you will need to develop a means of synchronizing passwords across the enterprise. This is a task in itself.
This is such a huge task, there really doesn't exist any simple solution.
A variety of schemes have been created to provide single logon capabilities, the most recent and most promising is directory services, the protocol is called LDAP. Directory services exist in Novell (NDS), M$ has a tech called ActiveDirectory, Cisco has Directory Enabled Networking, there are add ons for Oracle DBs, and the list goes on. Check into LDAP based security authentication and authorization products for each system you have to convert. You'll be out of luck for older systems, but even if you can add directory services to half what you need, people will notice the improvement.
I don't know of any security dongle/card/biometrics reader that can easily allow logons to legacy applications or bespoke systems. A tremendous amount of engineering effort will be required to change the logon/authorization mechanisms, and if you don't know what you are doing you will probably create all kinds of security holes.
Since the TLA has asked jmiller to find a way to circumvent statewide mainframe access controls, it shows a level of naivety bordering on the criminal. If I were running an important legacy system which required each user to authenticate through a tested and understood mechanism, I would immediately cut access to any little agency that tried to automate that process. Certainly access should be denied if they choose an engineer who had to post a question to/. rather than find the budget to bring in some real security professionals for guidance.
Really, how long do you think it will be before they require all.com registrations to be real companies?
This is the way it should be. If you obtain a domain name under one TLD, it should preclude you from obtaining the same under any other TLDs. It could be in the agreement/eula/ToS that a company which claims an address on.com is exluded from claiming any non-dotcom address. This would keep mcdonalds.com from also claiming mcdonalds.org and mcdonalds.net ad infinitum. There might be some allowances to allow mcdonalds.co.uk or.co.au, where they can show a valid, physical business presence.
This would end most domain speculation, force everyone to be under the most correct TLD, and keep the lawyers at bay. Sanity would rule, the WIPO jackrabbit courts would essentially cease to exist, and the rest of us could get on with building a better network for the future.
Since this would end much domain speculation, the income from domain registry would be significantly less than over the last few years. With only real commercial enitities paying for.com, all the other speculations such as verizonreallysucks.com would be eliminated, drying up the revenue.
If this were to happen, there would be a strong need for.sucks,.tm, and probably even.sex and.xxx. Then there couldn't be a pentium.com, intel would have to register it under pentium.tm if they wanted to have a dedicated website.
A very good idea, which has been suggested by many intelligent people on numerous occasions. It has always been shot down by the ICANN as unworkable because they pander only to commercial interests, especially billion dollar companies like Network Solutions, who don't want to see their cash cow killed.
the AC
Re:Tech Supporters Have tried this....
on
Anticryptography
·
· Score: 2
An article on NLP was what gave me my/. nick, it was meant to indicate clarity in the transfer of information. Cyphering and Encrypting are designed to hide the meaning of info, Anti-Cyphering is meant to be a way of uncovering information that might be needed by someone or a computer process.
Computers, however, do not deal with ambiguity very well. They need 100% perfect transfer of information
This is where the term anti-cyphering was used in an NLP environment, in discussions of UML and how to transfer non-perfect information from one process to another, and how to be able to include additional information if needed. The follow-on to those discussions became projects like XML, where just about any free-form descriptions could be allowed, in the hopes two processes could communicate, with or without a common framework.
In my brief foray into programming a few years ago, I just couldn't come up with ways to make two processes communicate witout a common framework. The goal was to get various pieces of network equipment to communicate management information, whether or not they were originally designed to do so. Rather a fruitless exercise, for which a now defunct company paid rather well.
This thread and a few others could well be put under the previous article on Comp Sci vs. Comp Engineering. It is a good example of information theory which can best be studied in the abstract.
the AC
it was not uncome for mothers to fellate their sons This occurs in many cultures, from China to the Brazilian rain forests. Baby boys will stop crying when their mothers felate them, and will often go right to sleep. Its only in "westernized" culture that the practice has been supressed as taboo.
Hatch tried to make a new BSG film a few years ago. He was in Luxembourg scouting locations, interviewing talent agencies, and lining up funding. But then it emerged he didn't hold all the rights to the film, and left a lot of people rather upset.
He is a nice guy, but very "hollywood". I met him at a number of parties (Lux is only a couple of hours away by car, and can be a great place to party in you know the right people). He had everyone excited about shooting in Lux, where the tax credits and other government incentives attract a lot of film crews. He had a casting agency hire a bunch of people, including YT, for various parts in the film. His vision for a tightly integrated story arc with an eye toward scientific details had everyone impressed, and he had a sample script that seemed very well done. He clearly had put a lot of thought into the film over many years, since BSG pretty much defined his entire career. And he looks like he is pushing 55 or 60 now.
Then he went back to Hollywood, and filming never happened. Some SFX company was hoping to sell him their warez, and had done up many minutes of rendered vipers and such. The casting agency was left with a large unpaid bill. Principal actors had left gaps in their schedules to accomodate shooting, and then had to scramble to find work.
Since then, the whole film crowd in Lux has a bitter taste in the mouth about BSG, but it is fun to watch the various machinations as people fight over the right to remake a guaranteed nostalgic money maker. It does depend on who makes it, and whether they pay attention to all the fans input on what was loved, and what was hated. Hatch didn't have any kids, wesley crushers, toy robots, or stupid plot devices in his script.
the AC
And the Charlie Brown award goes to...
on
CowboyNeal Speaks
·
· Score: 4
For the most wishy-washy answers of any/. interview, this interview has to take the prize.
Either the cowboy has almost no sense of humour, culture, charisma or taste. Where's the wit? Where's the insightful, well thought out answers? Where's some additional information I couldn't get from a magic 8 ball? Where are the inside jokes to beowulf clusters, first posts or this week's net-meme, ALL YOUR BASES?
Its my serious hope that our beloved cowboy has been out on a long binge, sampling every brew known to man and sampling as many delightful young ladies as humanly possible. And when he came to he ripped out those answers in 2.3 minutes chrono before the aspirin kicked in. Its the only excuse I'll accept.
Making copies and ordering parts is not terribly useful practical experience, and isn't likely to lead to Real Work.
But ordering parts is one of the most vital skills an engineer needs in any company, large or small. And an engineer who can't make his own copies will end up as a dilbert joke around the office.
My first few co-op jobs were purely practical and had lots of hands-on experience, mostly as scab replacement for striking workers. I was thrown into the deep end of the job after one day of training, and did the same repetitive job for 3 months. I was too exhausted at the end of each day to learn more than about another 4 hours of whatever I could before going home:-) But what I didn't learn was how offices worked.
My first real job out of school I started as a low level grunt, despite my shiny new degree. One of the first tasks I had to do was order a whole bunch of parts for a project, and it took me weeks to figure out the purchasing system, how to properly write up RFPs following company guidelines, who to charm in the purchasing department to get things to happen quickly. If I had learned as an apprentice how to run a purchase order through the system, I could have completed my first real task in about 2 days, not 27. A real eye opener, and a skill I have to rely on no matter what type of job I'm doing, even today.
So when you are a co-op, you should be learning all the little office skills that will become a constant background noise later in life. Learn how to make photocopies, and how the copier works (ask a secretary how to load toner and special paper). Learn how office phone systems work, and how to leave a professional sounding voice mail OGM every day. Learn how shipping/receiving works. Learn how to run a purchase order through the system. Learn how to send faxes properly with cover sheets. Learn what not to do, such as changing the inhouse network without the express permission of the network manager, lest ye become BOFH fodder.
I know one big organisation where the IS/IT directorate gets a load of PFYs every summer school break. Even though these kids are the offspring of upper level administrators and diplomats, they all get the same grunt job for the first three days, cleaning telephone handsets and keyboards (this was in Germany, where almost everyone smoked, you can imagine how bad a handset smells after a year with a chain smoker). Even I had to spend my first day scrubbing them clean, despite my supposed role as high-priced and very experienced telecoms consultant. It was a time honored tradition in the telecoms group that every person, no matter how high a job they held, had to spend at least one day doing the job nobody ever wanted to do, but it provided a steady supply of clean and working telephones to put on new employees desks.
So get over your whinging about just doing grunt work with test equipment, and keep your eyes open for tons of other skills you can pick up while there. Later you will look back on those halcyon days with almost no responsibility and no expectations.
Spot on. Moderators, up the parent of this thread!
Allchin is a thug. An intelligent thug, but a thug nonetheless. He plays the heavy in negotiations where M$ are trying to bully a smaller company into giving away their only asset for a pittance. Are there any/. readers with first hand experience with Allchin? (most people who survive a double-barreled "negotiation" with an experienced M$ hit-team tend to take the cash and move to a tropical beach or teach kindergarten and never touch a computer again).
Allchin is a top-level M$ exec, and as such he must sit in high-level strategy meetings. Certainly the topic of these meetings is how to ensure their glorious leader can sleep better at night. So when a strategy committee punted around ideas on what is causing the holy emporer to lose sleep, the GPL came out as a major cause. The solution, obviously, is to attack the GPL by changing the laws it is based upon. If Disney can change copyright laws through the Bono act, M$ can tweak laws to eliminate the viral effects of the GPL.
So there is quite clearly a cleverly hidden M$ agenda to influence lawmakers in the US, and probably in the EU as well. Allchin just shot his mouth off to make himself seem smarter to some reporter, and tipped M$'s hand. Now they are in spin control.
If M$ follows their usual course of manipulation, there is already a "Political Interest Campaign" underway in Washington DC to "educate" senators on the evils of free software to the american way of life. There is a group of M$ lawyers creating some new laws which can be given to a senator's aides, and subsequently passed off as an original work by the "All-American Hero" senator. Those laws will change copyright slightly so the GPL loses its protections, and will cause the whole body of work to become public domain, or the copyright will be handed over to a "controlling IP body" similar to the MPAA/RIAA.
Others (TheDullBlade) are touching on these ideas in various threads, but missing the point on how the courts will be given new laws in which to invalidate the GPL.
Expect this to be a long and drawn out fight. I'll be keeping an eye on DG-13 activities for signs of changes to copyright law in the EU. Whatever influence M$ attempts in the US, they also tend to attempt in the EU.
One that comes up regularly on slashdot. Intellectual Property.
Bluetooth uptake is being limited by the lack of free (as in liberty) development environments. Similar to the way rambus sat on memory development committees and then ran out and patented everything. Similar to WAP and the patents and overbearing licensing schemes of phone.com. Bluetooth is heavily encumbered by IP, and it is frightening off many developers who are uncertain if their early investment will be stolen away by another rambus once they start to make a profit.
There have been a few feeble verbal promises by bluetooth IP holders not to stifle innovation by legal action, but nobody believes them. A friend who regularly attends all WAP and Bluetooth conferences says that you can hear the name rambus muttered in every side conversation. Ericsson and others make statements only lawyers could love, with all kinds of disclaimers to their promises, such as "during the startup phase, we will not actively enforce our patents" or "other IP holders who have properly cross-licensed our proprietary need not worry about future lawsuits".
Universities who have been licensed to play with early development kits have very restricted clauses. No student may create any freely available code, driver, technical description or hardware improvement. All improvements by students become the property of the original bluetooth group. It defeats the GPL before it can even be applied. And every university is required to obtain signatures from every student who uses bluetooth development kits before they ever set eyes on it. That is why several universities have turned them down, for infringing on academic freedom, although for every good uni, there is a greedy one who would sell out their students rights.
Once cheap development units become publically available, we'll have to see what kind of freedom we have to develop killer applications and protocols. If the bluetooth IP owners keep their promises and don't unleash the lawyers on free implementations, then bluetooth will become a great success. Until then, it looks to most as another doomed proprietary system.
Easy. 4 bit bus, 4 bit architecture, and 4x4 bit registers (command, decoder, decoder control(mask) and interim). It had 45 opcodes, all hardwired into just 2,300 transistors.
I used to have one, but gave it to a museum. Now on ebay they are fetching about US$100.
The term "IP Sharing" in this article is known as NAT or IP Masquerading to the rest of the world. There are a number of companies selling "IP Sharing" boxes that just do NAT.
It sounds like users in Korea are wiring entire blocks of flats for network access, sharing the cost of a single ADSL connection. That wouldn't be so bad, but then they put a web server on their connection criticising their operator for banning the practice in the ToS. Big mistake, there are tons of other places to put up your web site, like geocities. If you are going to bash a telecom, do it from another part of the internet, not on the wires they control.
This is just another battle between one business who supplies a scarce service to consumers, and other businesses who supply boxes to relieve the scarcity.
I've been trying to find a supplier of consumer grade internet access (DSL, cable or even dial) who will allow "group" access for small wireless installations. These would be similar to groups in major cities all over the world who want to create an alternative wireless internet, with a number of gateways to the wired internet. This has been difficult for consumer level access, but is possible with high cost professional style leased lines and individual ports on router.
The economics of consumer grade connections means that a restricted (in ToS) connection to a single computer can barely use more than.05% to 1% of the available bandwidth during any 24 hour period, and their profit calculations count on this. When approached by a non-mainstream use, they don't really understand how it might impact their severely under-engineered systems, so they get very obnoxious and end the discussion. However, if you are willing to spend the money, you can get a professional grade connection with very liberal ToS, but only over leased lines.
Some of us don't jump to conclusions, we test them. It is so we know what to avoid on the big, dangerous internet.
If you look at my post below, I created a spam catcher account with the name uni_21_bow_eton@feckless.co.uk (its dead now, probably too swamped with spam)
That address doesn't appear in any dictionary I know of, and it isn't likely to just magically appear on spammers lists. A number of other addresses of similar length never received any messages, except for a handful of test messages I sent back and forth.
It is merely selling your address to "approved" business partners, you agreed to that by accessing their site. Its those partners who are increasing their revenue by selling your address to spam lists. See, any marketing genius could spot the difference:-|
I've done the exact same thing as Worried Anonymous Coward (WAnCo?), where I set up a number of lengthy and obfuscated email addresses on a free mail service (let them deal with the spam). One of the addresses was used for amazon.co.uk's reference list, the others were never given out. Within hours the amazon account started receiving spam, the others have never received a message. I sent an email to never@amazon.co.uk from that account, but it hasn't stemmed the flow of spam.
Various "approved" amazon business partners include
Regular amazon marketing promotions
Instant diplomas for cash
Home mortgages
Make money fast with Internet Marketing (perfectly legal, it says so)
Various pr0n sites
One guy shopping his miserable resume around
I contacted the last guy from a separate account, asking him for more info and if he would like to come to work for a huge amount of money, since we needed workers in his area. When queried about how he managed to find our address, he wrote about buying a CDROM with 300,000 good, valid business addresses, all of whom had opted-in to the database. He realised after sending his resume to the first 50,000 that 90% of them bounced, and the remainder mostly generated hate mail and death threats. He was overjoyed to find a company actually interested in his spamming talents. I wonder if he is still waiting for the follow-up interview:-)
So now that address is burned onto CDs being sold to spammers everywhere. And only amazon.co.uk had ever been given the address. Its life on the internet, get used to it, information wants to be free.
In one network/system ops centre where I occasionally work, I'd put that number at about 1200 per month.
All of those CDRs are used to archive user data, configurations, and statistical bumph. None of the machines has any music/video capabilities, apart from some cheap consumer PCs with built in sound blaster functions. This additional tax will just increase operating costs for legitimate users, with the money going to pay the special interest groups lawyers.
This is just a proposal, and if the commission manages to upset enough large users of computing equipment, there will be tons of exemptions, tax refunds, loopholes, and other clauses allowing large data centres to recover the tax, but not the average small consumer.
I just asked this very question of my wife, my mistress, and my current girlfriend. Its two votes no, one yes. But now they want to check my history file and drop a sniffer on my local segment. Thank god for IPSec tunnels:-)
This is a highly unconvincing attempt at hyping what is in all likelihood a non-existant product.
Sound to me like a highly indexed hash table, with a large token space
by comparing each word with its predecessor and recording only the differences between words
Not enough details there, but 8:1 compression using a token/hash scheme sound reasonable. I've heard that web search engines (altavista, google, and their ilk) use a similar algorithm to obtain between 10:1 and 20:1 compression on web texts, since there is so much redundancy in web pages. Since most pages have identical lengthy string sequences (trashed slightly because I haven't the energy to figure out the/. html eater) similar to {HTML}{HEAD}{TITLE}foo{/TITLE}{/HEAD} they can be reduced to much tinier tokens, those 34 common ascii characters could be reduced to a 10-12 bit token, quite a savings.
Since I work with a lot of already compressed data, I discount any media compression claims. I'd avoid any storage media which incorporated hardware level compression, because it would eventually lead to problems. Real databases maintain their own raw partitions on disks, since they can create a highly efficient file system for their own purposes. When the hardware starts returning varying free space results because compression isnt working, DBs either fall over hard (sybase) or fill the logs with errors (oracle).
The magneto-optical-fluid disk sounds like they have a laboratory sized research project they hope to reduce to the footprint of a credit card, but they neglect to mention it towers 208 inches high:-)
with no conventionally moving parts
Whenever something sounds like a marketing press release, with modifying adjectives like conventionally, it pays to be skeptical, the forte of slashdot.
Goat. Gaaaahhhhhh. I grew up eating goat, and so I've always had an aversion to it, although Doug's was edible. The turkey was excellent, I'd forgotten their menu since its been quite a while since I was there. I don't even know what E&J is, but Flints was great until it got sold off a few years ago. La plus ca change....
OnTopicPost: Is anyone going to this linux conference? Here in europe, we've just had a couple back to back, in Paris and Brussels. Good stuff, but no late night barbeque:-)
I couldn't have made it through school without Doug's Barbeque, open until 3:00 AM most nights, 3600 San Pablo Blvd, Oakland. Not recommended for pasty white solitary geeks at 3:00 AM, due to its location under the freeway on the north edge of the seedier part of Oaktown. But worth it for the best ribs, fried chicken, roast lamb and slabs o'beef around.
It was those frenchies who fobbed the metric system on us. The brits are still resisting nicely.
But I do have to agree on the clocks, what with Brit Summer Time, Double Brit Summer Time, and other such nonsense. Add in random start and stop dates for DBST and BST, determined each year by a bunch of insane looneys calling themselves "Parliament" and then getting a Queen (obviously a highly trained chrono-astronomer, she) to approve those dates. This means you can never accurately predict in software routines when those brits will be changing their clocks next year, requiring regular patches to your code. Even M$ has trouble keeping it straight:-)
The site doesn't seem to have any information on any new programs, with the exception of the new version number FWD III (third attempt, I presume).
There was one big reason why this project, and a number of similar ones, failed over the last few years. Unmetered access only exists in a few areas of the world, the rest of us have to pay for our local phone calls. When I plug my analog phone line into a SIP gateway and allow people to dial out on it, I end up paying for the local phone call. If I were in a popular place, such as London or Paris, I could end up with a phone bill in the thousands of dollars each month for providing my dialtone to people on the internet.
Does someone have a link to more detailed information on FWD III? It would be interesting to see what they are doing with SIP gateways on broadband connections, just for IP to IP conversations.
fuck off and die you ^W^W^W^W^WNo! Nobody gets full access to everything, and the only people with dangerous access have to prove themselves competent enough not to be dangerous.
At some point in the future, you will be asked to justify your refusal. Start making a list of reasons, with a carefully written justification for each one. Cite some good examples. Ensure you don't have anyone in your org with unlimited access. Clean up your own act, in case this power crazy CSO tries to ream you for refusing. Make the justifications part of your written security policy.
It sounds like your "security" officer got the job without any formal training in a true security background. In any large organisation, no person should have absolute power. Powerful functions should be divided up between different people to prevent any lone individual from harming too much of the system.
One of the basic rules of security, whether it is handling cash or running a network, is the separation of duties. I don't know of any bank which allows any person, even the president, full access to everything. There has to be a system of human checks and balances whenever there is something of high value to be protected. If she doesn't understand this, try to make it clear to her superiours that her request is so completely off the scale it makes her the biggest threat to the company.
I'm going to spread some follow-up comments around other threads about the competency of a security officer. The only people with root/admin/enable access should be those who have demonstrated a strong skill and professional understanding of each system. Your unix admins should not have router passwords, and so on.
I'll add, check your routing daemons, if you are running any. Look for routed, the RIP daemon. Older versions might be confused by your tunnel, and either adding, dropping, or changing the routes between the two machines. Unless you know you are getting RIP updates from a nearby router, its probably a good idea not to run routed.
Go with static routes for most simple installations, only routers need to speak routing protocols. Its best to play with routing protocols when you have the machines sitting next to each other, rather than one far away.
15 or more years ago, hotels in many countries, especially eastern block, were required to hold onto the passports of all foreign travelers. This is so the police could come around every evening and check them out. There are still some countries that require it, but I can't remember having to leave my passport in a hotel in the last 5 years, but many countries still require you to show it on check-in.
In some countries, you cannot receive your work permit until you hand your passport over to your employer. Certainly Oman does this, I've had to leave my passport with the client for the month I was doing work. This is to keep foreign workers from fleeing before the end of their contract. If you don't want the huge amount of money for relatively easy work, then don't hand over your passport.
I've handed my passport over to company representitives so they can run it around the local bureaucracy to get the appropriate visa and work permit stamps. There is a degree of trust in doing that, I'll admit.
Oh, and London doesn't have good curries, Mumbai does.
Curse you! Now Mumbai is on my list of places I have to visit in my lifetime.:-)
Its true, London itself doesn't have good curries, and Brick Lane only rates a so-so. Bradford has good curries, far better than the dodgy Bangladeshi food being passed off as Indian in most of London. But now we're splitting hairs.
Slashdot Mirror
you will need to develop a means of synchronizing passwords across the enterprise. This is a task in itself.
/. rather than find the budget to bring in some real security professionals for guidance.
This is such a huge task, there really doesn't exist any simple solution.
A variety of schemes have been created to provide single logon capabilities, the most recent and most promising is directory services, the protocol is called LDAP. Directory services exist in Novell (NDS), M$ has a tech called ActiveDirectory, Cisco has Directory Enabled Networking, there are add ons for Oracle DBs, and the list goes on. Check into LDAP based security authentication and authorization products for each system you have to convert. You'll be out of luck for older systems, but even if you can add directory services to half what you need, people will notice the improvement.
I don't know of any security dongle/card/biometrics reader that can easily allow logons to legacy applications or bespoke systems. A tremendous amount of engineering effort will be required to change the logon/authorization mechanisms, and if you don't know what you are doing you will probably create all kinds of security holes.
Since the TLA has asked jmiller to find a way to circumvent statewide mainframe access controls, it shows a level of naivety bordering on the criminal. If I were running an important legacy system which required each user to authenticate through a tested and understood mechanism, I would immediately cut access to any little agency that tried to automate that process. Certainly access should be denied if they choose an engineer who had to post a question to
the AC
Really, how long do you think it will be before they require all .com registrations to be real companies?
.com is exluded from claiming any non-dotcom address. This would keep mcdonalds.com from also claiming mcdonalds.org and mcdonalds.net ad infinitum. There might be some allowances to allow mcdonalds.co.uk or .co.au, where they can show a valid, physical business presence.
.com, all the other speculations such as verizonreallysucks.com would be eliminated, drying up the revenue.
.sucks, .tm, and probably even .sex and .xxx. Then there couldn't be a pentium.com, intel would have to register it under pentium.tm if they wanted to have a dedicated website.
This is the way it should be. If you obtain a domain name under one TLD, it should preclude you from obtaining the same under any other TLDs. It could be in the agreement/eula/ToS that a company which claims an address on
This would end most domain speculation, force everyone to be under the most correct TLD, and keep the lawyers at bay. Sanity would rule, the WIPO jackrabbit courts would essentially cease to exist, and the rest of us could get on with building a better network for the future.
Since this would end much domain speculation, the income from domain registry would be significantly less than over the last few years. With only real commercial enitities paying for
If this were to happen, there would be a strong need for
A very good idea, which has been suggested by many intelligent people on numerous occasions. It has always been shot down by the ICANN as unworkable because they pander only to commercial interests, especially billion dollar companies like Network Solutions, who don't want to see their cash cow killed.
the AC
An article on NLP was what gave me my /. nick, it was meant to indicate clarity in the transfer of information. Cyphering and Encrypting are designed to hide the meaning of info, Anti-Cyphering is meant to be a way of uncovering information that might be needed by someone or a computer process.
Computers, however, do not deal with ambiguity very well. They need 100% perfect transfer of information
This is where the term anti-cyphering was used in an NLP environment, in discussions of UML and how to transfer non-perfect information from one process to another, and how to be able to include additional information if needed. The follow-on to those discussions became projects like XML, where just about any free-form descriptions could be allowed, in the hopes two processes could communicate, with or without a common framework.
In my brief foray into programming a few years ago, I just couldn't come up with ways to make two processes communicate witout a common framework. The goal was to get various pieces of network equipment to communicate management information, whether or not they were originally designed to do so. Rather a fruitless exercise, for which a now defunct company paid rather well.
This thread and a few others could well be put under the previous article on Comp Sci vs. Comp Engineering. It is a good example of information theory which can best be studied in the abstract.
the AC
it was not uncome for mothers to fellate their sons
This occurs in many cultures, from China to the Brazilian rain forests. Baby boys will stop crying when their mothers felate them, and will often go right to sleep. Its only in "westernized" culture that the practice has been supressed as taboo.
"anticryptography" just sounds like a technobabbly buzzword, pretentiously constructed to sell books
Sounds good to me!
the, ummm, AntiCypher (no relation, really)
Hatch tried to make a new BSG film a few years ago. He was in Luxembourg scouting locations, interviewing talent agencies, and lining up funding. But then it emerged he didn't hold all the rights to the film, and left a lot of people rather upset.
He is a nice guy, but very "hollywood". I met him at a number of parties (Lux is only a couple of hours away by car, and can be a great place to party in you know the right people). He had everyone excited about shooting in Lux, where the tax credits and other government incentives attract a lot of film crews. He had a casting agency hire a bunch of people, including YT, for various parts in the film. His vision for a tightly integrated story arc with an eye toward scientific details had everyone impressed, and he had a sample script that seemed very well done. He clearly had put a lot of thought into the film over many years, since BSG pretty much defined his entire career. And he looks like he is pushing 55 or 60 now.
Then he went back to Hollywood, and filming never happened. Some SFX company was hoping to sell him their warez, and had done up many minutes of rendered vipers and such. The casting agency was left with a large unpaid bill. Principal actors had left gaps in their schedules to accomodate shooting, and then had to scramble to find work.
Since then, the whole film crowd in Lux has a bitter taste in the mouth about BSG, but it is fun to watch the various machinations as people fight over the right to remake a guaranteed nostalgic money maker. It does depend on who makes it, and whether they pay attention to all the fans input on what was loved, and what was hated. Hatch didn't have any kids, wesley crushers, toy robots, or stupid plot devices in his script.
the AC
For the most wishy-washy answers of any /. interview, this interview has to take the prize.
Either the cowboy has almost no sense of humour, culture, charisma or taste. Where's the wit? Where's the insightful, well thought out answers? Where's some additional information I couldn't get from a magic 8 ball? Where are the inside jokes to beowulf clusters, first posts or this week's net-meme, ALL YOUR BASES?
Its my serious hope that our beloved cowboy has been out on a long binge, sampling every brew known to man and sampling as many delightful young ladies as humanly possible. And when he came to he ripped out those answers in 2.3 minutes chrono before the aspirin kicked in. Its the only excuse I'll accept.
the AC
Making copies and ordering parts is not terribly useful practical experience, and isn't likely to lead to Real Work.
:-) But what I didn't learn was how offices worked.
But ordering parts is one of the most vital skills an engineer needs in any company, large or small. And an engineer who can't make his own copies will end up as a dilbert joke around the office.
My first few co-op jobs were purely practical and had lots of hands-on experience, mostly as scab replacement for striking workers. I was thrown into the deep end of the job after one day of training, and did the same repetitive job for 3 months. I was too exhausted at the end of each day to learn more than about another 4 hours of whatever I could before going home
My first real job out of school I started as a low level grunt, despite my shiny new degree. One of the first tasks I had to do was order a whole bunch of parts for a project, and it took me weeks to figure out the purchasing system, how to properly write up RFPs following company guidelines, who to charm in the purchasing department to get things to happen quickly. If I had learned as an apprentice how to run a purchase order through the system, I could have completed my first real task in about 2 days, not 27. A real eye opener, and a skill I have to rely on no matter what type of job I'm doing, even today.
So when you are a co-op, you should be learning all the little office skills that will become a constant background noise later in life. Learn how to make photocopies, and how the copier works (ask a secretary how to load toner and special paper). Learn how office phone systems work, and how to leave a professional sounding voice mail OGM every day. Learn how shipping/receiving works. Learn how to run a purchase order through the system. Learn how to send faxes properly with cover sheets. Learn what not to do, such as changing the inhouse network without the express permission of the network manager, lest ye become BOFH fodder.
I know one big organisation where the IS/IT directorate gets a load of PFYs every summer school break. Even though these kids are the offspring of upper level administrators and diplomats, they all get the same grunt job for the first three days, cleaning telephone handsets and keyboards (this was in Germany, where almost everyone smoked, you can imagine how bad a handset smells after a year with a chain smoker). Even I had to spend my first day scrubbing them clean, despite my supposed role as high-priced and very experienced telecoms consultant. It was a time honored tradition in the telecoms group that every person, no matter how high a job they held, had to spend at least one day doing the job nobody ever wanted to do, but it provided a steady supply of clean and working telephones to put on new employees desks.
So get over your whinging about just doing grunt work with test equipment, and keep your eyes open for tons of other skills you can pick up while there. Later you will look back on those halcyon days with almost no responsibility and no expectations.
the AC
Spot on. Moderators, up the parent of this thread!
/. readers with first hand experience with Allchin? (most people who survive a double-barreled "negotiation" with an experienced M$ hit-team tend to take the cash and move to a tropical beach or teach kindergarten and never touch a computer again).
Allchin is a thug. An intelligent thug, but a thug nonetheless. He plays the heavy in negotiations where M$ are trying to bully a smaller company into giving away their only asset for a pittance. Are there any
Allchin is a top-level M$ exec, and as such he must sit in high-level strategy meetings. Certainly the topic of these meetings is how to ensure their glorious leader can sleep better at night. So when a strategy committee punted around ideas on what is causing the holy emporer to lose sleep, the GPL came out as a major cause. The solution, obviously, is to attack the GPL by changing the laws it is based upon. If Disney can change copyright laws through the Bono act, M$ can tweak laws to eliminate the viral effects of the GPL.
So there is quite clearly a cleverly hidden M$ agenda to influence lawmakers in the US, and probably in the EU as well. Allchin just shot his mouth off to make himself seem smarter to some reporter, and tipped M$'s hand. Now they are in spin control.
If M$ follows their usual course of manipulation, there is already a "Political Interest Campaign" underway in Washington DC to "educate" senators on the evils of free software to the american way of life. There is a group of M$ lawyers creating some new laws which can be given to a senator's aides, and subsequently passed off as an original work by the "All-American Hero" senator. Those laws will change copyright slightly so the GPL loses its protections, and will cause the whole body of work to become public domain, or the copyright will be handed over to a "controlling IP body" similar to the MPAA/RIAA.
Others (TheDullBlade) are touching on these ideas in various threads, but missing the point on how the courts will be given new laws in which to invalidate the GPL.
Expect this to be a long and drawn out fight. I'll be keeping an eye on DG-13 activities for signs of changes to copyright law in the EU. Whatever influence M$ attempts in the US, they also tend to attempt in the EU.
the AC
One that comes up regularly on slashdot. Intellectual Property.
Bluetooth uptake is being limited by the lack of free (as in liberty) development environments. Similar to the way rambus sat on memory development committees and then ran out and patented everything. Similar to WAP and the patents and overbearing licensing schemes of phone.com. Bluetooth is heavily encumbered by IP, and it is frightening off many developers who are uncertain if their early investment will be stolen away by another rambus once they start to make a profit.
There have been a few feeble verbal promises by bluetooth IP holders not to stifle innovation by legal action, but nobody believes them. A friend who regularly attends all WAP and Bluetooth conferences says that you can hear the name rambus muttered in every side conversation. Ericsson and others make statements only lawyers could love, with all kinds of disclaimers to their promises, such as "during the startup phase, we will not actively enforce our patents" or "other IP holders who have properly cross-licensed our proprietary need not worry about future lawsuits".
Universities who have been licensed to play with early development kits have very restricted clauses. No student may create any freely available code, driver, technical description or hardware improvement. All improvements by students become the property of the original bluetooth group. It defeats the GPL before it can even be applied. And every university is required to obtain signatures from every student who uses bluetooth development kits before they ever set eyes on it. That is why several universities have turned them down, for infringing on academic freedom, although for every good uni, there is a greedy one who would sell out their students rights.
Once cheap development units become publically available, we'll have to see what kind of freedom we have to develop killer applications and protocols. If the bluetooth IP owners keep their promises and don't unleash the lawyers on free implementations, then bluetooth will become a great success. Until then, it looks to most as another doomed proprietary system.
the AC
Easy. 4 bit bus, 4 bit architecture, and 4x4 bit registers (command, decoder, decoder control(mask) and interim). It had 45 opcodes, all hardwired into just 2,300 transistors.
I used to have one, but gave it to a museum. Now on ebay they are fetching about US$100.
the AC
The term "IP Sharing" in this article is known as NAT or IP Masquerading to the rest of the world. There are a number of companies selling "IP Sharing" boxes that just do NAT.
.05% to 1% of the available bandwidth during any 24 hour period, and their profit calculations count on this. When approached by a non-mainstream use, they don't really understand how it might impact their severely under-engineered systems, so they get very obnoxious and end the discussion. However, if you are willing to spend the money, you can get a professional grade connection with very liberal ToS, but only over leased lines.
It sounds like users in Korea are wiring entire blocks of flats for network access, sharing the cost of a single ADSL connection. That wouldn't be so bad, but then they put a web server on their connection criticising their operator for banning the practice in the ToS. Big mistake, there are tons of other places to put up your web site, like geocities. If you are going to bash a telecom, do it from another part of the internet, not on the wires they control.
This is just another battle between one business who supplies a scarce service to consumers, and other businesses who supply boxes to relieve the scarcity.
I've been trying to find a supplier of consumer grade internet access (DSL, cable or even dial) who will allow "group" access for small wireless installations. These would be similar to groups in major cities all over the world who want to create an alternative wireless internet, with a number of gateways to the wired internet. This has been difficult for consumer level access, but is possible with high cost professional style leased lines and individual ports on router.
The economics of consumer grade connections means that a restricted (in ToS) connection to a single computer can barely use more than
the AC
Some of us don't jump to conclusions, we test them. It is so we know what to avoid on the big, dangerous internet.
If you look at my post below, I created a spam catcher account with the name uni_21_bow_eton@feckless.co.uk (its dead now, probably too swamped with spam)
That address doesn't appear in any dictionary I know of, and it isn't likely to just magically appear on spammers lists. A number of other addresses of similar length never received any messages, except for a handful of test messages I sent back and forth.
the AC
I've done the exact same thing as Worried Anonymous Coward (WAnCo?), where I set up a number of lengthy and obfuscated email addresses on a free mail service (let them deal with the spam). One of the addresses was used for amazon.co.uk's reference list, the others were never given out. Within hours the amazon account started receiving spam, the others have never received a message. I sent an email to never@amazon.co.uk from that account, but it hasn't stemmed the flow of spam.
Various "approved" amazon business partners include
Regular amazon marketing promotions
Instant diplomas for cash
Home mortgages
Make money fast with Internet Marketing (perfectly legal, it says so)
Various pr0n sites
One guy shopping his miserable resume around
:-)
I contacted the last guy from a separate account, asking him for more info and if he would like to come to work for a huge amount of money, since we needed workers in his area. When queried about how he managed to find our address, he wrote about buying a CDROM with 300,000 good, valid business addresses, all of whom had opted-in to the database. He realised after sending his resume to the first 50,000 that 90% of them bounced, and the remainder mostly generated hate mail and death threats. He was overjoyed to find a company actually interested in his spamming talents. I wonder if he is still waiting for the follow-up interview
So now that address is burned onto CDs being sold to spammers everywhere. And only amazon.co.uk had ever been given the address. Its life on the internet, get used to it, information wants to be free.
the AC
Out of the past40 CDRs I bought
In one network/system ops centre where I occasionally work, I'd put that number at about 1200 per month.
All of those CDRs are used to archive user data, configurations, and statistical bumph. None of the machines has any music/video capabilities, apart from some cheap consumer PCs with built in sound blaster functions. This additional tax will just increase operating costs for legitimate users, with the money going to pay the special interest groups lawyers.
This is just a proposal, and if the commission manages to upset enough large users of computing equipment, there will be tons of exemptions, tax refunds, loopholes, and other clauses allowing large data centres to recover the tax, but not the average small consumer.
the AC
Shouldn't this be a slashdot poll?
:-)
I just asked this very question of my wife, my mistress, and my current girlfriend. Its two votes no, one yes. But now they want to check my history file and drop a sniffer on my local segment. Thank god for IPSec tunnels
the AC
Add my no vote to your tally
This is a highly unconvincing attempt at hyping what is in all likelihood a non-existant product.
/. html eater) similar to {HTML}{HEAD}{TITLE}foo{/TITLE}{/HEAD} they can be reduced to much tinier tokens, those 34 common ascii characters could be reduced to a 10-12 bit token, quite a savings.
:-)
Sound to me like a highly indexed hash table, with a large token space
by comparing each word with its predecessor and recording only the differences between words
Not enough details there, but 8:1 compression using a token/hash scheme sound reasonable. I've heard that web search engines (altavista, google, and their ilk) use a similar algorithm to obtain between 10:1 and 20:1 compression on web texts, since there is so much redundancy in web pages. Since most pages have identical lengthy string sequences (trashed slightly because I haven't the energy to figure out the
Since I work with a lot of already compressed data, I discount any media compression claims. I'd avoid any storage media which incorporated hardware level compression, because it would eventually lead to problems. Real databases maintain their own raw partitions on disks, since they can create a highly efficient file system for their own purposes. When the hardware starts returning varying free space results because compression isnt working, DBs either fall over hard (sybase) or fill the logs with errors (oracle).
The magneto-optical-fluid disk sounds like they have a laboratory sized research project they hope to reduce to the footprint of a credit card, but they neglect to mention it towers 208 inches high
with no conventionally moving parts
Whenever something sounds like a marketing press release, with modifying adjectives like conventionally, it pays to be skeptical, the forte of slashdot.
the AC
Goat. Gaaaahhhhhh. I grew up eating goat, and so I've always had an aversion to it, although Doug's was edible. The turkey was excellent, I'd forgotten their menu since its been quite a while since I was there. I don't even know what E&J is, but Flints was great until it got sold off a few years ago. La plus ca change....
:-)
OnTopicPost: Is anyone going to this linux conference? Here in europe, we've just had a couple back to back, in Paris and Brussels. Good stuff, but no late night barbeque
the AC
Hey, is there good barbeque in Oakland?
I couldn't have made it through school without Doug's Barbeque, open until 3:00 AM most nights, 3600 San Pablo Blvd, Oakland. Not recommended for pasty white solitary geeks at 3:00 AM, due to its location under the freeway on the north edge of the seedier part of Oaktown. But worth it for the best ribs, fried chicken, roast lamb and slabs o'beef around.
the AC
It was those frenchies who fobbed the metric system on us. The brits are still resisting nicely.
:-)
But I do have to agree on the clocks, what with Brit Summer Time, Double Brit Summer Time, and other such nonsense. Add in random start and stop dates for DBST and BST, determined each year by a bunch of insane looneys calling themselves "Parliament" and then getting a Queen (obviously a highly trained chrono-astronomer, she) to approve those dates. This means you can never accurately predict in software routines when those brits will be changing their clocks next year, requiring regular patches to your code. Even M$ has trouble keeping it straight
the AC
The site doesn't seem to have any information on any new programs, with the exception of the new version number FWD III (third attempt, I presume).
There was one big reason why this project, and a number of similar ones, failed over the last few years. Unmetered access only exists in a few areas of the world, the rest of us have to pay for our local phone calls. When I plug my analog phone line into a SIP gateway and allow people to dial out on it, I end up paying for the local phone call. If I were in a popular place, such as London or Paris, I could end up with a phone bill in the thousands of dollars each month for providing my dialtone to people on the internet.
Does someone have a link to more detailed information on FWD III? It would be interesting to see what they are doing with SIP gateways on broadband connections, just for IP to IP conversations.
the AC
This could be a test, or just a clueless CSO.
Either way, there is only one correct response:
fuck off and die you ^W^W^W^W^WNo! Nobody gets full access to everything, and the only people with dangerous access have to prove themselves competent enough not to be dangerous.
At some point in the future, you will be asked to justify your refusal. Start making a list of reasons, with a carefully written justification for each one. Cite some good examples. Ensure you don't have anyone in your org with unlimited access. Clean up your own act, in case this power crazy CSO tries to ream you for refusing. Make the justifications part of your written security policy.
the AC
It sounds like your "security" officer got the job without any formal training in a true security background. In any large organisation, no person should have absolute power. Powerful functions should be divided up between different people to prevent any lone individual from harming too much of the system.
One of the basic rules of security, whether it is handling cash or running a network, is the separation of duties. I don't know of any bank which allows any person, even the president, full access to everything. There has to be a system of human checks and balances whenever there is something of high value to be protected. If she doesn't understand this, try to make it clear to her superiours that her request is so completely off the scale it makes her the biggest threat to the company.
I'm going to spread some follow-up comments around other threads about the competency of a security officer. The only people with root/admin/enable access should be those who have demonstrated a strong skill and professional understanding of each system. Your unix admins should not have router passwords, and so on.
the AC
TBone beat me to it.
I'll add, check your routing daemons, if you are running any. Look for routed, the RIP daemon. Older versions might be confused by your tunnel, and either adding, dropping, or changing the routes between the two machines. Unless you know you are getting RIP updates from a nearby router, its probably a good idea not to run routed.
Go with static routes for most simple installations, only routers need to speak routing protocols. Its best to play with routing protocols when you have the machines sitting next to each other, rather than one far away.
the AC
You obviously haven't traveled much.
15 or more years ago, hotels in many countries, especially eastern block, were required to hold onto the passports of all foreign travelers. This is so the police could come around every evening and check them out. There are still some countries that require it, but I can't remember having to leave my passport in a hotel in the last 5 years, but many countries still require you to show it on check-in.
In some countries, you cannot receive your work permit until you hand your passport over to your employer. Certainly Oman does this, I've had to leave my passport with the client for the month I was doing work. This is to keep foreign workers from fleeing before the end of their contract. If you don't want the huge amount of money for relatively easy work, then don't hand over your passport.
I've handed my passport over to company representitives so they can run it around the local bureaucracy to get the appropriate visa and work permit stamps. There is a degree of trust in doing that, I'll admit.
the AC
Oh, and London doesn't have good curries, Mumbai does.
:-)
Curse you! Now Mumbai is on my list of places I have to visit in my lifetime.
Its true, London itself doesn't have good curries, and Brick Lane only rates a so-so. Bradford has good curries, far better than the dodgy Bangladeshi food being passed off as Indian in most of London. But now we're splitting hairs.
the AC