You don't even have to install anything else to proxy DNS requests in Firefox. Just go to about:config and set network.proxy.socks_remote_dns to true.
Thanks for the tip, AC.
Why that's not set to "true" by default in Firefox just boggles the mind. If someone's using a proxy, it seems reasonable to assume that they probably want all of their web-browsing-related traffic proxied. A situation where someone wanted only the HTTP content proxied, but not the DNS resolves, seems like an exception to the rule, where the person could go twiddle preferences -- why they would make the default configuration something that's insecure and potentially dangerous, makes no sense to me.
I'd also note for the record, that at least according to the EFF documentation, Firefox's socks_remote_dns setting may not be trustworthy.
In later versions of Firefox, at least in the current version 1.5.0.1 under Linux and Windows XP, you can enable the browser to do remote domain name lookups. The option network.proxy.socks_remote_dns is available via about:config... Be careful, though: In some versions of Firefox, it is possible that even with this option set remote DNS resolution will not work. In this case, you may want to use Privoxy or similar projects.
They suggest trying a link like this in order to verify that DNS resolves are actually going through the TOR network.
I don't really see why that needs a 'cooling off period.' That seems like a pretty straightforward contract-law dispute: someone charging someone else based on terms of a contract which weren't adequately disclosed at the time an agreement was reached.
If the user was presented with a contract and just didn't bother to read it before agreeing, then I've no pity for them whatsoever. Maybe losing a dollar/euro/pound or two will teach them to read the fine print, before they lose something important -- like their house to a shady mortgage. Consider it a life lesson.
If, however, the cell-phone company did in fact charge the user without provably informing them of the charges they were about to incur, then they should unquestionably be in Deep Shit. (That's a legal term of art there.) IIRC, some telephone companies used to pull similar gimmicks a while back, called "slamming", where they would change your long-distance service provider without permission or consent. IIRC they got slammed with some pretty big fines and damages.
There are laws in place which ought to deal with a whole host of problems that seem to be major crises today. Maybe we should encourage people to work within the (vast) framework of laws and precedent already established, before we go making up bunches of new laws which might have a lot of unforeseen effects?
if a label feels that it needs to sell something in Fooistan for US3 that sells for US$18 in the United States, because that's what the market bears and that's how they've chosen to price it - which is their right - without some of the controls of DRM, how can the $3 version be restricted to Fooistan?
Your conclusions are all right -- that such a scheme is impossible -- but I disagree with your premises, namely that doing such is a "right."
You have the "right" to try and sell your wares at whatever price you wish, but others have a right to not buy it, and buy it from somebody else if they prefer.
In general, you are a fool, if you try and sell a good in one place, at a price that's higher than what you sell it at in another place, plus the cost of transporting it from the latter place to the former. So, for example, if you sell records in Fooistan for $3, and it costs $1 to send a record from Fooistan to Baristan, then you will probably never be able to get much more than $4 for records in Baristan, because if you attempt to charge more, consumers will just end-run you, and have stuff shipped in from Fooistan, where it's cheaper. This is their right, and the sellers' right, under many historically-established doctrines, such as First Sale. (Which sadly no longer seems to exist in Great Britain, but that's a story for another day.)
The fact that people in Baristan might pay a whole lot more than $4 for your record, if they existed in a complete vacuum (i.e. where the cost of transportation from Fooistan was infinite), is totally irrelevant. You have no 'right' to that price, because it's provably not what the real-world market will bear when it's connected to other markets. It might as well be ignored, because it doesn't matter.
What computers do to information (among many other things) is make the cost of transporting it from one place to another, very, very low. So it ought to be basically impossible to sell a digital commodity in one place for a different price than you sell it in another, because people will just ship the files (at negligible cost) around your carefully-designed price-discriminatory barriers. In effect, cheaper communication and transportation (with information, these are the same thing) link the markets into one market, where there is but a single prevailing price for any fungible good. This is pretty basic economics here.
The sellers of some types of information, particularly entertainment, have attempted to defy this by erecting technical hurdles which prevent information from being easily transmitted from one place to another. In effect, they're making it harder to transport goods, thus allowing a greater difference in price to be created in different regions. With DVDs, this is done with region coding and locking. With iTunes songs, it's done with a flat prohibition on resale, enforced by per-user licensing. But like all DRM, these are inherently flawed and thus surmountable; the fact that they can be worked around means that you can only charge so much more for content in various areas, before it becomes worth the trouble to buy it from some other area and bypass the blocks.
Neither I nor anyone else outside of the highest echelons at Apple can say for sure, but I suspect that Apple has agreements in place with the major labels to the effect that all music sold through the iTMS will have the same DRM, regardless of where it comes from.
I suspect this, because if I was a DRM-loving music label, sitting on top of a whole lot of content that Apple really wanted, it's one of the conditions that I would insist on as an absolute.
If this condition didn't exist, then as you and others have pointed out, Apple could start selling some artists' works without DRM, and there's a chance that the market might favor them, because -- let's face it -- to a consumer, DRM sucks. The record labels aren't (completely) stupid; someone there, maybe an intern, junior staffer, or coffee-boy sat down at someone's unlocked computer and typed it into a memo once: "given a choice, people will probably choose the digital format that sucks least." Since they have decided that it is their purpose on Earth to deliver to consumers music in formats that Really Suck, and they also like making money, it follows that they'll do anything in their power to keep other people from releasing music in a less-sucky format. And at least back a few years ago when Apple and the labels were negotiating to get the iTMS started, they had more then enough clout to push such a codicil through.
In short: to a music executive, DRM must be universal. No music must be allowed to escape without it, because once people get a whiff of that sweet, sweet DRM-freeness, they're never going to want to come back. For that reason, it must be nipped in the bud, snuffed out before those independent-label hippies can use it to their advantage.
I doubt we'll see any DRM-free music in the iTMS catalog at least until the next big renegotiation between Apple and the labels, and even then, I'm not sure that Apple is really in a position to be dictating terms with them too severely. Apple has other concessions that they need to get first, chief among them is a renewed agreement to stay with the flat-rate pricing model of $1 a track, and not go to some variable-pricing model as the labels would prefer.
It's easy to paint the labels as a bunch of bumbling buffoons, who don't have the slightest concept of the modern digital economy, but I think this is a dangerous underestimation. They're nothing if not cunning, and moreover they have a lot of money with which to hire any number of smart, mercenary types (e.g. lawyers, consultants, etc.) to assist them in their paranoid delusions: it's inconceivable that the possibility of an upstart rival using a lack of DRM to try and compete didn't occur to them, and that once realized, they wouldn't have taken steps to minimize this possibility.
It's important that they include one, but I don't think it matters WHICH one. Use Ubuntu. If I don't like Ubuntu, I'll put something else on it. If someone who has never used Linux before buys it, they'll use Ubuntu until they decide otherwise.
With you 100%. I think Ubuntu would be a logical choice also, but ultimately it doesn't really matter, as long as they make the hardware compatible or distribute the drivers in such a way so that they can be migrated upstream into other distros. The beauty of OSS is that (in theory), if you can get a totally clean OSS system running on one set of hardware, you ought to be able to get another OSS distro running on it as well, with enough effort.
I'll point out that I have a "Linux certified" desktop (an HPaq, not a Dell) that I purchased for exactly that reason. I didn't really care about using RHEL, which is what it was 'certified' for, but the seal of approval on the hardware let me know that there probably wouldn't be any showstoppers in the box to cause issues later. (FWIW I run Xubuntu, and like it; I used to use Kubuntu but honestly I found its quasi-approximation of Windows almost as obnoxious as Windows itself, while Xfce seems a little less laden with Windows-philosophy in its design. But I digress.)
One minor addition -- that "No OS" option would never be put out there without a big, fat warning that it's not EVER to be used with Windows, particularly a Volume License Key version! This is a common misconception, but you CAN NOT legally install volume-licensed copies of Windows onto no-OS or white-box (or DIY) hardware. Period. The "site licenses" or VLKs that MS sells are "upgrade" licenses. They let you upgrade from the XP Home (or whatever) license that the hardware comes with, as indicated by a sticker somewhere on the chassis/case, to whatever version the VLK is good for. It is not a 'bare metal' license. A lot of people seem to not understand this, and in some cases I've heard stories of Microsoft sales reps perhaps even bending the truth when describing the VLK license. But if you actually read it, it's pretty clear that it's only an upgrade license (and frankly, kind of a ripoff). People who have Windows installed on un-stickered systems, and are hoping that their VLK will save them from the BSA gestapo, are sadly misinformed: in order to put Windows on a no-OS machine that wasn't purchased with an OEM license, you need to purchase a retail box of Windows that's not an upgrade.
I suppose if you were a big enterprise customer who was just going to drop your own custom image onto all your machines, it might be possible to buy PCs that had OEM Windows licenses, but didn't have anything actually on the drive, so you didn't have to format them on receipt, but I've never seen this.
Note Volume Licensing agreements cover only Windows client upgrade licenses, not the full Windows client operating system. Customers must have a qualifying underlying operating system license before Volume License software can be installed.
The key factor we should all surely have been aware of, but which has escaped quite a number of us until now, is that: "Full operating system licenses are not available through any Microsoft Volume Licensing Program, Fact." So people who thought they were buying full operating systems via Microsoft volume licensing programs have actually been buying upgrades, and as Microsoft points out in a mailing unearthed by Linux and Main, "Some customers believe they can acquire full operating system licenses through their Microsoft Volume Licensing Program: Myth."
I don't think it's THAT important that they have any paticular distro.
It's not important to you, but to novice users it's critical. They don't want to get a bare-drive machine. To them, that's not a feature, it's broken. They need to have a machine that's ready to go, with the OS, and office suite, email, and all their other crap. (Unfortunately, Linux will be semi-permanently broken in the multimedia department due to patent/royalty/DMCA issues...) If you only sell bare-drive machines, you limit the market basically to "Linux geeks," which is a pretty small segment. You also cut out a lot of small-business buyers who might otherwise be interested in Linux, but don't have IT departments to image a distro onto the machines they buy, and by not having a Linux option besides Windows, you generally make it look even more like a 'hobby OS' than it already does. If you can't get it preinstalled, obviously it's not a serious competitor to Windows -- I can almost hear the PHBs saying it already.
Sure, a bare-drive option would be nice, but there's really no reason to offer it. A "beginners Linux" distro would be just as good: it would give novices and businesses what they need, while also guaranteeing that the hardware platform is Linux compatible, so that experienced users could just wipe the drive and install whatever they want on it.
Plus, offering a 'bare drive' option might actually be more complicated for Dell than offering one with an OS, because it makes the systems harder to QA as they leave the factory. You can't boot a no-OS machine from the drive to make sure it works -- you'd need to use some sort of diagnostic tool, or more likely, install an OS and then wipe it off again (or install a minimal OS like FreeDOS and leave it, which is just as bad as offering another OS).
There's really no good reason to do it, and a whole lot of reasons not to.
Keep in mind that this experience is only regarding notebooks, I've never purchased a brand-name desktop.
With desktops, you're actually in luck -- you can go out right now and get any number of "Workstation" machines, that are certified to run Linux (usually RHEL). They're expensive, but you get what you pay for in terms of build quality. I have one (an HP xw5000), which I purchased used from Retrobox, and it's worked pretty much flawlessly.
It would be nice to get low-end desktops preconfigured with Linux, but the situation isn't nearly as dire as with laptops, where there are virtually no guaranteed-compatible options save very expensive white-box ones from small configurers.
Is it a status symbol to have a computer box that says "Dell" on it?
No, it's because they're cheap, and are of basically predictable quality.
Most of the companies that specialize in "Linux laptops" that I've ever seen, charge a significant premium. In some cases, more of a premium than top-of-the-line Apple hardware. But more than that, it's hard to tell what you're buying. If I order a Dell, I have a good idea of what I'm going to get. With a no-name laptop, which is what most of the Linux ones start off as, it's harder to say. I can't go down to Best Buy and hammer on one of their keyboards to see whether it sucks or not. I can't go ask 5 out of every 10 of my friends what they think of theirs. That's a problem.
It hasn't really been a problem to get a computer that will run Linux in a while, if you're willing to pony up bucks. The reason people are so interested in Dell, is that it would mean (hopefully) cheap, known-quality Linux machines, being sold right next to Windows ones. That's a big deal, particularly for the vast field of people who are 'on the fence' about "that whole Linux thing."
I'm not arguing that it should necessarily be impossible for authorities, duly authorized, to monitor someone's communications; there is a legitimate, although very limited, need for that. However, nowhere is it written that we ought to make that terrifically easy, which is what abolishing anonymity and pseudonymity online would amount to.
Here in the U.S. anyway, we have a strong (and historically, well-justified) distrust of government. They have a job to do, but they have to conform and find ways to do their job, within the greater framework of civil society: civil society doesn't, and shouldn't, bend itself around backwards to make it easy for the authorities to do their job. After all, it would probably make life a whole lot easier for the police if we all had identification numbers tattooed on our foreheads, but I don't think anyone thinks that's a great idea.
When the cops have a reason to search your house, they come to your door (after getting a warrant and all other necessary authorizations), and -- if you're not there -- they break the door down with a battering ram. They don't mandate that everyone has to have locks made out of balsa wood, so they the doors are easy to kick down; they use a big iron pipe filled with cement. If you have a safe that they need to get inside, they hire safecrackers to open it up -- they don't ban safes. This necessarily implies that there is, at times, a bit of an 'arms race' between criminals and the police, but this is not always a bad thing. There would be obvious negative consequences of simply mandating things in order to make the authorities' lives easier (e.g. balsa wood locks or plywood safes).
However, this understanding seems to have gotten lost somewhere around the introduction of computers. Now, rather than providing legitimate authorities with the time and equipment necessary to do their jobs correctly within a technologically advanced society, certain politicians and civil authorities have seen fit to try and re-jigger society in order to make it easier on them. Let there be no doubt: this is a destructive shortcut, and it's no better than saying that everyone has to have balsa-wood locks, or drop off a copy of their keys at the local precinct house, in case the police ever need to get in and have a look around. We don't do that, because it would be a vast invitation to abuse, and giving them the ability to tap a few keys and find out everything about what you do online would be no better.
There are reasons why the authorities have certain extraordinary powers, but also reasons why those powers are limited in scope, and are not supposed to be trivially easy to exercise.
This is really part of the problem. It costs Dell a ton of money to install a different default OS, or at least they claim that it does, and I've no basis to argue with them, so as a community, we need to be able to be satisfied with one distribution.
One of the reasons that Dell et al have always used as an argument against installing Linux by default, is that Linux users are too hard to please, and the market is too balkanized. With Windows, you have (well, you did, pre-Vista) Home, and Professional, and you can charge extra for installing Professional. With Linux, you have Ubuntu, Novell, Fedora, and god knows what else, and you really can't charge extra for installing one or the other without alienating users.
I think they need to pick ONE easy-to-use "beginners Linux" distribution, like Ubuntu or Lindows, and then offer a 'bare drive' option for users who want something else. Let's face it; if you are enough of a Linux user to have developed a preference between distributions, you can install the damn thing from an ISO. As long as the hardware is compatible and has Linux drivers available, you ought to be able to put anything you want on there.
The argument for pre-installations is really about novice users who can't be bothered to install an OS onto a fresh machine, and just want something that's going to work with minimal fuss. They need a distribution that's as idiot-proof and "polished" as possible, and that's what the criteria for choosing it should be.
Here is why "Americans" hate mass transit and public transport, it is social engineering at its worst. Transit social engineering by overlords [umn.edu]
I don't get it. Okay, so bus-wrapping is annoying, in that it blocks riders' views out the window, but I'm not quite sure how it counts as "social engineering."
There are certainly examples of situations where public-transport has been used as social engineering -- I know of a few places where public transportation was brought into select areas primarily as a way of getting low-wage employees to politically powerful businesses that didn't want to pay the prevailing wages in that area (which was high due to the requirement that everyone have a car). This isn't anything terribly new, though; it's your basic political-manipulation-for-profit-maximization that's gone on in various forms probably since the dawn of 'politics.'
Various forced-"diversification" via school-busing arrangements would also qualify, in my mind, as 'social engineering,' although school buses aren't 'public transport' as most people would define it.
Either way, I'm not sure I understand the advertising angle. Most places that I've heard of, which have tried bus- or train-wrap advertising, are doing it as an additional revenue generator, in order to supplement tax dollars and maintain mandated artificially-low ticket prices.
if this organization was created in the 70's, doesn't this mean that the problem of huge unfunded liabilities was acknowledged 30+ years ago?
Sure, it probably was. But this is the United States Government we're talking about here -- just because the problem was acknowledged 30 (or 50, or 70...) years ago, doesn't mean anything has actually been done to solve the problem.
There were people who realized that Social Security was just a Ponzi scheme from the very beginning (well, they probably didn't use those words, since I'm not sure when it entered the vernacular), and is sustained only through continual growth of the number of workers feeding into it, in order to overcome inflation and not lose money for everyone concerned, and begins to fail whenever you have a contracting labor pool, but we're hurtling right towards that particular brick wall without any solutions in sight. However, certain people will no doubt treat it as a complete surprise when it eventually fails (or becomes obvious that it is about to), because this aids in after-the-fact ass-covering and finger-pointing.
Welcome to America: where nothing gets dealt with until it's already a catastrophe.
This is quite true. Only businesses who are exclusively local will have a single domain name that uses the high-order characters; everyone else will get two, at minimum -- one local one, and one that's the closest-possible ASCII approximation.
It's not just a "doing business with Americans" (or other Westerners) problem, it's a 'doing business with anyone outside your area' problem. ASCII is the only character set where you have a good chance of ensuring that some other person will be able to type it. I.e., someone using Indian localizations and another person using Japanese localizations would probably be hard-pressed to find characters in common that can be easily typed, other than ASCII.
I could see this having some interesting effects, besides the obvious (land-grab for domains, both ASCII and localized) -- since many more people are going to be using multiple domains, hosting and registration companies will probably want to bring out more tools for simplifying the management of multiple domains. Anyone who does business in n languages, will probably want [n+1] domains (unless one of their languages is English or another language which maps easily to ASCII), while today they might just have a single ASCII one. That's going to be a lot of domains to register and manage.
Given the number of passwords that the average person who does a lot of stuff online needs to remember, unless they're doing something hideously insecure already (like using the same password everywhere), they can probably only sign on from a single computer anyway, because that's where their passwords are stored or written down.
The problem of certificate management is, IMO, actually more tractable than the problem of password management. There are lots of ways that you could allow people to move certificates around, if you really wanted to; you could issue USB sticks or smartcards that they could jack in to public machines (although preferably you'd create some method that never actually let the unsecure machine 'see' the certificate itself; you'd just do some sort of challenge/response with the USB key or smartcard).
Passwords really aren't all that convenient; if you're using passwords properly (not reusing the same ones in multiple places), and you're not using a crutch like iterative generation, or just writing the things down (which basically makes it a very insecure "analog certificate"), you're probably way out on the tail-end of the bell curve of what a normal person can remember. Passwords are only "user friendly" because the way that most people use them is hideously insecure.
I'm going to go out on a limb and say 'unicode' (probably UTF-8). It'd be ridiculous in this day and age to support every single character set in the old way. ASCII is a subset of both Latin-1 and UTF-8, and Latin-1 is *almost* (but not quite) a subset of UTF-8. How is one supposed to type 'a minimalist latin charset' in a keyboard that doesn't have them, are you proposing changing the keyboards of all those who don't use latin-based charsets? Learn a language or two, try to find out more about the world, and *then* give your opinion, at least then it'll have a basis in fact.
Choosing a single character encoding and bytestream transmission standard (like UCS plus UTF-8) would be the logical choice, IMO, and that's what I was getting at. However, the GGP was specifically talking about the possibility of using multiple character sets in the same URL, which I think would be wholly impractical, and unnecessary given the widespread use of the UCS.
As for your other, snarky, comment, I'll only respond by saying that I have traveled extensively, and if you had as well, you would realize that most of the rest of the world uses keyboards which look suspiciously similar to those here in the U.S., albeit with different glyphs printed on them, and different input methods for complex characters. (E.g., kana, romanji, phonetic entry, progressive-exclusion via GUI, etc.) But due to the widespread use of Latin characters, I've yet to see any computer system, anywhere, which didn't have some method for entering them. (Think about it: right now, all URLs are basically ASCII: if a computer didn't have the ability to enter those first 128 characters at all, then it would be nearly impossible to get online.) Standard Japanese keyboards, for instance, have the QWERTY Latin layouts printed below the kana glyphs. (But don't take my word for it, see for yourself.)
Also, virtually all localized charsets (including the UCS) are backwards-compatible in that they include ASCII as the first 128 positions, so ASCII TLDs are by definition the most "guaranteed safe" you can get, in terms of being able to be read and written by everyone, everywhere.
Okay, I'll bite. I have what I think amounts to a fairly good, if basic, understanding of how internationalized character sets and encodings work, but I don't understand how you'd encode multiple character sets into one URL.
I mean, first of all, in order to use non-Latin characters at all, you have to have some way of transmitting which character set / codepage you want to use. I can't find any place in TFA where they actually describe how this is going to work (although I didn't read the PDF, so perhaps it's in there), but my assumption was that it would be transmitted outside the actual stream of bytes that represent the URL.
So, a "URL block" might consist of some metadata about the URL that's going to be transmitted -- e.g., what character set it's written with, etc. -- and then the stream of bytes that actually represent the address. Doing it that way would by definition only allow one character set per URL, because there's no way of changing it mid-stream.
If you allow people to change character sets in the middle of the address, so as to have an address where one part was written in ASCII or Latin-1, and then another byte or two in UTF-8, and then the remainder in Latin again, would hugely complicate the standard both from an implementation and use perspective.
As long as all the alternative (that is, alternative to ASCII) encodings include within them a minimalist Latin charset, enough so that you can type the ".com" and other TLDs, then there doesn't seem to be any reason to allow mixed-charset URLs.
If you own the proxy yourself, you can still be anonymous - by making it public. Then there is no way to tell if you are the one who used it or anyone else.
They actually make this point in most of the setup guides for the Tor software; you gain an additional level of anonymity (or at least plausible deniability) if you make your node public and let other people use it as part of the greater Tor network.
However, this increase in protection has to be balanced against the necessarily increased risk that as a result, you might draw fire from the authorities, not as a result of what you're doing, but as a result of what someone else is using you're network for. It would be a problem if you opened the network up in order to protect yourself, and instead ended up getting your systems confiscated and analyzed as a result of someone else's activities (e.g. child porn)... but then got arrested for whatever you were trying to keep under wraps (say, anti-DMCA software development) just the same.
I wonder if anyone has a script that would automatically change your reported MAC address to a random (but valid) value, every 24 hours or so, or when the DHCP releases and renews.
Doesn't seem like it would really be all that hard on a Linux/BSD system, no idea what it requires on Windows to script that sort of thing.
This is what Privoxy and certain Firefox extensions are for; they catch the outgoing DNS requests and make sure that they're relayed (in encrypted form) to the proxy as well, so that you're not giving away the addresses of the pages you're requesting by leaking DNS requests.
IMO, all software ought to proxy DNS requests automatically if it's being told to use a proxy that supports DNS resolution (SOCKS4a or SOCKS5); that Firefox and some other software leak requests even in the presence of a proxy that's capable of doing it, is a serious bug and security flaw.
Seems to me like proxy servers just replace Big Brother knowing everything you do with some tiny "anonymous browsing" site. And you are willfully giving them all this information to boot, so if they decide to turn over all their logs there isn't a thing you could do.
Hence why the folks behind Tor developed onion routing systems in the first place. They're not foolproof, but they don't place all your trust on the administrator of one server. They spread the trust out among a bunch of servers, such that your enemy would need to compromise a large number of them in order to monitor what you're doing.
When you're just using a single proxy, you're probably making it easier for someone to track you, because you're purposely pushing all your traffic through one choke-point. All your adversaries need to do is apply the correct combination of subpoenas, bags of cash, or hot pokers to that proxy's operator, and they've got you.
Single-relay proxies aren't suitable for anything except schoolkids trying to get around the local MySpace block. To be honest, I'm not even sure Tor is really ready for prime-time, either, but it's probably the best thing going.
Why do people do things anonymously that they wouldn't do if their name was stamped on it? I think the world would be a lot better place if everyone took responsibility for what they said and what they did.
Ironic, particularly since you're writing under a pseudonym. Or is "TheRecklessWanderer" what it says on your birth certificate? I didn't think so.
Anonymous systems are needed to combat the ease with which modern technology would allow someone to compile a dossier on another person's entire life and activities -- an ability which was never present in the past.
In the pre-computer (or at least, pre-networked-computers) era, it was fairly safe to use your real name everywhere, because it would take an immense amount of effort for someone else to go around and link together all the various activities you were doing under that name. If the fellow behind the counter at the grocery store knew your name, and you also used your name when you were at your local religious group's meeting, it didn't matter, because there was no connection between the two. Short of following you around town and then asking everyone, using your real name didn't mean giving anything up.
However, today, using your real name everywhere creates a near-unique primary key that someone else could easily use to search, and find out everything about you. To continue the example from above, they could simply run a search on your name, and with far less effort than following you around, find out everything they wanted to know about you, because virtually everything is online, and the indexes are only getting more and more complete.
Online anonymity systems aren't borne out of a desire to have more anonymity than we used to have, they're -- for many people, anyway -- an attempt to recapture the way things were, before it was possible to assemble a dossier about anyone else, just by Googling their name.
I don't think there's any reason why the people reading what I write on Slashdot, need to know who I am in real life. Likewise, I wouldn't go around advertising where I go to church to everyone in the grocery store. It's just not relevant to my interaction with them. They don't need to know. If they do, they could ask, and I could tell them, but that's none of their business, frankly. Anonymity and pseudonymity are simply attempts to not allow the traditional compartmentalization of our lives to be completely undone via massive searchable indexes and databases.
(Apologies if this got posted twice -- something has been causing/. to act very strangely for the last few minutes.)
It should also be noted that Haliburton is trying to off-load KBR.
I think they're trying to off-load KBR because, as primarily a U.S. government contractor, its business would collapse if it moved off-shore. There's also the current overcharging scandal, but honestly I don't think that's going to kill KBR or really damage it in the long run. The government, and in particular the military, need contractors in order to function: that's not going to change anytime soon. The Democrats can make all the noise they want, but they can't afford to replace all the positions staffed by contractors with USG employees or military personnel -- it would be unbelievably expensive. Even with a 50% overcharge, a contracting company probably costs the government less than hiring additional government employees, because when the job is done the contractor goes away -- gov't employees are essentially a lifetime position, you can't ever get rid of them. And on the military side, you have maximum personnel levels for actual military people, and if you're a general, you want each and every one of your people subject to the cap, to be real soldiers who can do soldierly things, not logistics and support people: so you outsource everything that you can to contractors. As the Democrats aren't likely to increase the size of the military any, there'll still be lots of work for contractors there.
KBR's name may have been dragged through the mud in the media, but in government and military circles, it still carries weight as one of a few companies that can do heavy-duty offshore contract work. There are other firms in their league, but not too many who are willing to really get their hands dirty. They're not going to go out of business anytime soon, as long as they remain a U.S. corporation, headquartered in the U.S. About the only thing that would kill them, would be the perception that they're no longer an "American company" and instead were something foreign -- the not-totally-unreasonable xenophobia of the military establishment would push business to their competitors much faster than an accounting or overcharging scandal would.
On the whole, I think the separation will end up being a good thing for KBR, because it always seemed like an intense conflict of interest to have a big contractor being owned by an oil-services firm. Stripping down and separating the contracting arm from the oil one will probably help them in the long run, particularly if Halliburton is effectively fleeing the U.S., which KBR can't do.
Giving Americans preferential treatment against cost and performance implies that we somehow deserve jobs more then the rest of the world, can you give me any reason why this is so?
Because if we don't, then tax dollars just end up being used to bail the failing company out of debt, or pay for its employees unemployment benefits, or bail out the pension plan, or give them health benefits, etc. etc.
The government's primary job is to keep the nation's economy in good shape, because it's the engine that drives the rest of the country, and frankly, makes our way of life possible. It's not productive to sell national industries which are huge employers down the river, in order to get a deal on some contract.
Now, I'm not a fan of government spending or Keynesian stimulus in general, but if the government is going to spend money, it might as well spend it where it can do some good internally. As long as we're pissing money away, we might as well try to do something productive with it on the way down.
To get reliability you need to use a flash file system that is designed to cope with NAND.
Any suggestions of possible candidate filesystems?
Right now, most people that I know of, use flashdrives to move data from one computer to another, in many cases across operating systems or even architectures, so FAT is used less for technical reasons than because it's probably the most widely-understood filesystem: you can read and write it on Windows, Macintosh, Linux, BSD, and most commercial UNIXes.
However, a disk that was going to be installed in a single machine could be more flexible; it would be somewhat more acceptable to use a specialized filesystem there (as long as the filesystem wasn't so specific as to make recovery impossible), particularly if you wanted to maximize reliability.
Slashdot Mirror
Can we just outlaw driving already and be done with it?
That doesn't really get to the root of the problem. We need to start punishing stupidity more harshly.
Thanks for the tip, AC.
Why that's not set to "true" by default in Firefox just boggles the mind. If someone's using a proxy, it seems reasonable to assume that they probably want all of their web-browsing-related traffic proxied. A situation where someone wanted only the HTTP content proxied, but not the DNS resolves, seems like an exception to the rule, where the person could go twiddle preferences -- why they would make the default configuration something that's insecure and potentially dangerous, makes no sense to me.
I'd also note for the record, that at least according to the EFF documentation, Firefox's socks_remote_dns setting may not be trustworthy.
http://wiki.noreply.org/noreply/TheOnionRouter/To
I don't really see why that needs a 'cooling off period.' That seems like a pretty straightforward contract-law dispute: someone charging someone else based on terms of a contract which weren't adequately disclosed at the time an agreement was reached.
If the user was presented with a contract and just didn't bother to read it before agreeing, then I've no pity for them whatsoever. Maybe losing a dollar/euro/pound or two will teach them to read the fine print, before they lose something important -- like their house to a shady mortgage. Consider it a life lesson.
If, however, the cell-phone company did in fact charge the user without provably informing them of the charges they were about to incur, then they should unquestionably be in Deep Shit. (That's a legal term of art there.) IIRC, some telephone companies used to pull similar gimmicks a while back, called "slamming", where they would change your long-distance service provider without permission or consent. IIRC they got slammed with some pretty big fines and damages.
There are laws in place which ought to deal with a whole host of problems that seem to be major crises today. Maybe we should encourage people to work within the (vast) framework of laws and precedent already established, before we go making up bunches of new laws which might have a lot of unforeseen effects?
if a label feels that it needs to sell something in Fooistan for US3 that sells for US$18 in the United States, because that's what the market bears and that's how they've chosen to price it - which is their right - without some of the controls of DRM, how can the $3 version be restricted to Fooistan?
Your conclusions are all right -- that such a scheme is impossible -- but I disagree with your premises, namely that doing such is a "right."
You have the "right" to try and sell your wares at whatever price you wish, but others have a right to not buy it, and buy it from somebody else if they prefer.
In general, you are a fool, if you try and sell a good in one place, at a price that's higher than what you sell it at in another place, plus the cost of transporting it from the latter place to the former. So, for example, if you sell records in Fooistan for $3, and it costs $1 to send a record from Fooistan to Baristan, then you will probably never be able to get much more than $4 for records in Baristan, because if you attempt to charge more, consumers will just end-run you, and have stuff shipped in from Fooistan, where it's cheaper. This is their right, and the sellers' right, under many historically-established doctrines, such as First Sale. (Which sadly no longer seems to exist in Great Britain, but that's a story for another day.)
The fact that people in Baristan might pay a whole lot more than $4 for your record, if they existed in a complete vacuum (i.e. where the cost of transportation from Fooistan was infinite), is totally irrelevant. You have no 'right' to that price, because it's provably not what the real-world market will bear when it's connected to other markets. It might as well be ignored, because it doesn't matter.
What computers do to information (among many other things) is make the cost of transporting it from one place to another, very, very low. So it ought to be basically impossible to sell a digital commodity in one place for a different price than you sell it in another, because people will just ship the files (at negligible cost) around your carefully-designed price-discriminatory barriers. In effect, cheaper communication and transportation (with information, these are the same thing) link the markets into one market, where there is but a single prevailing price for any fungible good. This is pretty basic economics here.
The sellers of some types of information, particularly entertainment, have attempted to defy this by erecting technical hurdles which prevent information from being easily transmitted from one place to another. In effect, they're making it harder to transport goods, thus allowing a greater difference in price to be created in different regions. With DVDs, this is done with region coding and locking. With iTunes songs, it's done with a flat prohibition on resale, enforced by per-user licensing. But like all DRM, these are inherently flawed and thus surmountable; the fact that they can be worked around means that you can only charge so much more for content in various areas, before it becomes worth the trouble to buy it from some other area and bypass the blocks.
Neither I nor anyone else outside of the highest echelons at Apple can say for sure, but I suspect that Apple has agreements in place with the major labels to the effect that all music sold through the iTMS will have the same DRM, regardless of where it comes from.
I suspect this, because if I was a DRM-loving music label, sitting on top of a whole lot of content that Apple really wanted, it's one of the conditions that I would insist on as an absolute.
If this condition didn't exist, then as you and others have pointed out, Apple could start selling some artists' works without DRM, and there's a chance that the market might favor them, because -- let's face it -- to a consumer, DRM sucks. The record labels aren't (completely) stupid; someone there, maybe an intern, junior staffer, or coffee-boy sat down at someone's unlocked computer and typed it into a memo once: "given a choice, people will probably choose the digital format that sucks least." Since they have decided that it is their purpose on Earth to deliver to consumers music in formats that Really Suck, and they also like making money, it follows that they'll do anything in their power to keep other people from releasing music in a less-sucky format. And at least back a few years ago when Apple and the labels were negotiating to get the iTMS started, they had more then enough clout to push such a codicil through.
In short: to a music executive, DRM must be universal. No music must be allowed to escape without it, because once people get a whiff of that sweet, sweet DRM-freeness, they're never going to want to come back. For that reason, it must be nipped in the bud, snuffed out before those independent-label hippies can use it to their advantage.
I doubt we'll see any DRM-free music in the iTMS catalog at least until the next big renegotiation between Apple and the labels, and even then, I'm not sure that Apple is really in a position to be dictating terms with them too severely. Apple has other concessions that they need to get first, chief among them is a renewed agreement to stay with the flat-rate pricing model of $1 a track, and not go to some variable-pricing model as the labels would prefer.
It's easy to paint the labels as a bunch of bumbling buffoons, who don't have the slightest concept of the modern digital economy, but I think this is a dangerous underestimation. They're nothing if not cunning, and moreover they have a lot of money with which to hire any number of smart, mercenary types (e.g. lawyers, consultants, etc.) to assist them in their paranoid delusions: it's inconceivable that the possibility of an upstart rival using a lack of DRM to try and compete didn't occur to them, and that once realized, they wouldn't have taken steps to minimize this possibility.
With you 100%. I think Ubuntu would be a logical choice also, but ultimately it doesn't really matter, as long as they make the hardware compatible or distribute the drivers in such a way so that they can be migrated upstream into other distros. The beauty of OSS is that (in theory), if you can get a totally clean OSS system running on one set of hardware, you ought to be able to get another OSS distro running on it as well, with enough effort.
I'll point out that I have a "Linux certified" desktop (an HPaq, not a Dell) that I purchased for exactly that reason. I didn't really care about using RHEL, which is what it was 'certified' for, but the seal of approval on the hardware let me know that there probably wouldn't be any showstoppers in the box to cause issues later. (FWIW I run Xubuntu, and like it; I used to use Kubuntu but honestly I found its quasi-approximation of Windows almost as obnoxious as Windows itself, while Xfce seems a little less laden with Windows-philosophy in its design. But I digress.)
One minor addition -- that "No OS" option would never be put out there without a big, fat warning that it's not EVER to be used with Windows, particularly a Volume License Key version! This is a common misconception, but you CAN NOT legally install volume-licensed copies of Windows onto no-OS or white-box (or DIY) hardware. Period. The "site licenses" or VLKs that MS sells are "upgrade" licenses. They let you upgrade from the XP Home (or whatever) license that the hardware comes with, as indicated by a sticker somewhere on the chassis/case, to whatever version the VLK is good for. It is not a 'bare metal' license. A lot of people seem to not understand this, and in some cases I've heard stories of Microsoft sales reps perhaps even bending the truth when describing the VLK license. But if you actually read it, it's pretty clear that it's only an upgrade license (and frankly, kind of a ripoff). People who have Windows installed on un-stickered systems, and are hoping that their VLK will save them from the BSA gestapo, are sadly misinformed: in order to put Windows on a no-OS machine that wasn't purchased with an OEM license, you need to purchase a retail box of Windows that's not an upgrade.
I suppose if you were a big enterprise customer who was just going to drop your own custom image onto all your machines, it might be possible to buy PCs that had OEM Windows licenses, but didn't have anything actually on the drive, so you didn't have to format them on receipt, but I've never seen this.
References:
http://www.microsoft.com/licensing/resources/vol/
http://www.theregister.co.uk/2002/08/27/ms_plays_
I don't think it's THAT important that they have any paticular distro.
It's not important to you, but to novice users it's critical. They don't want to get a bare-drive machine. To them, that's not a feature, it's broken. They need to have a machine that's ready to go, with the OS, and office suite, email, and all their other crap. (Unfortunately, Linux will be semi-permanently broken in the multimedia department due to patent/royalty/DMCA issues...) If you only sell bare-drive machines, you limit the market basically to "Linux geeks," which is a pretty small segment. You also cut out a lot of small-business buyers who might otherwise be interested in Linux, but don't have IT departments to image a distro onto the machines they buy, and by not having a Linux option besides Windows, you generally make it look even more like a 'hobby OS' than it already does. If you can't get it preinstalled, obviously it's not a serious competitor to Windows -- I can almost hear the PHBs saying it already.
Sure, a bare-drive option would be nice, but there's really no reason to offer it. A "beginners Linux" distro would be just as good: it would give novices and businesses what they need, while also guaranteeing that the hardware platform is Linux compatible, so that experienced users could just wipe the drive and install whatever they want on it.
Plus, offering a 'bare drive' option might actually be more complicated for Dell than offering one with an OS, because it makes the systems harder to QA as they leave the factory. You can't boot a no-OS machine from the drive to make sure it works -- you'd need to use some sort of diagnostic tool, or more likely, install an OS and then wipe it off again (or install a minimal OS like FreeDOS and leave it, which is just as bad as offering another OS).
There's really no good reason to do it, and a whole lot of reasons not to.
Keep in mind that this experience is only regarding notebooks, I've never purchased a brand-name desktop.
With desktops, you're actually in luck -- you can go out right now and get any number of "Workstation" machines, that are certified to run Linux (usually RHEL). They're expensive, but you get what you pay for in terms of build quality. I have one (an HP xw5000), which I purchased used from Retrobox, and it's worked pretty much flawlessly.
It would be nice to get low-end desktops preconfigured with Linux, but the situation isn't nearly as dire as with laptops, where there are virtually no guaranteed-compatible options save very expensive white-box ones from small configurers.
Is it a status symbol to have a computer box that says "Dell" on it?
No, it's because they're cheap, and are of basically predictable quality.
Most of the companies that specialize in "Linux laptops" that I've ever seen, charge a significant premium. In some cases, more of a premium than top-of-the-line Apple hardware. But more than that, it's hard to tell what you're buying. If I order a Dell, I have a good idea of what I'm going to get. With a no-name laptop, which is what most of the Linux ones start off as, it's harder to say. I can't go down to Best Buy and hammer on one of their keyboards to see whether it sucks or not. I can't go ask 5 out of every 10 of my friends what they think of theirs. That's a problem.
It hasn't really been a problem to get a computer that will run Linux in a while, if you're willing to pony up bucks. The reason people are so interested in Dell, is that it would mean (hopefully) cheap, known-quality Linux machines, being sold right next to Windows ones. That's a big deal, particularly for the vast field of people who are 'on the fence' about "that whole Linux thing."
I'm not arguing that it should necessarily be impossible for authorities, duly authorized, to monitor someone's communications; there is a legitimate, although very limited, need for that. However, nowhere is it written that we ought to make that terrifically easy, which is what abolishing anonymity and pseudonymity online would amount to.
Here in the U.S. anyway, we have a strong (and historically, well-justified) distrust of government. They have a job to do, but they have to conform and find ways to do their job, within the greater framework of civil society: civil society doesn't, and shouldn't, bend itself around backwards to make it easy for the authorities to do their job. After all, it would probably make life a whole lot easier for the police if we all had identification numbers tattooed on our foreheads, but I don't think anyone thinks that's a great idea.
When the cops have a reason to search your house, they come to your door (after getting a warrant and all other necessary authorizations), and -- if you're not there -- they break the door down with a battering ram. They don't mandate that everyone has to have locks made out of balsa wood, so they the doors are easy to kick down; they use a big iron pipe filled with cement. If you have a safe that they need to get inside, they hire safecrackers to open it up -- they don't ban safes. This necessarily implies that there is, at times, a bit of an 'arms race' between criminals and the police, but this is not always a bad thing. There would be obvious negative consequences of simply mandating things in order to make the authorities' lives easier (e.g. balsa wood locks or plywood safes).
However, this understanding seems to have gotten lost somewhere around the introduction of computers. Now, rather than providing legitimate authorities with the time and equipment necessary to do their jobs correctly within a technologically advanced society, certain politicians and civil authorities have seen fit to try and re-jigger society in order to make it easier on them. Let there be no doubt: this is a destructive shortcut, and it's no better than saying that everyone has to have balsa-wood locks, or drop off a copy of their keys at the local precinct house, in case the police ever need to get in and have a look around. We don't do that, because it would be a vast invitation to abuse, and giving them the ability to tap a few keys and find out everything about what you do online would be no better.
There are reasons why the authorities have certain extraordinary powers, but also reasons why those powers are limited in scope, and are not supposed to be trivially easy to exercise.
This is really part of the problem. It costs Dell a ton of money to install a different default OS, or at least they claim that it does, and I've no basis to argue with them, so as a community, we need to be able to be satisfied with one distribution.
One of the reasons that Dell et al have always used as an argument against installing Linux by default, is that Linux users are too hard to please, and the market is too balkanized. With Windows, you have (well, you did, pre-Vista) Home, and Professional, and you can charge extra for installing Professional. With Linux, you have Ubuntu, Novell, Fedora, and god knows what else, and you really can't charge extra for installing one or the other without alienating users.
I think they need to pick ONE easy-to-use "beginners Linux" distribution, like Ubuntu or Lindows, and then offer a 'bare drive' option for users who want something else. Let's face it; if you are enough of a Linux user to have developed a preference between distributions, you can install the damn thing from an ISO. As long as the hardware is compatible and has Linux drivers available, you ought to be able to put anything you want on there.
The argument for pre-installations is really about novice users who can't be bothered to install an OS onto a fresh machine, and just want something that's going to work with minimal fuss. They need a distribution that's as idiot-proof and "polished" as possible, and that's what the criteria for choosing it should be.
I don't get it. Okay, so bus-wrapping is annoying, in that it blocks riders' views out the window, but I'm not quite sure how it counts as "social engineering."
There are certainly examples of situations where public-transport has been used as social engineering -- I know of a few places where public transportation was brought into select areas primarily as a way of getting low-wage employees to politically powerful businesses that didn't want to pay the prevailing wages in that area (which was high due to the requirement that everyone have a car). This isn't anything terribly new, though; it's your basic political-manipulation-for-profit-maximization that's gone on in various forms probably since the dawn of 'politics.'
Various forced-"diversification" via school-busing arrangements would also qualify, in my mind, as 'social engineering,' although school buses aren't 'public transport' as most people would define it.
Either way, I'm not sure I understand the advertising angle. Most places that I've heard of, which have tried bus- or train-wrap advertising, are doing it as an additional revenue generator, in order to supplement tax dollars and maintain mandated artificially-low ticket prices.
if this organization was created in the 70's, doesn't this mean that the problem of huge unfunded liabilities was acknowledged 30+ years ago?
...) years ago, doesn't mean anything has actually been done to solve the problem.
Sure, it probably was. But this is the United States Government we're talking about here -- just because the problem was acknowledged 30 (or 50, or 70
There were people who realized that Social Security was just a Ponzi scheme from the very beginning (well, they probably didn't use those words, since I'm not sure when it entered the vernacular), and is sustained only through continual growth of the number of workers feeding into it, in order to overcome inflation and not lose money for everyone concerned, and begins to fail whenever you have a contracting labor pool, but we're hurtling right towards that particular brick wall without any solutions in sight. However, certain people will no doubt treat it as a complete surprise when it eventually fails (or becomes obvious that it is about to), because this aids in after-the-fact ass-covering and finger-pointing.
Welcome to America: where nothing gets dealt with until it's already a catastrophe.
This is quite true. Only businesses who are exclusively local will have a single domain name that uses the high-order characters; everyone else will get two, at minimum -- one local one, and one that's the closest-possible ASCII approximation.
It's not just a "doing business with Americans" (or other Westerners) problem, it's a 'doing business with anyone outside your area' problem. ASCII is the only character set where you have a good chance of ensuring that some other person will be able to type it. I.e., someone using Indian localizations and another person using Japanese localizations would probably be hard-pressed to find characters in common that can be easily typed, other than ASCII.
I could see this having some interesting effects, besides the obvious (land-grab for domains, both ASCII and localized) -- since many more people are going to be using multiple domains, hosting and registration companies will probably want to bring out more tools for simplifying the management of multiple domains. Anyone who does business in n languages, will probably want [n+1] domains (unless one of their languages is English or another language which maps easily to ASCII), while today they might just have a single ASCII one. That's going to be a lot of domains to register and manage.
Given the number of passwords that the average person who does a lot of stuff online needs to remember, unless they're doing something hideously insecure already (like using the same password everywhere), they can probably only sign on from a single computer anyway, because that's where their passwords are stored or written down.
The problem of certificate management is, IMO, actually more tractable than the problem of password management. There are lots of ways that you could allow people to move certificates around, if you really wanted to; you could issue USB sticks or smartcards that they could jack in to public machines (although preferably you'd create some method that never actually let the unsecure machine 'see' the certificate itself; you'd just do some sort of challenge/response with the USB key or smartcard).
Passwords really aren't all that convenient; if you're using passwords properly (not reusing the same ones in multiple places), and you're not using a crutch like iterative generation, or just writing the things down (which basically makes it a very insecure "analog certificate"), you're probably way out on the tail-end of the bell curve of what a normal person can remember. Passwords are only "user friendly" because the way that most people use them is hideously insecure.
As for your other, snarky, comment, I'll only respond by saying that I have traveled extensively, and if you had as well, you would realize that most of the rest of the world uses keyboards which look suspiciously similar to those here in the U.S., albeit with different glyphs printed on them, and different input methods for complex characters. (E.g., kana, romanji, phonetic entry, progressive-exclusion via GUI, etc.) But due to the widespread use of Latin characters, I've yet to see any computer system, anywhere, which didn't have some method for entering them. (Think about it: right now, all URLs are basically ASCII: if a computer didn't have the ability to enter those first 128 characters at all, then it would be nearly impossible to get online.) Standard Japanese keyboards, for instance, have the QWERTY Latin layouts printed below the kana glyphs. (But don't take my word for it, see for yourself.)
Also, virtually all localized charsets (including the UCS) are backwards-compatible in that they include ASCII as the first 128 positions, so ASCII TLDs are by definition the most "guaranteed safe" you can get, in terms of being able to be read and written by everyone, everywhere.
Okay, I'll bite. I have what I think amounts to a fairly good, if basic, understanding of how internationalized character sets and encodings work, but I don't understand how you'd encode multiple character sets into one URL.
I mean, first of all, in order to use non-Latin characters at all, you have to have some way of transmitting which character set / codepage you want to use. I can't find any place in TFA where they actually describe how this is going to work (although I didn't read the PDF, so perhaps it's in there), but my assumption was that it would be transmitted outside the actual stream of bytes that represent the URL.
So, a "URL block" might consist of some metadata about the URL that's going to be transmitted -- e.g., what character set it's written with, etc. -- and then the stream of bytes that actually represent the address. Doing it that way would by definition only allow one character set per URL, because there's no way of changing it mid-stream.
If you allow people to change character sets in the middle of the address, so as to have an address where one part was written in ASCII or Latin-1, and then another byte or two in UTF-8, and then the remainder in Latin again, would hugely complicate the standard both from an implementation and use perspective.
As long as all the alternative (that is, alternative to ASCII) encodings include within them a minimalist Latin charset, enough so that you can type the ".com" and other TLDs, then there doesn't seem to be any reason to allow mixed-charset URLs.
If you own the proxy yourself, you can still be anonymous - by making it public. Then there is no way to tell if you are the one who used it or anyone else.
... but then got arrested for whatever you were trying to keep under wraps (say, anti-DMCA software development) just the same.
They actually make this point in most of the setup guides for the Tor software; you gain an additional level of anonymity (or at least plausible deniability) if you make your node public and let other people use it as part of the greater Tor network.
However, this increase in protection has to be balanced against the necessarily increased risk that as a result, you might draw fire from the authorities, not as a result of what you're doing, but as a result of what someone else is using you're network for. It would be a problem if you opened the network up in order to protect yourself, and instead ended up getting your systems confiscated and analyzed as a result of someone else's activities (e.g. child porn)
I wonder if anyone has a script that would automatically change your reported MAC address to a random (but valid) value, every 24 hours or so, or when the DHCP releases and renews.
Doesn't seem like it would really be all that hard on a Linux/BSD system, no idea what it requires on Windows to script that sort of thing.
This is what Privoxy and certain Firefox extensions are for; they catch the outgoing DNS requests and make sure that they're relayed (in encrypted form) to the proxy as well, so that you're not giving away the addresses of the pages you're requesting by leaking DNS requests.
IMO, all software ought to proxy DNS requests automatically if it's being told to use a proxy that supports DNS resolution (SOCKS4a or SOCKS5); that Firefox and some other software leak requests even in the presence of a proxy that's capable of doing it, is a serious bug and security flaw.
Seems to me like proxy servers just replace Big Brother knowing everything you do with some tiny "anonymous browsing" site. And you are willfully giving them all this information to boot, so if they decide to turn over all their logs there isn't a thing you could do.
Hence why the folks behind Tor developed onion routing systems in the first place. They're not foolproof, but they don't place all your trust on the administrator of one server. They spread the trust out among a bunch of servers, such that your enemy would need to compromise a large number of them in order to monitor what you're doing.
When you're just using a single proxy, you're probably making it easier for someone to track you, because you're purposely pushing all your traffic through one choke-point. All your adversaries need to do is apply the correct combination of subpoenas, bags of cash, or hot pokers to that proxy's operator, and they've got you.
Single-relay proxies aren't suitable for anything except schoolkids trying to get around the local MySpace block. To be honest, I'm not even sure Tor is really ready for prime-time, either, but it's probably the best thing going.
Why do people do things anonymously that they wouldn't do if their name was stamped on it? I think the world would be a lot better place if everyone took responsibility for what they said and what they did.
/. to act very strangely for the last few minutes.)
Ironic, particularly since you're writing under a pseudonym. Or is "TheRecklessWanderer" what it says on your birth certificate? I didn't think so.
Anonymous systems are needed to combat the ease with which modern technology would allow someone to compile a dossier on another person's entire life and activities -- an ability which was never present in the past.
In the pre-computer (or at least, pre-networked-computers) era, it was fairly safe to use your real name everywhere, because it would take an immense amount of effort for someone else to go around and link together all the various activities you were doing under that name. If the fellow behind the counter at the grocery store knew your name, and you also used your name when you were at your local religious group's meeting, it didn't matter, because there was no connection between the two. Short of following you around town and then asking everyone, using your real name didn't mean giving anything up.
However, today, using your real name everywhere creates a near-unique primary key that someone else could easily use to search, and find out everything about you. To continue the example from above, they could simply run a search on your name, and with far less effort than following you around, find out everything they wanted to know about you, because virtually everything is online, and the indexes are only getting more and more complete.
Online anonymity systems aren't borne out of a desire to have more anonymity than we used to have, they're -- for many people, anyway -- an attempt to recapture the way things were, before it was possible to assemble a dossier about anyone else, just by Googling their name.
I don't think there's any reason why the people reading what I write on Slashdot, need to know who I am in real life. Likewise, I wouldn't go around advertising where I go to church to everyone in the grocery store. It's just not relevant to my interaction with them. They don't need to know. If they do, they could ask, and I could tell them, but that's none of their business, frankly. Anonymity and pseudonymity are simply attempts to not allow the traditional compartmentalization of our lives to be completely undone via massive searchable indexes and databases.
(Apologies if this got posted twice -- something has been causing
It should also be noted that Haliburton is trying to off-load KBR.
I think they're trying to off-load KBR because, as primarily a U.S. government contractor, its business would collapse if it moved off-shore. There's also the current overcharging scandal, but honestly I don't think that's going to kill KBR or really damage it in the long run. The government, and in particular the military, need contractors in order to function: that's not going to change anytime soon. The Democrats can make all the noise they want, but they can't afford to replace all the positions staffed by contractors with USG employees or military personnel -- it would be unbelievably expensive. Even with a 50% overcharge, a contracting company probably costs the government less than hiring additional government employees, because when the job is done the contractor goes away -- gov't employees are essentially a lifetime position, you can't ever get rid of them. And on the military side, you have maximum personnel levels for actual military people, and if you're a general, you want each and every one of your people subject to the cap, to be real soldiers who can do soldierly things, not logistics and support people: so you outsource everything that you can to contractors. As the Democrats aren't likely to increase the size of the military any, there'll still be lots of work for contractors there.
KBR's name may have been dragged through the mud in the media, but in government and military circles, it still carries weight as one of a few companies that can do heavy-duty offshore contract work. There are other firms in their league, but not too many who are willing to really get their hands dirty. They're not going to go out of business anytime soon, as long as they remain a U.S. corporation, headquartered in the U.S. About the only thing that would kill them, would be the perception that they're no longer an "American company" and instead were something foreign -- the not-totally-unreasonable xenophobia of the military establishment would push business to their competitors much faster than an accounting or overcharging scandal would.
On the whole, I think the separation will end up being a good thing for KBR, because it always seemed like an intense conflict of interest to have a big contractor being owned by an oil-services firm. Stripping down and separating the contracting arm from the oil one will probably help them in the long run, particularly if Halliburton is effectively fleeing the U.S., which KBR can't do.
Giving Americans preferential treatment against cost and performance implies that we somehow deserve jobs more then the rest of the world, can you give me any reason why this is so?
Because if we don't, then tax dollars just end up being used to bail the failing company out of debt, or pay for its employees unemployment benefits, or bail out the pension plan, or give them health benefits, etc. etc.
The government's primary job is to keep the nation's economy in good shape, because it's the engine that drives the rest of the country, and frankly, makes our way of life possible. It's not productive to sell national industries which are huge employers down the river, in order to get a deal on some contract.
Now, I'm not a fan of government spending or Keynesian stimulus in general, but if the government is going to spend money, it might as well spend it where it can do some good internally. As long as we're pissing money away, we might as well try to do something productive with it on the way down.
To get reliability you need to use a flash file system that is designed to cope with NAND.
Any suggestions of possible candidate filesystems?
Right now, most people that I know of, use flashdrives to move data from one computer to another, in many cases across operating systems or even architectures, so FAT is used less for technical reasons than because it's probably the most widely-understood filesystem: you can read and write it on Windows, Macintosh, Linux, BSD, and most commercial UNIXes.
However, a disk that was going to be installed in a single machine could be more flexible; it would be somewhat more acceptable to use a specialized filesystem there (as long as the filesystem wasn't so specific as to make recovery impossible), particularly if you wanted to maximize reliability.