Slashdot Mirror


User: _Sprocket_

_Sprocket_'s activity in the archive.

Stories
0
Comments
5,182
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,182

  1. Re:So how do we know that there is only one? on Linux Kernel Back-Door Hack Attempt Discovered · · Score: 1


    The fact that this was possible once, should really make people think about the possibility of it happened ALREADY, and determine if it is necessary to hunt through the code for a systematic review.

    Instead, all we get is Microsoft Bashing...


    Yea - because we all know that as soon as this was discovered, all the kernel developers and assorted dabblers decided to spend all their time on Slashdot thinking up MS-bash jokes. Heck. Its amazing that ANY development is being done these days while Slashdot posts good bash-fodder.
  2. Re:3 cheers for monolithic kernals on Linux Kernel Back-Door Hack Attempt Discovered · · Score: 2, Funny

    When you troll like that, I think you're supposed to have some throw-away account so you can collect karma in some misguided intent to abuse the moderation system. I hear that's what all the kids are doing these days.

    (wait - am I supposed to say "here goes my karma" at this point?) :)

  3. Ignoring Spyware on Norton Antivirus 2004 Ad Blocking - Tough Call? · · Score: 1

    Its a shame Symantec decided to take on ad banners of all things. If they're going to take a stance on digital annoyances, where's their NAV signitures for spyware? Spyware is much more damaging than even the most obnoxious stupid java trick or Flash overkill.

    Granted - they'd have to deal with the likes of Gator (or whatever cuddly name they've adopted now). After all, as others point out, Gator IS spyware.

  4. Re:Banner blocking is just fine on Norton Antivirus 2004 Ad Blocking - Tough Call? · · Score: 3, Insightful


    Blocking the latest banner technology is just fine. Unsolicited flash, oversized banners, ads in the middle of text or on the right side of the screen -- it can all go.


    Here, here. I wouldn't bother to block ads if it weren't for the inane stupid tricks advertisers try to use. The onslaught of Flash ads was the final straw. I now use Privoxy at work and home.

    I like Google's take on advertising - and Privoxy leaves these alone. Its a shame that Symantec's product doesn't.
  5. System Doctoring on Microsoft Offers A Bounty On Virus Writers · · Score: 1


    The same doctor will tell you that elimination of all dangerous viruses and bacteria from our environment is impossible.
    The best way to fight the diseases is to make our constitution stronger.


    A big difference here is that we don't have much control over biology. In fact, we have a relatively limited understanding of biological systems - much less the ability to engineer them.

    This is why analogies based on physical events don't work well with information security issues. Just like biology, we don't control the laws of physics. We are limited in what we can and can not do about the world around us. Although a large part of technology is a better understanding of said physics (for lack of a better term) - and a consistent redefining of what is or is not possible. Information security differs simply because we directly control and engineer information systems.

    When there is a fatal flaw within an information system architecture, we as the engineers of those systems are certainly capable of changing them. Now - that's not to say that every issue is trivial. And we still deal with certain physical limitations (enter comments about users being the weakness to any system). But we certainly have full control over those systems and are in the position to change the system - or the rules by which it works - at will. This is important when you consider that the nature of many common vulnerabilities lie in either bugs or simply a lack of proper design.

    Any flaws in an existing information system is our own doing. We are not only in a position to correct those flaws - but also to avoid them in the first place.
  6. No cost humor on Free Software As Nigerian Scam · · Score: 1

    Great. A humor piece (I hope) based on the common confusion of "free" meaning "no cost".

  7. Re:Trying copying an image from Gimp to OpenOffice on New X Proposal on Freedesktop.org · · Score: 1


    Trying copying an image from Gimp to OpenOffice...
    If you can do that, I'll give you a shiny medal.


    Perhapse you meant to post this earlier in the thread? If not, you missed the pace of the conversation talking about TEXT and the behavior of select/copy and paste functions (which, btw, work fine between OpenOffice and GIMP).
  8. Re:All I ever wanted from Xwindows... on New X Proposal on Freedesktop.org · · Score: 4, Interesting

    ...it confuses select with cut-and-paste...


    I have two main workstations that I use daily - my Linux desktop (currently running KDE) and my Windows 2K desktop. I am often having to retrace my steps while on my Win2K box because I try to paste some text and discover that I've forgotten to hit ctrl-c before moving to the next window. I've become used to copying text while selecting it (its not "cut-and-paste" by the way).

    Its all dependant on what you're used to. And I have found myself going to some lengths to get my Windows machine to act more like my Linux environment.
  9. Re:Quick to judge on Spammer DDoS-By-Virus On spamhaus.org · · Score: 1

    It might be interesting to note that another variation of this worm attacks darkprofits[.net|.com]. This site has been the victom of a series of joe-job spams.

  10. Re:The FBI functions as a secret police. on Spammer DDoS-By-Virus On spamhaus.org · · Score: 1

    It would help if you didn't start your phone call requesting the extension for an "Agent Scully".

  11. Re:ACLU to help out? on Symantec Says No To Pro-Gun Sites · · Score: 2, Insightful

    HELLO! This kind of sofware is being pushed as manditory controls of public access to information. Its less an issue about what Symantec is doing (they can block anyting they want on their own network) and more about how these choices affect public resources (your local public library).

  12. Re:We need a goddamn fix and there's money in it on A Gator By Any Other Name · · Score: 1
    Alright. It might have been a bit unfair to compare your idea to flying cars. You'll have to forgive me for overstating the issue to make a point. And the point is that while the idea sounds good, there are lots of details that make it far less trivial than it sounds.



    Okay, fine. Tell me what's wrong with the suggestion.

    There are automated tools that provide subsets of such a service.

    There are (extremely expensive) services that provide such services by physically sending people out to locations to perform essentially the same task each time.

    Where is the bad assumption?


    In your origional post, you stated:

    The important thing is that each machine must *never* require actual individual attention from a human being, or else costs shoot up (though perhaps optional commercial phone support could provided as a separate service). The base service should be on the order of $10/month at most. It'd keep IT costs down and keep small businesses and home systems much more maintained than they are now.

    And that is where we run in to trouble. The current automated tools will still run in to cases where they need human interaction.

    Bundling these tools together in to one product offering makes sense. And, in fact, its been done in a similar manner with Symantec's Internet Security product. This package includes an antivirus, personal firewall, spam filter, content filter, etc. These are all components one can find individually from different vendors or, in fact, Symantec themselves - bundled.

    The difference between Symantec's product and what you're proposing is the overall intent. You're talking about a "guru in a box". The expectation there is that either the customer can get a live person to help them in difficult situations or the software itself is 100% self-reliant. Symantec doesn't make any such claim with their product (or do they?).
  13. Re:LG stuff on Slashback: Diebold, Cluster, Radiation · · Score: 3, Insightful


    And I'm not gonna bother deciphering meant-for-engineers technical docs to see if my CD-ROM drive has some quirky use for some dandy non-mandatory ATAPI instruction. If random distros of Linux (and it's not just Mandrake, read up the comments) are frying random popular cd-rom drives, I'm just not gonna bother.


    Let's make it simple then. "LG drives are defective". Pretty simple.


    I got my NIC for free when I joined my broadband provider, and I'm just not gonna bother searching hardware stores to see if they have some Linux-compatible NIC. It either runs on what I have, or I ignore it.


    My new MB includes two network interfaces. Getting the brand-new chipsets working on my Linux workstation would require either patching my current kernel, running the newest unstable branch, or trying to figure out why the suplied proprietary kernel wouldn't work (btw - I dual booted too until I erased Windows to make space). I didn't want to take the time so I blew $9 US on a NIC that works fine and will be reused later on once I migrate to a kernel that suports it.


    And most users are even less interested in Linux than I have. I happen to have a particular taste for computers and programming and geek culture. Most economists - high-level professionals who've gone through heavy scientific and mathematical training - care even less.


    These people buy pre-built machines. If they want it running Linux, they'll likely buy one with it pre-built and pre-installed.


    Cluetrain arriving: people just don't organize their lives around Linux.


    Apparently you don't have the right ticket. Here's a hint: "people" don't organize their lives around any OS - Windows included.
  14. Re:LG stuff on Slashback: Diebold, Cluster, Radiation · · Score: 2


    You either put up with that and write safe software for sub-par nonstandard tienda-de-descuentos hardware, or you create clear specifications of what kind of system you must have for Linux to even work.


    Or when you put out a piece of hardware and claim its a Widget that meets a certain spec - it should meet that spec. If you can't trust a manufactorer to do so, its a good bet that one should avoid them.

    I'm all for making use of cheap hardware when needed. Heck - sometimes that's part of the fun. Part of the challenge of doing so is finding out what cheap hardware delivers and what is one step away from a scam. Thank the Internet for providing a medium where like-minded people can share notes.


    (By the way, am I the only one annoyed by the fact that even the modern-est Linux distros only support 10% of the ethernet cards supported by Win95?)


    Welcome to the wonders of commodity hardware. Just because you get a component in-hand, doesn't mean you get the drivers you need. That goes for Windows as well as Linux. Pissed off that you didn't get your driver? Do your homework next time or bitch at the manufactorer.

    For me - I tend to grab inexpensive (outright cheap) NICs based on Realtek's chipsets. Work fine. In fact, I just built a box with a RTL-8139/8139C/8139C+ based NIC.


    There were industry-wide Multimedia PC specs for a while - MPC1, MPC2, MPC3.

    ...

    That way, anyone could go to their local tienda-de-descuentos el-cheapo xing-ling computer assembler and ask for a Linux Computer, level two.


    Where are these standards now? What you're talking about is a pre-built box running Linux. I agree - for most people, that's the only way they'll be able to get in to Linux. Heck... its the only way they get in to Windows. You likely have a better chance to get a box built to run Linux from your local whitbox screwdriver shop than your favorite local consumer electronics outfit pushing big-name kit.


    That said, just imagine what Slashdot'd be saying if this problem happened with a M$ release.


    Sure. You'll get some trolling and FUD going with Linux zealots ingoring the issue for a chance to bash Microsoft. Just like you've got Windows zealots doing now.
  15. Re:LG stuff on Slashback: Diebold, Cluster, Radiation · · Score: 2, Insightful


    Does _any_ version of Windows cause this?


    Wait for the first Windows worm that pushes this command on to the IDE bus. You don't need a CDROM drive to propagate. Destroying hardware in this case would do nothing to slow down the spread of such a malicious worm.
  16. Re:Eric Raymond does not own the Jargon File on SCO Asks IBM To Make SCO's Case For It · · Score: 1

    Other ploys include spreading FUD. When any ploy (from FUD to "no comment") is dictated by management of that organization, it is a policy.

    SCO is doing more than demonstrating due diligence.

  17. Re:Eric Raymond does not own the Jargon File on SCO Asks IBM To Make SCO's Case For It · · Score: 1


    The media comes looking for interviews,


    "No comment." "We do not comment on cases pending legal action." Etc. Turning down interviews is standard procedure in this industry. And so is taking advantage of an interview to push one's current strategy. SCO could avoid these interviews if they wished. Clearly, they don't.

    ...and telling people they owe you money is part of the process.


    Yes. If someone owes you money. At the least, such claims are questioneable - even if they win their court case against IBM.
  18. Re:We need a goddamn fix and there's money in it on A Gator By Any Other Name · · Score: 1


    What's needed is some (probably commercial and relatively inexpensive) comprehensive "Complete Computer Maintenance Service".


    What we also need is flying cars. They should also be rlatively inexpensive. And safe - at least as safe as terrestrial automobiles. That includes maintenance. And they should be easy to fly with minimal training.

    Of course - history shows that the devil's in the details of implementation. The closest we have come in decades of flying car ideas is a long line of prototypes.

    I appreciate ideas that go beyond the status quo. But at the same time, I can't help to think that sometimes people who toss them around have a distinct lack of appreciation for the details and complexities involved.
  19. Re:Eric Raymond does not own the Jargon File on SCO Asks IBM To Make SCO's Case For It · · Score: 1


    SCO has made its claims in its court filings. Until the court decides whether or not they're valid, judging SCO on your own is extralegal demonization.


    I wasn't aware that interviews with IT media and notices to individual corporations count as "court filings".
  20. Re:Eric Raymond does not own the Jargon File on SCO Asks IBM To Make SCO's Case For It · · Score: 1


    SCO has no responsibility to make deals with someone it's not suing. And it has no responsibility to settle with those it is suing. Until a court sees the evidence and hears the case, there is no rationale to denying SCO its right to due process of the law, and no justification for demonizing them for protecting their intellectual property rights.


    Who's denying SCO to its right to due process of the law? Let them go to court and make their case.

    The criticism comes from the media sideshows; the outragious claims of ownership, attacks on the GPL, attacks on the Open Source development community, threats to bill companies for technology under dubious claims. Let SCO provide proof of their extraordinary claims or wait quietly for their day in court.
  21. Re:Eric Raymond does not own the Jargon File on SCO Asks IBM To Make SCO's Case For It · · Score: 1


    SCO claims that their intellectual property has been placed under GPL illegally.

    If that claim is true, then they are 100% right to protect their intellectual property.


    I agree that if SCO's property has been misappropriated, then they are right to protect it. The trouble is that they seem to have an absurdly inclusive opinion of what is theirs. Furthermore, they are attacking a rather widely used license scheme (the GPL) and attempting to misappropriate the works under that license with the claim that said works are released to the public domain. All these claims have been sorely lacking in proof. And what little proof that has been provided - examples of "stolen" code found in the Linux kernel - has been shown to be within the public domain (and removed in any case).

    If you want to look for someone on the moral high ground when it comes to regard for intellectual property, you're going to have to elsewhere than SCO.


    And all of the denials of that come from the people who are trafficking in that intellectual property.


    Those denials come from a rather large community of disparate sources. Although, I suppose, in the broadest terms they are mostly all trafficking in the disputed code. Which doesn't mean they're wrong. But it also doesn't releive them from having to stand up to scrutiny.

    An added twist to this is that the very community being accused of this trafficking has also expressed a desire to identify and, if appropriate, remove offending property. But the offer has been ignored, if not scorned, by SCO. I find this behavior inconsistent with an organization solely interested in protecting its property (by comparison, the FSF has worked with other organizations that have failed to adhere to the GPL to quickly identify offending code and either come in to compliance or remove it).
  22. Re:Eric Raymond does not own the Jargon File on SCO Asks IBM To Make SCO's Case For It · · Score: 1


    Of course he refutes it. He's been lying about it ever since he did it. He's certainly not going to change his story now that he makes his fortune partially on the PR value of having put the Jargon File in bookstores with his name on it.


    Sure. I see your point. But I personally don't have enough information to confirm or refute it. I'll dig around later out of curiosity. I respectfully acknowledge your point and defer my own judgment. And I would recommend others to do their own research.


    And his behavior is worse than SCO's, as he appropriated public property and defrauded a trusting community, while SCO owns what SCO bought and SCO deserves to be compensated for those who stole it from them.


    On these points, I would have to disagree. ESR certainly did not appropriate public property. He used information that is in the public domain - as can any body else. And he did not remove or otherwise restrict that information. In fact, he's added to the public domain work and has continued to make that work available to the public.

    ESR may or may not have defrauded a trusting community - depending on what exactly happened and what was promised when talk of publishing this work came up. If a promise was made to induce participation from the community and then reneged, then I would agree with this point. But as I've already stated - I acknowledge the issue but reserve comment.

    I most strongly disagree with your statement on SCO's behavior. Catagorizing SCO's case as defending their property and seeking compensation for theft is, at best, an extremely breif summery. I would call that description more along the lines of uninformed if not deliberately misleading.

    This could quickly turn in to a rehashing of all SCO legal issue discussions. I'll spare both of us the time other than pointing out that SCO's attacks on the GPL, claims that GPL code is in the public domain, apparently broad interpretation of derivative work, and proof of "stolen" code that actually comes from the public domain are just a few of the issues that seem to expand the entire SCO issue beyond that of simple defense of intellectual property. Such as it may be.
  23. Re:What? on SCO Calls GPL Unenforceable, Void · · Score: 1


    Personally, I'd see it as a good thing if these obnoxious EULA's - both Microsoft and GNU licenses - were finally invalidated. They're clearly a violation of any reasonable definition of copyright: the creator's control ought to extend only to the act of copying.


    Hold on. Read the GPL. Find where it mentions users (google's cache of the document with the word "user" and "users" highlighted for your convenience). Note that the GPL has nothing to do with using GPL'd code and everything to do with distributing the code or derivitive works from GPL'd code.

    You might like the GPL more than you think. After all - its not an EULA.
  24. Re:Eric Raymond does not own the Jargon File on SCO Asks IBM To Make SCO's Case For It · · Score: 1


    When Eric was formatting the JF for publication as the HD, he discussed that the proceeds from sales should be donated to the EFF or some such, or paid in micro to contributors, who then gladly submitted entries and clarifications.

    However, once he saw the check from the publisher, he pocketed it.


    That is a version of history that ESR refutes. I'd have to dig deeper before forming any opinion on just what happened with TNHD. This post seems to be a nice jumping-off point. But that is for another time.

    One point seems to be pretty straight forward. ESR took information from the public domain and has continued to give back to the public domain. The Jargon File is still public domain - and that includes the content ESR, and other authors and editors, contributed to go in to TNHD.

    The accusation of theft seems to be debatable (and worth a bit of further reading).


    SCO actually owns what SCO is trying to protect, as they bought the rights to UNIX from the people who owned it, as devolved from the people who created it.


    This is another debatable point. Part of the issue is that nobody seems to fully understand exactly what SCO is after (critics might quip that this includes SCO themselves). Along they way they've claimed breaches of contract, copied code, derivative works, and attacked the GPL - even claiming GPL'd code is actually Public Domain. As the press releases stack up, the claims get more and more outlandish. I find it very hard to catagorize SCO's actions as simply defending rights to some code.

    So how do the two cases compare? Let's sum it up.

    ESR took from the public domain, gave back to the public domain, and produced a book and a profit along the way.

    SCO bought proprietary code, licensed proprietary code, and is now claiming ownership of entirely unrelated code.

    It seems that even if ESR is a conniving jerk and conned people in to contributing content (and there seems to be a good argument against this)... his behavior is still a far cry from SCO's.

    Your moral milage may vary.
  25. Re:Eric Raymond does not own the Jargon File on SCO Asks IBM To Make SCO's Case For It · · Score: 1


    He stole it.

    He appropritated public property for his own profit.


    What are you talking about? Raymond credits others for their work and states what seems to be a rather inclusive history of the origins of the work (feel free to produce references to the contrary). He also states that the file is in the public domain and does not try to claim copyright to it or otherwise remove the work from the public domain. Where is the theft?

    Perhapse you don't like the line from the origional post:

    It's also interesting to note that in Friday's memorandum, footnote 4, SCO uses Eric Raymond's Jargon File entry for FUD to take pot shots at IBM (footnote 4).

    If this is the case, note that the version linked to is the (rather popular) version being maintained by Raymond. Furthermore, he does seem to be the author of the entry - or at least the revision. The possesive in this case doesn't seem to be too far out of line.


    It's extremely hypocritical of him to criticize SCO's use of public-domain materials.


    Not at all. You see - Raymond's use of public domain material is appropriate. SCO's claim of ownership of public domain material, and consequently ownership of other's work that was derived from that work is quite different. That's not even touching on SCO's claims of ownership of work that is not in the public domain nor derivitive of public domain works. Or SCO's implications that some work not released to the public domain is actually public domain.