Slashdot Mirror


User: Anonymous+Brave+Guy

Anonymous+Brave+Guy's activity in the archive.

Stories
0
Comments
12,209
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,209

  1. Re:Boo on Top 50 DVDs · · Score: 1
    Escape from New York should make the list, it's *THE* classic lame action film set in a sci-fi enviroment

    I'm sorry, I believe you're confusing it with the final part of number 3.

  2. Re:About security through obscurity on Security Holes Draw Linux Developers' Ire · · Score: 1
    I mean, if somebody singles your architecture out and has the computer power to crack the AES key you are using, it's not a little extra XOR step that is going to even slow that guy down. His cryptanalytic hardware-based cracking cluster can probably exhaust all 1024-long XOR keys in a single CPU cycle...

    And what if it's not XOR? In fact, what if it's not even AES? Even with that much processing power, if you aren't aiming it at the right target, you'll miss unless you fluke it.

  3. Re:About security through obscurity on Security Holes Draw Linux Developers' Ire · · Score: 1
    Show me where anybody with half a brain says you should keep passwords and PINs somewhere hidden, but where someone might find them (nowhere - passwords should be committed to memory and never given out.)

    Nearly every bank I've ever used requires knowledge of your mother's maiden name as a piece of security information, yet this knowledge is available to anyone prepared to spend a few minutes looking it up.

    Forcing an attacker to take extra steps does *nothing* to increase security - if your system is insecure, then it's insecure, and adding additional hurdles won't change that.

    That's simply not true. You're treating security as a black-and-white absolute. By your reasoning, since any system with no security is completely insecure and no extra security will improve that, no system is anything but completely insecure, and all systems are equally so. Obviously that's not the case.

    Tell me, if security through obscurity really isn't a useful first line of defence, why does everyone in the game rely on it?

    Find a Windows vulnerability, and do Microsoft immediately advertise it to everyone before a patch is available? No, they wait. If the (lack of) knowledge wasn't a useful extra guard and telling everyone really was the safest thing to do, why not do it?

    If anyone is thinking that this is just Microsoft covering their asses, please go on over to Bugzilla and find me a list of all the current security issues with Firefox. What's that, you say? "The dev team hide security vulnerabilities"? Now why would they do that, if openness is the safest way forward?

    Even the white hats usually give a few days of slack time to software makers before advertising vulnerabilities. Why? Because if they're really reporting the vulnerability for the benefit of the end users, they know that just advertising it before there's a patch will lead to more exploits occurring, while conceiling it (at least for a while) will lead to fewer exploits.

    No complex electronic system is ever likely to be 100% secure in the real world, but the harder it is for crackers to break in, the fewer times that will occur, and the safer the system will be.

  4. It's true in the "big, bad world" too on Security Holes Draw Linux Developers' Ire · · Score: 1
    Crap security and a friendly GUI is what got MS in all the trouble it's in.

    Microsoft is one of the most successful companies in the software world by any sensible measure. Its software helps more people do more jobs than just about any other software in the world by any sensible measure. In the grand scheme of things, how is that "in trouble"?

    Sure, you can bitch about security flaws, and the world would be a better place if all MS software today were 100% secure and nothing else changed. But the real question is whether the world would be a better place today if all MS software were 100% secure but only usable by highly-trained, technically competent, experienced users. From the almost complete lack of penetration of Linux and such onto the world's desktops, I think the answer to that one is pretty self-evident.

  5. Re:About security through obscurity on Security Holes Draw Linux Developers' Ire · · Score: 1
    If you open everything up, you have removed a layer of security.
    No, because that layer was never there to begin with.

    That is patently untrue. The entire world is protected by security through obscurity to some degree. How many passwords do you have to access your computer systems? PIN numbers to use the ATM at the bank?

    You're making the elementary mistake of confusing "obscurity does not imply complete security" with "obscurity does not imply any security". Any step that requires an additional action on the part of a would-be security breach increases your security, provided other things remain equal (in particular, provided that introducing that step does not compromise other steps).

  6. About security through obscurity on Security Holes Draw Linux Developers' Ire · · Score: 1
    What I'm getting at is: security through obscurity is largely regarded as flawed (outside military intelligence circles)

    And who are the best people in the world at keeping information secure?

    Security through obscurity is the first layer, nothing more, but nothing less either. If you open everything up, you have removed a layer of security. You need to be getting more than compensating advantages in your remaining layers as a result, or it wasn't a smart move. Time will tell which of these is really true of the OSS community's approach.

  7. Re:So it begins. on Security Holes Draw Linux Developers' Ire · · Score: 1
    The trade off between security versus usability/accessability begins?

    Perhaps. If it does, I'm betting heavily on the latter. A useful product with poor security has much more value than a secure product with poor usability.

  8. Re:Nothing about nanotech gray goo?!? on Bob Cringely's Predictions For 2005 · · Score: 1

    I hate to mention this, but on past experience, you're only around 75% safe...

  9. Finding spyware is *not* a good thing on Bob Cringely's Predictions For 2005 · · Score: 1
    The thing that makes me sad is that I kind of like finding spyware on my system, just to make me feel like I'm a kind of savvy Internet user who does what she can to protect her computer,

    My problem with this subthread, others' pathetic sexist jokes aside, is that you seem to be suggesting that it's desirable to find all this spyware, because that reassures you that your defensive software is working effectively.

    I suggest that that is a false sense of security. If your system and software were really configured effectively, the spyware would never be there in the first place. I run anti-virus software, anti-adware software and all the rest of it, but the last time they actually found anything active on my system was... wait, I've never had a single one.

    It's always wise to have more than one layer in your defences, and I'd certainly recommend running the sort of tool we're discussing regularly to catch the one that gets away. But if you keep your security patches up to date, don't do dumb things like running executables from untrusted sources, and run behind a properly configured firewall, then the odds of ever needing these secondary lines of defence should be pretty slim.

  10. Re:Wow on Open Source Alternatives to Dreamweaver Templating · · Score: 1

    Sorry, you'll need to do much better than that. NDAs covering content before the site goes live, or commercially sensitive information that's never going on the public areas of a site, sure. NDAs requiring you to deny ever taking the job, not in my experience, unless you're working in the security/defence industry.

    You can't really counter an informed crowd questioning the quality of major sites produced using Dreamweaver by saying you've worked on several and they were all great, and then cop out with a weak excuse when asked to provide even a single example so we can check out the quality of the output Dreamweaver produced for you. What do you put on your CV? "I designed several fantastic web sites for big companies. No references." perhaps?

  11. Re:Wow..Rights for sale... on Software Firms Lobby for Stronger Copyright Laws · · Score: 1
    If the law cannot be effectively enforced, then what business did the legislature have making the law?

    At the time it was made, it was fairly effective. Today's technology has made the old enforcement measures insufficient, so they're updating the law to maintain the ability to enforce it. Isn't that how things are supposed to work?

  12. "Loser pays" usually isn't literal on Software Firms Lobby for Stronger Copyright Laws · · Score: 1
    Loser pays is NOT always a fair system, since how many p2p users/people who were unable to win a case with the RIAA/MPAA/BSA can afford to pay whatever their corporate high-price lawyers cost?

    "Loser pays" isn't normally meant literally. It just means that the court can award costs as part of the judgement. For example, after an obviously harrassing suit brought by a major corp against an individual who successfully defended themselves, the courts might award legal costs to the individual. I'm not aware of any jurisdiction where they're actually obligated to do so, however, and a reasonable amount to be awarded is normally decided by the judge, not the invoices received by MegaCorp, Inc. from its legal team.

    Personally, I suspect the optimum system given a judiciary with integrity is "loser pays" + the ability to award punitive damages in certain cases. I would imagine a frivolous suit brought by the BSA against someone hosting what is obviously OpenOffice on P2P that resulted in a judgement against the BSA of 2,000 costs and 15,000,000 for wasting the court's time and barratry would bring a fairly swift end to obvious abuse of the system for intimidatory purposes...

  13. Re:The real problem with open source on Open Source Alternatives to Dreamweaver Templating · · Score: 1
    To make anything similar to SolidWorks or AI you need to first fork some $millions over to engine developers, and only then you can start wrapping your own logic and UI on top. This is just too expensive; it would take probably the entire effort that was focused into Linux, and that is not very realistic.

    Curiously enough, that's my standard example of an industry where copyright is a benefit. Then again, as one of the people who develops the high-end maths libraries used by most CAD packages, I may be biased. :o)

    Actually, I decided it wasn't that great of an example. Without wishing to give away commercially sensitive information inappropriately, the barrier to entry in that particular market is more that there are only a handful of existing players who have been in the business for years in their own niches, and duplicating even their efforts to date on a new project would take many man-years, ignoring future developments by the current players during the same time period. There are really only a few mainstream components used by most/all of the CAD world, and it's conceivable that without the headstart that just happened because no-one felt like competing before, some sort of collaborative project might have done well there.

    Off to read the CAD thread now... :-)

  14. Re:Wasn't Macromedia open to LInux, what happened? on Open Source Alternatives to Dreamweaver Templating · · Score: 1
    I thought Macromedia were considering the idea of porting a few of their products to Linux. Or at the very least, getting them working happily with WINE. What happened, or is it still happening?

    See 3vi1's post above: Dreamweaver MX 2004 does indeed seem to work fine under WINE.

  15. Re:The real problem with open source on Open Source Alternatives to Dreamweaver Templating · · Score: 1
    It took far more than "two or three years" to switch from CP/M and Lotus to Windows and Excel.

    Perhaps, but I'm still waiting for a FOSS word processor or spreadsheet that beat MS Word and Excel for overall usefulness. The grandparent post was right on the money.

  16. Re:Wow on Open Source Alternatives to Dreamweaver Templating · · Score: 1
    I have made several fortune 500 websites using dreamweaver. A few were heavy on JSP, some were static, all were very well designed and easy to maintain.

    Care to put your money where your mouth is and cite some of those sites? Perhaps us text-editor-only non-web-developers who don't have the benefit of Dreamweaver could learn something... ;-)

  17. Massively enhances productivity? Not for me... on Open Source Alternatives to Dreamweaver Templating · · Score: 2, Interesting
    Dreamweaver is not a tool for 'noobs' who don't know html - it's a tool that massively enhances the productivity of web developers, who generally do know html very well. It automates all the repetitive stuff, like generating tables or imagemaps, and helps with designing layouts, much a good IDE would for writing C/Java/whatever. A basic text editor is fine for putting together a small site, but a tool like dreamweaver helps enourmously with the task of managing a large site.

    I couldn't disagree more. Every contemporary tool like that I've seen is a child's toy, no matter how pretty or expensive.

    Over the Christmas break, I was helping my father with the web site for his new company. He's not an experienced web developer, so he went on a short introductory course about HTML and such, and bought a copy of Dreamweaver MX. He actually didn't do a bad job of designing the appearance of his site and knocking up the basic pages, and for that the software was fine. But he wanted to do a couple of pretty standard things -- different link colours for links on his menu bar, for example, and a two-column layout -- that he just couldn't figure out how to do in Dreamweaver without using awkward tables that were breaking horribly in various browsers/text sizes. Neither the on-line help nor the two books on the package he'd bought brought enlightenment.

    I showed him the routine tricks in CSS to achieve these goals in about fifteen minutes, and his problems were solved, giving him the appearance he wanted all along. In fact, I didn't even use the funky CSS editing stuff built into Dreamweaver. It was so cumbersome that it was faster to just edit the raw CSS and let the funky stuff pick up the changes than it was to work out how to use the funky stuff from the on-line hindr^H^H^H^H^Hhelp.

    By the way, I also designed and help maintain a somewhat large and popular hobbyist site (maybe 100 significant pages, 30 of them visited frequently, and taking 1,000+ hits on our busier days) with nothing but a text editor, some graphics packages and a couple of scripts. We write the main content in XML, generate and customise the standard boilerplate during XSLT conversion to (X)HMTL, and use CSS -- also hand-crafted -- for the visual appearance, tweaking for printing, etc. In the nature of our site, it gets a major update (dozens of pages changing fundamentally) about 4 times a year, and minor updates every couple of days, often by fairly non-technical users, and this system has served us very well.

    To my knowledge, the entire site also works correctly on screen and when printed, in every major browser. I've never encountered a web design package that achieves anything close to 100% success when using more than trivial mark-up. For a large, frequently-maintained site like this, there is simply no substitute for an informed and careful team sorting out the HTML mark-up (or, in our case, XSLT) and CSS to be used up-front, testing on lots of different browsers and doing their homework about browser quirks, checking out the appearance at different resolutions and text sizes, checking for accessibility issues, etc. Using a package like Dreamweaver might make the initial HTML+CSS design work easier in this sort of context, but it stops adding value pretty early on when you get to the serious stuff.

  18. Re:WHY??? on Software Firms Lobby for Stronger Copyright Laws · · Score: 1
    Thank you for your condescension in informing me about basic economics.

    You're welcome. You seemed to need it. :-)

    No matter how hard you attempt to justify it, copyright infringment is not theft. When you steal an item from someone, you take said item from them. When you pirate software/media, the original owner retains full access to the item in question.

    That simply isn't true. If you have an illegal copy, and never purchase the original, then you have reduced the market for sale for the copyright holder by one. If 1,000,000 people on your P2P network generate copies "for personal use" from a "friend" on the network within two hours of a new album/movie/game being released and never buy it, then they have collectively reduced the market for sale of that item by 1,000,000. I accept that a few of those people may then go out and buy it when they wouldn't otherwise, but the idea that more people do that than rip instead of buying is laughable and always has been. In other words, while copyright infringement may not deprive the copyright holder of the work itself, it obviously lessens its economic value, and thus deprives them of money to which they were legally entitled.

    As for courts calling it theft, I challenge you to present even one example of an American court that has claimed copyright infringement is the same as theft. (I'll give you a hint: save your time and don't bother looking, because there arn't any)

    Don't kid yourself. At least one poster cited just such a case, from the US, in the last discussion I saw on this subject right here on Slashdot. It explicitly used the word "theft" to describe the action in the ruling, and the poster was citing it in response to a post much like yours.

    Your nifty list unfortunately begins with the false assumption that I believe that copyright protection should be entirely abolished, which is not the case. I do believe, however, that the copyright duration should be scaled back to what it was originally, before Disney et all began bribing Congress.

    I have never disagreed with that, and indeed I've condemned that particular abuse explicitly elsewhere in this very thread. But let's compare illegal copies made on P2P networks, shall we? You get a dollar from me for every work older than say 25 years that's been copied illegally. I get a dollar from you for every work less than 25 years old that's been copied illegally. One of us is going to get real rich here: who is it?

  19. Re:Who are you to speak for art? on Software Firms Lobby for Stronger Copyright Laws · · Score: 1
    Depends on whether you mean "original" in the copyright law sense (that is, not a derivative of a copyrighted work) or "original" as in the first medium in which a work was fixed.

    I'm not sure I appreciate the significant difference between your examples, but I'm also not sure it matters. My point was simply that if you want someone to spend a lot of time creating a work of art and then give it up to you in its entirety, it's going to cost a lot more than the $10 or whatever you paid for your latest CD.

  20. Why modifying the law probably doesn't help on Software Firms Lobby for Stronger Copyright Laws · · Score: 1

    (b) Modify the laws that are being broken so that the activity isn't illegal anymore, which generally requires a reduction in protection or control for the businesses.

    The problem there is that in this case, you're effectively talking about removing copyright in its entirety, at least in the markets we're discussing. Anything significantly weaker would still leave the sort of copying that goes on illegal.

    Now, my problem with that is I believe, aside from the idiocy associated with Disney et al. extending the term indefinitely in the US recently, that copyright is basically a sound concept. It does its job: it does protect many groups of people both big (corps) and small (solo indie artists/authors/developers/etc.), and it does promote the creation and publication of new content.

    People say it's different to material property, that there's no inherent ownership of information, but they miss the point: there's no inherent ownership of anything. After all, the natural state of material goods is that if I'm bigger/better armed than you, I get it. We as a society accept the convention of ownership because we believe that it makes life better for everyone. There is absolutely no difference in principle between intellectual property and physical property. Both are societal norms, and one is simply deeper entrenched in our collective psyche.

    Lobbying for changing laws is certainly a valid method and there are certainly a number of groups trying to do that in favour of more sane IP laws. But it isn't the only valid method. There is no faster way to instigate change than to force the issue by large scale violation of a law. It may be risky in that it (a) leaves people open to prosecution, and (b) may drive those with a "there's no excuse for violating the law" attitude towards the other side, particularly those who make the laws. But it forces the issues into the open and if the lawmakers are reasonable, they will look at both sides and find a compromise.

    I understand your point, but I've always found that a rather weak argument. You are effectively saying that whenever a large enough minority want to ignore a law, that law should be removed. That might be a valid last resort in the most severe cases -- something where a genuine revolution and installing a fundamentally different government really is in the best interests of the people -- but I hardly think a bit of incest amongst corporate lawyers and government cronies qualifies for that level of response.

    I think you missed the biggest risk, and sadly something that is already becoming apparent: by effectively condoning this sort of abuse of the law in a relatively harmless case, society is raising a whole generation who have no respect for the law and the legal rights of others. This is sadly apparent in the UK as well, in this and other areas: teachers basically aren't allowed to touch kids in their class no matter how bad their behaviour, yet a wrongful accusation of physical abuse by a child can end an excellent teacher's career almost overnight. When you remove the discipline that keeps immature children in line, piecemeal or en masse, the abuse levels rise. There's so much of this going on now that it's one of the most scary things in today's society as far as I'm concerned.

    So, in answer to your main comment:

    You say that the laws are reasonable, implying (b) is an inappropriate response. Many would disagree. IP laws don't exist as inherent rights, they exist as a balance and they have tilted too far one way and are being used in ways never intended.

    I would point out that while many would indeed disagree -- though I'd wager that most of those people are criminalised by the existing law -- the last real stats I saw (IIRC they were linked from the last /. discussion on this subject if you want to try and find them) had the general population of the US agreeing

  21. Re:"Stronger copyright laws" malapropism on Software Firms Lobby for Stronger Copyright Laws · · Score: 1
    It's not about "Stronger Copyright Laws" but in reducing the rights of the invidividual to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures.

    As far as I can tell, it's not about "stronger copyright laws" at all. It seems to be about stronger enforcement of copyright laws. Given that the current mechanisms are clearly inadequate (since lots of people are getting away with breaking the law) I don't see how anyone can reasonably object to that in theory. The practice may be a different discussion altogether, of course.

  22. Re:Last time I checked on Software Firms Lobby for Stronger Copyright Laws · · Score: 1
    Enron robbed millions of people of their retirement funds. When was the last time you saw a regular person do something so evil?

    I rather suspect you're exaggerating: millions of people? Really? Even so, the guys at the top are being tracked down and sent to jail for a long time for letting it happen. Those who supported both that company and the auditors without keeping an adequate eye on them have lost a lot of their own money too.

    As for evil, a girl younger than me who lives in the same city was just found murdered, after she disappeared over new year. I'd say anyone who could do that is pretty much on a different scale of evil to a corporation that misses a few shots while trying to exercise its legal rights against people who are deliberately ripping it off.

  23. Re:Who are you to speak for art? on Software Firms Lobby for Stronger Copyright Laws · · Score: 1
    But if I like the painting you whipped up, I'll pay for it and then it is MINE to do with as I see fit

    Sure, but how many good, original paintings can you buy for $10?

  24. Re:And so? on Software Firms Lobby for Stronger Copyright Laws · · Score: 1
    Yes...the law should crack down on illegal activities, but it should not allow businesses to be able to hurl an overwhelming number of lawsuits at people just based on thinking it's illegal and having instant access to the client information.

    That would be a perfectly reasonable approach, provided that the effort required to kill a false accusation was trivial and there was a proportionate penalty attached to companies making false accusations when they could reasonably have known better (e.g., fine them a reasonable hourly rate for the time required to prepare and present that trivial defence). In fact, loser pays (as in many other countries but apparently not the US) is a much more equitable legal system, IMHO.

  25. Re:WHY??? on Software Firms Lobby for Stronger Copyright Laws · · Score: 1
    No it isn't. It's copyright infringement.

    <Obligatory>Courts have called it "theft" in many jurisdictions. The use of the word "piracy" in this context dates back a very long time, too. Please stop hiding behind a dictionary, particularly when you don't understand it, and make a real argument.</Obligatory>

    What effect does piracy have if you wouldn't have otherwise bought the software?

    Please learn some basic economics, law and logic as well. Here's some starting reasoning for you:

    1. Assume the law applies equally to everyone.
    2. Remove the copyright protection in law.
    3. Observe that the only copy of a work guaranteed to be sold for money will therefore be the very first.
    4. Consider the immediate and longer term implications for:
      1. the content creator
      2. the first purchaser
      3. subsequent purchasers
      4. the economic system as a whole.

    The only non-absolute here is point 3, and if you look at the amount of charity given to free products in music, software, etc. at present, there's not much to support an entire economy based on generosity any time soon.