I've read the paper a few years ago, but the gist of how it might work in this case is that instead of the agent comparing the actual keywords to a database, they parse the document and try decrypting some of its code against hashes of the keywords (or, say, sorted sub-sets of keywords).
That way, even the response behaviour would be "mathematically proven to be impossible to reverse-engineer" until it reacts. The only way to know what it's looking for is discovering each input it reacts for - it could be a huge search space.
The concept is quite interesting for use in mobile agents. It'd be even more interesting if they were as popular now as people predicted they'd be, though .
On DRM, the sole semi-rational scheme I've seen yet is the one Secure Palm eReader uses. You just need the user name and credit card to use the files. You can use it in any device with Palm eReader, including a PC.
It's the only format with DRM I ever buy ebooks for. Everything else has to be open (open PDFs, regular PDB files in Fictionwise.com, HTML, etc), or I'm not interested.
If Sony's reader can read PDFs/HTML/text without too much of a hassle and (hopefully) Palm eReader files, and has a decent battery life (i.e.: unlike the Tungsten E I currently use...) I'll definitely be interested. If they go the crappy DRM and pricy content way, like they did with their previous e-book reader, no way.
Personally, I haven't been able to get into it too deeply. Writing new tests from scratch in a project for which you've already written a big chunk code is daunting and tedious, IMO. You literally have to go step by step through the program and simulate every forseeable use case. I did write some tests and I can see the benefit. I tested what I thought was some rather simple code and found bugs right away. Bugs that might not have been obvious by simply clicking through the application. Also, writing such tests can give you ideas for features that you might not have thought of before.
A great book on the topic of adding tests to old code is Working Effectively with Legacy Code. There are a lot of techniques there that I've found very helpful while refactoring projects done before I started using automated tests (in my case, using DUnit).
Writing tests really helps reducing excessive coupling in your code, too. If you need to use and initialize a lot of classes for a simple test, it's usually a sign that they are a bit too dependent.
But isn't that the quality we say we look for in our leaders?
Yes, just look at the latest US presidential elections. Could they have elected someone with less understanding of the situation (no matter what the current situation is)?
You seem to be suggesting that you can't get e-mail on several machines from a POP3 account. I do it all the time for several e-mail accounts (including gmail via POP).
All you have to do (assuming your e-mail client supports it) is set it to "Keep Messages on Server for N days" (where N is large enough that you are sure to have downloaded e-mail from all your computers).
Works great on The Bat. It also has a "Delete Message from server when it is removed from Trash) which is handy so that you don't download spam or general useless messages on several computers.
$100? We've been looking into code-signing lately, and my impression was that Verisign had the market locked at $400 a pop. Is it cheaper for individuals, or did you get the cert from somewhere else???
I got mine from Comodo, at http://www.instantssl.com/. There are several providers, with different prices depending on what they can get away with .
When I renewed, the new cert pointed to http://www.usertrust.com/, no idea why. They also refused to set the new certificate date to add the month left in the previous cert *after* their online support specifically told me they would... I didn't bother to complain more, but I am warning everyone when I mention them.
It's the same price for everyone, AFAIK. Obviously, the documentation required changes between company/individuals and if you are in the US or elsewhere.
Please note that Verisign's will be accepted by more default OS configurations than other issuers.
I sign my shareware, simply because WinXP's screen when running signed software is slightly less frightening. I think that is worth the yearly US$100 investment (I didn't do a double-blind test, though - it's just an educated guess).
About Bruce's Argument #1, that is true. However, the idea is that whomever they got their certificate from (Comodo, Thawte, Verisign, etc) will revoke the certificate as soon as they do something against the rules. It will show as revoked if the user is on-line when the screen comes up.
I previously heard about someone's certificate being revoked for wrongdoing. I can't remember any of the details.
If the certificate issuers acted fast on reasonable complaints, it could be a great security enhancer.
As it is, the group that gets the most of it is MS (who gets fees from issuers for being in their OS's root certificate) and the certificate issuers.
AFAIK they have the same information - it's just that Google Earth allows you zoom further than the images resolution...
However, I can see much smaller details with Google Earth's zoom, since instead of a 3-pixel car I can see a (blurrier) much larger version of the same content. Plus, you get caching!
I'm playing with Google Earth now. I'm currently on dial-up, and it's still usable, as long as you are very patient:-).
It does have quite a few labels in Brazil, and it has a neat feature with user-added places in the BBS (looks like they decided to go retro instead of just calling a forum). There are already a few in Brazil.
Should be very neat, as long as people don't start spamming it!
BTW, I've used the trial of Keyhole LT, and Google's free version seem much nicer... A year ago, their trial didn't have *anything* on Brazil, too - not even Landsat-7's 15 meter images, just the default NASA Visible World images.
WorldWind is likely to take a big hit in popularity - the tiny download of Google Earth (10mb vs WW 200mb) is likely to be a major factor to some... Google's servers can also run circles around NASAs.
Too bad for the custom apps - WW being open source gave it a huge advantage there...
I'm not sure how high is the resolution of this, but I imagine it's a couple of meters. WorldWind only had 15-meter stuff for those locations... A *huge* difference.
I've been told that these Google images are a lot newer, too.
Obviously those are only available in *very* selected areas, though.
Analog and Asimov's also have a great ebook subscription option (I got mine at fictionwise.com). Of course, it has no ads, but it also has no illustrations:-(.
It's much cheaper for international subscribers, and when I subscribed the paper version, they took months to arrive. Now I get them within a few minutes of release, and read them on my palmtop.
Much easier to archive, too. I've been reading both Analog and Asimov for about 14 years, and that can take up a lot of shelf space...
Have you ever typed something from a piece of paper into a computer? Did you have to keep one eye on each?:-)
I use the secondary monitor for comparing files or copy and paste a lot. The context switch for the alt-tab is very annoying by comparison. It's also nice when debugging, or working with a database.
Tiling never works as well for that kind of stuff - you have to fix the sizes twice, and either you have a tiny font or you will have much less content per window.
Also, I find the secondary monitor great for notifications - i.e. you can drop a CD-burning, copy, download, etc (any lengthy operation) to the secondary monitor and continue working on the main monitor. Then you can get the status at a glance and when it's done you will easily notice it, on your peripherical vision.
I also leave an e-mail ticker (from The Bat) on the secondary monitor - you can tell at a glance when an e-mail arrives, as well as what it is. This is very nice when gaming, with sometimes several seconds for a context switch - it is very annoying to stop playing just to see that you got another spam. And when it's a message from an user I can answer it right away (instead of, oh, it's probably another newsletter - I can check it later).
I also have another computer without a dual monitor. I'm always missing having a secondary display, and will probably upgrade it eventually.
The problem with e-books is that good hardware simply isn't available yet. I've read hundreds of e-books on various notebooks and palmtops and currently I use a Palm Tungsten E. It's acceptable, but the screen is very small and the battery doesn't last anywhere near enough - sometimes I have to recharge twice in the same day in the middle of a long book. 32 MB isn't much but it's enough to have a couple of dozen fiction e-books and a few technical books, too.
When the hardware improves (preferably on a DRM-free reader), I'm sure a lot of people will switch to e-books. It is a fad already in Japan, using smart-phones.
If you remember back when digital cameras where starting, there were a lot of people who insisted they'd never catch on - the resolution would never be enough compared to film, no one will want a photo on a screen, etc.
And we all know how that prediction turned out.
Of course there will always be the paper book lovers that like the media more than the content... But they will probably be a fringe group, when decent hardware is available and everyone else is used to the idea.
Only in the first version of the case. In the next version, they will slow it down, so that the "Windows XP Professional Recommended" in their site makes more sense.
After the outcry of the fans, there will be a third version where they both boot at the same time.
Also on CNET, that is what they did with Download.com. They started charging to list software a few years back. I did pay for my shareware products (well worth it), but not my freeware.
I imagine the freeware authors all left and now they have just added free submissions again...
The problem with your logic is that he isn't bound by the GPL. What the GPL says is that if you don't follow it, you can't distribute the software because you don't have the copyright - but the original author still does.
Relevant quote from the GPL, v2: You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License.
For the original author, something else grants permission to distribute - the copyright. Thus, the GPL is null for the original author.
I believe your comment was a joke, and the GP obviously was, but it's silly to assume that just because someone wrote a program that he'd use it for that function...
Even when it's something you wrote by yourself (i.e.: instead of being told to by your boss/teacher/whatever), you might just not be the target market. Around 95 I wrote a nice shareware comm program (for use with BBSs - BRCOMM), which was great for newbies.
Most of the time, I used another comm program myself ({COMMO}), which was *not* trivial to setup, but was very powerful and much better for advanced users.
Of course, I avoided saying that to my users:-)
There are also other possible reasons, such as your program is just something you whipped up in a hurry and barely usable, but that never happened to me...:-)
It's even worse for multifunctionals - they don't use the printer parts for scanning or faxing, and yet these won't work either if the cartridges aren't ok (hp psc 2210, for example).
I was planning on getting a similar model from HP till that - now I will keep my old HP 710c and scanner for a while. I've been using it for years with a broken color cartridge, just printing in black and white, with no problems.
One of the characters writes a trojan that works by exploiting a buffer overflow in the virus scanner (thus running even if the user never ran it, without needing bugs in further products), and also adds itself to central AV servers' virus signatures, which causes it to infect all AV clients when they update the signatures.
BTW, great book, and the "big companies taking over the world" theme is very Slashdot style .
Have you actually seen the documentation of Firefox's formats?
The history file, for example, is spectacularly awful. Check out https://bugzilla.mozilla.org/show_bug.cgi?id=24143 8 (not a link since bugzilla won't accept Slashdot as a referrer) - "please make history.dat easier to parse (i.e., not Mork)"
Slashdot Mirror
mathematically proven to be impossible to reverse-engineer
l
I imagine they are using something like Bruce Schneir's Clueless Agents:
http://www.schneier.com/paper-clueless-agents.htm
I've read the paper a few years ago, but the gist of how it might work in this case is that instead of the agent comparing the actual keywords to a database, they parse the document and try decrypting some of its code against hashes of the keywords (or, say, sorted sub-sets of keywords).
That way, even the response behaviour would be "mathematically proven to be impossible to reverse-engineer" until it reacts. The only way to know what it's looking for is discovering each input it reacts for - it could be a huge search space.
The concept is quite interesting for use in mobile agents. It'd be even more interesting if they were as popular now as people predicted they'd be, though .
On DRM, the sole semi-rational scheme I've seen yet is the one Secure Palm eReader uses. You just need the user name and credit card to use the files. You can use it in any device with Palm eReader, including a PC.
It's the only format with DRM I ever buy ebooks for. Everything else has to be open (open PDFs, regular PDB files in Fictionwise.com, HTML, etc), or I'm not interested.
If Sony's reader can read PDFs/HTML/text without too much of a hassle and (hopefully) Palm eReader files, and has a decent battery life (i.e.: unlike the Tungsten E I currently use...) I'll definitely be interested. If they go the crappy DRM and pricy content way, like they did with their previous e-book reader, no way.
A great book on the topic of adding tests to old code is Working Effectively with Legacy Code. There are a lot of techniques there that I've found very helpful while refactoring projects done before I started using automated tests (in my case, using DUnit).
Writing tests really helps reducing excessive coupling in your code, too. If you need to use and initialize a lot of classes for a simple test, it's usually a sign that they are a bit too dependent.
Yes, just look at the latest US presidential elections. Could they have elected someone with less understanding of the situation (no matter what the current situation is)?
You seem to be suggesting that you can't get e-mail on several machines from a POP3 account. I do it all the time for several e-mail accounts (including gmail via POP).
All you have to do (assuming your e-mail client supports it) is set it to "Keep Messages on Server for N days" (where N is large enough that you are sure to have downloaded e-mail from all your computers).
Works great on The Bat. It also has a "Delete Message from server when it is removed from Trash) which is handy so that you don't download spam or general useless messages on several computers.
They should be required to have CRLs in the cert...
Looking at the root certs on WinXP, seems that only a few have a CDP field, though.
I guess these are going for the accountability angle alone.
I got mine from Comodo, at http://www.instantssl.com/. There are several providers, with different prices depending on what they can get away with .
When I renewed, the new cert pointed to http://www.usertrust.com/, no idea why. They also refused to set the new certificate date to add the month left in the previous cert *after* their online support specifically told me they would... I didn't bother to complain more, but I am warning everyone when I mention them.
It's the same price for everyone, AFAIK. Obviously, the documentation required changes between company/individuals and if you are in the US or elsewhere.
Please note that Verisign's will be accepted by more default OS configurations than other issuers.
I sign my shareware, simply because WinXP's screen when running signed software is slightly less frightening. I think that is worth the yearly US$100 investment (I didn't do a double-blind test, though - it's just an educated guess).
About Bruce's Argument #1, that is true. However, the idea is that whomever they got their certificate from (Comodo, Thawte, Verisign, etc) will revoke the certificate as soon as they do something against the rules. It will show as revoked if the user is on-line when the screen comes up.
I previously heard about someone's certificate being revoked for wrongdoing. I can't remember any of the details.
If the certificate issuers acted fast on reasonable complaints, it could be a great security enhancer.
As it is, the group that gets the most of it is MS (who gets fees from issuers for being in their OS's root certificate) and the certificate issuers.
It's effectivelly better, but...
AFAIK they have the same information - it's just that Google Earth allows you zoom further than the images resolution...
However, I can see much smaller details with Google Earth's zoom, since instead of a 3-pixel car I can see a (blurrier) much larger version of the same content. Plus, you get caching!
Very, very neat!
I'm playing with Google Earth now. I'm currently on dial-up, and it's still usable, as long as you are very patient
It does have quite a few labels in Brazil, and it has a neat feature with user-added places in the BBS (looks like they decided to go retro instead of just calling a forum). There are already a few in Brazil.
Should be very neat, as long as people don't start spamming it!
BTW, I've used the trial of Keyhole LT, and Google's free version seem much nicer... A year ago, their trial didn't have *anything* on Brazil, too - not even Landsat-7's 15 meter images, just the default NASA Visible World images.
WorldWind is likely to take a big hit in popularity - the tiny download of Google Earth (10mb vs WW 200mb) is likely to be a major factor to some... Google's servers can also run circles around NASAs.
Too bad for the custom apps - WW being open source gave it a huge advantage there...
I have to agree, at least as far as labels go. But at least in maps.google.com, you can get very high-resolution images of Brazil:
0 51&spn=0.005375,0.007918&t=k&hl=en
http://maps.google.com/maps?ll=-23.547585,-46.665
I'm not sure how high is the resolution of this, but I imagine it's a couple of meters. WorldWind only had 15-meter stuff for those locations... A *huge* difference.
I've been told that these Google images are a lot newer, too.
Obviously those are only available in *very* selected areas, though.
Analog and Asimov's also have a great ebook subscription option (I got mine at fictionwise.com). Of course, it has no ads, but it also has no illustrations
It's much cheaper for international subscribers, and when I subscribed the paper version, they took months to arrive. Now I get them within a few minutes of release, and read them on my palmtop.
Much easier to archive, too. I've been reading both Analog and Asimov for about 14 years, and that can take up a lot of shelf space...
BTW, the June Asimov was great!
Have you ever typed something from a piece of paper into a computer? Did you have to keep one eye on each? :-)
I use the secondary monitor for comparing files or copy and paste a lot. The context switch for the alt-tab is very annoying by comparison. It's also nice when debugging, or working with a database.
Tiling never works as well for that kind of stuff - you have to fix the sizes twice, and either you have a tiny font or you will have much less content per window.
Also, I find the secondary monitor great for notifications - i.e. you can drop a CD-burning, copy, download, etc (any lengthy operation) to the secondary monitor and continue working on the main monitor. Then you can get the status at a glance and when it's done you will easily notice it, on your peripherical vision.
I also leave an e-mail ticker (from The Bat) on the secondary monitor - you can tell at a glance when an e-mail arrives, as well as what it is. This is very nice when gaming, with sometimes several seconds for a context switch - it is very annoying to stop playing just to see that you got another spam. And when it's a message from an user I can answer it right away (instead of, oh, it's probably another newsletter - I can check it later).
I also have another computer without a dual monitor. I'm always missing having a secondary display, and will probably upgrade it eventually.
The problem with e-books is that good hardware simply isn't available yet. I've read hundreds of e-books on various notebooks and palmtops and currently I use a Palm Tungsten E. It's acceptable, but the screen is very small and the battery doesn't last anywhere near enough - sometimes I have to recharge twice in the same day in the middle of a long book. 32 MB isn't much but it's enough to have a couple of dozen fiction e-books and a few technical books, too.
When the hardware improves (preferably on a DRM-free reader), I'm sure a lot of people will switch to e-books. It is a fad already in Japan, using smart-phones.
If you remember back when digital cameras where starting, there were a lot of people who insisted they'd never catch on - the resolution would never be enough compared to film, no one will want a photo on a screen, etc.
And we all know how that prediction turned out.
Of course there will always be the paper book lovers that like the media more than the content... But they will probably be a fringe group, when decent hardware is available and everyone else is used to the idea.
Only in the first version of the case. In the next version, they will slow it down, so that the "Windows XP Professional Recommended" in their site makes more sense.
After the outcry of the fans, there will be a third version where they both boot at the same time.
LOL! The icons are nice enough, but the funniest thing is the R2 recycle bin...
Also on CNET, that is what they did with Download.com. They started charging to list software a few years back. I did pay for my shareware products (well worth it), but not my freeware.
I imagine the freeware authors all left and now they have just added free submissions again...
The problem with your logic is that he isn't bound by the GPL. What the GPL says is that if you don't follow it, you can't distribute the software because you don't have the copyright - but the original author still does.
Relevant quote from the GPL, v2:
You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License.
For the original author, something else grants permission to distribute - the copyright. Thus, the GPL is null for the original author.
I believe your comment was a joke, and the GP obviously was, but it's silly to assume that just because someone wrote a program that he'd use it for that function...
:-)
:-)
Even when it's something you wrote by yourself (i.e.: instead of being told to by your boss/teacher/whatever), you might just not be the target market. Around 95 I wrote a nice shareware comm program (for use with BBSs - BRCOMM), which was great for newbies.
Most of the time, I used another comm program myself ({COMMO}), which was *not* trivial to setup, but was very powerful and much better for advanced users.
Of course, I avoided saying that to my users
There are also other possible reasons, such as your program is just something you whipped up in a hurry and barely usable, but that never happened to me...
Funnily enough, there is a googledot.com registered!
Domain name: googledot.com
Administrative Contact:
Domain Investors
Domain Names (bell@bell.biz)
skipping other details... (whois it yourself if you want them)
Creation date: 31 Jan 2003 11:51:24
Expiration date: 31 Jan 2009 11:51:24
The web site is just one of those generic parked domain pages, though.
Is that book about the goatse guy?
I liked "databese" more. I guess that would be a very fat database, which makes sense since it would have to be very large to have everyone's data.
It's even worse for multifunctionals - they don't use the printer parts for scanning or faxing, and yet these won't work either if the cartridges aren't ok (hp psc 2210, for example).
I was planning on getting a similar model from HP till that - now I will keep my old HP 710c and scanner for a while. I've been using it for years with a broken color cartridge, just printing in black and white, with no problems.
This remind me of Jennifer Government -
http://www.maxbarry.com/jennifergovernment/
One of the characters writes a trojan that works by exploiting a buffer overflow in the virus scanner (thus running even if the user never ran it, without needing bugs in further products), and also adds itself to central AV servers' virus signatures, which causes it to infect all AV clients when they update the signatures.
BTW, great book, and the "big companies taking over the world" theme is very Slashdot style .
Have you actually seen the documentation of Firefox's formats?
3 8
t xt
The history file, for example, is spectacularly awful. Check out https://bugzilla.mozilla.org/show_bug.cgi?id=2414
(not a link since bugzilla won't accept Slashdot as a referrer) - "please make history.dat easier to parse (i.e., not Mork)"
Some other references to the format:
http://www.mozilla.org/mailnews/arch/mork/primer.
http://jwz.livejournal.com/312657.html
http://www.jwz.org/doc/mailsum.html