I think the sign of a good piece of code is that it accomplishes it's goal with a minimum of code. I think a good way to measure this would be to track the rate at which a programmer increases the features to code ratio. Whoever does this faster is the better programmer.
Still another problem is the short term variations in this ratio. All propgrammers bark up the wrong tree from time to time. Therefore, it only seems reasonable to check the programmer's productivity on a weekly basis, if not less even often.
Anyway, at my company, we get along fine without ever reviewing the programmers. We are all just expected to produce good code in a timely manner. We don't set rigid deadlines, and we get bonuses for all of the projects we complete, with more money for bigger projects. Programmer productivity seems to be a fairly useless metric.
When I was traveling through MSP this December, I fired up my Mac to set up a Airport network with my brother's Mac, peer-to-peer style. I happened to notice the Airport's network ID in the Airport menu, and selected it. Everything worked automatically through DHCP, except, I didn't get a router address. So, not having any packet sniffers, I gave up on that idea.
Anyway, I'm sorry that last paragraph was so confusing. I guess assigning another meaning to the word Airport wasn't so smart on Apple's part.
That means that only one company will be enforcing DRM.
Let us think about what that means. First, I assume by 'one company,' you really mean 'one operating system family.' Second, you're assuming that it will remain legal to have a non-DRM operating system. This may not continue to be the case; there is no legislation that bans non-DRM operating systems currently, but such legislation has been proposed in the past. Further, the media lobying efforts are heavily directed to getting such legislation.
Regarding the current congress and administation, there is cause for concern. It is likely that a law requiring a DRM compliant operating system would get passed, especially if it can be presented as an economic aid. The source of the worry is that Microsoft will certainly not license this "technology" to any other operating system authors. The inevitable patent battle means the world will end up with a total, unadulterated Microsoft operating system monopoly. This monopoly could be levered into all areas of software; cell phones, PDAs, routers, firewalls, basically any computing environment which can operate on the Internet.
I think that any species we would be interested in talking to us would be naturally curious about the weird bleeps and bloops we might send them. They would hopefully look for a pattern, which I think is pretty clear. Don't tell me that the sequence of numbers 2, 3, 5, 7, 11, 13, 17... wouldn't make you you think.
By the way, an Air Marshal is equiped with a special hand gun that will likely not pierce the skin of the aircraft, especially if it is not a direct hit. Your standard.45 will go through the terrorist, go through their neighbor's computer, go through the skin of the air craft and get lodged in the engine (if you're unlucky.) The passengers may have good intensions when firing upon a terrorist, but an aircraft is not a firing range.
Oh, and the second amendment concerns the right of people to defend themselves, either agains American Indians (when it was written,) foreign invaders, or even our own government. You do not transport militias with civilian aircraft, however, so restricting their use on an aircraft does not fall under the second ammendment, as it does not restrict the right of people to raise a militia.
While you may have good intensions for promoting the idea of allowing concealed weapons on air craft, don't you think that it would be dangerous; sure, the citizens could stop the terrorist, but now the terrorist can use a flight attendant as a hostage at gunpoint. All they have to do is sit in first class. Or what about mentally disadvantaged people (like the one that stormed the cockpit of a flight a couple of weeks ago.) Watch a program on "Air Rage" one day.
The problem was, the security wasn't there. Many of these people were on wanted lists of one sort or another, but the FBI didn't have the resources and intelegence to investigate and apprehend these people. They certainly will now.
Certainly the government can't protect us from everything, but they have proven themselves to be capable of handling hijackings. In the sixties, we had a number of hijackings. While these were cast from the release-my-brother-in-arms-from-prision mold, it was agreed that this had to stop. The Air Marshall program was created to end the threat of hijackings. However, I don't think that as of September 11, 2001, there were any Air Marshalls on any domestic flights in the US on active duty. The Air Marshalls are deployed on international flights. I tend to believe that their presence on domestic flights be as successful as their presence on international flights.
That being said, where did you hear that there was a marshall on one of those flights who had his weapon taken away from him? This is hard to believe because they are not uniformed, and the airline employees don't even know their identity; they buy their tickets just like everyboody else.
The Office of Homeland Defense is not another KGB or Stasi. In fact, it's not even a real bureaucracy, it's a coordinating Cabinet position that oversees the anti-terrorist activities of many agencies, like the NSA, CIA, FBI and the Armed Forces. While it may become a huge bureaucracy, it's not intended to be.
And finally, how are you going to protect yourself from a plane flying toward your office building at 600 mph? Raise a militia?
Ok, so what's the big deal? My company has an intranet to keep the unwanted away from our sacred data. What's wrong with government doing this? How does this make them "above the people"?
I most certainly hope they do not use 802.11b. Since there is a known exploit, it would be absurd to even consider 802.11b as it exists currently. While 802.11b is a fine standard, WEP, the encryption which "protects" the transmissions, is terribly weak. 802.11b could be modified to use a different encryption protocol, but that would not interoperate with existing hardware manufacturers. Given that, it is unlikely that manufacturers will update the protocol on their own.
Some people will doubtless think that 802.11b is still an attractive protocol. These people might argue that people won't be sniffing wireless ethernets anytime soon, as the exploit requires a high degree of technical proficiency. However, it only requires one person to discover a network's password.
So, I am totally against any move anywhere which entrusts the public's data to a broken standard like 802.11b with WEP. I think it is important to convince people of WEP's almost total lack of value.
Help convince people not to trust 802.11b WEP. Use AirSnort to crack 802.11b networks. I won't be happy until hardware manufacturers are pressured into releasing a standard which doesn't suck (what a novel idea.)
And remember, friends don't let friends fall victim to a partially known key attack.
802.11b is pathetically weak. With every new node which uses 802.11b, faulty encryption is becoming more ingrained in our infrastructure. You can help stop the spread of 802.11b. Demonstrate a well known attack. Use AirSnort, show it to your boss, coworkers, anyone who purchases hardware.
Information about this exploit doesn't seem to want to be free, for example, Slashdot wouldn't announce AirSnort when it came out. We shouldn't be satisfied until we can buy a wireless ethernet card with very strong encryption. However, if people continue to buy 802.11b cards, the hardware manufacturers will have no pressure to develop a less broken protocol.
As far as fair use goes, these have been interesting times. It's nice to see something go about as well as it could. Maybe there's hope after all, (Dimitri who?)
Another thing; don't think this is a finished issue. Students who attended the conference may be in violation of the law if they describe its proceedings to their advisors, and people who write software which implements Professor Felton's methods would almost certainly be in violation of the law.
On a lighter note; isn't it funny how little understanding some people have of security? Verance relied on the secrecy of their algorithm to protect the data, but the algorithm was patented. Which means you could look it up, which means they willingly betrayed their own security methods.
The most obvious solution is to use some sort of byte code, but you said that speed was an issue. If you're using Linux, you might want to look into dl_open, a library call. Dl_open lets you load dynamically linkable libraries at run time.
I would imagine you would use this as follows; first, you'd get some data points with which to calculate from a server. Then, you'd also get the name of a shared library which is on a server (NFS mounted probably). This library has a function name 'calc' or some such that does that calculation. You can then call that function, and post the results somewhere.
I would avoid using MPI or PVM, since those are not designed for farming out data the way you are. You should probably use your own job control protocol. Also, you might want to allow for multiple archetectures, naming the library foo-0.0.1.i386.so and foo-0.0.1.alpha.so and so forth,
I've seen an implementation of this attack which can get the key in less than a second. Granted, a sufficient amount of traffic must have been gathered for this attack to work, but it's a very low amount--on the order of a few minutes worth.
It is up to the infected party to take the medicine, and it would be unethical to sieze the unwitting victim and force the medicine into their bodies.
And this would be unethical how? By violating some inalienable right people have to carry disease? That's a new one. People who do not patch up their servers (or take medicines) are being negligent. If a person allows them self to get sick, and they get other people sick, I would prefer that they get held responsible.
Frankly, I'm getting sick of Code Red myself. I use DSL, and it crashes my modem, a lot. Nor can I write a little script; the modem needs a hard reboot. I don't even use windows, and those irresponsible system administrators are costing me more than a little pain and greivance.
The internet is a self-policing system. Since there are no formal channels to use to force people to upgrade their servers, this extreme course of action is being pursued.
Perhaps the threat of the injunction was enough to scare Microsoft into action. This is the first time they havn't been engaged in delaying action since the trial began. Of course, they are having a harder time pretending everything is alright; with Code Red, the court case and a gathering cloud of Anti-XP sentiment, perhaps they no longer feel invincible.
An 800 lb. gorilla, to be sure, but the government is a T-Rex.
To be honest, apache may be vulnderable; however, it's not quite as simple as that. In linux, you could theoretically do wacky things, like disable outgoing connections on port 80. If linux had finer grained security, you could even do this without interfering with mozilla's attempts to connect out on port 80. The beautiful thing is, as linux is open source, you can make said modifications. See the NSA modifications.
Also, you could limit the outgoing bandwidth, or disable outgoing pings. You could even write an anti worm program, which gets updated worm attack patterns from some website, and looks at every outgoing web request for possible matches. Further, apache and linux run on different hardware, and apache runs on non-linux operating systems too, making apache much less homgenous an entity than IIS. And finally, the average linux user is much more likely to upgrade their operating system for security reasons that your average windows user.
By the way, Apache is free as in speech, too, which is why I like it (well, that and the fact that I can pronounce "apache" easily; it's not a tounge twister like "IIS").
One thing which is not specifically mentioned in this article is how one gets the copyright. The New York Times can obviously get the electronic copyright via a suit, but it already has the paper copyright.
My question is, does the Tasini ruling give parties with no existing copyrights the ability to sue to get electronic copyrights? That is, would Napster (or mp3.com, etc.) simply be able to sue the RIAA for the rights, or would they have to have physical rights, too? I sincerely hope for the former, as the latter would be little improvement over the status quo.
For too long, the favor has swung toward the copyright holders. We can only hope that this signals an end to the debacle that has resulted from attempts to get music on the internet.
I'd imagine that this would only save RAM state on sleep, the only change would be that sleeping wouldn't consume as much energy. Powering off the machine wouldn't even have to clear the RAM, just make the CPU lose it's state. On the Intel, this just involves asserting the reset pin. Then, the processor will go through it's normal boot routine, completely ignoring what's currently in memory.
The slashdot editors don't even mention that this new material would hold processor state for up to fifteen years. One thing I wonder is whether you can make RAM using these same techniques. Storing processor state without storing RAM would be pretty much useless--few tasks can be done solely inside a CPU's registers.
The Register article is woefully short on details, so it's impossible for me to say whether or not a perv RAM system would be inappropriate. (name aside)
I would have liked more information, but the supposed like to the journal "Science" just led back to slashdot. Then again, maybe IE is being flaky.
The issues of the other 180+ governemts notwithstanding, this made me think funny. I read the headline, and myself said the following to myself:
"More domain name squabbles, nothing new here."
"Hey, somebody wants something, and they aren't ICANN."
"I'll just bet that ICANN is thrilled with that idea."
"What a big surprise, they think it's a stupid idea."
"Oh well, I'll continue reading until I find a reference to child-porn."
"Oh hey, look, the slashdot editors simultaneously gave be a beautiful mental image, and impliying that the third world are a bunch of child-neglecting filth mongers.
I love Akira as much as the next guy, but can anyone really claim to understand it? To be sure, the imagery and animation is phenomenal and mind-blowing, but the story is what really counts. Any attempt to decipher the story from the Anime alone is doomed to failure; it simply doesn't make sense.
The manga, on the other hand, is far less visually appealing. Make no mistake, I think it looks gorgeous, but it's just not as pretty as the Anime. It makes up for that by presenting a story that's consistent, comprehensible and insightful. Heresey, to be sure.
I guess this post boils down to the cliched oppinion of a movie; the book is always better. This just shows that the Manga (or even the comic--see the X-Men) is better, too.
Here's the deal; he's connecting to the internet somehow, so you have to track him down with that. Mail messages contain, in their headers, the IP address of the sender. Now, it's possible to forge these, but this is an outlook virus, and I imagine that outlook tells the truth about it's IP address.
Now, this device could have a local (192.168.* or 10.*) address, but the address should be your mail provider. Here's to hoping you use somebody's SMTP mail service! Anyway, you need to contact your mail provider, and find out from which IP address he sent the message from. Then, do a reverse name lookup, and contact his ISP.
Now, as someone mentioned earlier, if he is using your dialup service, this is even easier. However, I'm going to guess that he is using something like DSL, where you can connect multiple computers. That is just a guess, I'd just like to show that it is possible even if that is the case.
Regardless or how you find this guy, involve the police. I don't know what country you live in, but most police around here (Minnesota) don't appreciate you doing their job for them. Nor do the courts.
In the future the bigger company will just arrest the smaller company's CEOs for competing. That can't be legal.
Come on, I have no problem with being provocative and opinionated, but at least back that up a little bit. I mean, it doesn't even follow from the story. A comment like, "Maybe one day we'll all be under coporate survelence to ensure that we don't tell our friends that Ovaltine* decoder rings will let them access everybody's bank accounts," would at least have been on topic. I wish I could say this is a new low, but at now that I think about it, slashdot's always been about like this.
At least it's spelled corectly and uses correct grammar. Oh, wait, no, it doesn't! The smaller company only has one CEO.
Anyway, I wish I had known there was a protest in St. Paul. That would have been "Stuff that Matters," at least for me.
*Ovaltine is a trademark of Sandoz Nutrition Limited.
Slashdot Mirror
I think the sign of a good piece of code is that it accomplishes it's goal with a minimum of code. I think a good way to measure this would be to track the rate at which a programmer increases the features to code ratio. Whoever does this faster is the better programmer.
Still another problem is the short term variations in this ratio. All propgrammers bark up the wrong tree from time to time. Therefore, it only seems reasonable to check the programmer's productivity on a weekly basis, if not less even often.
Anyway, at my company, we get along fine without ever reviewing the programmers. We are all just expected to produce good code in a timely manner. We don't set rigid deadlines, and we get bonuses for all of the projects we complete, with more money for bigger projects. Programmer productivity seems to be a fairly useless metric.
Anyway, I'm sorry that last paragraph was so confusing. I guess assigning another meaning to the word Airport wasn't so smart on Apple's part.
Let us think about what that means. First, I assume by 'one company,' you really mean 'one operating system family.' Second, you're assuming that it will remain legal to have a non-DRM operating system. This may not continue to be the case; there is no legislation that bans non-DRM operating systems currently, but such legislation has been proposed in the past. Further, the media lobying efforts are heavily directed to getting such legislation.
Regarding the current congress and administation, there is cause for concern. It is likely that a law requiring a DRM compliant operating system would get passed, especially if it can be presented as an economic aid. The source of the worry is that Microsoft will certainly not license this "technology" to any other operating system authors. The inevitable patent battle means the world will end up with a total, unadulterated Microsoft operating system monopoly. This monopoly could be levered into all areas of software; cell phones, PDAs, routers, firewalls, basically any computing environment which can operate on the Internet.
Then again, maybe I'm just being paranoid.
You might want to check to yield of an ICBM. September 11 left 6,000 dead. An intercontinential ballistic missile attack would leave millions dead.
I think that any species we would be interested in talking to us would be naturally curious about the weird bleeps and bloops we might send them. They would hopefully look for a pattern, which I think is pretty clear. Don't tell me that the sequence of numbers 2, 3, 5, 7, 11, 13, 17 ... wouldn't make you you think.
You are right that mathematics doesn't work, but the proof (thanks to Godel) is far more complicated.
Oh, and the second amendment concerns the right of people to defend themselves, either agains American Indians (when it was written,) foreign invaders, or even our own government. You do not transport militias with civilian aircraft, however, so restricting their use on an aircraft does not fall under the second ammendment, as it does not restrict the right of people to raise a militia.
While you may have good intensions for promoting the idea of allowing concealed weapons on air craft, don't you think that it would be dangerous; sure, the citizens could stop the terrorist, but now the terrorist can use a flight attendant as a hostage at gunpoint. All they have to do is sit in first class. Or what about mentally disadvantaged people (like the one that stormed the cockpit of a flight a couple of weeks ago.) Watch a program on "Air Rage" one day.
Certainly the government can't protect us from everything, but they have proven themselves to be capable of handling hijackings. In the sixties, we had a number of hijackings. While these were cast from the release-my-brother-in-arms-from-prision mold, it was agreed that this had to stop. The Air Marshall program was created to end the threat of hijackings. However, I don't think that as of September 11, 2001, there were any Air Marshalls on any domestic flights in the US on active duty. The Air Marshalls are deployed on international flights. I tend to believe that their presence on domestic flights be as successful as their presence on international flights.
That being said, where did you hear that there was a marshall on one of those flights who had his weapon taken away from him? This is hard to believe because they are not uniformed, and the airline employees don't even know their identity; they buy their tickets just like everyboody else.
The Office of Homeland Defense is not another KGB or Stasi. In fact, it's not even a real bureaucracy, it's a coordinating Cabinet position that oversees the anti-terrorist activities of many agencies, like the NSA, CIA, FBI and the Armed Forces. While it may become a huge bureaucracy, it's not intended to be.
And finally, how are you going to protect yourself from a plane flying toward your office building at 600 mph? Raise a militia?
It was called ARPAnet.
Ok, so what's the big deal? My company has an intranet to keep the unwanted away from our sacred data. What's wrong with government doing this? How does this make them "above the people"?
Some people will doubtless think that 802.11b is still an attractive protocol. These people might argue that people won't be sniffing wireless ethernets anytime soon, as the exploit requires a high degree of technical proficiency. However, it only requires one person to discover a network's password.
So, I am totally against any move anywhere which entrusts the public's data to a broken standard like 802.11b with WEP. I think it is important to convince people of WEP's almost total lack of value.
Help convince people not to trust 802.11b WEP. Use AirSnort to crack 802.11b networks. I won't be happy until hardware manufacturers are pressured into releasing a standard which doesn't suck (what a novel idea.)
And remember, friends don't let friends fall victim to a partially known key attack.
Information about this exploit doesn't seem to want to be free, for example, Slashdot wouldn't announce AirSnort when it came out. We shouldn't be satisfied until we can buy a wireless ethernet card with very strong encryption. However, if people continue to buy 802.11b cards, the hardware manufacturers will have no pressure to develop a less broken protocol.
Another thing; don't think this is a finished issue. Students who attended the conference may be in violation of the law if they describe its proceedings to their advisors, and people who write software which implements Professor Felton's methods would almost certainly be in violation of the law.
On a lighter note; isn't it funny how little understanding some people have of security? Verance relied on the secrecy of their algorithm to protect the data, but the algorithm was patented. Which means you could look it up, which means they willingly betrayed their own security methods.
I would imagine you would use this as follows; first, you'd get some data points with which to calculate from a server. Then, you'd also get the name of a shared library which is on a server (NFS mounted probably). This library has a function name 'calc' or some such that does that calculation. You can then call that function, and post the results somewhere.
I would avoid using MPI or PVM, since those are not designed for farming out data the way you are. You should probably use your own job control protocol. Also, you might want to allow for multiple archetectures, naming the library foo-0.0.1.i386.so and foo-0.0.1.alpha.so and so forth,
Sounds like microsoft man is misinforming you.
And this would be unethical how? By violating some inalienable right people have to carry disease? That's a new one. People who do not patch up their servers (or take medicines) are being negligent. If a person allows them self to get sick, and they get other people sick, I would prefer that they get held responsible.
Frankly, I'm getting sick of Code Red myself. I use DSL, and it crashes my modem, a lot. Nor can I write a little script; the modem needs a hard reboot. I don't even use windows, and those irresponsible system administrators are costing me more than a little pain and greivance.
The internet is a self-policing system. Since there are no formal channels to use to force people to upgrade their servers, this extreme course of action is being pursued.
Whose ethics do we teach? Yours?
An 800 lb. gorilla, to be sure, but the government is a T-Rex.
Also, you could limit the outgoing bandwidth, or disable outgoing pings. You could even write an anti worm program, which gets updated worm attack patterns from some website, and looks at every outgoing web request for possible matches. Further, apache and linux run on different hardware, and apache runs on non-linux operating systems too, making apache much less homgenous an entity than IIS. And finally, the average linux user is much more likely to upgrade their operating system for security reasons that your average windows user.
By the way, Apache is free as in speech, too, which is why I like it (well, that and the fact that I can pronounce "apache" easily; it's not a tounge twister like "IIS").
My question is, does the Tasini ruling give parties with no existing copyrights the ability to sue to get electronic copyrights? That is, would Napster (or mp3.com, etc.) simply be able to sue the RIAA for the rights, or would they have to have physical rights, too? I sincerely hope for the former, as the latter would be little improvement over the status quo.
For too long, the favor has swung toward the copyright holders. We can only hope that this signals an end to the debacle that has resulted from attempts to get music on the internet.
I'd imagine that this would only save RAM state on sleep, the only change would be that sleeping wouldn't consume as much energy. Powering off the machine wouldn't even have to clear the RAM, just make the CPU lose it's state. On the Intel, this just involves asserting the reset pin. Then, the processor will go through it's normal boot routine, completely ignoring what's currently in memory.
The Register article is woefully short on details, so it's impossible for me to say whether or not a perv RAM system would be inappropriate. (name aside) I would have liked more information, but the supposed like to the journal "Science" just led back to slashdot. Then again, maybe IE is being flaky.
The issues of the other 180+ governemts notwithstanding, this made me think funny. I read the headline, and myself said the following to myself:
Then again, maybe I'm reading too much into this.
The manga, on the other hand, is far less visually appealing. Make no mistake, I think it looks gorgeous, but it's just not as pretty as the Anime. It makes up for that by presenting a story that's consistent, comprehensible and insightful. Heresey, to be sure.
I guess this post boils down to the cliched oppinion of a movie; the book is always better. This just shows that the Manga (or even the comic--see the X-Men) is better, too.
Now, this device could have a local (192.168.* or 10.*) address, but the address should be your mail provider. Here's to hoping you use somebody's SMTP mail service! Anyway, you need to contact your mail provider, and find out from which IP address he sent the message from. Then, do a reverse name lookup, and contact his ISP.
Now, as someone mentioned earlier, if he is using your dialup service, this is even easier. However, I'm going to guess that he is using something like DSL, where you can connect multiple computers. That is just a guess, I'd just like to show that it is possible even if that is the case.
Regardless or how you find this guy, involve the police. I don't know what country you live in, but most police around here (Minnesota) don't appreciate you doing their job for them. Nor do the courts.
Come on, I have no problem with being provocative and opinionated, but at least back that up a little bit. I mean, it doesn't even follow from the story. A comment like, "Maybe one day we'll all be under coporate survelence to ensure that we don't tell our friends that Ovaltine* decoder rings will let them access everybody's bank accounts," would at least have been on topic. I wish I could say this is a new low, but at now that I think about it, slashdot's always been about like this.
At least it's spelled corectly and uses correct grammar. Oh, wait, no, it doesn't! The smaller company only has one CEO.
Anyway, I wish I had known there was a protest in St. Paul. That would have been "Stuff that Matters," at least for me.
Then again, this is slashdot. Maybe you hit the nail on the head...