Just what do you think could have been done to prevent them from doing what they did?
What you must remember is that the terrorists always have knowledge of the laws and rules. If you can't take a metal knife aboard an airplane, they could have gotten away with ceramic ones. Are you suggesting a body search for everyone who gets aboard an airplane?
Unless you enact laws that are so strict as to totally limit your freedoms to the point that they no longer exist.
In truth this is what they wanted. This is the reason they attacked. To them, killing massive numners of people is secondary. They really wanted to destroy our freedom.
What better way to destroy freedom that to scare people into giving it up willingly? Talk about irony. Right now those who planned this atrocity are celebrating, not because they killed Americans, but because we will be willingly giving up a lot of freedoms.
Benmamin Franklin said that anyone who can give up essential liberties to obtain a little temporary saftey diserves neither liberty nor safety. This is as true today as when it was first uttered, and make no mistake any safety we gain from the sacrifice of our liberties will be very little and very temproary.
Never give up your freedom. I don't know about you, but I had ancestors who died to protect that freedom, and I will not let their death be in vain. I will not say, gee I'm too scared, I'll throw away all they fought and suffered and died for just so I can have a false sense of security.
Are there ways we could have stopped this attack? Absolutely, but none, not a single one involves any realistic level of additional security.
Even forgetting the horrendus difficulty, it would have required monitoring every telephone call, email, and non technologically assisted conversation on earth. What kind of civil liberties violation would that be?
It sickens me that someone could throw away his freedom so easily. I hope that there are still enough Americans who are willing to stand up to terrorism and say, "I will not sacrifice My freedom just because I am attacked. We WILL fight you and we WILL win. You will not intimidate us into giving up OUR freedom."
What you say is true. Even people who don't vote have a constitutionally protected right to bitch about the government.
The difference is that a member of congress will openly scoff at you if you don't vote, but will at least listen politely to your opinion, then diplomatically tell you why you're wrong if you do vote.
Wouldn't it make just a little more *sense* for the sensor to disable the ignition or something?
Not really. I don't particular like this either, but disabling the ignition would make such things as designated drivers impossible as it would disable the ignition if SOMEONE ELSE in the car had been drinking as well.
I checked it, and although it does rank relevant matches well, it is lacking on the indexing, as well as on the caching. These are two of google's strongest points.
With Google, I was searching for information which turned out to be on a defunct website. I was able to get what I wanted by searching within the google caches for the individual url's linked to. With this new one, that's right out.
Google also got the newsgroups that deja had. They are still not quite up to snuff (threading still sucks), but Tehoma lacks even that.
On the other hand Tehoma IS still in beta, and will probably get better. They will continually be indexing the web, and if they are smart will be refining their search process to give more revelant links.
Even if they do rise to a par with Google, I'd still use Google just because the caching of pages is so useful.
There are two things he seems to be going up for. First is reverse engineering the algorithm. This is on shaky legal ground since he did not do it within the U.S. However Unsama Bin Laden (sp?) has been tried and convicted in abstencia for several of his attacks against U.S. targets, even though he has never been within the United States, and likely never will be. Now there is little similarily between reverse engineering an encryption algorithm and bombing embassies, but it still shows legal precident of trying someone for something they planned or did outside of the U.S. If he ever comes into the US, he will be arrested and jailed, and his next trial would be an appeal since he has technically had a trial.
The other part is a little more firm. That is dissemating the information from the cracked algorithm. He could say I cracked this but I can't tell you how, and he would have been in a beter legal position because he did the actual reverse engineering in another country. He showed how to do it in Las Vegas, which is (the last time I checked) still in the U.S..
All of this isn't to say that the DMCA isn't completely stupid and unconstitutional, particularly the part about the dissemination. That SHOULD come under freedom of speech, but it will likely take the supreme court to strike that down.
Fortunatly (for now) the Supreme Court seems mostly immune to such things, perhaps because of the amount of money they make and not having to run for reelection all the time. I expect that to change some time soon though.
The first 'violation' is a little more ambiguious as to it's constitutionality. Sure, it's stupid, but there are a lot of stupid laws that are constitutional.
I think that the boycott of all such conventions and conferences would be a serious blow to the US DMCA supporters. Boycotts of the products would help too. Remember the best way to hurt a rich man is to take away his money.
If enough individuals do this, the stores will be forced to spend their resources (time and money) with the returns (which take 2-3 times longer than a purchase).
If it happens enough, the stores will in turn be forced to work with the record labels to stem the flow of returns.
Unfortunatly, it won't make any difference. What is the general rule for software? It can only be exchanged for the same title. Money can't be refunded (at least where I live). If people started taking cd's back to the store and demanding refunds, stores will institute the same policy for music, and you'll be screwed.
Of course you could try a different store, but since every store selling software I've seen in the last 5 years or so has had the exchange only policy with little negative impact on sales, it is entirely likely that most music buyers will still buy the music.
Remember they hold all of the cards.
If you want to hurt them, don't buy any more music from places that use such copy protection schemes, write to radio station advertisers threatening boycotts if advertisers continue to play songs from labels that use such copy protection schemes.
Unfortunatly I doubt this will work either. What percentage of music buyers actually notice such things or even care? I would guess less than 1% more likely less than 0.1%.
I'm not saying to mislead them, in fact I agree that it is necessary to try to educate as to what the term "Free Software" means. I just don't think anyone will get past the term free.
In fact I've found that most people lock up if their original assumptions are challenged. These aren't just moral or philosophical assumptions, but even technical ones. I once tried to explain the concept of using the gears on a mountain bike to someone. She had it in her head that you pushed the lever on one side to go faster, and the lever on the other to go slower. No amount of explanation or demonstration could convince her otherwise. It was almost as if I were watching a buggy Operating System encounter a problem and reboot itself.
One of the major problems with using the term "Free Software" in the business worldn is that people don't get past the term free. Here is close to the exact conversation I had once with a business major:
Me: (talking about linux) Free Software means free as in speech, not as in beer. This means that you can use it, copy it, and sell it if you want.
Business Major: Free! You mean nobody makes any money on it?
Me: No, it't talking about freedom, not price. You can make all the money you want on it. You just can't stop others from doing the same.
Business Major: How do they make any money if they have to give it away for free?
An educator will have the same tendency. You can talk, explain, scream, demonstrate, and whatever else you can think of to impart clue, and most will still insist on not understanding. When this happens, I see nothing morally wrong with utilizing that to our ends.
With business, we changed the name to get rid of the problems associated with the term free, why not do the reverse with education?
Come on people. Why bitch about this? Instead encourage schools to use Open Source. I can't believe the lack of thought I've seen on these message boards.
Remember that one of the major attributes of all educators in the public education system is a heavy concern for money. You'd have it too if you were making 1/3 of most other people with a similar level of education, and had to hear about how the budget didn't allow for this or that necessary item.
Just what do you think the most effective way to advocate Free Software to educatiors is? Note that we should call it Free Software when advocating to schools. The idea confusion between free beer and free lunch will help us here where it hurt us in the business world.
All we have to do is point out to horribly cash strapped schools that not only can they get this great software for little or no money, but they can copy it to their heart's content and put it on as many computers as they want.
There will be some problems since educators often tend to be technophobic as well, but simply pointing out such incidents in the mainstream press will go a long way to make them consider a Free alternative.
Why bitch about this? Why not just encourage Free Software? Because bitching about this IS going to be the most effective way we can encourage the use of Free Software in the education system. Sure it's scare tactics, and smacks a little of FUD, but WE aren't making this up. As far as I'm concerned Microsoft dug their own grave here, it's just up to us to take advantage of it.
There are many reasons I don't want to pay for content. First, I don't like any of the methods proposed so far to pay for it, I won't use them, but I still want to use the content.
Every method I've heard about utilizes some form of credit card or similar method (Don't go off about debit cards, smart cards or anything else, they are essentially the same thing a unique number that identifyes me so I can be charged, and information can be collected).
All of these let me spend money without knowing how much I'm spending, and can let such charges build.
One question: How would charging be done? By the minute? As I type this, I have a slashdot screen up, but I'm not actually communicating with the Slashdot site. This is going on on my computer, and will be sent to slashdot when I click submit. I would be rather upset if my browser ticked off seconds to pay to some site just because their information was on my screen. I'm not actually costing slashdot anything until I submit or preview. Perhaps by packet? I really don't want to have to pay for lost packets that are my ISP's fault, or worse the fault of some router somewhere between me and whatever site I want to view. What about by the month? That sucks if I only care to pop into a site for a few mintutes every few weeks. If on a monthly basis, would I still have to pay if I paid for entry, found the site to be worthless to me, and never came back? If so, why should I pay the same amount that month as someone who made heavy use of the site.
Using current technology and infrastructure how would you set up a pay by site for service internet infrastructure? Requiring people to have some type of card reader on their computer would be impossible since most people don't have one. The current option is for every site to get credit card information each time the site is accessed, either manually, or by cookie. Cookies would work, but have the tendency of shackling a person to a single machine. Slashdot does ok for keeping user profiles, but If I go to a machine wihout that cookie I must log in again. Of course on machines with more than one user, this creates a problem. Tracking by IP is worse, since many places and ISP's use assign IP's dynamically (modem pools for example).
There is currently no way for more than a couple of sites that any given user frequents to be pay sites without causing the user all sorts of headaches. How do you track me? Entering all that data each time is a pain. Saving it on my computer is insecure (I might want to be able to move around). Logging in to a lot of sites is a pain. Users will tend to use the same password for each site, so once one is compromised, all of them are.
In the furture, it would be possible to have a credit card reader (try getting drivers for that open sourced), which could be plugged into the computer. Ignoring the security of such things (I'll discuss that later), It is still a problem. Let's say most sites are a pay by access. They may charge only a small amount, but it can add up.
Let's say I go to slashdot premium, and pay for that, then I go to userfriendly and pay there, meanwhile I set my music browser to go get a good selection of classical music (which can't be downloaded and saved, only played from their servers), and I pay some small amount for that. With everything people do on the internet, all of these small and 'insignificant' charges add up to something rather substantual. Which then must be paid back quiclky (remember more will be on the next month's bill.
Credit card debt is currently a national epidemic. People all over the United States are going further into debt than they can handle because credit cards make it so easy. Going to pay for online services makes it a whole lot easier to go far into debt.
Now we come to the privacy issue. Several businesses (mostly ones that sell your data), have said that their customer lists and demographic information are the most valuable resource they have, not because they can sell to you, but because others will pay so much for that data. Marketers are no longer satisfyed with demographic data, they want specific data in order to force what they think you want down your throat. How do they get that data? Look at every purchase, and all of your online viewing habits in order to 'taylor' the advertising content to you. This is a complete violation of privacy.
Then there is the entire security issue. Most companies aren't sufficiently careful with their credit card information anyway, this just opens the door to all sorts of other potential violations which could occour.
Of course there is also always the potential of evesdropping. Even though the U.S. has lightened up some on the encryption laws, it is my understanding that there are still strange quirks in the law which would make encryption of reasonable strength impossible for widespread use. This opens the door to all sorts of attacks. Smaller keys can be brute forced in minutes or hours. Even if the encryption is sound and strong, the proceedures can often be attacked. In fact this is often how data is compromised.
Finally, if I pay for content do I still have to look at ads? One might think not, but that isn't how cable television has gone. I'm even beginning to see advertisments for various products on rented video tapes, and one DVD I own won't even let you bypass the previews. Not only do I have to pay for a commerical, I'm not allowed to skip it (I have to watch it to even get to the selection menu). I don't think that sites requiring pay for service would be any different than cable television. Of course premium channels don't have advertising (except for upcomming shows), but most regular ones, that I still have to pay for, do.
Some of the privacy problems and security problems can be solved by intellignet lawmaking, but I don't see that as being too likely. After all the United States Congress doesn't have too good of a track record with making laws having anything to do with computers.
Pay for access as a rule rather than an exception won't work well. There are too many problems to be resolved be for I would be involved, and I think that there are a lot of others who would also have similar problems.
on the whole, I liked Legos more. Why? Well, the erector set was far more challenging and interesting., but in order to join two simple objects, I had to dig through to find the parts, then sort through screws to find the proper length, then deal with my poor coordination to screw them together, crossthreading the nut onto the screw several times before I finally got it right. Then I could move on to the next one.
Although that IS very much how large engineering projects go, it is frustrating for younger people to have to deal with such things.
Legos do involve less thought, but trade that for quicker gratification. By the time I had joined a couple of parts with the erector set, I could have most of whatever I was building built out of legos.
Legos also made one think about structure. It is just in a much different way. Legos are inherently of inferior building structure (from the standpoint of structural integrity). You must there for think of how to build something strong enough that you can play with it afterward, while still making it look like what you want. This meant adding support blocks to various areas.
From the other posts here, I don't buy that the increase in the popularity of Legos is the cause of the decrease in quality of engineering in england. I would attribute it to other factors. I know nothing of the English education system, but if it is anything like the one here in the States, it must be getting pretty dismal.
I would wonder if the decrease in the quality of engineers and scientists in the U.S. matches the increase in schools allowing persecuition of anyone who would choose science, math or any other "geeky" subject over taking the minimum requirments, and goofing off the rest of the time.
I'm not required to give proof to that, Microsoft needs to. I was simply reporting on what Microsoft wants you to think. Nobody who is skilled in much of anything would actually buy their logic, they're hoping that people with business degrees listen, not math degrees.
Of course *I* know the logic is flawed, THEY don't want YOU to know that.
Did you read the actual article? Have you been listening to what Microsoft has been saying lately? In case you haven't it goes something like this. GPL=open source, GPL=anti-intllectual property, Open Source= anti-intellectual property, All Open source threatens intellectual property, because if you use any open source, you have to give away all of your IP.
Everybody in the tech community knew that the Win95/NT tcp/ip stack was the BSD stack, everybody in the tech community knew that hotmail was run (until recently) on BSD.
I don't find anything in this to be breaking news, I just find it to be funny.
"Don't use open soruce it's bad." "Shh, don't tell anyone, but all of our most mission critical stuff runs on open source software."
I started reading some of the responses, and was somewhat troubled. Fortunatly the moderation system seems to be working, and more intelligent people were percolating to the top, but some of the idiocy that pervails here and elsewhere is scary.
First the recomended article is not revelant to the discussion at hand. Most would agree that regulating the internet from a FEDERAL AGENCY is a violation of the first amendment, and not practical either. That was the entire 5 page rant in the referenced article. What brought about the rant? Someone not wanting to show a kid things that might be inappropiate in HIS OWN HOUSE. That is the crucial difference.
Freedom of speech means that I can say or publish pretty much what ever I want in a public fashon. There are limits to this, but for most cases I can say what I want. It does not mean that someone can't prevent me from saying things in his house or on his property. Public places such as stores or schools (even private ones) can be somewhat different, but private residences have no obligation to allow for total freedom of speech. The owner of the property can say what is or is not permissible.
However in the mind of the author of the salon article, censoring what is in your own house seems to be exactly the same as a governmental regulation. It is not.
Then there are the comments about the ratings system. Movies cutting stuff down to get the R rating, They also add gratutious violence and sex to the story just to get an R rating, because R rated movies make more money. Rather than eliminating it as suggested in the article, expanding it would be better. It lets me know what is in the movie, and if I want to see it for myself.
On that, I have seen no ratings system that is adequate. Most have one type of sex, one type of violence, one setting for foul language. I would submit that there is a difference in the violence protrayed in "Saving Private Ryan", or "Shindler's List", and that protrayed in "The Matrix". Any ratings system should refelct the difference.
The reactions here also distressed me:
IMHO, there is NO ethical way to monitor another human being. Privacy in my world comes ahead of security or well-being.
This person is obviously never dealt with any children. Should infants not be monitored on what they put in their mouths? Should older children not be monitored as to where they go and what they do? To fail to do so often results in the death of the child. Is this individual saying that needless death is more desirable than simple parental supervision?
Then there is the other side, someone recomenging that logging every keystroke website, image and whatever else be monitored. This is usually completely inappropiate (unless as a completely last resort before cutting off all internet access).
The advice in the bottom of the article was pretty good. I would venture that the best method to monitor internet access would be that internet access is only available when you are present, (not too hard in the instance of the question), and to keep the machine in a 'public' area of the house. If you are wandering through the room from time to time going about your business, it is unlikely in the extreme that any normal kid would surf to sites that they think you might find questionable.
Spot monitoring would not be a bad idea either. I would start by checking the cached pages, and history files. Most browsers to this for your convinence, and shouldn't be difficult to check. If the history or chache disappears, simple questions as to what might have happened would be appropiate.
Monitoring of whatever chat analog is a bit more important. Although the number of pedofiles using chat to get at kids is overstated, the danger is sitll there and very real. Checking into her chat sessions is really no different than getting to know her friends. It isn't really analogous to monitoring phone calls, because phone calls are not random individuals who call into some pool that lets them talk with others. You have to know the phone number and how to get in touch.
I would also like some program that would set off an audible alert if someone opens an email attachment, or tries to run some cutsey program from an attachment. Doing the latter should not run the program. It should shut off internet access deliver an aversion shock to the person who tried to run it, deliver an aversion shock to the person who sent it, and then delete the offending program. This would not only be available for kids but to install on the machine of any luser.
Lastly, I would suggest a stern talk about giving out any personal information. No phone numbers, street addresses, cities, or even real names. Email addresses should even be watched closely, for obvious reasons.
Respect for privacy is important, but there are things that eleven year olds aren't equiped to handle yet, and very real dangers. A balence between the two is important. As long as a kid is responsible, the monitoring would be kept to simply having the computer where the screen can be seen. Some other simple precautions protect the kids from other problems, and actually protect their privacy (monitoring them for giving out personal information for instance), or even their lives.
As kids get older they can be trusted a bit more. Some of the monitoring can go away.
There are ethical ways to 'monitor' what kids do on the internet, most don't require much work or technical expertise. Just a little bit of time spent with the kids. Done right, the monitoring can be kept to a minimum, mostly to assure the safety of the kids, their privacy from strangers (more important than privacy from parents), and to prevent more spreading of useless email viruses and trojans.
I really don't care what he says. The fact that I tried to leave and kept having new windows opened made me not want to have anything to do with him.
He can have his religeous, political, and philosophical views no matter how much I disagree, or how wierd. He can even sell eternal life rings. I don't really care, but when he annoys me with javascript, he needs a good beating.
After all we all know how unbiased Slashdot is, and the agrieved party can not by any means be considered an objective voice in the matter.
Flikx seems to have left out a lot of detail. The University is having a problem with some of the content of the side because of a threat of legal action. What was the nature of the 'inappopiate content'? Flikx never says. He just says that it is nothing by slashdot standards.
What flikx doesn't mention was that SOS wasn't a server that he was setting something up on for fun, nor was it a part of his education. He was voluntering for what appears by the google cache pages to have been an official university site.
Since it is a site that is meant to reflect on the university, the university has a right to see to it that there is nothing on there that could cause legal troubles. They didn't appear to have a problem with criticism, just with some posts with inappropiate content of an unspecified nature.
Then flikx starts to become very unclear. He is forced to implement censorship. Notice how the slashdot crowd goes nuts over this word, but if I own a server, I have the right to say what is stored on it, so does a university. Compare policies of student home pages to policies for official pages. Since SOS was quasi-offical, the university was compelled (apparently legally) to moderate the content to a degree.
Then a new administrator comes, and he doesn't like the SOS server. Since flikx has put in a lot of work he is understandably upset when the SOS server is going to go away.
He doesn't specify why it's getting pulled, only that it's 'politics' and some forged emails. I would suspect that the current diciplinary action against flikx is about the emails, not about the server.
Since there was a legal problem with the server, it is obvious that evidence would be collected from it, and the other data removed. After all why have a perfectly good computer sitting around doing nothing. As for the backups, why keep something backed up if you are never going to use it? Tapes cost money.
They also have grounds for not allowing flikx to set up the server somewhere else. After all the server was for the student government, an official university body. Since it was done for that purpose, it is not unthinkable that the university would leagally own the copyright to whatever was ont the server.
I suspect that the other problems flikx is having are more due to the forged emails. Since they appeared to come from flikx the university is understandably suspicious that he might have actually sent them. I think they are over reacting, but we should be used to this, people who don't understand technolgy usually tend to over react to possible tecnological threats. What would be suprising is a reasonable reaction.
Supposing for a moment that flikx did sent the email, the university would be well within their rights to ban him from campus, expell him, and even press criminal charges, so that reaction although excessive without more proof, it is understandable.
What the slashdot crowd generally fails to understand is that freedom of speech does not mean that I have he absolute right to say any thing I want wherever I want whenever I want, using whatever resoruces I want. Nor does it mean that even if I do have the right to say something in a particular venue that I should be excused from any possible repercussions from what I've said.
With the right to speech comes responsibility. If I annoy the wrong people they can make my life hard. That is a simple fact of life. Not all forms of speech are protected, nor are all forums equal in what kinds of things can be said.
Had Flikx implemented something like that using his own personal web page (at least at my school), it would have been protected. Students' web pages have some regulations on them, but not to the degree that something that is supposed to look official does.
Flikx is of course upset that all of the work he did went away, and now he can't even show it off, but why implement a service to the student government somewhere else? That wouldn't make much sense.
Advice to Flikx is to check with a lawyer, but worry more about getting the diploma. They didn't kill your page, they killed a their page that you had responisibility for.
Also note that in posting this to slashdot you may have seriously hurt your case. It sounds kind of whiny and tired.
Questions for Flikx:
What was the nature of the 'inappopiate material?'
Why did the administration change?
Why did they decide to get rid of SOS? (politics isn't a good answer).
What is the UofU side of the story?
Are you being expelled because of the server or the email? If the server, what is the exact charge?
It is very likely that the University of Utah overreacted in this issue, but much of what they did appears to be justifyed:
Shutting down one of their websites. It may suck, but if I own the server and the network access, I have a right to say what will be on it. Particularly since there was threat of legal action against the university.
Distruction of the data seemed strange at first, but the server is likely going to be used elsewhare, and i'm pretty sure that my university wouldn't keep mass numbers of backup tapes around in a similar situation. Those tapes can be reused.
Flikx implied that the pending expulsion was somehow related to the SOS server, but I get the impression that it was more due to the email, if that is the case, then the University overreacted, but not nearly as much as it appears from the article.
Many forms of microbial life would be able to survive such a journey.
Many forms wouldn't.
Although you are correct that it is unlikely in the extreme that anything has survived on mars, however it is always better to play it safe when there is nothing real to be gained by taking a stupid risk no matter how small.
It hurts no one to so a complete analysis of these materials in quarintine before allowing them out.
Finally it is logical to assume that Martian microscopic organisms (if there are any) would be only slightly more hearty than their Earth counterparts. This means that even though some could survive being violently blasted off the surface of the planet, then survive in space for years or even centuries, then survive the massive heat of atmospheric entry, most couldn't.
Since we are now going to bring them back with better control, over the transport envrionment, it is possible for something that could not have otherwise reached Earth to survive.
Granted the chances are minescule, but why take even a small risk of setting off a plague when that can be avoided by such a simple precaution.
You're right. It is a troll, and you caught me. Some of what you said had some point, but most of it was poorly thought out, or just plain false.
If you're not yourself a coder, then the "If I don't like it I can change it" arguement carries no weight.
I'm not a sufficiently skilled coder to make a difference in most applications, yet that argument carries weight with me. Why? Because it means that so can someone else, and since people in general aren't all that different, it is very likely that someone who is a skilled coder feels the same way and will decide to change it.
Add to that the fact that in general Open Source[1] projects tend to be more likely to fix bugs and add requeste features. Closed source alternatives tend to only add things if a "significant" protion of the user base wants it.
But the bulk of open source projects are still distributed as "here's a tarball with the source, have fun."
That hasn't been my expierence. I have seen a few programs distributed in a tarball only method, but those were either extreme alpha, (for coders, not for average users), predating Linux and designed for most unices, or fairly simple programs, designed for greatest portability.
The rest of your argument tends to fall apart since the assertion that most linux software is in a tarball only distribution. I myself haven't seen anything that was totally unavilable in RPM format in quite some time.
Also note that having rpms available should in no way exclude the available of source files. They are valuble to make Open Source work.
why do I want to have 15 different editors to pick from if they are all more complicated than I want?
So what if you do have more software than you need. Use what you can, and let the rest sit. It's about choice. At my university there are student use computer labs. Over 90% of the software available is only useful to a very small minority of the users. There is dietary software, numerous stastical packages, and things for subjects I've never heard of. I have yet to see anyone complain because extra software was there.
Linux incluses so many different versions of the same thing because different people like different things, and shouldn't be held back simply because a very few are confused by choice (that number is going up because of exposure to microsoft software however). A reasonably intelligent person will ignore things they aren't interested in. Joe user will probably find gedit in his menus, and just use that. So what if far more powerful tools are available. Just because you have the choice doesn't mean you have to learn to use every piece of software presented to you.
The latest version of Linux-Mandrake (8.0) comes with three different FTP servers. Er, why?
Because it gives choice, that's why. Joe user isn't going to care about FTP servers anyway. Just because they are there doesn't mean that you are forced to use them. If you are just setting up a home system it would be wise not to have FTP installed anyway, now many distributions enable all sorts of services that shouldn't be, and I have no idea why. It would be far better to ask the user what he wants rather than sucking cycles for something that won't be used, and that will reduce security.
Configuration, while vastly improved over earlier versions, is still scattered over a half dozen configuration utilities, and that's just the graphical ones. Why? Welcome to the Bazar.
So far everything I've read has missed the point.
on
Sean In The Middle
·
· Score: 1
Patrick Sheeley has some decisions to make and could use some help. Should he try to get Sean back into school or walk away? Should he take legal action to force due process? (Many Slashdot community members are familiar with home schooling, judging from my e-mail). He would appreciate hearing from lawyers with expertise in cases like this. He's contacted the ACLU, but isn't sure whether it can or will represent Sean. He knows that irrational policies and the post-Columbine hysteria are all closing in on his kid, and he wants to do something about it.
Sure it's fun to bitch and moan about how awful the schools are, it's fun to teach them what a slashdot is, but that doesn't accomplish much, and taking down their sight (no matter how well deserved), will only cause us and others problems in the end.
It isn't hard to stop listening. The link to the feedback form posted in a comment above is now dead. They've turned us off, when this hits local press (and it will), they can now talk about unwarranted 'hacking and vandalism'. Since most people don't understand the slashdot effect, who do you think will be believed?
What everyone seems to have missed however is that the father is asking for advice. Not for a buch of geeks to get up and try to do something about it via email.
What we can do however is apply our expierences in the public indoctrination system, and give good advice. I'm sure some people have sent good email to the hotmail account listed, but most of the comments (at least the higher rated ones) seem to be more of the same moaning about bad teachers.
First some observations to Mr. Sheeley:
Very often the education program at most universities becomes the dumping ground for people who are not particularly intelligent. Many education majors I've talked to have education as their major because it requires the LEAST math science, and other "hard" subjects.
Often people choose to be teachers because of the feeling of power it gives them. My mother was a teacher before I was born, and related to me how addictive that feeling of power can be. Many people would not be able to resist. Within that classroom, you see, you have total dictatorial power. Those children must do what you tell them, or you can do things to them that will seriously damage their future prospects (or at least that is what they are lead to believe).
Teachers are often offended by a kid that's smarter than they are (see the first item), moreover they use their power in the classroom to look for ways to destroy that. It is also true that many teachers love having a bright student in the class, but when that bright student starts to make them look bad, watch out.
The school district won't do anything to ruffle the feathers of their more important students. Yes, in school some kids are more important than others. Imagine this. Two kids, one who has four siblings, with a single mother living on wellfare and working two jobs just to make ends meet. Another who has very rich parents who incedently donate several thousand dollars to the school every year. Around whom do you think they will be more careful? They can piss off a wellfare mom, and she can't do much. The rich parents however can actually damage the school simply by deciding not to donate. Any normal administrator (or business exec for that matter) would take great pains not to have that happen. The jocks are the other highly valued group. Not just any jocks either. Girls volleyball doesn't matter, it doesn't bring in much money (in many cases it costs). Varsity football on the other hand makes a good deal of money for the school, and encourages more donation by 'boosters'. Schools will expend great effort making sure that students that help them bring in more money are catered to.
This is the general nature of the school system. It is unfortunate, but it that is the way things are. It won't be changed by mailbombing a single school, or even a bunch. It won't be changed by calling names. Legislation would help, but the Public school system has too big of a lobby to do anything about it in congress yet.
The advice I would give:
Spread this around as much as possible. While the school system still has a very powerful lobby, stuff like this is starting to erode it. They are looking bad. This will however have a backlash. We are making them look bad, they will do everything they can to hurt us (or by extension geeks in their power and even non-geek children of geeks). Be prepared for such things. Specifically in the Sheeley case, there will be a great deal of fingerpointing, trumped up charges, and other unfounded allegations against your son. Since the local media usually kisses the ass of the schools in the area, you can expect negative press against your son. It is unlikely in the extereme that your side will ever be fairly presented.
On a more broad note to everyone reading: Get your kids out of the public school system if at all possible. Do what ever it takes. Homeschool, private school, parochial school, whatever it takes. Even if you don't agree with the religeon expressed in the parochial school, it is a significant step up from the public school. The benefit from this is twofold. First, it gets your kid out of the public schools. Sencond, if enough people do it, it will further erode the power base of the schools, and eventually they will have to choose change or non-existace. Further, the more their powerbase is eroded, the smaller their lobby power is, and the more likely it is that congress will change something.
Don't do anything to hurt the schools directly. As much fun as it is to think about crashing servers, burning buildings, tacnuke strikes:-), any action along those lines would only damage our position, strengthen theirs, and not do any damage to them that couldn't be repaired in short order. Even talking about such things out loud could be dangerous, particularly because most people in the education system (as evidenced by this very article) aren't smart enough to know the difference between someone is talking about something they only want to fantacize about and something that they really want to do.
As advice to the kids in high school, don't worry, these aren't the best years of your life. Anyone who says that they are is either a liar, or such a complete looser in adult life that the only way they can keep from feeling like a complete waste of space is to live in the past. Things will get better. In fact they often get better almost immeadatly after high shcool. Despite movies, College is nothing like high school. Sure there are dolts and assholes there too, but they tend not to stay long. College professors unlike public school teachers have little patience for crap. They appreciate usually a smart student, and aren't intimidated when you point out something they don't know.
There a number of changes that could be made to fix the public schools. The idea of a publicly funded lower education is a very good one. It is one of the things that has helped this country progress as far as it has. Unfortunatly, there are a huge number of things about the schools that are badly broken, and those in charge are resistant to repair. The only chance for change is to make them choose between financial ruin, and change. Even at that, I often fear that like an old building, sometimes the only way to repair it is to tear it down and start over.
It is my understanding that contracts often do have stipulations such as this in it, but if you reread his article he states that large companies have more resources to hire lawyers to make sure that they get what they want. If they can keep you from having enough money to get a lawyer, you will almost assuredly loose. (Also remember that the right to representation, right not to incriminate yourself etc only applies to criminal cases not civil).
I've read a bunch of comments about how unions are only for the lazy, and unskilled, and I had to comment.
Unions were organized to protect individuals. Let me tell you a story:
In the days before unions, a mining company set up a coal(?) mine, quite some distance from any town. Since they needed a lot of workers, they also set up a town, but (of course) the company already owned all of the land, then rented it to the employees. The only stores around were owned by the company, and the only transportation available provided by the company. Also note this was either pre automobile, or at least before they were so common.
Workers were paid exactly enough money to pay for what they needed (nothing more), if it was found that they had been saving money, they either had their pay cut without explanation (there was no legal requirment to say why), if they tried to leave, they had to pay some large amount of money to 'repair' the property.
Eventually the workers tried to organize. The company called out the national guard, and told the national guard that they were heavily armed and very dangerous. They were all killed, and not just the workers, but their wives and children who had taken cover with them.
The company saw nothing wrong with mass murder in order to put down a forming union that was organizing only to demand an end to what amounted to slavery.
Tell me, would a union have protected only the lazy in this circumstance? The company prevented you from leaving, they made sure that you couldn't leave, or if you did that you couldn't reach any other destination alive (remember the transportation problem). Until unions came along, slavery in the United States was still essentially legal. You may have had the legal freedom to leave, but it was plainly made impossible to do so. They might not easily be able to beat you, but hey mining is a high risk occupation.
Moreover, do you think that there would be much in the way of worker safety concern were it not for unions? There wasn't before unions.
It is true that unions have done some stupid things, but they also fought for the rights of workers. Minimum wage is a result of union forces (note that unions also have a big lobby), laws that give you worker compensation if you injure yourself on the job are a result of unions. Laws that give you the right that right to leave a job and get a new one are also the result of unions.
Companies will try to extract the absolute MOST from their workers, often at the expense of the human rights of those workers.
Such things have been done all over the world, and will resume again almost immeadately if unions are done away with.
Now for the subject of unionizing the tech industry:
It probably won't have the desired effect. It is true that many of the more skilled employees can walk away from a job, and go to another one. A strict union would not increase competition for skilled workers.
Besides a universal IT union would be as bad an idea as a universal IT corporation. That is not to say that unions are bad, only that only one union would be a very bad thing indeed.
It is however necessary to have something to keep employeers from using various methods to control people who COULD walk out the door at any time. One example I read about was someone who was told that he would have to agree to certian unplesant conditions, or another worker would be fired. That worker was not int the IT field, and had nothing to do with the task this sysadmin had been given, she was however his friend, and trying to put her life back together after a bitter divorce, and several other problems. He stayed there for quite a while, because the person who would have been fired was a good person, and his conscience wouldn't let him allow the boss to destroy her life, and since he had no proof of the threat, there was nothing that could really be done about it from a legal standpoint.
A better solution would be something a little more like a guild. Guilds are more for specialized individuals, and could operate to ensure the quality of employees. If an employee was a member of a particular guild, the employer could be assured of a certian level of competence.
In return the guild could negociate on behalf of the employee. If an employer breaks the contract, or will not provide what the guild wants, that employer can't get guild members, and has to take his chances elsewhere. If a guild is too inflexible, or demands too much, employers will ignore them, and competeing guilds will be formed.
Since a someone working outside a guild would not be stigmatized as a scab, the danger of crossing picket lines as such is gone. It will be in the employer's best interest to work with the guilds, because they will have quality workers, if one doesn't assure qualiy, it won't be a guild any more.
If any person or group of people is given enough power, they will misuse it. That is the reason the framers of U.S. Constitution were so careful not to give too much power to any one individual. If a company becomes too powerful, the company leadership will use it. If a union becomes too powerful, the union leadership will misuse it.
Unions have done good, they have also done some seriously bad things. I prefer to live in a world where unions exist, I have been told too many stories about what happened before unions, and it wasn't pretty. Many of the laws you cannot concieve of living without were encacted because of the union lobby.
While I don't know a lot about either Open Office or Star Office, It sounds a little to me like SuSE developed a product for use in the Czech language, borrowing code from another source. It is likely that they have the right to use it and to sell it, but not the right to gpl that code.
This begs the question of incoprorating gpl'd code along with code that I have permission to use, but not give away. What are the legal implications when two liscences collide>
Anyway, it appears to me that SuSE is trying to put out a workable product, then working to make that product conform with the standards of the community.
People needing a workable Czech word processor will want such a thing as soon as possible, which SuSE has provided. They will then do the right thing and open it as soon as possible afterward.
If they were trying to be another M$ they would try to keep it to themselves, not be setting a schedule to give it away.
The most logical explanation I can think of is that of making sure all of the code is legitimate for free use before allowing such free use.
First, the only way the Open Source security philosophy really works is if people ACTUALLY (as opposed to theoretically) sit down and read the code for security flaws in its entirity. I would argue that in a great many cases, no one even approaches this level. Because the Open Source community has very little centralization of effort, there is going to be a great deal of redundancy. In other words, even if you believe that 1000 security "experts" will spend some time reviewing the code, they may well be looking at the same piece of code (which in and of itself, can be a good thing), while leaving other pieces of code largely unscrutinized. Furthermore, I suspect that very few people truely give the code the time of day.
This is one of the most common and most idiotic arguments against the increased security of open source. It just plain isn't true. It assumes that my ability to have the source code suddenly precludes any other method to finding security problems. Obviously such an argument is flawed.
If I have the source code, I have every method of finding security holes available to closed source projects to me, IN ADDITIION TO the source code. If I find a problem, I can then study the pertinent code, report it to others that are interested, and even try to fix it myself. The fact that it's open gives me more options, and one extra avenue toward finding and closing security holes. It doesen't take away any of the traditional closed source methods.
Second, while Open Source makes it easier for white hats to find flaws, it also makes it easier for blackhats to find and exploit flaws. This is particularly relevant if, as I point out, the code is not getting the right kind of attention from white hats.
Strangely enough, I know a few black hats, and reformed black hats. Most are rather concerned about having secure systems themselves, and are often militant about reporting security holes in often used software. I can't tell if this is normal for black hats in general, or just those I know, but that has been my expierence.
However either way, if a security vunerability becomes apparent, it will then get the attention it deserves from the white hats, that can be assured.
Third, Closed Source can make it HARDER and DULLER to find flaws. Many people seem to assume that just because obscure products have been cracked, that there is absolutely no reedeeming value to it being closed. In other words, at any given moment in time, if we could some how have two parallel universes that would allow you to have the same piece of code (let's say the latest stable linux kernel with all patches applied) in Open Source and Closed Source at the same time, without knowledge leaking either way, most reasonable people would prefer the Closed Source option.
I seriously doubt that. Open source gives many the ability to correct a problem if found. Remember that I not only have more methods available to fix the problem, I have the ability to play with the code if necessary in order to fix it. Not everyone will, but someone will, and someone will tell the maintainer, and the maintainer will put it in.
Let's just compare the time to fix most security problems between Microsoft products, and Linux. Under the closed source Microsoft products, most security problems are fixed in 'the next service pack', often the next service pack doesn't fix the problem. When a security problem is encountered in a Linux based system, it is often fixed within a couple of days. One example was a security hole found to be present in most Linux systems (I don't feel like looking it up right now), the person writing about it had intended to inform the Linux distributions, then wait a while to give them the opportunity to fix it before he posted to bugtraq. He was complainig because long before he could post to bugtraq, half of the Linux distributiors had already made a fix, and posted it on their website.
With Open Source software, I am not limited to when the person who owns the software decides to fix it, I can fix it myself if I have the skill. With closed source software, I am completely dependant on someone else.
Fourth, security flaws are found all the time in Open Source code projects. A lot of them are presumably stable pieces of code that have already been put into production. These systems get hacked REGULARLY. Now this isn't to say the same doesn't apply to closed source, but you can't ignore the problem either way.
So what? All types of systems get hacked regularly. The difference is that if a problem is discovered in an Open Source program, it can be and often is fixed rapidly, on closed source systems, there is often a significant delay between the time a security hole becomes public, and the time it can be reasonably closed. This delay is generally significantly shortened or even eliminated under the Open Source process.
Sixth, it's entirely possible for a Closed Source company to do a full internal security audit of their code. It may not be perfect, but it's better than nothing. Although I fully realize that hardly anyone does this, it'd be a mistake to ignore this as an option. If a company can get _most_ of the (presumed) benefits of an Open Source security audit without the corresponding exposure of their source code to blackhats (or at least less "risk" of that), then that might be very good indeed.
I wouldn't say they even get one of the major benefits to Open Source. Open source allows many people to look at, and fix (always remember the and fix part it is very important) the code. Yes an internal code audit would turn up several of the security problems that get found by people pouring over an Open Source project, but still, the security problem remains until it is fixed, during which time the black hats can either find or exploit it.
Under Open Source there exists the opportunity to have numerous code audits going on all the time by numerous groups.
In summation, this is not nearly as black and white as people protray it. It comes down to numbers and many other unquantifiable elements. A simple philosophy is a not a one time cure-all. For instance, as I have alluded to, if there are very few white hats reviewing the code (say 50) and those white hats are mostly replicating their own work (say 15% efficiency) while allowing any black hat with proper monetary motivation to put the effort into cracking easy to read source code, then you might well be worse off. The same goes the other way around, if a software company, as all too many do, rush their product out with little to no review and depend entirely on obscurity, they might well use some routines that are well known security problems that can be easily searched for....
You're right about it not being black and white, but Open source would and seems to in general promote more security awareness, and beter security practices. It gives more people the ability to fix problems in the code, even if that code is no longer being maintained. Try getting a security hole fixed in a Closed Source product that you're stuck using, but that is either no longer supported by the company, or owned by a company that is no more. On the other hand, if the need is desperate, an Open Source project can be fixed, even if you're the only person in the world actually using or even wanting to use that software, because if you're desperate enough, you can fix it. (and yes I know it would be better to get something more useful than a totally unsupported product, but the bureacracies within large organizations often make intelligent software choices interesting, once somthing is supported, it often must be supported forever).
The bottom line is that it is just as stupid to assume your carelessness will be automatically covered by "peer review" (or "Open Source") as it is toassume it will be covered by "obscurity".
That is true, however your chances are still better with an open source product. Your general arguments did not take into account that in most open source projects, there are also numerous people working on writing and fixing the code, all intependantly, you can be one if you want, but you don't have to be.
This is the key advantage. In closed source, when a security problem becomes apparent, there are a limited number of programmers trying to fix the code. With Open Source, everyone has the potential to look at the source and propose a solution.
--
So what happens when an Astronaut needs to burp?
on
Beer In Space
·
· Score: 1
I don't drink beer, so I don't know much about it, but from what i've seen, there are a lot of bubbles in beer.
Wouldn't beer cause belching at least as much as soda? If so, how is the gas seperated from the liquid in the stomach.
It seems to me that burping and pukeing would be nearly identical actions. in a zero gravity environment.
There is a fairly simple way to resolve this, but it would requre a fairly large change in Copyright law, and I think it would satisfy most everyone.
1. Let the software, music, and publishing industries have their way. Give them a copyright for as long as they want it with the exception that they have to follow a few simple rules.
2. One of the major rules is that they have to provide upon request a full electronic copy (via cd or other reasonable media) for a reasonable price. This way they would still get to hold on to their intellectual property, and make a reasonable profit from it. If they were unwilling to do so, that document, song, software title, or whatever else would then enter the Public Domain after a certain period of time (I think five years would be reasonable).
3. In order to discourage offering the software for only one day every five years, and effectively never having to provide it, there would have to be a stipulation as to what percentage of that time the data would have to be available.
4. If a particular copyright holder were somehow unable to provide the service for an extended period of time that person can get an extension if reasonable grounds can be shown as to why they were unable to meet the requirments.
This way, people can obtain out of print books, old songs, or old software, without having to resort to breaking copyright, and without having to go through the hassle of trying to find it used.
Unfortunatly, things seem to be going in the opposite direction, but I don't want to go there, because it will just depress me.
Get the regular version, instead of the subscription one, in the first place.
Get the GPL'd Star Office instead. It seems to work pretty well, handle M$ files, and doesn't heve either the annoying first charge or the update charges.
This makes me wonder whether or not offices will be switching to Star Office, There is a windows version, and it appears to be very similar to Word, so retraining should be minimal.
Slashdot Mirror
Just what do you think could have been done to prevent them from doing what they did?
What you must remember is that the terrorists always have knowledge of the laws and rules. If you can't take a metal knife aboard an airplane, they could have gotten away with ceramic ones. Are you suggesting a body search for everyone who gets aboard an airplane?
Unless you enact laws that are so strict as to totally limit your freedoms to the point that they no longer exist.
In truth this is what they wanted. This is the reason they attacked. To them, killing massive numners of people is secondary. They really wanted to destroy our freedom.
What better way to destroy freedom that to scare people into giving it up willingly? Talk about irony. Right now those who planned this atrocity are celebrating, not because they killed Americans, but because we will be willingly giving up a lot of freedoms.
Benmamin Franklin said that anyone who can give up essential liberties to obtain a little temporary saftey diserves neither liberty nor safety. This is as true today as when it was first uttered, and make no mistake any safety we gain from the sacrifice of our liberties will be very little and very temproary.
Never give up your freedom. I don't know about you, but I had ancestors who died to protect that freedom, and I will not let their death be in vain. I will not say, gee I'm too scared, I'll throw away all they fought and suffered and died for just so I can have a false sense of security.
Are there ways we could have stopped this attack? Absolutely, but none, not a single one involves any realistic level of additional security.
Even forgetting the horrendus difficulty, it would have required monitoring every telephone call, email, and non technologically assisted conversation on earth. What kind of civil liberties violation would that be?
It sickens me that someone could throw away his freedom so easily. I hope that there are still enough Americans who are willing to stand up to terrorism and say, "I will not sacrifice My freedom just because I am attacked. We WILL fight you and we WILL win. You will not intimidate us into giving up OUR freedom."
What you say is true. Even people who don't vote have a constitutionally protected right to bitch about the government.
The difference is that a member of congress will openly scoff at you if you don't vote, but will at least listen politely to your opinion, then diplomatically tell you why you're wrong if you do vote.
That is the critical difference.
Wouldn't it make just a little more *sense* for the sensor to disable the ignition or something?
Not really. I don't particular like this either, but disabling the ignition would make such things as designated drivers impossible as it would disable the ignition if SOMEONE ELSE in the car had been drinking as well.
I checked it, and although it does rank relevant matches well, it is lacking on the indexing, as well as on the caching. These are two of google's strongest points.
With Google, I was searching for information which turned out to be on a defunct website. I was able to get what I wanted by searching within the google caches for the individual url's linked to. With this new one, that's right out.
Google also got the newsgroups that deja had. They are still not quite up to snuff (threading still sucks), but Tehoma lacks even that.
On the other hand Tehoma IS still in beta, and will probably get better. They will continually be indexing the web, and if they are smart will be refining their search process to give more revelant links.
Even if they do rise to a par with Google, I'd still use Google just because the caching of pages is so useful.
INAL, but as I understand it:
There are two things he seems to be going up for. First is reverse engineering the algorithm. This is on shaky legal ground since he did not do it within the U.S. However Unsama Bin Laden (sp?) has been tried and convicted in abstencia for several of his attacks against U.S. targets, even though he has never been within the United States, and likely never will be. Now there is little similarily between reverse engineering an encryption algorithm and bombing embassies, but it still shows legal precident of trying someone for something they planned or did outside of the U.S. If he ever comes into the US, he will be arrested and jailed, and his next trial would be an appeal since he has technically had a trial.
The other part is a little more firm. That is dissemating the information from the cracked algorithm. He could say I cracked this but I can't tell you how, and he would have been in a beter legal position because he did the actual reverse engineering in another country. He showed how to do it in Las Vegas, which is (the last time I checked) still in the U.S..
All of this isn't to say that the DMCA isn't completely stupid and unconstitutional, particularly the part about the dissemination. That SHOULD come under freedom of speech, but it will likely take the supreme court to strike that down.
Fortunatly (for now) the Supreme Court seems mostly immune to such things, perhaps because of the amount of money they make and not having to run for reelection all the time. I expect that to change some time soon though.
The first 'violation' is a little more ambiguious as to it's constitutionality. Sure, it's stupid, but there are a lot of stupid laws that are constitutional.
I think that the boycott of all such conventions and conferences would be a serious blow to the US DMCA supporters. Boycotts of the products would help too. Remember the best way to hurt a rich man is to take away his money.
I'll take it back to the place of purchase.
If enough individuals do this, the stores will be forced to spend their resources (time and money) with the returns (which take 2-3 times longer than a purchase).
If it happens enough, the stores will in turn be forced to work with the record labels to stem the flow of returns.
Unfortunatly, it won't make any difference. What is the general rule for software? It can only be exchanged for the same title. Money can't be refunded (at least where I live). If people started taking cd's back to the store and demanding refunds, stores will institute the same policy for music, and you'll be screwed.
Of course you could try a different store, but since every store selling software I've seen in the last 5 years or so has had the exchange only policy with little negative impact on sales, it is entirely likely that most music buyers will still buy the music.
Remember they hold all of the cards.
If you want to hurt them, don't buy any more music from places that use such copy protection schemes, write to radio station advertisers threatening boycotts if advertisers continue to play songs from labels that use such copy protection schemes.
Unfortunatly I doubt this will work either. What percentage of music buyers actually notice such things or even care? I would guess less than 1% more likely less than 0.1%.
It's sad but true.
I'm not saying to mislead them, in fact I agree that it is necessary to try to educate as to what the term "Free Software" means. I just don't think anyone will get past the term free.
In fact I've found that most people lock up if their original assumptions are challenged. These aren't just moral or philosophical assumptions, but even technical ones. I once tried to explain the concept of using the gears on a mountain bike to someone. She had it in her head that you pushed the lever on one side to go faster, and the lever on the other to go slower. No amount of explanation or demonstration could convince her otherwise. It was almost as if I were watching a buggy Operating System encounter a problem and reboot itself.
One of the major problems with using the term "Free Software" in the business worldn is that people don't get past the term free. Here is close to the exact conversation I had once with a business major:
Me: (talking about linux) Free Software means free as in speech, not as in beer. This means that you can use it, copy it, and sell it if you want.
Business Major: Free! You mean nobody makes any money on it?
Me: No, it't talking about freedom, not price. You can make all the money you want on it. You just can't stop others from doing the same.
Business Major: How do they make any money if they have to give it away for free?
An educator will have the same tendency. You can talk, explain, scream, demonstrate, and whatever else you can think of to impart clue, and most will still insist on not understanding. When this happens, I see nothing morally wrong with utilizing that to our ends.
With business, we changed the name to get rid of the problems associated with the term free, why not do the reverse with education?
Come on people. Why bitch about this? Instead encourage schools to use Open Source. I can't believe the lack of thought I've seen on these message boards.
Remember that one of the major attributes of all educators in the public education system is a heavy concern for money. You'd have it too if you were making 1/3 of most other people with a similar level of education, and had to hear about how the budget didn't allow for this or that necessary item.
Just what do you think the most effective way to advocate Free Software to educatiors is? Note that we should call it Free Software when advocating to schools. The idea confusion between free beer and free lunch will help us here where it hurt us in the business world.
All we have to do is point out to horribly cash strapped schools that not only can they get this great software for little or no money, but they can copy it to their heart's content and put it on as many computers as they want.
There will be some problems since educators often tend to be technophobic as well, but simply pointing out such incidents in the mainstream press will go a long way to make them consider a Free alternative.
Why bitch about this? Why not just encourage Free Software? Because bitching about this IS going to be the most effective way we can encourage the use of Free Software in the education system. Sure it's scare tactics, and smacks a little of FUD, but WE aren't making this up. As far as I'm concerned Microsoft dug their own grave here, it's just up to us to take advantage of it.
There are many reasons I don't want to pay for content. First, I don't like any of the methods proposed so far to pay for it, I won't use them, but I still want to use the content.
Every method I've heard about utilizes some form of credit card or similar method (Don't go off about debit cards, smart cards or anything else, they are essentially the same thing a unique number that identifyes me so I can be charged, and information can be collected).
All of these let me spend money without knowing how much I'm spending, and can let such charges build.
One question: How would charging be done? By the minute? As I type this, I have a slashdot screen up, but I'm not actually communicating with the Slashdot site. This is going on on my computer, and will be sent to slashdot when I click submit. I would be rather upset if my browser ticked off seconds to pay to some site just because their information was on my screen. I'm not actually costing slashdot anything until I submit or preview. Perhaps by packet? I really don't want to have to pay for lost packets that are my ISP's fault, or worse the fault of some router somewhere between me and whatever site I want to view. What about by the month? That sucks if I only care to pop into a site for a few mintutes every few weeks. If on a monthly basis, would I still have to pay if I paid for entry, found the site to be worthless to me, and never came back? If so, why should I pay the same amount that month as someone who made heavy use of the site.
Using current technology and infrastructure how would you set up a pay by site for service internet infrastructure? Requiring people to have some type of card reader on their computer would be impossible since most people don't have one. The current option is for every site to get credit card information each time the site is accessed, either manually, or by cookie. Cookies would work, but have the tendency of shackling a person to a single machine. Slashdot does ok for keeping user profiles, but If I go to a machine wihout that cookie I must log in again. Of course on machines with more than one user, this creates a problem. Tracking by IP is worse, since many places and ISP's use assign IP's dynamically (modem pools for example).
There is currently no way for more than a couple of sites that any given user frequents to be pay sites without causing the user all sorts of headaches. How do you track me? Entering all that data each time is a pain. Saving it on my computer is insecure (I might want to be able to move around). Logging in to a lot of sites is a pain. Users will tend to use the same password for each site, so once one is compromised, all of them are.
In the furture, it would be possible to have a credit card reader (try getting drivers for that open sourced), which could be plugged into the computer. Ignoring the security of such things (I'll discuss that later), It is still a problem. Let's say most sites are a pay by access. They may charge only a small amount, but it can add up.
Let's say I go to slashdot premium, and pay for that, then I go to userfriendly and pay there, meanwhile I set my music browser to go get a good selection of classical music (which can't be downloaded and saved, only played from their servers), and I pay some small amount for that. With everything people do on the internet, all of these small and 'insignificant' charges add up to something rather substantual. Which then must be paid back quiclky (remember more will be on the next month's bill.
Credit card debt is currently a national epidemic. People all over the United States are going further into debt than they can handle because credit cards make it so easy. Going to pay for online services makes it a whole lot easier to go far into debt.
Now we come to the privacy issue. Several businesses (mostly ones that sell your data), have said that their customer lists and demographic information are the most valuable resource they have, not because they can sell to you, but because others will pay so much for that data. Marketers are no longer satisfyed with demographic data, they want specific data in order to force what they think you want down your throat. How do they get that data? Look at every purchase, and all of your online viewing habits in order to 'taylor' the advertising content to you. This is a complete violation of privacy.
Then there is the entire security issue. Most companies aren't sufficiently careful with their credit card information anyway, this just opens the door to all sorts of other potential violations which could occour.
Of course there is also always the potential of evesdropping. Even though the U.S. has lightened up some on the encryption laws, it is my understanding that there are still strange quirks in the law which would make encryption of reasonable strength impossible for widespread use. This opens the door to all sorts of attacks. Smaller keys can be brute forced in minutes or hours. Even if the encryption is sound and strong, the proceedures can often be attacked. In fact this is often how data is compromised.
Finally, if I pay for content do I still have to look at ads? One might think not, but that isn't how cable television has gone. I'm even beginning to see advertisments for various products on rented video tapes, and one DVD I own won't even let you bypass the previews. Not only do I have to pay for a commerical, I'm not allowed to skip it (I have to watch it to even get to the selection menu). I don't think that sites requiring pay for service would be any different than cable television. Of course premium channels don't have advertising (except for upcomming shows), but most regular ones, that I still have to pay for, do.
Some of the privacy problems and security problems can be solved by intellignet lawmaking, but I don't see that as being too likely. After all the United States Congress doesn't have too good of a track record with making laws having anything to do with computers.
Pay for access as a rule rather than an exception won't work well. There are too many problems to be resolved be for I would be involved, and I think that there are a lot of others who would also have similar problems.
on the whole, I liked Legos more. Why? Well, the erector set was far more challenging and interesting., but in order to join two simple objects, I had to dig through to find the parts, then sort through screws to find the proper length, then deal with my poor coordination to screw them together, crossthreading the nut onto the screw several times before I finally got it right. Then I could move on to the next one.
Although that IS very much how large engineering projects go, it is frustrating for younger people to have to deal with such things.
Legos do involve less thought, but trade that for quicker gratification. By the time I had joined a couple of parts with the erector set, I could have most of whatever I was building built out of legos.
Legos also made one think about structure. It is just in a much different way. Legos are inherently of inferior building structure (from the standpoint of structural integrity). You must there for think of how to build something strong enough that you can play with it afterward, while still making it look like what you want. This meant adding support blocks to various areas.
From the other posts here, I don't buy that the increase in the popularity of Legos is the cause of the decrease in quality of engineering in england. I would attribute it to other factors. I know nothing of the English education system, but if it is anything like the one here in the States, it must be getting pretty dismal.
I would wonder if the decrease in the quality of engineers and scientists in the U.S. matches the increase in schools allowing persecuition of anyone who would choose science, math or any other "geeky" subject over taking the minimum requirments, and goofing off the rest of the time.
I'm not required to give proof to that, Microsoft needs to. I was simply reporting on what Microsoft wants you to think. Nobody who is skilled in much of anything would actually buy their logic, they're hoping that people with business degrees listen, not math degrees.
Of course *I* know the logic is flawed, THEY don't want YOU to know that.
Did you read the actual article? Have you been listening to what Microsoft has been saying lately? In case you haven't it goes something like this. GPL=open source, GPL=anti-intllectual property, Open Source= anti-intellectual property, All Open source threatens intellectual property, because if you use any open source, you have to give away all of your IP.
Everybody in the tech community knew that the Win95/NT tcp/ip stack was the BSD stack, everybody in the tech community knew that hotmail was run (until recently) on BSD.
I don't find anything in this to be breaking news, I just find it to be funny.
"Don't use open soruce it's bad." "Shh, don't tell anyone, but all of our most mission critical stuff runs on open source software."
That's the funny part.
I started reading some of the responses, and was somewhat troubled. Fortunatly the moderation system seems to be working, and more intelligent people were percolating to the top, but some of the idiocy that pervails here and elsewhere is scary.
First the recomended article is not revelant to the discussion at hand. Most would agree that regulating the internet from a FEDERAL AGENCY is a violation of the first amendment, and not practical either. That was the entire 5 page rant in the referenced article. What brought about the rant? Someone not wanting to show a kid things that might be inappropiate in HIS OWN HOUSE. That is the crucial difference.
Freedom of speech means that I can say or publish pretty much what ever I want in a public fashon. There are limits to this, but for most cases I can say what I want. It does not mean that someone can't prevent me from saying things in his house or on his property. Public places such as stores or schools (even private ones) can be somewhat different, but private residences have no obligation to allow for total freedom of speech. The owner of the property can say what is or is not permissible.
However in the mind of the author of the salon article, censoring what is in your own house seems to be exactly the same as a governmental regulation. It is not.
Then there are the comments about the ratings system. Movies cutting stuff down to get the R rating, They also add gratutious violence and sex to the story just to get an R rating, because R rated movies make more money. Rather than eliminating it as suggested in the article, expanding it would be better. It lets me know what is in the movie, and if I want to see it for myself.
On that, I have seen no ratings system that is adequate. Most have one type of sex, one type of violence, one setting for foul language. I would submit that there is a difference in the violence protrayed in "Saving Private Ryan", or "Shindler's List", and that protrayed in "The Matrix". Any ratings system should refelct the difference.
The reactions here also distressed me:
IMHO, there is NO ethical way to monitor another human being. Privacy in my world comes ahead of security or well-being.
This person is obviously never dealt with any children. Should infants not be monitored on what they put in their mouths? Should older children not be monitored as to where they go and what they do? To fail to do so often results in the death of the child. Is this individual saying that needless death is more desirable than simple parental supervision?
Then there is the other side, someone recomenging that logging every keystroke website, image and whatever else be monitored. This is usually completely inappropiate (unless as a completely last resort before cutting off all internet access).
The advice in the bottom of the article was pretty good. I would venture that the best method to monitor internet access would be that internet access is only available when you are present, (not too hard in the instance of the question), and to keep the machine in a 'public' area of the house. If you are wandering through the room from time to time going about your business, it is unlikely in the extreme that any normal kid would surf to sites that they think you might find questionable.
Spot monitoring would not be a bad idea either. I would start by checking the cached pages, and history files. Most browsers to this for your convinence, and shouldn't be difficult to check. If the history or chache disappears, simple questions as to what might have happened would be appropiate.
Monitoring of whatever chat analog is a bit more important. Although the number of pedofiles using chat to get at kids is overstated, the danger is sitll there and very real. Checking into her chat sessions is really no different than getting to know her friends. It isn't really analogous to monitoring phone calls, because phone calls are not random individuals who call into some pool that lets them talk with others. You have to know the phone number and how to get in touch.
I would also like some program that would set off an audible alert if someone opens an email attachment, or tries to run some cutsey program from an attachment. Doing the latter should not run the program. It should shut off internet access deliver an aversion shock to the person who tried to run it, deliver an aversion shock to the person who sent it, and then delete the offending program. This would not only be available for kids but to install on the machine of any luser.
Lastly, I would suggest a stern talk about giving out any personal information. No phone numbers, street addresses, cities, or even real names. Email addresses should even be watched closely, for obvious reasons.
Respect for privacy is important, but there are things that eleven year olds aren't equiped to handle yet, and very real dangers. A balence between the two is important. As long as a kid is responsible, the monitoring would be kept to simply having the computer where the screen can be seen. Some other simple precautions protect the kids from other problems, and actually protect their privacy (monitoring them for giving out personal information for instance), or even their lives.
As kids get older they can be trusted a bit more. Some of the monitoring can go away.
There are ethical ways to 'monitor' what kids do on the internet, most don't require much work or technical expertise. Just a little bit of time spent with the kids. Done right, the monitoring can be kept to a minimum, mostly to assure the safety of the kids, their privacy from strangers (more important than privacy from parents), and to prevent more spreading of useless email viruses and trojans.
I really don't care what he says. The fact that I tried to leave and kept having new windows opened made me not want to have anything to do with him.
He can have his religeous, political, and philosophical views no matter how much I disagree, or how wierd. He can even sell eternal life rings. I don't really care, but when he annoys me with javascript, he needs a good beating.
After all we all know how unbiased Slashdot is, and the agrieved party can not by any means be considered an objective voice in the matter.
Flikx seems to have left out a lot of detail. The University is having a problem with some of the content of the side because of a threat of legal action. What was the nature of the 'inappopiate content'? Flikx never says. He just says that it is nothing by slashdot standards.
What flikx doesn't mention was that SOS wasn't a server that he was setting something up on for fun, nor was it a part of his education. He was voluntering for what appears by the google cache pages to have been an official university site.
Since it is a site that is meant to reflect on the university, the university has a right to see to it that there is nothing on there that could cause legal troubles. They didn't appear to have a problem with criticism, just with some posts with inappropiate content of an unspecified nature.
Then flikx starts to become very unclear. He is forced to implement censorship. Notice how the slashdot crowd goes nuts over this word, but if I own a server, I have the right to say what is stored on it, so does a university. Compare policies of student home pages to policies for official pages. Since SOS was quasi-offical, the university was compelled (apparently legally) to moderate the content to a degree.
Then a new administrator comes, and he doesn't like the SOS server. Since flikx has put in a lot of work he is understandably upset when the SOS server is going to go away.
He doesn't specify why it's getting pulled, only that it's 'politics' and some forged emails. I would suspect that the current diciplinary action against flikx is about the emails, not about the server.
Since there was a legal problem with the server, it is obvious that evidence would be collected from it, and the other data removed. After all why have a perfectly good computer sitting around doing nothing. As for the backups, why keep something backed up if you are never going to use it? Tapes cost money.
They also have grounds for not allowing flikx to set up the server somewhere else. After all the server was for the student government, an official university body. Since it was done for that purpose, it is not unthinkable that the university would leagally own the copyright to whatever was ont the server.
I suspect that the other problems flikx is having are more due to the forged emails. Since they appeared to come from flikx the university is understandably suspicious that he might have actually sent them. I think they are over reacting, but we should be used to this, people who don't understand technolgy usually tend to over react to possible tecnological threats. What would be suprising is a reasonable reaction.
Supposing for a moment that flikx did sent the email, the university would be well within their rights to ban him from campus, expell him, and even press criminal charges, so that reaction although excessive without more proof, it is understandable.
What the slashdot crowd generally fails to understand is that freedom of speech does not mean that I have he absolute right to say any thing I want wherever I want whenever I want, using whatever resoruces I want. Nor does it mean that even if I do have the right to say something in a particular venue that I should be excused from any possible repercussions from what I've said.
With the right to speech comes responsibility. If I annoy the wrong people they can make my life hard. That is a simple fact of life. Not all forms of speech are protected, nor are all forums equal in what kinds of things can be said.
Had Flikx implemented something like that using his own personal web page (at least at my school), it would have been protected. Students' web pages have some regulations on them, but not to the degree that something that is supposed to look official does.
Flikx is of course upset that all of the work he did went away, and now he can't even show it off, but why implement a service to the student government somewhere else? That wouldn't make much sense.
Advice to Flikx is to check with a lawyer, but worry more about getting the diploma. They didn't kill your page, they killed a their page that you had responisibility for.
Also note that in posting this to slashdot you may have seriously hurt your case. It sounds kind of whiny and tired.
Questions for Flikx:
What was the nature of the 'inappopiate material?'
Why did the administration change?
Why did they decide to get rid of SOS? (politics isn't a good answer).
What is the UofU side of the story?
Are you being expelled because of the server or the email? If the server, what is the exact charge?
It is very likely that the University of Utah overreacted in this issue, but much of what they did appears to be justifyed:
Shutting down one of their websites. It may suck, but if I own the server and the network access, I have a right to say what will be on it. Particularly since there was threat of legal action against the university.
Distruction of the data seemed strange at first, but the server is likely going to be used elsewhare, and i'm pretty sure that my university wouldn't keep mass numbers of backup tapes around in a similar situation. Those tapes can be reused.
Flikx implied that the pending expulsion was somehow related to the SOS server, but I get the impression that it was more due to the email, if that is the case, then the University overreacted, but not nearly as much as it appears from the article.
Many forms of microbial life would be able to survive such a journey.
Many forms wouldn't.
Although you are correct that it is unlikely in the extreme that anything has survived on mars, however it is always better to play it safe when there is nothing real to be gained by taking a stupid risk no matter how small.
It hurts no one to so a complete analysis of these materials in quarintine before allowing them out.
Finally it is logical to assume that Martian microscopic organisms (if there are any) would be only slightly more hearty than their Earth counterparts. This means that even though some could survive being violently blasted off the surface of the planet, then survive in space for years or even centuries, then survive the massive heat of atmospheric entry, most couldn't.
Since we are now going to bring them back with better control, over the transport envrionment, it is possible for something that could not have otherwise reached Earth to survive.
Granted the chances are minescule, but why take even a small risk of setting off a plague when that can be avoided by such a simple precaution.
You're right. It is a troll, and you caught me. Some of what you said had some point, but most of it was poorly thought out, or just plain false.
If you're not yourself a coder, then the "If I don't like it I can change it" arguement carries no weight.
I'm not a sufficiently skilled coder to make a difference in most applications, yet that argument carries weight with me. Why? Because it means that so can someone else, and since people in general aren't all that different, it is very likely that someone who is a skilled coder feels the same way and will decide to change it.
Add to that the fact that in general Open Source[1] projects tend to be more likely to fix bugs and add requeste features. Closed source alternatives tend to only add things if a "significant" protion of the user base wants it.
But the bulk of open source projects are still distributed as "here's a tarball with the source, have fun."
That hasn't been my expierence. I have seen a few programs distributed in a tarball only method, but those were either extreme alpha, (for coders, not for average users), predating Linux and designed for most unices, or fairly simple programs, designed for greatest portability.
The rest of your argument tends to fall apart since the assertion that most linux software is in a tarball only distribution. I myself haven't seen anything that was totally unavilable in RPM format in quite some time.
Also note that having rpms available should in no way exclude the available of source files. They are valuble to make Open Source work.
why do I want to have 15 different editors to pick from if they are all more complicated than I want?
So what if you do have more software than you need. Use what you can, and let the rest sit. It's about choice. At my university there are student use computer labs. Over 90% of the software available is only useful to a very small minority of the users. There is dietary software, numerous stastical packages, and things for subjects I've never heard of. I have yet to see anyone complain because extra software was there.
Linux incluses so many different versions of the same thing because different people like different things, and shouldn't be held back simply because a very few are confused by choice (that number is going up because of exposure to microsoft software however). A reasonably intelligent person will ignore things they aren't interested in. Joe user will probably find gedit in his menus, and just use that. So what if far more powerful tools are available. Just because you have the choice doesn't mean you have to learn to use every piece of software presented to you.
The latest version of Linux-Mandrake (8.0) comes with three different FTP servers. Er, why?
Because it gives choice, that's why. Joe user isn't going to care about FTP servers anyway. Just because they are there doesn't mean that you are forced to use them. If you are just setting up a home system it would be wise not to have FTP installed anyway, now many distributions enable all sorts of services that shouldn't be, and I have no idea why. It would be far better to ask the user what he wants rather than sucking cycles for something that won't be used, and that will reduce security.
Configuration, while vastly improved over earlier versions, is still scattered over a half dozen configuration utilities, and that's just the graphical ones. Why? Welcome to the Bazar.
Sure it's fun to bitch and moan about how awful the schools are, it's fun to teach them what a slashdot is, but that doesn't accomplish much, and taking down their sight (no matter how well deserved), will only cause us and others problems in the end.
It isn't hard to stop listening. The link to the feedback form posted in a comment above is now dead. They've turned us off, when this hits local press (and it will), they can now talk about unwarranted 'hacking and vandalism'. Since most people don't understand the slashdot effect, who do you think will be believed?
What everyone seems to have missed however is that the father is asking for advice. Not for a buch of geeks to get up and try to do something about it via email.
What we can do however is apply our expierences in the public indoctrination system, and give good advice. I'm sure some people have sent good email to the hotmail account listed, but most of the comments (at least the higher rated ones) seem to be more of the same moaning about bad teachers.
First some observations to Mr. Sheeley:
This is the general nature of the school system. It is unfortunate, but it that is the way things are. It won't be changed by mailbombing a single school, or even a bunch. It won't be changed by calling names. Legislation would help, but the Public school system has too big of a lobby to do anything about it in congress yet.
The advice I would give:
There a number of changes that could be made to fix the public schools. The idea of a publicly funded lower education is a very good one. It is one of the things that has helped this country progress as far as it has. Unfortunatly, there are a huge number of things about the schools that are badly broken, and those in charge are resistant to repair. The only chance for change is to make them choose between financial ruin, and change. Even at that, I often fear that like an old building, sometimes the only way to repair it is to tear it down and start over.
It is my understanding that contracts often do have stipulations such as this in it, but if you reread his article he states that large companies have more resources to hire lawyers to make sure that they get what they want. If they can keep you from having enough money to get a lawyer, you will almost assuredly loose. (Also remember that the right to representation, right not to incriminate yourself etc only applies to criminal cases not civil).
I've read a bunch of comments about how unions are only for the lazy, and unskilled, and I had to comment.
Unions were organized to protect individuals. Let me tell you a story:
In the days before unions, a mining company set up a coal(?) mine, quite some distance from any town. Since they needed a lot of workers, they also set up a town, but (of course) the company already owned all of the land, then rented it to the employees. The only stores around were owned by the company, and the only transportation available provided by the company. Also note this was either pre automobile, or at least before they were so common.
Workers were paid exactly enough money to pay for what they needed (nothing more), if it was found that they had been saving money, they either had their pay cut without explanation (there was no legal requirment to say why), if they tried to leave, they had to pay some large amount of money to 'repair' the property.
Eventually the workers tried to organize. The company called out the national guard, and told the national guard that they were heavily armed and very dangerous. They were all killed, and not just the workers, but their wives and children who had taken cover with them.
The company saw nothing wrong with mass murder in order to put down a forming union that was organizing only to demand an end to what amounted to slavery.
Tell me, would a union have protected only the lazy in this circumstance? The company prevented you from leaving, they made sure that you couldn't leave, or if you did that you couldn't reach any other destination alive (remember the transportation problem). Until unions came along, slavery in the United States was still essentially legal. You may have had the legal freedom to leave, but it was plainly made impossible to do so. They might not easily be able to beat you, but hey mining is a high risk occupation.
Moreover, do you think that there would be much in the way of worker safety concern were it not for unions? There wasn't before unions.
It is true that unions have done some stupid things, but they also fought for the rights of workers. Minimum wage is a result of union forces (note that unions also have a big lobby), laws that give you worker compensation if you injure yourself on the job are a result of unions. Laws that give you the right that right to leave a job and get a new one are also the result of unions.
Companies will try to extract the absolute MOST from their workers, often at the expense of the human rights of those workers.
Such things have been done all over the world, and will resume again almost immeadately if unions are done away with.
Now for the subject of unionizing the tech industry:
It probably won't have the desired effect. It is true that many of the more skilled employees can walk away from a job, and go to another one. A strict union would not increase competition for skilled workers.
Besides a universal IT union would be as bad an idea as a universal IT corporation. That is not to say that unions are bad, only that only one union would be a very bad thing indeed.
It is however necessary to have something to keep employeers from using various methods to control people who COULD walk out the door at any time. One example I read about was someone who was told that he would have to agree to certian unplesant conditions, or another worker would be fired. That worker was not int the IT field, and had nothing to do with the task this sysadmin had been given, she was however his friend, and trying to put her life back together after a bitter divorce, and several other problems. He stayed there for quite a while, because the person who would have been fired was a good person, and his conscience wouldn't let him allow the boss to destroy her life, and since he had no proof of the threat, there was nothing that could really be done about it from a legal standpoint.
A better solution would be something a little more like a guild. Guilds are more for specialized individuals, and could operate to ensure the quality of employees. If an employee was a member of a particular guild, the employer could be assured of a certian level of competence.
In return the guild could negociate on behalf of the employee. If an employer breaks the contract, or will not provide what the guild wants, that employer can't get guild members, and has to take his chances elsewhere. If a guild is too inflexible, or demands too much, employers will ignore them, and competeing guilds will be formed.
Since a someone working outside a guild would not be stigmatized as a scab, the danger of crossing picket lines as such is gone. It will be in the employer's best interest to work with the guilds, because they will have quality workers, if one doesn't assure qualiy, it won't be a guild any more.
If any person or group of people is given enough power, they will misuse it. That is the reason the framers of U.S. Constitution were so careful not to give too much power to any one individual. If a company becomes too powerful, the company leadership will use it. If a union becomes too powerful, the union leadership will misuse it.
Unions have done good, they have also done some seriously bad things. I prefer to live in a world where unions exist, I have been told too many stories about what happened before unions, and it wasn't pretty. Many of the laws you cannot concieve of living without were encacted because of the union lobby.
While I don't know a lot about either Open Office or Star Office, It sounds a little to me like SuSE developed a product for use in the Czech language, borrowing code from another source. It is likely that they have the right to use it and to sell it, but not the right to gpl that code.
This begs the question of incoprorating gpl'd code along with code that I have permission to use, but not give away. What are the legal implications when two liscences collide>
Anyway, it appears to me that SuSE is trying to put out a workable product, then working to make that product conform with the standards of the community.
People needing a workable Czech word processor will want such a thing as soon as possible, which SuSE has provided. They will then do the right thing and open it as soon as possible afterward.
If they were trying to be another M$ they would try to keep it to themselves, not be setting a schedule to give it away.
The most logical explanation I can think of is that of making sure all of the code is legitimate for free use before allowing such free use.
First, the only way the Open Source security philosophy really works is if people ACTUALLY (as opposed to theoretically) sit down and read the code for security flaws in its entirity. I would argue that in a great many cases, no one even approaches this level. Because the Open Source community has very little centralization of effort, there is going to be a great deal of redundancy. In other words, even if you believe that 1000 security "experts" will spend some time reviewing the code, they may well be looking at the same piece of code (which in and of itself, can be a good thing), while leaving other pieces of code largely unscrutinized. Furthermore, I suspect that very few people truely give the code the time of day.
This is one of the most common and most idiotic arguments against the increased security of open source. It just plain isn't true. It assumes that my ability to have the source code suddenly precludes any other method to finding security problems. Obviously such an argument is flawed.
If I have the source code, I have every method of finding security holes available to closed source projects to me, IN ADDITIION TO the source code. If I find a problem, I can then study the pertinent code, report it to others that are interested, and even try to fix it myself. The fact that it's open gives me more options, and one extra avenue toward finding and closing security holes. It doesen't take away any of the traditional closed source methods.
Second, while Open Source makes it easier for white hats to find flaws, it also makes it easier for blackhats to find and exploit flaws. This is particularly relevant if, as I point out, the code is not getting the right kind of attention from white hats.
Strangely enough, I know a few black hats, and reformed black hats. Most are rather concerned about having secure systems themselves, and are often militant about reporting security holes in often used software. I can't tell if this is normal for black hats in general, or just those I know, but that has been my expierence.
However either way, if a security vunerability becomes apparent, it will then get the attention it deserves from the white hats, that can be assured.
Third, Closed Source can make it HARDER and DULLER to find flaws. Many people seem to assume that just because obscure products have been cracked, that there is absolutely no reedeeming value to it being closed. In other words, at any given moment in time, if we could some how have two parallel universes that would allow you to have the same piece of code (let's say the latest stable linux kernel with all patches applied) in Open Source and Closed Source at the same time, without knowledge leaking either way, most reasonable people would prefer the Closed Source option.
I seriously doubt that. Open source gives many the ability to correct a problem if found. Remember that I not only have more methods available to fix the problem, I have the ability to play with the code if necessary in order to fix it. Not everyone will, but someone will, and someone will tell the maintainer, and the maintainer will put it in.
Let's just compare the time to fix most security problems between Microsoft products, and Linux. Under the closed source Microsoft products, most security problems are fixed in 'the next service pack', often the next service pack doesn't fix the problem. When a security problem is encountered in a Linux based system, it is often fixed within a couple of days. One example was a security hole found to be present in most Linux systems (I don't feel like looking it up right now), the person writing about it had intended to inform the Linux distributions, then wait a while to give them the opportunity to fix it before he posted to bugtraq. He was complainig because long before he could post to bugtraq, half of the Linux distributiors had already made a fix, and posted it on their website.
With Open Source software, I am not limited to when the person who owns the software decides to fix it, I can fix it myself if I have the skill. With closed source software, I am completely dependant on someone else.
Fourth, security flaws are found all the time in Open Source code projects. A lot of them are presumably stable pieces of code that have already been put into production. These systems get hacked REGULARLY. Now this isn't to say the same doesn't apply to closed source, but you can't ignore the problem either way.
So what? All types of systems get hacked regularly. The difference is that if a problem is discovered in an Open Source program, it can be and often is fixed rapidly, on closed source systems, there is often a significant delay between the time a security hole becomes public, and the time it can be reasonably closed. This delay is generally significantly shortened or even eliminated under the Open Source process.
Sixth, it's entirely possible for a Closed Source company to do a full internal security audit of their code. It may not be perfect, but it's better than nothing. Although I fully realize that hardly anyone does this, it'd be a mistake to ignore this as an option. If a company can get _most_ of the (presumed) benefits of an Open Source security audit without the corresponding exposure of their source code to blackhats (or at least less "risk" of that), then that might be very good indeed.
I wouldn't say they even get one of the major benefits to Open Source. Open source allows many people to look at, and fix (always remember the and fix part it is very important) the code. Yes an internal code audit would turn up several of the security problems that get found by people pouring over an Open Source project, but still, the security problem remains until it is fixed, during which time the black hats can either find or exploit it.
Under Open Source there exists the opportunity to have numerous code audits going on all the time by numerous groups.
In summation, this is not nearly as black and white as people protray it. It comes down to numbers and many other unquantifiable elements. A simple philosophy is a not a one time cure-all. For instance, as I have alluded to, if there are very few white hats reviewing the code (say 50) and those white hats are mostly replicating their own work (say 15% efficiency) while allowing any black hat with proper monetary motivation to put the effort into cracking easy to read source code, then you might well be worse off. The same goes the other way around, if a software company, as all too many do, rush their product out with little to no review and depend entirely on obscurity, they might well use some routines that are well known security problems that can be easily searched for....
You're right about it not being black and white, but Open source would and seems to in general promote more security awareness, and beter security practices. It gives more people the ability to fix problems in the code, even if that code is no longer being maintained. Try getting a security hole fixed in a Closed Source product that you're stuck using, but that is either no longer supported by the company, or owned by a company that is no more. On the other hand, if the need is desperate, an Open Source project can be fixed, even if you're the only person in the world actually using or even wanting to use that software, because if you're desperate enough, you can fix it. (and yes I know it would be better to get something more useful than a totally unsupported product, but the bureacracies within large organizations often make intelligent software choices interesting, once somthing is supported, it often must be supported forever).
The bottom line is that it is just as stupid to assume your carelessness will be automatically covered by "peer review" (or "Open Source") as it is toassume it will be covered by "obscurity".
That is true, however your chances are still better with an open source product. Your general arguments did not take into account that in most open source projects, there are also numerous people working on writing and fixing the code, all intependantly, you can be one if you want, but you don't have to be.
This is the key advantage. In closed source, when a security problem becomes apparent, there are a limited number of programmers trying to fix the code. With Open Source, everyone has the potential to look at the source and propose a solution.
--
I don't drink beer, so I don't know much about it, but from what i've seen, there are a lot of bubbles in beer.
Wouldn't beer cause belching at least as much as soda? If so, how is the gas seperated from the liquid in the stomach.
It seems to me that burping and pukeing would be nearly identical actions. in a zero gravity environment.
There is a fairly simple way to resolve this, but it would requre a fairly large change in Copyright law, and I think it would satisfy most everyone.
1. Let the software, music, and publishing industries have their way. Give them a copyright for as long as they want it with the exception that they have to follow a few simple rules.
2. One of the major rules is that they have to provide upon request a full electronic copy (via cd or other reasonable media) for a reasonable price. This way they would still get to hold on to their intellectual property, and make a reasonable profit from it. If they were unwilling to do so, that document, song, software title, or whatever else would then enter the Public Domain after a certain period of time (I think five years would be reasonable).
3. In order to discourage offering the software for only one day every five years, and effectively never having to provide it, there would have to be a stipulation as to what percentage of that time the data would have to be available.
4. If a particular copyright holder were somehow unable to provide the service for an extended period of time that person can get an extension if reasonable grounds can be shown as to why they were unable to meet the requirments.
This way, people can obtain out of print books, old songs, or old software, without having to resort to breaking copyright, and without having to go through the hassle of trying to find it used.
Unfortunatly, things seem to be going in the opposite direction, but I don't want to go there, because it will just depress me.
Get the regular version, instead of the subscription one, in the first place.
Get the GPL'd Star Office instead. It seems to work pretty well, handle M$ files, and doesn't heve either the annoying first charge or the update charges.
This makes me wonder whether or not offices will be switching to Star Office, There is a windows version, and it appears to be very similar to Word, so retraining should be minimal.