s customers have probably signed contracts that bind those customers to EV1s outstanding commitments. There are also probably terms that let EV1 modify those terms as they need to meet their ongoing business model. So by extension, all of EV1's customers have essentially been bound to SCO's terms by extension. A couple of months from (say a month for notification of EV1 to its customer base that their effective terms have change, or for those customers to have legally been able to figure that out for themselves) SCO comes in with double-indirect terms to use against EV1's customers.
e.g. suppose SCO says:
1)You have agreed to comply with EV1's terms and conditions. 2)You have agreed to let EV1 change those terms in certain ways. 3)EV1's contract with us requires them to change those terms, they cannot distribute what they admit is our IP using their facility, you should have known this. 4)We (EV1 and SCO) recognize that kernel as SCO IP. 5)You are therefore contractually obligated to cease in the distribution of that kernel using the hosting hardware. Cease and Desist immediately or face legal action. 6)Further, you may not possess our IP without purchasing your own license. If you wish to continue making/keeping backups of your system image on any non EV1 host (e.g. If you wish to keep backups of your site) you will either have to license our IP or sign this here contract stating that you will let us audit your transfers and backups of data from the EV1 host computers.
Yes, the above is legally all but indefensible. But really so is the All your Code belong to Us action against IBM. It would be classic SCO.
I can imagine SCO giving EV1 the licenses for "one dollar and other consideration" to create this "legal relationship" between SCO and ALL OF EV1's CUSTOMERS, just to create the appearance of legitimacy to future actions against those people.
SCO is a legal tar baby (don't assume racism, look it up 8-) and, to mix the metaphor, EV1 is now hosting an infect-everyone all-STD orgy on their equipment. The GPL isn't viral in exactly the way that modify-on-demand service contracts ARE, and SCO agreements are information technology AIDS-equivalents.
IANAL, but EV1 customers should run like hell. Now YOU have contractual bindings to SCO because you are running your business on a site licensed by SCO, and we know those are the target audience to the suit.
The completely mis-named "preview" pane (in outlook) is a vile pustule on the face of compting. There are plenty of packages that Do The Right Thing(tm) for previewing mail. Eudora (Windows), Kmail (Linux), Mozilla (both) come to mind first, but the list goes on and on.
You see, there is no "pre" to the outlook preview pane. It opens the mail, completely and utterly and actively. This causes it to be a virus and trojan propigating nightmare, and one of the single largest causes of spam.
Consider:
If you havn't turned off the HTML view, you are opening remote web sites when you "preview" your spam. This happens even WHEN YOU RIGHT-CLICK. You might as well be patronizing the spam sites. you are generating IE page hits and triggering web bugs.
Whenever you do anything to any message in outlook you are invoking the active content in that message, that is how the "but I didn't open it" viruses get activated and installed on your box. It happens so fast you might not see it, but it happens. On-view handlers, active icon displays, you are being "careful" not to open this stuff, but that right-click-delete is submarining you.
The "preview" counts as a read. It generates read receipts (sometimes after a delay, your preferences may vary), but when it does those read receipts cary more than you might imagine into the hands of people who are not your friends.
Better yet the mouse-over and hover attacks can alos be triggered if you happen to leave your mouse in just the wrong place while you are arrowing down. How wrong is that?
The outlook preview pane (or should it be pain 8-) is not a feature, it is a bilght on the face of computing because it *SEEMS* harmless but it isn't.
By actively stumping my users at work to disable that monstrosity, I have greatly reduced the amound of spam comming into our site, cut down on the virus infection rate, and saved all the users at the company lots of time.
The rest of the world should not be punished for the actions of those who don't care. Using the outlook preview pane is like using unpatched IIS. It is a public crime. Or at the least it is an "attractive nusance" that is costing real people real time and real money.
Nobody actually deserves to lose their data (that was hyperbole) but how many viruses and trojans do you have to get before you catch on to the fact that you are opening yourself up to smoking ruin in the name of ersatz (sp?) "helpfulness".
There are safe paterns for using outlook.
1) turn off preview pane 2) delete all your spam 3) use normal view (it's exactly the same as "preview" but in a full sized window) 4) push the big candy-like "next" buttion or control-down move between the now-filtered messages.
It will save you hours of heartache, I promise you.
In outlook, when you right click, it opens the email. So lets consider:
RIGHT CLICKING AN EMAIL ENTRY IN THE TOP WINDOW, WILL, IF YOU HAVE THE PREVIEW PANE ACTIVE, GET YOU INFECTED TOOT SWEET.
Step 1: disable preview pane Step 2: delete all your spam Step 3: (if you are a machosist (sp?)) turn preview pane back on.
The reason step three is for the self-abusers is that you might get more mail while you are reading and then you would wander into newly arrived pain (or is that pane) and uglyness.
Remember, the magic 8-ball told the future from way back in the fifties: "outlook not so good".
At work, where I am forced to use Outlook, I don't ever double click on a blasted thing. I am not a mouse addict.
With the preview pane closed I use the arrow keys to move up and down the list, deleting all the spam before I even start reading. Once the list has been thust purified, I go to the first one and press enter.
After that I next and previous to my hearts content.
When I feel I simply *must* preview, I turn it on temporarily.
But honestly, I rarely if ever lay my hand on the mouse when reading mail. IF I am feeling mousish, I will use the next and previous buttons in the opened mail window.
That the html and view-image options are disabled is a given. Unfortunately those don't really apply as many of the trojan/virus things out there will open on "hover" so if you can see the little icon for the attachment and you mouse across it, you may partly open it anyway.
The Outlook GUI is not your friend, but it is best buddy to your enemies. There are so many mouse-related human enginering hacks that a wise user should just learn to use four (kinds of) buttons. Up/Down, Delete, enter, and alt-F4, when reading mail with outlook these are your best friends.
And for god's sake, close the preview pane. It is not convenient enough to justify the risk. If they fixed the core outlook behavior so that right-clicking on the list (top) window didn't open the email the way left-clicking does, then I'd _consider_ letting the smart people use preview pane.
What you do in OS X is immaterial to the discussion, presumably because OS X doesn't launch GUI extensions "on view" (etc) of the attachments of an email message.
In point of fact, everywhere other than work I use Mozilla mail or Kmail (KDE mail agent), as the problem is the use of Outlook. But where I must, I try not to just be another victim.
The answer as to "why should I" for windows apps, is "Because you might want to keep control of your computer". Once you establish that the pitiful soul is trapped in Windows/Office/Explorer land, all the "well on my platform I just..." crap is unhelpful trolling.
For the sake of christ, close your g-d damn outlook preview pane. Yea, you select the email on the main pane just to delete it (yes, even right click) and the preview pane opens the email to preview it.
Anybody who uses the preview pane in outlook deserves to lose their data.
To fix this, just click view->preview pane (to uncheck the box in the menu and make the lower area in the display window go away.)
"it's just this little chromium switch... some people are sooo stupid" -- firesign theater.
There needs to be a kind of Grand Jury for civil actions. Since there is no "the people" side, it would work as follows:
A complaining party goes to the grand jury and gets five minutes to rough out the basis of their complaint.
If the grand jury says it sounds like there is a rational case then the target of the prospective suit is sent the transcript of the presentation as part of the initial filing. About a month after that, the target gets five minutes to rebutt.
"Ammended complaints" must be cleared by a much-more-stringent process than exists today, in particular, the complaint must retain all of the elements presented to the grand jury.
If the grand jury denies your request to sue, you may sue anyway, but you have 100% exposure to all costs by all parties if you lose.
The grand jury may also elect to provide you with council for your position (e.g. endorse and SUPPORT your action).
This jury would have to be made up of 1/2 normal people and 1/2 retired judges. In short it would have to consist of some common sense and legal understanding. The grand jury may/must empanel experts relating to the field of contention. That is, technologists in technology cases, nurses (who are better medical observers than doctors) in medical cases, etc.
Lawyers are strictly prohibited to work on commission (none of those 1/3 of the results contingency terms).
Whichever party pays more for their lawyer(s) has to pay that disparity over again into the public legal fund from which the grand jury pays the provided council. That is, if the first party pays $1,000 for their council, and the second party pays $10,000, then the second party must also pay $9,000 to the civil procedure fund. Similarly, a company that employes a law firm on retainer (etc.), as opposed to hiring lawyers as simple employees, must match those fees and retainers into the fund. This (re)creates a pressure on companies and organizations to manage legal costs and avoid papering-over opponents.
There is more, but essentially, the "legal talent" needs to be made equitable in the financial sense, and there needs to be a "what a jackass" filter at the front end.
[quote] Sliently ignore most rules, and they will be silently re-written so as not to apply to you. [/quote]
The above usually works best, but the below is probably more politically acceptable.
Some time back there was a bunch of postings about security measures that sound like something but do nothing of any value in terms of making anybody more secure, and usually inconvenience everybody. These stellar ideas are hot and bold and bad. They usually come about to address some particularly instance of abbuse commited by some particular person. They are also almost always rescended, sometimes only after that person is fired.
So there is probably someone who is sitting on their butt chatting all day, but since it is *their* phone they can't be gotten for misuse of company facility. Meanwhile their work is probably just good enough to not clearly be sub-standard and their noise-making is annoying the people around them.
There is also a high probability that some part of this issue is the latest panic-craze about people using their "camera phones" to "steal company IP" etc. (Which is a nice new fad and quite popular among the PHBs lately.)
So someone makes a "policy".
So write a memo to whoever your supervisor is that quickly and concisely states the following:
1) you have a particular circumstance that will cause the compnay grief if you comply.
2) you have examined the options and the time-effort-cost ratio to implement the inferior solutions (if any) are unacceptable for some particular reason.
3) that you presume that reasonable provisions for exceptions exist where the company interests are best served.
4) that given the the above circumstances you believe that continuing to use the existing solution is the correct action, so "unless otherwise directed" (and/or "funded") you will continue to use your cell phone as you do today.
This creates several things.
1) you get your way. 2) you have documented that this is not being done behind anybodies back. 3) your *supervisor* gets a degree of plausable deniability, he doesn't have to take any proactive action to give you your way.
Generally this is all you would need to do. And since the entire military lives and dies on "unless otherwise directed" memos, if you are working for a defense contractor or ex-military person, or military-heavy company nobody will even batt and eye.
Either way, as long as you don't flaunt your exception nobody much should care.
The second of tonights lessons:
The truth is that I walked around in jeans and T for years at a company where the president had decided that everybody should wear suit and tie. There was no way I was going to do the physical parts of my IT job (climbing under people's desks and behind server racks) in suit-pants let alone a jacket and tie. There were only two "incidents" over this.
1) "If you dressed that way, and I was your boss, I'd send you home for the day." to which I responded "and I'd go, but I'd be back dressed no different the next day." (This guy was not my supervisor, was in fact nobodies supervisor, and was generally a busybody {which is why he was nobodies supervisor})
2) "How come you dress like that? I should go home and change!" to which I responded "I don't care if they fire me, if you can say the same, dress any way you please." This was the cube-mate of an acquaintance who was feeling dis-empowered and all entitled.
In short, when you step out of company-line for any reason, even a compelling one, heck *especially* a compelling one, you should expect to have the ineffectual middle-management suckups, political marshales, and enfranchisement-challenged to become somewhat inflamed. You should already know how you are going to deal (or not) with these people.
And finally rate your desire to live in that job, where you are presumed untrustworthy (or whatever) .
Didn't EV1 just revoke their own right to use (or at least distribute) Linux? Since they have attached extra provisions to the GPL (which is forbidden) for themsleves, and since they license access to others they are, by extension, acting to add provisions to the GPL for those other persons...
Didn't they just lose their license outright?
Someone should send them 20,000 copyright violation notices.
There is only one voting system where it is impossible to produce a "surprising" outcome. That being literally "one man (wiht) one vote", i.e. a dictatorship. *All* of the other schemes have a mathematical "odd part."
In your summary of the analysis you overlook the fact that in order to suffer a reversal, there still has to be more people who want the republican than the democrat. (etc.) That is, the point of inflection happens *only* *if*, in this scenerio, thre are four party candidates: Republican, Democrat, Republican-lite (libertarian?) and Democrat-lite (Green?). [The *-lite candidates are candidates who are selected as first-vote candidates, with their second-vote going to the non-lite party.]
In order for the Republican to win (in the inferred degenerate case), the number of the Republican and Republican-lite voters must must make up more than 50% of the electorate. The FUD is that IRV is flawed becasue the least-voted-for person in the current iteration becomes the swing-votes for the next iteration. This isn't however, the real flaw.
The Real Flaw(tm) is that IRV degenerates as voters disapear in the runoffs. Lets keep our original candidate pool of R Rl D and Dl but then add a Comunist (spoiler). In the definition of the spoiler here, lets say that S always gets the least votes. In the simplest spoiler scenerio the spoiler-voters only vote for S. After the first iteration the Comunist is removed and we are back to the original model with those votes distributed among the other parties. Seems fair right?
But what if the S voters don't have a second choice? Well then the fact that they voted just disapears from the model. Still fair.
The apparent purturbation happens when, say, the S voters have a second choice of Rl, but don't have a third choice of R. If Rl is still the next eleminated party. You can end up with a situation where the sum of (R + Rl + D + Dl) nets no winner, but when Rl is eleminated you might end up with the total voter pool reduced in size so that R becomes the winner. But for that to be true, the total voters for R must outnumber th total voters for D and Dl.
I call this the "apparent" purturbation because it is only a correct result if all the S voters wouldn't have voted at all if there hadn't been an S party.
That is, R wins with less than 50% of the "original" vote even though they have more than 50% of the surviving vote. This looks like a problem because people start guessing about the "mandate of the people" for those people who got eleminated.
This isn't really a problem, however, if the voter can rank all the candidates. That is, if the voter isn't limited to, say 5 ranked votes in a field of 7 or more candidates, then the "failure to rank" into the final vote is a proper abstain.
It is also proper to discount the abstained voters because if you don't you could easily end up with no result at all.
Only if the IRV rankings are limited to some number less than the size of the field do you end up with really purturbed results.
Another complication arrises with voters who would rank Dl, Rl, then D, for instance, because their second choice (Rl) may never experience the benefit of their second-standing. In particular it appears that, in a change up situation where most/all of the *-lite voters have "the other" *-lite as their second rank, things may seem a little dicy. You get some chaotic cross over that, if you look at the raw numbers seems "surprising."
This is not *really* a problem mathematically, but the whining electroate might see it as unfair.
Still in all, if the voters percieve there to be dominant parties (R and D) and rank their votes all the way up to their perceived dominant party, the system ends up "closest to fair" of the curent alternatives.
The "odd looking" part comes out if you were to sum up the votes "the other way" by adding a tickmark next to each candidate if that candidate appears in any chain of votes. You might find that Rl h
Most game exploits could be stopped outright if every-so-often the well-known memory maps of the active data sets were MD5(ed) and transmitted to the server. As the hit-points and unit-statuses (like the unkillable peon hack for Starcraft) are well-understood by the server the faults can be easily detected and removed.
Remember that most game hacks involve an exterior program that twiddles the in-game parameters after the session is up and running. If the changes were treated as a proper database update journal then things are easy. As the server and the client "play their journal" out at one another a "checksum" operation can be requested and the two memory maps had better match. The errors don't have to be "corrected" after all, they just need to be punished.
This isn't un-crackable but it is un-crackable in psud-realtime. The theoritical cracker would have to have, essentially, a second game engine running to maintian "the image that ough to be there" along with the engine of the real game. Then there would have to be a reconciler of some sort. At a minimum the machine doing the hack would have to be at least three time (yes, oversimplified math 8-) as powerful as the gamer's gaming experience. (That is, if the hacker wants to watch untextured wireframes "kill eachother" at 4 frames a second... he could probably devise a cheat. 8-)
Even so, as the server-side is applying the remote journal some very simple interger checks (c.f. if ((StartingHP + RepairHP) Turns) then EjectCheater(); if ((Pedometer / Turns) > MaxSpeed) then EjectCheater();
Online game hacks almost invariably exploit the kinds of design errors that come from hiring programmers who have only ever programmed games. Simple distributed data integrity checks (and a suspicous mind, and an understanding of why windows programs are never secure) could pretty much cut them down to nill.
(And before anybody starts narfing, I fully understand that, what with the distributed processing model the above math would need "fudge factors" and some adaptability. These too, are techinques that are well understood by people who work with distributed processing and data collection and synchronization tasks understand. Lossy environment and everything. This also wouldn't involve any real CUP hardship if designed correctly. Compared to the time to compute and render a frame, doing an MD5 over the domain of core data every few seconds isn't that hard to schedule. And it wouldn't necessarily have to be even as strong as an MD5. But gawd people, these games arn't even doing a data domain XOR... They don't get to cry over it when people do an exterior memory image patch hack. It's like leaving your car running with the doors open in Flatbush and then whining when it gets stolen. 8-)
I have indeed been in this very circumstance. I was expropriated (nay stolen 8-) from my place by a power-monger and backstabing (expletives deleted) "manager." Nobody who ever left this guy's section, either to another part of the organization or to another carreer, did so without being vilified professionally wounded.
When it came my turn to be sacraficed on this guys alter I took steps to poison his poisionous well with truth and honesty. As his manuvers proceeded I smiply made sure that anybody who cared could see my everything that was happening. This was effective because I was already known as truthful and honest even when it reflected badly on me. (If I'd only started when things had turned bad I would have looked like I was "manuvering.")
I let this guy vilify me all he wanted, all the while I continued to communicate honestly and never withheld my services. He finally started to "blame me for everything" that was going wrong in several projects.
When it came round I publicly refused to sign my performance review. I let him "shout me out" of a department meeting, simply making "one of you is next" eye-contact with each person befor I left.
Finally I left the job.
My revenge was that in the months that followed the people that I left behind were constantly forced to praise what I had done before I left. You know, "good thing Rob made us put extra fiber in the trench to the other building." etc.
His management noticed. By the time he was ready to start sacrificing the next guy, his bosses were wise. They looked back at me, and that raised questions about the guy before me, and so on.
This unsavory character didn't survive my departure by more than a year. It ended more than 20 years of this behavior at that company and sent him to the curb. He had no friends and no professional connections as he'd burnt them all up thinking he was forever safe from his own dupilcity by dint of his position.
Can't say I am sad.
I was in an unwinable position the moment I was pulled into his schemes. I simply opted for the best possible loss. I remained honest. (before I left) I trained my replacement (subordinate) so that he would be ready to take over for me without getting instantly screwed. I helped him train *his* replacement so that he neither of them would get screwed for what happened in that position. I still have friends and contacts from that job. It was the best possible loss. 8-)
Consider the other side: If I'd wanted to become a bully like the boss, I could have held onto the job for a few more years, but every predecessor who tried that just took more damage on departure.
The old saw: you can't cheat an honest man; has more meaning than the cash transaction value.
Slashdot Mirror
Comcast could and should have gone ahead user-runtime-reversably blocked all of the common low service ports (1-1024) a long time ago.
By user-runtime-reversable I mean:
Put up a web page that I can connect to from my served address only, that lets me check-mark the common ports I want to allow in/out/both. And, most importantly, *NOT* change billing or pricing by check-box etc.
The default map would never be changed by users that don't care, and thus zombie-spam would be greatly reduced.
The custom map would be useful for those who do care.
Keying this on the "hostname" a paying customer sends with their DHCP requests, or by IP address and giving out nearly-static leases by default and clearing the map when a lease is lost, would be child's play. It is no harder technologically than dynamic DNS.
It could be instanciated anonymously one day and the only legitamate users who cared would even notice. As long as there was an obvious "so your ports were just locked on a service you were running at home and you don't like that? here's how to open them" link obviously placed on an "expert users" page on the corporate web site everythign would be self-healing.
Of course that implies that they have rationally segmented their network so that the routers can leverage this information in reasonable time.
Eveidence suggests that they have-not so segmented. (You would not *beleive* the amount of cyclic arping across multiple address ranges I see from their servers on my cable modem segment...)
Heck, the simple intelegence-test-effect created by requiring a user to find their own hostname string from inside either their active configuration or their setup invoice would be enough to stop all sorts of shenanagans... 8-)
So anyway Comcast, get a nice firewall box, set up a permiable wall, with a nice default mask, and let users instanciate a private mask if they so desire by visiting their service settings web page.
Not that hard, unless you bought your infrastructure *really* cheap... 8-)
No matter how convoluted the system you propose to "track" this stuff, it will *always* come down to whether you beleive or can trust "the first order contributer".
If we knew where every last keystroke came from, there would still be the "bob is lying, that keystroke didn't come from him, he stole it from his bos/frind/company/disassembly-fo-windows or whatever. Or worse, he typed in the code but he got the idea from watching the wonderful-world-of-Disny while reading Cryptonomicon so Eisner and Stephensen are the inventors and deserve X in consideration.
Many jobs worth doing are only worth doing to a certian standard of completeness. The problem with the porely-named Intellectual Property domain is that, reguardless of whether ideas want to be free or $40 a barrel, the boundary and origin of all ideas is undocumented-bastardary at best.
All works of any creative mind are, at least in part, stolen from the fertile field of experience.
There is no fixing that, and the supposition that all the progenitors of what came before do *NOT*, a-prioria, deserve recognition and a stake.
Turning the provenance of each line of code into a preverse kind of Oscal(tm) acceptance speach *still* wont insure that someone isn't slighted somewhere.
"I'd like to thank the academy, and my third grade comp-sci teacher for this for-loop, without them I would have never understood that pre-increment saves a temporary. And of course a shout-out to the CPU manufacturer, without whom I'd have never had a chance at direct increment of non-register memory. And of course my Mom, who never let me leave the table without eating all my peas; if it weren't for her I'd have never learned the value of bounds-checking in the completion of a problem domian. I know I'm forgetting someone, but you have all been so wonderful..." -- Rob White, Linux Kernel 6.2 Changelog for kernel.c line 722.
NOTE: The Above attribution is Under Dispute from the GCC board of optimizers for failure to credit the optimizing community's efforts in envisioning the need for loop unroling and the value of peep-hole allocation of registers...
Really, how bad does "intellectual property" have to get before people get it into their heads that the Founding Fathers *DID* understand that you cannot own an idea. The absence of computer science from their accumen doesn't mean that these topics are sacrocant, wholly new, and innumerable to that prior understanding.
Clue please people...
The company will get compaints from the normal lusers when they see that some of their contacts clearly have read the message (because, for instance, they replied to them) but there was no confirmation (because their track-ee has images blocked.)
/sigh... 8-)
It's just dot-bomb nonsense.
Besides, how soon will it be before someone figures out that mid-relay tracking for spam (you know, this came through butt-heads-R-us, we will reject it) plus intrusive crap == nobody is reading any of my mail at destination-X
And the web-bug does nothing to tell "how long" a user looked at your mail unless the very next mail message is also bugged, and unless the target user never opens more than one message at a time. (e.g. people who only read their mail in the outlook preview pane.)
"Gee, he really loved that joke." beting the response to clikcing on next-message and going home.
As an author and software engineer I understand a lot of the concerns surrounding copyright, trademark, and patent law. Since you might be under a flood of feedback for your institution's position just now, I will attempt to be susinct.
The DMCA essentially assures that your work will die with the technology under which you released it. That is the express purpose of the law. Were this the case before today, the great artists of the past would be lost to us. A. Adams work would be unknown and probably wouldn't have enven been done, since the techniques developed by Kodak and Eastman and such would have died in secret with their developers.
Even as you read this message, the great motion pictures of the twenties, thirties, and forties are turning into dust as the celuloid they are printed on breaks down. These movies cannot be copied because massively extended copyrights cannot be cleared. The loss of movie history is purpitrated on us all by the MPAA, the supposed custodians of film, in a desprate attempt to make sure that you can only buy a dvd player from someone who has paid them a license fee. I know, it seems like a stretch, but it is true if you look beneath behind the retoric.
Consider this, the DMCA makes it illegal to even try own the tools necessary to get a photograph off of a Picture CD(tm). That seems like fine business today. But ten years from now, when Kodak decides to stop supporting this format, what happens to your work? Nothing at first, I suppose. But ten years later, when nobody hast the reader and nobody has the tools, your pictures are trapped. And when the disk itself oxidizes in 25 years?...
If things carry on as they are, in thirty years or so, You yourself won't even be able to compile a retrospective of your own work.
Your legacy will be gone.
How sad would it be if our entire culture only harkened back to the eighties?
This is the empty legacy of closed copy-protected technologies. It is the legacy of eating the chicken today instead of having a lifetime of eggs.
Support what you want, but understand the cost.
Robert white,
Newcastle, WA.
It seems to me that these fees aren't all bad. The tax seems (big disclaimer there) to be computed on the "plan cost" and by moving the recovery fees into a non-taxable line item they should be saving the customers a slight amount of money over the total bill that would be paid if it was just the fee and the tax.
This is the opposite of the "rebate" where you pay sales tax on the whole ammount for the privelege of getting $100 back in the mail next quarter.
I could be wrong.
It depends on how the math is done.
The one thing that I found truely unplesant on my 5600, and which religates it to occasional poking instead of regular use, is the complete abscence of a keyboard-accessible way to pipe.
There just isnt a "|" on the dang keyboard. It is very annoying to have to pop up a graphical keyboard thing whenever you want to "|less" something...
Clearly the marketroids didn't ask the linux people before telling the engineers what to put on the thing.
Function Z is unassigned even, and there is clearly some multi-mapping possible (look at the euro and pound-sterling symbols ganged up with the 3 and 4 respectively) so something could be done.
But they are dumb about their linux-geek following.
Considering that blockbuster movies make "no money" and the whole idea falls apart. Production accountancy is the last, greatest legal lie.
The fact of the matter is that the answer is to roll back the bull, get rid of software patents, reduce copyright to the original lengths, get the corporations out of the legislation business...
And then mabye lynch them for being butt-heads. 8-)
... YOUR MONEY
Doing these things honestly and functionally isn't all that difficult.
For instance, my company makes a sweet little device that, among other things, has a bunch of FPGAs (Field Programmable Gate Arrays). There is some language (I have never seen) that creates, via a source file (I will never possess) and a compiler (we license for a nut), to create a byte-stream (I have sitting around in a file) that gives the FPGAs their personality.
When my boss came in and started whining about the GPL I pointed out that the three modules were GPL-able and that distributing them under the GPL was about as "wanton with our intellectual property" as sunday school.
The drivers are just not that interesting. From one (the one that loads the FPGA images) you could learn how to copy a byte string into a single register. e.g. "for (int counter = 0; counter image_size; ++counter) { *FPGA_Personality_Register = image_buffer[counter]; }"
Oh yea, there is a lot of boiler-plate around this, and I actually do that inside a fpgaflash_write() etc. But this is *not* rocket science.
In point of fact, virtually all of the "Intellectual Property Issues" people have with respect to software are, frankly, crap.
A bunch of people doing a lot of truely marginal work have created a mythology of value. Somehow the way _*THEY*_ increment an integer is so much more fascinating than the way the rest of us do it. "But Boss," they say, "if everybody out there figures out that we put *our* serial uart at 0x2df instead of 0x2f0 then nobody will need us any more."
Bull.
If you provide a good product at a reasonable rate then people will pay you for it.
Every year I spend $20 to $50 to pay my taxes with one or another tax prepration software product. I do this *despite* the fact that all the forms and things are there and (obfuscated 8-) open source. (And I actually buy the software instead of pirate it, since to steal software when that is how I make my living would be hypocritical.)
The only people who have to worry about Open Source are the people who make crappy software.
Trust me, nobody wants your job. Nobody wants sneak in and rewrite comercial drivers *IF* *THEY* *WORK*. Nobody cares about your "proprietary register mapping" *IF* *IT* *WORKS*. The people who are going to make a nockoff of your board are just going to trace out your hardware if they want to clone it, and its is going to take them how long to disassemble your Windows driver to make their compatable device?
Gee, if they want to compete, they could just make their clone to one of the already-existing drivers they have source too anyway.
There is *NOTHING* *OF* *VALUE* in your drivers. Really. Get over yourselves and start harvesting all that free money by making a product and having the OS community improve your products' drivers for free.
It boggles the mind that people like nVidia and ATI want to keep their drivers closed when their real value is in the chipsets themselves. Everybody knows how Direct-X and OpenGL is going to present the data at that level. Why do they even *care* if someone knows that the data buffers are reformatted and their addresses are crammed into a doorbell register at a particular address. Do they think we can't possibly fathom the concept of laying out data and putting addresses into doorbell registers? Do they expect us to be supprised when it turns out that the eight hardware rendering pipelines they brag about on the box are backed up by eight separate linked lists (or whatever) in the driver?
And you just know that on the flip side, there is someone at each of these companies trying to outsource the driver development even as the first team of idiots are jealously garding their source code.
Back to the example, all the "value" in our product is in the complex and subtle control of state *below* the driver in the hardware, and in the complex and robust interractions of the applications and protocols
Die In A Fire
And so should each of their executives separately or all together.
People who just want to rub strangers together in the hopes that money will fall out are the kinds of parasties on humantiy that really need to exit the gene-pool.
Those who are proud of their position and goals in this respect need to willfully, and of their own violation, seek and recover the clearly present and valuable "gold like substance that marketers insist will be good for the economy" from within the heart of any really nice hot flame. They do, after all, seem to so enjoy the heat and entropy they try to extract from anything useful that comes near them.
They should do this dressed only in a festive goat skin, or perhaps the flesh of their offspring, equipped with only a cheap aluminium spoon.
First one out with a full jar of plasma gets an executive bonus, a writeup in CIO magazine, and a seat on a board of directors...
Moreso, Linux doesn't accept "John Doe" contributions. If microsoft, or any of its agents, were to contribute code, or cause code to be contributed, to Linux it would be demonstrable that the inclusion of the code was proper.
If someone did it on their own, then as soon as Microsoft did what SCO didn't, that being identify the code, it would removed and replaced.
I Microsoft instead did what SCO did, and not identify the code, then they have failed to even attempt to mitigate their damages, and any copyright case falls apart.
The act of distribution obviates any Trade Secret, so there would be nothing to sue about there, except legal action against "John Doe".
And Patent issues exist or not independent of who provided what, which is why software patents are bad. It would be more valid for microsoft to take patents against things they know are going to be in Linux and then use that to club people over the head. Fortunately Linux has people like IBM who want to use it and have more patents. (But this is the one-paragraph proof that software patents are bad for everbody, so I'l let it go at that.)
In essence, you must remember, that "you cannot cheat an honest man."
For all that the "but they have to be on your segment" argument can be rather true. I suspect that the largest number of script kiddies, by far, are living out their lives on cable modems.
Do you trust the punk next door? I hope you do... he's probably reading your web-mail and pop3 passwords.
Its certianly not that tough to put a cable modem into permiscuous mode, particularly if it is attached to your computer via USB instead of eithernet.
Repeat after me:
There is *NO* *RATIONAL* assumption of physical plant security when you are using a common carrier.
Cable modems are (within the toggle of one bit) the data equivalant of a good old fashioned party line.
Even better, the dynamic range of a CD is really quite limted. It sounds fine enough but for all practical purposes any signal soft or degenerated enough to be subliminal would probably be muted entirely pressed into the "noise floor" either during encoding or playback. The "oversampling" and similar smoothing would degrade the subliminal track to nothing, and then the amps, speakers crossovers, and shuch would finish the job.
The math says that "subliminal CD" is like "land shark", (Classic Cassette Tapes wouldn't be much better anyway, but they would be a little better mathamagically.)
Just get a nice soundscape CD and convince yourself that it has the subliminal message of your choice.
These store-bought products have mucho magic, it is all, however, printed on the packaging.
I patent the process of playing follow-me follow-you all night at a bar, then, when everybody is loitering around after closing, giving that long and lingering last glance, then smuggly walk ing away while simultaneously telling yourself that you could have had your target any time that night, but you realized hours ago that they were probably beneath you (even though you kept following them for the rest of the night).
(It's good to be the bouncer, the night gets all sorts of ironic when the lights come on. 8-)
It occurs to me that all hosting customers should simply require that their hosting company guarantee that they will pay all the legal expenses should their (the hosting company) IP licensing policies and contracts open the customer to litigation.
That is, if I use your (EV1's) hosting service, you (EV1) will guarantee that none of their agreements with third parties (SCO, Microsoft) will be allowed to show-through to me (the customer).
That is, since they (EV1) own the computers you are using, they (EV1) will bear full responsibility if what I (the customer) do would breach their agreement with the third party (SCO, Microsoft).
That is, if my hosting company promises someone else that their machines will or wont be used in particular ways or to particular ends, that shouldn't be my problem in any way.
See it seems that a real SCO strategy here is that most of EV1s customers have probably signed contracts that bind those customers to EV1s outstanding commitments. There are also probably terms that let EV1 modify those terms as they need to meet their ongoing business model. So by extension, all of EV1's customers have essentially been bound to SCO's terms by extension. A couple of months from (say a month for notification of EV1 to its customer base that their effective terms have change, or for those customers to have legally been able to figure that out for themselves) SCO comes in with double-indirect terms to use against EV1's customers.
e.g. suppose SCO says:
1)You have agreed to comply with EV1's terms and conditions.
2)You have agreed to let EV1 change those terms in certain ways.
3)EV1's contract with us requires them to change those terms, they cannot distribute what they admit is our IP using their facility, you should have known this.
4)We (EV1 and SCO) recognize that kernel as SCO IP.
5)You are therefore contractually obligated to cease in the distribution of that kernel using the hosting hardware. Cease and Desist immediately or face legal action.
6)Further, you may not possess our IP without purchasing your own license. If you wish to continue making/keeping backups of your system image on any non EV1 host (e.g. If you wish to keep backups of your site) you will either have to license our IP or sign this here contract stating that you will let us audit your transfers and backups of data from the EV1 host computers.
Yes, the above is legally all but indefensible. But really so is the All your Code belong to Us action against IBM. It would be classic SCO.
I can imagine SCO giving EV1 the licenses for "one dollar and other consideration" to create this "legal relationship" between SCO and ALL OF EV1's CUSTOMERS, just to create the appearance of legitimacy to future actions against those people.
SCO is a legal tar baby (don't assume racism, look it up 8-) and, to mix the metaphor, EV1 is now hosting an infect-everyone all-STD orgy on their equipment. The GPL isn't viral in exactly the way that modify-on-demand service contracts ARE, and SCO agreements are information technology AIDS-equivalents.
IANAL, but EV1 customers should run like hell. Now YOU have contractual bindings to SCO because you are running your business on a site licensed by SCO, and we know those are the target audience to the suit.
So it was a little over stated.
The completely mis-named "preview" pane (in outlook) is a vile pustule on the face of compting. There are plenty of packages that Do The Right Thing(tm) for previewing mail. Eudora (Windows), Kmail (Linux), Mozilla (both) come to mind first, but the list goes on and on.
You see, there is no "pre" to the outlook preview pane. It opens the mail, completely and utterly and actively. This causes it to be a virus and trojan propigating nightmare, and one of the single largest causes of spam.
Consider:
If you havn't turned off the HTML view, you are opening remote web sites when you "preview" your spam. This happens even WHEN YOU RIGHT-CLICK. You might as well be patronizing the spam sites. you are generating IE page hits and triggering web bugs.
Whenever you do anything to any message in outlook you are invoking the active content in that message, that is how the "but I didn't open it" viruses get activated and installed on your box. It happens so fast you might not see it, but it happens. On-view handlers, active icon displays, you are being "careful" not to open this stuff, but that right-click-delete is submarining you.
The "preview" counts as a read. It generates read receipts (sometimes after a delay, your preferences may vary), but when it does those read receipts cary more than you might imagine into the hands of people who are not your friends.
Better yet the mouse-over and hover attacks can alos be triggered if you happen to leave your mouse in just the wrong place while you are arrowing down. How wrong is that?
The outlook preview pane (or should it be pain 8-) is not a feature, it is a bilght on the face of computing because it *SEEMS* harmless but it isn't.
By actively stumping my users at work to disable that monstrosity, I have greatly reduced the amound of spam comming into our site, cut down on the virus infection rate, and saved all the users at the company lots of time.
The rest of the world should not be punished for the actions of those who don't care. Using the outlook preview pane is like using unpatched IIS. It is a public crime. Or at the least it is an "attractive nusance" that is costing real people real time and real money.
Nobody actually deserves to lose their data (that was hyperbole) but how many viruses and trojans do you have to get before you catch on to the fact that you are opening yourself up to smoking ruin in the name of ersatz (sp?) "helpfulness".
There are safe paterns for using outlook.
1) turn off preview pane
2) delete all your spam
3) use normal view (it's exactly the same as "preview" but in a full sized window)
4) push the big candy-like "next" buttion or control-down move between the now-filtered messages.
It will save you hours of heartache, I promise you.
Or just keep suffering.
In outlook, when you right click, it opens the email. So lets consider:
RIGHT CLICKING AN EMAIL ENTRY IN THE TOP WINDOW, WILL, IF YOU HAVE THE PREVIEW PANE ACTIVE, GET YOU INFECTED TOOT SWEET.
Step 1: disable preview pane
Step 2: delete all your spam
Step 3: (if you are a machosist (sp?)) turn preview pane back on.
The reason step three is for the self-abusers is that you might get more mail while you are reading and then you would wander into newly arrived pain (or is that pane) and uglyness.
Remember, the magic 8-ball told the future from way back in the fifties: "outlook not so good".
At work, where I am forced to use Outlook, I don't ever double click on a blasted thing. I am not a mouse addict.
With the preview pane closed I use the arrow keys to move up and down the list, deleting all the spam before I even start reading. Once the list has been thust purified, I go to the first one and press enter.
After that I next and previous to my hearts content.
When I feel I simply *must* preview, I turn it on temporarily.
But honestly, I rarely if ever lay my hand on the mouse when reading mail. IF I am feeling mousish, I will use the next and previous buttons in the opened mail window.
That the html and view-image options are disabled is a given. Unfortunately those don't really apply as many of the trojan/virus things out there will open on "hover" so if you can see the little icon for the attachment and you mouse across it, you may partly open it anyway.
The Outlook GUI is not your friend, but it is best buddy to your enemies. There are so many mouse-related human enginering hacks that a wise user should just learn to use four (kinds of) buttons. Up/Down, Delete, enter, and alt-F4, when reading mail with outlook these are your best friends.
And for god's sake, close the preview pane. It is not convenient enough to justify the risk. If they fixed the core outlook behavior so that right-clicking on the list (top) window didn't open the email the way left-clicking does, then I'd _consider_ letting the smart people use preview pane.
What you do in OS X is immaterial to the discussion, presumably because OS X doesn't launch GUI extensions "on view" (etc) of the attachments of an email message.
In point of fact, everywhere other than work I use Mozilla mail or Kmail (KDE mail agent), as the problem is the use of Outlook. But where I must, I try not to just be another victim.
The answer as to "why should I" for windows apps, is "Because you might want to keep control of your computer". Once you establish that the pitiful soul is trapped in Windows/Office/Explorer land, all the "well on my platform I just..." crap is unhelpful trolling.
For the sake of christ, close your g-d damn outlook preview pane. Yea, you select the email on the main pane just to delete it (yes, even right click) and the preview pane opens the email to preview it.
Anybody who uses the preview pane in outlook deserves to lose their data.
To fix this, just click view->preview pane (to uncheck the box in the menu and make the lower area in the display window go away.)
"it's just this little chromium switch... some people are sooo stupid" -- firesign theater.
There needs to be a kind of Grand Jury for civil actions. Since there is no "the people" side, it would work as follows:
A complaining party goes to the grand jury and gets five minutes to rough out the basis of their complaint.
If the grand jury says it sounds like there is a rational case then the target of the prospective suit is sent the transcript of the presentation as part of the initial filing. About a month after that, the target gets five minutes to rebutt.
"Ammended complaints" must be cleared by a much-more-stringent process than exists today, in particular, the complaint must retain all of the elements presented to the grand jury.
If the grand jury denies your request to sue, you may sue anyway, but you have 100% exposure to all costs by all parties if you lose.
The grand jury may also elect to provide you with council for your position (e.g. endorse and SUPPORT your action).
This jury would have to be made up of 1/2 normal people and 1/2 retired judges. In short it would have to consist of some common sense and legal understanding. The grand jury may/must empanel experts relating to the field of contention. That is, technologists in technology cases, nurses (who are better medical observers than doctors) in medical cases, etc.
Lawyers are strictly prohibited to work on commission (none of those 1/3 of the results contingency terms).
Whichever party pays more for their lawyer(s) has to pay that disparity over again into the public legal fund from which the grand jury pays the provided council. That is, if the first party pays $1,000 for their council, and the second party pays $10,000, then the second party must also pay $9,000 to the civil procedure fund. Similarly, a company that employes a law firm on retainer (etc.), as opposed to hiring lawyers as simple employees, must match those fees and retainers into the fund. This (re)creates a pressure on companies and organizations to manage legal costs and avoid papering-over opponents.
There is more, but essentially, the "legal talent" needs to be made equitable in the financial sense, and there needs to be a "what a jackass" filter at the front end.
[quote]
Sliently ignore most rules, and they will be silently re-written so as not to apply to you.
[/quote]
The above usually works best, but the below is probably more politically acceptable.
Some time back there was a bunch of postings about security measures that sound like something but do nothing of any value in terms of making anybody more secure, and usually inconvenience everybody. These stellar ideas are hot and bold and bad. They usually come about to address some particularly instance of abbuse commited by some particular person. They are also almost always rescended, sometimes only after that person is fired.
So there is probably someone who is sitting on their butt chatting all day, but since it is *their* phone they can't be gotten for misuse of company facility. Meanwhile their work is probably just good enough to not clearly be sub-standard and their noise-making is annoying the people around them.
There is also a high probability that some part of this issue is the latest panic-craze about people using their "camera phones" to "steal company IP" etc. (Which is a nice new fad and quite popular among the PHBs lately.)
So someone makes a "policy".
So write a memo to whoever your supervisor is that quickly and concisely states the following:
1) you have a particular circumstance that will cause the compnay grief if you comply.
2) you have examined the options and the time-effort-cost ratio to implement the inferior solutions (if any) are unacceptable for some particular reason.
3) that you presume that reasonable provisions for exceptions exist where the company interests are best served.
4) that given the the above circumstances you believe that continuing to use the existing solution is the correct action, so "unless otherwise directed" (and/or "funded") you will continue to use your cell phone as you do today.
This creates several things.
1) you get your way.
2) you have documented that this is not being done behind anybodies back.
3) your *supervisor* gets a degree of plausable deniability, he doesn't have to take any proactive action to give you your way.
Generally this is all you would need to do. And since the entire military lives and dies on "unless otherwise directed" memos, if you are working for a defense contractor or ex-military person, or military-heavy company nobody will even batt and eye.
Either way, as long as you don't flaunt your exception nobody much should care.
The second of tonights lessons:
The truth is that I walked around in jeans and T for years at a company where the president had decided that everybody should wear suit and tie. There was no way I was going to do the physical parts of my IT job (climbing under people's desks and behind server racks) in suit-pants let alone a jacket and tie. There were only two "incidents" over this.
1) "If you dressed that way, and I was your boss, I'd send you home for the day." to which I responded "and I'd go, but I'd be back dressed no different the next day." (This guy was not my supervisor, was in fact nobodies supervisor, and was generally a busybody {which is why he was nobodies supervisor})
2) "How come you dress like that? I should go home and change!" to which I responded "I don't care if they fire me, if you can say the same, dress any way you please." This was the cube-mate of an acquaintance who was feeling dis-empowered and all entitled.
In short, when you step out of company-line for any reason, even a compelling one, heck *especially* a compelling one, you should expect to have the ineffectual middle-management suckups, political marshales, and enfranchisement-challenged to become somewhat inflamed. You should already know how you are going to deal (or not) with these people.
And finally rate your desire to live in that job, where you are presumed untrustworthy (or whatever) .
Didn't EV1 just revoke their own right to use (or at least distribute) Linux? Since they have attached extra provisions to the GPL (which is forbidden) for themsleves, and since they license access to others they are, by extension, acting to add provisions to the GPL for those other persons...
Didn't they just lose their license outright?
Someone should send them 20,000 copyright violation notices.
{Little Explosive Icon}
This program has not been signed by Microsoft!
It may be a virus...
{Why Microsoft Signing is important link}
(Button "Delete") (Button "Cancel" that ends whole virus scan) (Button "Invite Auditor")
There is only one voting system where it is impossible to produce a "surprising" outcome. That being literally "one man (wiht) one vote", i.e. a dictatorship. *All* of the other schemes have a mathematical "odd part."
In your summary of the analysis you overlook the fact that in order to suffer a reversal, there still has to be more people who want the republican than the democrat. (etc.) That is, the point of inflection happens *only* *if*, in this scenerio, thre are four party candidates: Republican, Democrat, Republican-lite (libertarian?) and Democrat-lite (Green?). [The *-lite candidates are candidates who are selected as first-vote candidates, with their second-vote going to the non-lite party.]
In order for the Republican to win (in the inferred degenerate case), the number of the Republican and Republican-lite voters must must make up more than 50% of the electorate. The FUD is that IRV is flawed becasue the least-voted-for person in the current iteration becomes the swing-votes for the next iteration. This isn't however, the real flaw.
The Real Flaw(tm) is that IRV degenerates as voters disapear in the runoffs. Lets keep our original candidate pool of R Rl D and Dl but then add a Comunist (spoiler). In the definition of the spoiler here, lets say that S always gets the least votes. In the simplest spoiler scenerio the spoiler-voters only vote for S. After the first iteration the Comunist is removed and we are back to the original model with those votes distributed among the other parties. Seems fair right?
But what if the S voters don't have a second choice? Well then the fact that they voted just disapears from the model. Still fair.
The apparent purturbation happens when, say, the S voters have a second choice of Rl, but don't have a third choice of R. If Rl is still the next eleminated party. You can end up with a situation where the sum of (R + Rl + D + Dl) nets no winner, but when Rl is eleminated you might end up with the total voter pool reduced in size so that R becomes the winner. But for that to be true, the total voters for R must outnumber th total voters for D and Dl.
I call this the "apparent" purturbation because it is only a correct result if all the S voters wouldn't have voted at all if there hadn't been an S party.
That is, R wins with less than 50% of the "original" vote even though they have more than 50% of the surviving vote. This looks like a problem because people start guessing about the "mandate of the people" for those people who got eleminated.
This isn't really a problem, however, if the voter can rank all the candidates. That is, if the voter isn't limited to, say 5 ranked votes in a field of 7 or more candidates, then the "failure to rank" into the final vote is a proper abstain.
It is also proper to discount the abstained voters because if you don't you could easily end up with no result at all.
Only if the IRV rankings are limited to some number less than the size of the field do you end up with really purturbed results.
Another complication arrises with voters who would rank Dl, Rl, then D, for instance, because their second choice (Rl) may never experience the benefit of their second-standing. In particular it appears that, in a change up situation where most/all of the *-lite voters have "the other" *-lite as their second rank, things may seem a little dicy. You get some chaotic cross over that, if you look at the raw numbers seems "surprising."
This is not *really* a problem mathematically, but the whining electroate might see it as unfair.
Still in all, if the voters percieve there to be dominant parties (R and D) and rank their votes all the way up to their perceived dominant party, the system ends up "closest to fair" of the curent alternatives.
The "odd looking" part comes out if you were to sum up the votes "the other way" by adding a tickmark next to each candidate if that candidate appears in any chain of votes. You might find that Rl h
Most game exploits could be stopped outright if every-so-often the well-known memory maps of the active data sets were MD5(ed) and transmitted to the server. As the hit-points and unit-statuses (like the unkillable peon hack for Starcraft) are well-understood by the server the faults can be easily detected and removed.
Remember that most game hacks involve an exterior program that twiddles the in-game parameters after the session is up and running. If the changes were treated as a proper database update journal then things are easy. As the server and the client "play their journal" out at one another a "checksum" operation can be requested and the two memory maps had better match. The errors don't have to be "corrected" after all, they just need to be punished.
This isn't un-crackable but it is un-crackable in psud-realtime. The theoritical cracker would have to have, essentially, a second game engine running to maintian "the image that ough to be there" along with the engine of the real game. Then there would have to be a reconciler of some sort. At a minimum the machine doing the hack would have to be at least three time (yes, oversimplified math 8-) as powerful as the gamer's gaming experience. (That is, if the hacker wants to watch untextured wireframes "kill eachother" at 4 frames a second... he could probably devise a cheat. 8-)
Even so, as the server-side is applying the remote journal some very simple interger checks (c.f. if ((StartingHP + RepairHP) Turns) then EjectCheater(); if ((Pedometer / Turns) > MaxSpeed) then EjectCheater();
Online game hacks almost invariably exploit the kinds of design errors that come from hiring programmers who have only ever programmed games. Simple distributed data integrity checks (and a suspicous mind, and an understanding of why windows programs are never secure) could pretty much cut them down to nill.
(And before anybody starts narfing, I fully understand that, what with the distributed processing model the above math would need "fudge factors" and some adaptability. These too, are techinques that are well understood by people who work with distributed processing and data collection and synchronization tasks understand. Lossy environment and everything. This also wouldn't involve any real CUP hardship if designed correctly. Compared to the time to compute and render a frame, doing an MD5 over the domain of core data every few seconds isn't that hard to schedule. And it wouldn't necessarily have to be even as strong as an MD5. But gawd people, these games arn't even doing a data domain XOR... They don't get to cry over it when people do an exterior memory image patch hack. It's like leaving your car running with the doors open in Flatbush and then whining when it gets stolen. 8-)
I have indeed been in this very circumstance. I was expropriated (nay stolen 8-) from my place by a power-monger and backstabing (expletives deleted) "manager." Nobody who ever left this guy's section, either to another part of the organization or to another carreer, did so without being vilified professionally wounded.
When it came my turn to be sacraficed on this guys alter I took steps to poison his poisionous well with truth and honesty. As his manuvers proceeded I smiply made sure that anybody who cared could see my everything that was happening. This was effective because I was already known as truthful and honest even when it reflected badly on me. (If I'd only started when things had turned bad I would have looked like I was "manuvering.")
I let this guy vilify me all he wanted, all the while I continued to communicate honestly and never withheld my services. He finally started to "blame me for everything" that was going wrong in several projects.
When it came round I publicly refused to sign my performance review. I let him "shout me out" of a department meeting, simply making "one of you is next" eye-contact with each person befor I left.
Finally I left the job.
My revenge was that in the months that followed the people that I left behind were constantly forced to praise what I had done before I left. You know, "good thing Rob made us put extra fiber in the trench to the other building." etc.
His management noticed. By the time he was ready to start sacrificing the next guy, his bosses were wise. They looked back at me, and that raised questions about the guy before me, and so on.
This unsavory character didn't survive my departure by more than a year. It ended more than 20 years of this behavior at that company and sent him to the curb. He had no friends and no professional connections as he'd burnt them all up thinking he was forever safe from his own dupilcity by dint of his position.
Can't say I am sad.
I was in an unwinable position the moment I was pulled into his schemes. I simply opted for the best possible loss. I remained honest. (before I left) I trained my replacement (subordinate) so that he would be ready to take over for me without getting instantly screwed. I helped him train *his* replacement so that he neither of them would get screwed for what happened in that position. I still have friends and contacts from that job. It was the best possible loss. 8-)
Consider the other side: If I'd wanted to become a bully like the boss, I could have held onto the job for a few more years, but every predecessor who tried that just took more damage on departure.
The old saw: you can't cheat an honest man; has more meaning than the cash transaction value.