Slashdot Mirror


User: _Sprocket_

_Sprocket_'s activity in the archive.

Stories
0
Comments
5,182
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,182

  1. Re:Who is kidding whom, Hilary? on Hilary Rosen Gripes About iPod, iTMS · · Score: 1

    Yet Cisco has managed to avoid any kind of anti-trust action over the years. And there's no talk of anti-trust pressure on Google either. Wonder why that is?

  2. Re:Paranoia will destroy ya on LinuxWorld Editorial Machinations · · Score: 2, Insightful
    I read PJ and enjoy her analyses, and I bear her no ill will. Some of the things she puts into her writings have a paranoiac/persecuted edge that has struck me as a bit odd, though.

    But at the same time - wouldn't that edge be warrented? PJ has been attacked personally before. This particular case is just another incident - though certainly an escalation over pervious attacks. Little wonder her nerves might be getting a bit raw.

    You make a fair point - it'd be nice to see no indication that these attacks are taking any toll (assuming they are). But I'm not so sure it's really that remarkable. That is, unless you're claiming that this edge you're noting is affecting her judgement; that PJ's claims are beginning to stray from the truth?
  3. Re:The underlying model has everything to do with on New Mozilla Firefox 1.0.3 Exploit · · Score: 1
    The real point Iw as trying to make it don't hate on MS when they conceal code and then love Mozilla for the same thing.

    Fair enough. But make sure the hypocracy really exists before you call it out.

    First, don't confuse the issues. You did so as soon as you mentioned "Open Source". This is, if anything, about the policies of Microsoft and the Mozilla Foundation (though I'm all for the question of whether Mozilla Foundation is following the spirit of Open Source or not).

    Secondly, compare apples to apples. Do a bit of legwork and see if its actually the same individuals championing Full Disclosure or some other disclosure policy depending on the developer. If this is the case (and it might be - I haven't looked myself), then you've got a point. Otherwise, you're simply observing that Slashdot is made up of differing opinions.
  4. Re:How different is Linux from Windows? on Meet Microsoft's Linux Lab Head Bill Hilf · · Score: 1

    The platforms are very different in many ways. But having said that, at work I run the MS Office suite via WINE.

  5. Re:The underlying model has everything to do with on New Mozilla Firefox 1.0.3 Exploit · · Score: 1
    Open source is the exact opposite theory, the many eyes theory. You open the entire code base to the entire world, without restriction. So anyone onw, malicious or benevolant can examine just how your stuff works. You actively encourage others to modify your work and to distribute those modifications to the world. It's all about transparancy and access.

    I'm not aware that the Mozilla Foundation has held back any code. Isn't it all there? Bugs and all? And doesn't that fall in line with the Open Source model?
    So in this case it's rather inconsistent to keep everything hidden from the public. They are saying "there's a problem in the code we gave you, but we aren't going to tell you what it is or where it is." That sounds a lot like the Microsoft/closed source idea to me.

    Don't get me wrong - I'm not supporting the Mozilla Foundation's behavior here. I personally don't agree with hiding bug reports. And if one wants to make it a point of whether they are doing the right thing or not - fine. But that wasn't the point.

    The point was a comparison of Microsoft to the Mozilla Foundation as models of proprietary and Open Source models. The fact is that IE's code is available under a very different set of rules than Mozilla's code. This is where Closed Source vs. Open Source comes in. No matter how secretive the Mozilla Foundation wants to be with their bug database, mailing list, or party invitations... the code is still there; available to all.

    Whether the Mozilla Foundation should be more open with their bug database is an issue of disclosure. After all, Microsoft could become supporters of Full Disclosure while still maintaining proprietary code.
  6. Re:This was reported to bugzilla some time ago! on New Mozilla Firefox 1.0.3 Exploit · · Score: 5, Insightful
    And yet, when Microsoft does this, somehow it's "reprehensible".

    And on the flip side - where's all the folks who defend Microsoft's practices? Shouldn't they be also standing up here and saying how responsible the Mozilla Foundation is?

    Really - why try to paint this as an "open source vs. Microsoft" issue? If anything, this is the usual "full disclosure" vs. "reponsible disclosure" vs. "no disclosure" debate. The underlying development model has little to do with it.
  7. Re:Just like the samba benchmark on Red Hat/Apache Slower Than Windows Server 2003? · · Score: 1
    I've reached the point where I completely ignore all the studies and benchmarks like this, from both sides.

    You can afford to do that if you're the primary decission maker in your environment or your management also ignores these studies. Otherwise, you better know if (or more likely why) a study is flawed and why it doesn't apply to your environment.
  8. Re:Just like the samba benchmark on Red Hat/Apache Slower Than Windows Server 2003? · · Score: 1
    It's the same as if you ask 90% of the people if they ignore beer commercials on TV they'll say yes; but somehow, magically, the beer companies still make more money running the ad than if they didn't.

    Maybe that 10% are gullable, beer-guzzeling fools. :P

    Kind of like spam. I don't know anyone who likes or responds to spam. But it only takes a few idiots to make the scam worthwhile - apparently they ARE out there.
  9. Re:Bittorrent on Initial ROTS Reviews Hit the Internet · · Score: 1

    It would be nice if the jerks just left the A/C on. You're lucky that your climate allowed for it. My climate requires A/C... apparently year round for a packed movie theatre. I went to a Midnight showing of LotR and regretted it. Full price for a movie and a sauna.

  10. Re:But on Initial ROTS Reviews Hit the Internet · · Score: 1

    ...wait... Annakin is... undead? I see where the franchise is going: Interview With a Sith.

  11. Re:How can you not see it? on Initial ROTS Reviews Hit the Internet · · Score: 1
    Even if the reviews said it was more of a cross between Ishtar and Battlefield Earth than a SW flick, we'd all still go see it just to finish the series off.

    Huh. And I was under the impression that Lucas already finnished the series off with Attack of the Clones. Or... at least, he did for me.

    And that's why I don't even know when the movie is being released. I'll probably see it. It is very unlikely it'll be on opening night. It is somewhat possible I'll see it at a matinee. It's most likely I'll put it in my Netflix queue; in with all the other flicks I'm curious about but haven't put too much effort in to seeing.
  12. Re:Too late to the game on Symantec Launches Anti-Spyware Beta · · Score: 1
    With all of the Spyware utilities out there, I am surprised that Symmantec would waste their time with this one.

    What's always confused me is... why not just write appropriate definitions? Heck - they can create definitions to target "time waster" applications. Why not spyware? Is Elf Bowling really have more of an impact on the end user than Marketscore?
  13. Re:No Suprise on Revenge of the Sith a "Blood Bath" · · Score: 1
    Yoda is not going to just leave the hot zone to live on some God forsaken swamp planet because a few people died.

    Look - Yoda is a pretty sensitive guy. Some people are just like that. I don't think anyone should get down on him for wanting to duck out of the whole Jedi scene after all those harsh words.
  14. Re:Was not it Al Gore? on What The Dormouse Said · · Score: 1

    I seem to remember that Al Gore said he didn't inhale.... or something... :)

  15. Re:An example of the American Empire on U.S. Rejects Canadian Rejection of DMCA · · Score: 1
    We have military personell in over 135 nations. [whs.mil] Most have less than 20 and are probably guarding embassies, but more than you would think have over 1000, including Belgium. The UK has over 13,000. It can be said that the sun never sets on the American Empire.

    Yes... well... damn those Americans for getting mixed up in the last two World Wars and the following Cold War. Should have kept their noses out of world affairs and their troops on their own damn soil. World would have been a much better place then.

    I can appreciate the concern over US influence (this story is one of many disturbing examples). And the "American Empire" moniker is too tempting to avoid - even for the Economist apparently. But what does troop deployment prove? Keep in mind that, for the most part, troops are stationed in sovereign countries and tend to be subject to host nation's laws (with various agreements in place with those nations).
  16. Re:Then tell me how they don't have it. on Copy-and-Paste Reveals Classified U.S. Documents · · Score: 1
    And have I ever said that? Just because they can see how the checkpoints are setup and operated, does NOT mean that we fire all of our spies and informants.

    But then YOU are the only one who has said anything like that.

    No. I'm not saying fire all spies and informants. What I'm saying is that even with assumptions that the enemy may already have the intel contained in this report, you don't go ahead and release that information.
    There
    Is
    No
    Military
    Value
    In
    The
    Report

    None. All of the information (except the names) can be and has been collected by the enemy already.

    You don't know that the information has been collected. You can make some reasonable assumptions that it has been. You can analyze attacks and make some educated guesses at what is known. But you still don't know the extent of enemy intel unless you've managed to compromise their intel in some way.

    I'm not saying the information has high value. But none the less, it does have SOME value. Apparently we'll have to simply disagree on this point. But as you're busy dismissing this, keep in mind EEFIs as an example of low-value information still having value.

    Incidently, my "new insight" as you call it would be the question of other value of this information for other-than-military use. That would certainly justify your call for ignoring cursory intel procedures and making this information public.
  17. Re:And so the cycle is complete. on Copy-and-Paste Reveals Classified U.S. Documents · · Score: 1
    As I had originally stated, this isn't providing them with ANY information that they don't already have (except the names of the individuals).

    Yes - you've made the assumption that all the information provided, they already have. You've made that assumption several times. That doesn't make it a known.

    Furthermore, you're also ignoring the importance of providing the enemy with the knowledge one's own understanding. It's one thing to know something. It's another thing to know that your enemy also knows or does not know it.

    Just because the enemy COULD or very likely does have good intel, does not mean any intel you yourself have is immediately worthless.

    At the same time, it doesn't mean it's golden.

    One side point to this is the value of this information. If there is any military / security value at all, it should be considered worthwhile to protect (at least at a rudimentary level). The only reason not to do so would be a greater value in revealing the information.

    I tend to fall more in favor of disclosure for information than not. I have to deal with overzealous secret-squirrel behavior on a regular basis myself. It can be a daunting task to get some beurocrats to understand the importance of information flow as well as the importance of secrecy.
  18. Re:Welcome to war. on Copy-and-Paste Reveals Classified U.S. Documents · · Score: 1
    First off, you always assume the enemy has perfect knowledge.

    That doesn't mean you ensure that they do by providing them with the information.

    Yes, they have intel. Yes, they are obviously using it and adapting. And yes, one could make some basic assumptions as to what their intel would be based on their actions.

    But you don't then ensure they have a full understanding of your own understanding of the situation.

    No. It is because it is "brittle". Once it is broken, it is broken.

    Fair point.

    But we CAN make a change in Infosec. If a particular protocol or algorythm is weak, we can change to a stronger one (assuming there is one). Or, better yet, we can make good choices from the beginning with little additional impact for having made those selections.

    With this in mind, one can take very basic steps to provide essentially the same protection to one's personal data as a large enterprise or governmental agency. Doing the same with one's home is a different matter. It's considerably more complex to create a bank vault out of one's own home. But you're right - that doesn't mean you put your front door key under the mat.

    In war, you NEVER hope that the attacker will NOT know something that is critically important to your success.

    You might want to consider D-Day as a famous counter-example to this.

    No - it's not the perfect situation. You should be working towards making that knowledge unimportant to success. But there certainly are limits.
  19. Re:Everybody sees 1st level and goes crazy...tsk t on Copy-and-Paste Reveals Classified U.S. Documents · · Score: 1
    So the point is, I could be wrong, the gun-jumpers could be wrong, but one thing is right; there are ALWAYS other possible alternatives to something obvious, especially when it's military or political. A forum like this is not to say "ahh bad bad bad" and see 500 messages of bitching on bad bad bad, but rather to promote a certain level of dicussion and intelligible arguments.

    As a quick aside: it was a PDF and not a DOC file. Same lesson though: modern document formats must be handled very carefully.

    Sure. It's possible that this is all a clever ruse. But keep in mind Hanlon's Razor. I've seen more than enough general stupidity and incompetance in the US Government - especially around IT. That's not to say that the US Government doesn't have sharp folks working in their midst. But they tend to be the exception and not the rule. In my jaded view, the safe money would be on this incident being due to incompetance rather than master plan.

    Not that talking the "master plan" angle isn't fun.
  20. Re:The information isn't that useful. on Copy-and-Paste Reveals Classified U.S. Documents · · Score: 1
    None of the other information wouldn't already be known by the attackers.

    And operating as if the attackers did NOT know that information just leaves you vulnerable to more attacks.

    You're making a rather large assumption on what the enemy knows. Their information may or may not have been complete. It isn't wise to help them fill in any gaps or confirm any of their current assumptions / understandings.

    Furthermore, its even less likely the enemy has a full understanding of what your own intel on the situation is. An important aspect of intel is knowing what your enemy knows ("known knowns" jokes aside). It could be argued that knowning what your enemy knows and therefore doesn't know is key. Providing them with that intel is a major loss.

    None of this means you don't operate under the assumption that your enemy is gathering intel. It doesn't mean an assumption that anything you don't wish to share is somehow unlearnable by your enemy. But it does mean taking steps to ensure you don't hand that information over to the enemy on a plater.

    "Security through obscurity" is a derogatory term in information security. This is because in that environment, we can write and re-write the laws of that realm. In the physical world we live in, and thus physical security, "security through obscurity" has a much more time-honored status. Its one of the few things that can be done. After all, it's considerably more difficult to change the laws of physics.
  21. Re:contradiction on Hitchhiker's Guide Reviewed · · Score: 1
    1) Removed jokes, for instance the planning permission on the bottom of a filing cabinet in a locked underground toilet with a sign saying 'beware of the leopard' on the door. This is justifiable in a way; it simply wouldn't be practical to put everything from the books into the film.

    The trouble is - some of the movie really needed some of those jokes. The "beware of the leopard" dialog would have kept that scene from being so... flat. And it might have highlighted the Vogons' pointing out that the plans for Earth's demise had simularly available if Eathlings had bothered to go see them.

    That's not to say that it was wrong to make changes. Ford delaying the work crew with a cart of beer instead of convincing the foreman to lay in the mud (which didn't make an appearance in the movie ;) worked well enough and allowed cutting considerable dialog. After all, the movie obviously had a considerable SFX budget, but not a wealth in time.

    What the movie did manage to do, though, was add new material. Whether that justified the somewhat clumsy cutting of earlier HHG material is the issue.

    My own take - the movie is a nice companion piece. I'm glad I paid matinee price for it and could have been just as happy renting the DVD. It's nowhere near as entertaining as either the book or BBC productions. Fans of the Guide will likely get more out of the movie than new viewers - assuming they're not affronted by the fact that its not a faithfull reproduction of any of the three previous works.
  22. Re:Third Paragraph Says It All on The SCO Trial Through A New Lens · · Score: 1
    If it was so straightforward and should have "been settled quickly and easily", then the judge should have seen that too. So, the fact that the case is still going on shows that it's definitely not a "straightforward" case.

    Ahh. You stopped reading too quick. See, the author also points out:

    History provides two opposite parallels to what happened next: The victory won by King Pyrrhus over the Roman legions at Asculum in 279 BC, and Rod Canion's victory over IBM in 1982.

    See - suddenly there's time travel involved. I mean, I'm sure we've all seen enough movies and episodes of Star Trek to understand how messy things get when you start screwing with time lines.

    It worked out for Bill & Ted when they brought figures FORWARD in time, sure. But they didn't even touch the Roman Legion or King Pyrrhus. What a mess. No wonder the author didn't even want to go further than mention them once.

    The author did talk a fair amount on IBM and Compaq. But that's just to point out IBM is fallable. And really, the less said about Compaq the better. Compaq, HP, Fiorina... see what time travel gets you? What else but a contaminated timeline would explain all that insanity?

    The author is right. This case is likely to have far-reaching effects that we're not even aware of yet. And we haven't even gotten through the trial.
  23. Re:He's missing the point on The SCO Trial Through A New Lens · · Score: 1
    I'm going with the author. And I feel sympathy for him for being attacked by all the idiots.

    I'm curious - what points are you agreeing with. And, having said that, exactly why do you feel sorry for him being attacked by "all the idiots"?

    It seems to me that Murphy is re-hashing well-trodden ground. Maybe I missed something. Would you mind pointing it out? Or, even better yet, jump in to one of the other threads by those "idiots" and point out where they've gotten things wrong.
  24. Re:No mention of VA Software? on Venture Money in Open Source · · Score: 1

    "VA Linux" learned that it's hard to compete against Dell. Heck - even Compaq had a hard time doing that. And they invented the market.

  25. Re:It's okay on Google Upgrades AdSense · · Score: 1
    Many of you might not like targeted ads ("privacy issues"), but face it --- Google's and Gmail's ads are far less annoying than the random irrelevant banners that, say, Yahoo puts up.

    I've never minded targeted ads. It's the method of targeting ads that I've had a problem with. If you're taking a guess at my interest based on content, fine. Show me ads for AquaWeaver Magazine when I search for "underwater basket weaving" or reading an article on it. As far as I can tell, linking content to an ad has never been a "privacy issue".

    The problem comes when you link ads to the individual. For example, I don't like tracking cookies (doubleclick gets added to every adblock config I've ever had). I will not have an advertising agency tracking me from site to site. If that means they can't target an ad at me as effectively, tough. They'll just have to take a guess at my interest by the content I'm viewing.