More than a few workplaces hold fire drills to gauge readiness for a fire.
Some time back, everyone connected to the US Air Force (military, civil service, contractors, you name it) had to go through basic "here's how to not fuck up your password security" training. Everyone from generals to secretaries.
Few weeks later, an AF-wide email was sent out from the internal security people. It was very short (I forget the exact text), and it pointed people at a.mil website.
The website had a simple "type in your username and password" form.
Ungodly numbers of people blindly typed it in. Everyone from generals to secretaries. Clicking on the "submit" button logged your username in a database of Incredibly Stupid Gullible People who immediately had their accounts locked.:-)
(Some of the smart people in my branch just killed the web browser without entering anything. I think my coworker and I entered name/pass pairs like "verycutetrick/nicetry".)
A few days later, another AF-wide email from the security people, scolding everyone. Those who had fucked up were required to write a half-page essay justifying why they should have their account re-enabled even though they just handed access to an unknown group of people. I was pleased.
A few days after that, the essay requirement was revoked. Seems some N-star general with more stars than functioning neurons felt he shouldn't have to justify himself to anyone. I was disappointed.
Now we have card readers in addition to passwords. Pull out the card, the terminal locks. And the "if you mess up, your account is revoked" rule is (finally!) enforced by official AF directive.
Something else that just occured to me: I'm still on the "old" SBC/Ameritech service. Thus far I've not gone to their site to downgrade to the Yahoo! service, and I won't until I'm forced to.
No idea whether that makes a difference or not; the change may only be in billing and annoying services, not back-end authentication.
I also am forced to use SBC CrapperNet (please, Speakeasy, please), and have a simple Linksys home router sitting between my box and the modem.
The trick is to use the direct connection for your initial signup (this sets the PPPoE username/password on their end), then drop the router in place and tell it about the PPPoE settings. I don't believe I had to do the MAC cloning bit.
Then throw out the CrapperNet stuff and simply point your computer to the router, just like a standard net connection.
If you're unlazy enough to read the article, you're unlazy enough to click the link to my homepage. I think you'll find (unless you're determined to never admit your own mistakes) that I'm a programmer, not an astroturfer.
I find plenty of positive aspects to the article; several other/. readers have already pointed them out. You'll have seen those, unless you're deliberately ignoring all the +5 posts.
The simple fact is, this is not as bad as it could have been. Or as bad as it could become.
When I point out that (for example) Congress is threatening to block funding for TIA, I'm expecting that a discussion site that was truly concerned about privacy would welcome the news, post it, and encourage readers to write letters to their Congressional representative, saying, "yay, this is good, funding SHOULD be blocked unless they have these guarantees, keep up the good work."
At no point anywhere did I suggest that/. should post the news and say, "well, that problem's solved, everyone go to sleep now." It's dishonest of you to presume such a thing. And I would expect nobody on/. would be stupid enough to fall for it.
You don't get any points for the one-sided editorializing in the article body. It's extremely unprofessional, and is the major reason why I'm too embarassed to point friends and family (unaware of current issues) at/. news stories.
You (chrisd) do, however, get mega points for actually reading and responding to the/. comments. Most of the editors operate in a fire-and-forget mode. Seeing at least one editor actually participate in discussions is refreshing.
The privacy rights community generally views O'Connor Kelly as a consensus builder[...]
"One of the things we liked (about her job) at DoubleClick was that she worked hard to build relationships with the privacy community and to vet their new policies with these groups,"
But hey, it's the/. editor's professional duty to not pay attention to any positive side of the story.
The story later mentions the infamous Total Awareness Office, and notes that "Congress said it will suspend funding for the Defense Department project unless the administration can demonstrate that it will not violate constitutional privacy rights." Naturally, that runs counter to the/. rule that "every privacy-related story must be in alarmist mode" so the editors always reject my submissions regarding Congress' threat to put TIA on hold.
I've even seen IDE-over-Ethernet, although it was intended as a joke.
If you can tell me how to tunnel video signals over Ethernet, then I'll consider Ethernet. Until then, I'm liking the firewire idea that another poster talked about.
would be to store the heat-producing noisy things in a different room than the humans.
(Perhaps this is mentioned in the article. I can't tell because their webserver is on fire.)
Both at home and at work, I'm tired of noisy machines. I work to minimize the noise. I'd love to just say, "fuck it, be as noisy as you want," as I lovingly place all the equipment on the other side of a wall, leaving nothing but a monitor and the input devices in front of me.
Where I work (the R&D hub of the Air Force) has OC-12s and -48s and who knows what else, coming out of its ears.
But the link from inside to outside goes through so many filters and firewalls that reading email, loading a web page, or trying to download the latest security patch goes far far faster at home than at work.
(And it's not competing traffic from the rest of the base's inhabitants, either. Trying to pull stuff off the net in the middle of the night when nobody else is there isn't any faster. Grumble.)
You're confusing "Von Neumann device" with "Von Neumann {computer,architecture}", which is an easy mistake to make.
VN devices are what you said they are, and no, they don't exist yet.
A VN architecture (or "stored-program architecture") is one where the code for the program gets loaded into the same memory as the data for the program, i.e., essentially everything that you use today. This was in contrast to earlier architectures where the memory was used to store only runtime data, and the code was read in from, e.g., punch cards. A separated architecture still has its uses today, but they're not very common nor visible.
Turing machines are an abstract idea; all the current stuff are implementations of Turing machines. There is a difference but most people don't care.
at the scene in the recent The Count of Monte Christo movie, where the police of Napoleonic France come to arrest the hero.
"I place you under arrest."
"For what crime?"
"That information is secret." *clink*
When the crappy movie was first released, I remember one of my more airheaded friends crowing about how glad she was that "nonsense like that can't happen here, cuz this is AMERICA." (Moron.)
My first or second project on sourceforge was inspired by a severe lack of functionality in the 1.0 version of a particular piece of software. So I wrote a replacement; it went through a couple of revisions, then it achieved its purpose and stopped.
Since then, the other piece of software has been rewritten. Version 2.x does everything that I had originally wanted, and is official GNUware now. The last thing I did for the SF project was to change the homepage to read, "this is outdated, you really should use ThisOtherPackage 2.x, but here's the old stuff if you really want it."
The nice (if obvious) tool for XML is the parser. XML is specified so that any computer science undergrad could write one in a couple weeks. As a result, there are a lot of parsers out there and they all do the same thing. This makes XML easily read by machines as well as humans.
The limitation of XML that you will probably next notice that it does not assign any meaning to data.
[...]
The beauty if XML is that both of the two developers above should have written a specification for the way they did it. [...]
Uniform syntax for instructions and data, trivial to parse, no assumed meanings... So, with a little more effort, and maybe some standardization, XML will eventually reach the same place that LISP has been for decades.
If I may quote Sherlock Holmes, who was quoting the book of Ecclesiastes: There is nothing new under the sun. It has all been done before.
Use C, or not use C, that is the question:
Whether 'tis nobler in the mind to suffer
The flags and warnings of a rude compiler,
Or to take arms against a sea of errors,
And by debugging, fix them? To code, to hack,
No more; and by a hack to say we end
The type-check and the thousand other checks
Pascal is heir to, 'tis a compilation
Devoutly to be wish'd. To code, to hack;
To hack! perchance to test: ay, there's the rub;
For in that hacker's bliss what bugs may come,
When we have written out this awful code,
Must give us pause: there's the respect
That makes development of such long life.
Programmable completion has been in bash for a while now. See the original project page for more, or use the debian bash package, which includes the completion libraries by default.
I actually had to disable the cvs-subcommand-autocomplete. I would try to complete the name of an actual file, and the cvs-completion would fire... generating network traffic to the CVS server... taking forever... when all I wanted was a local filename.
Anyone spending more than a brief amount of time on a *nix system should learn how to use the basic sh commands, even if it's not their login shell? Why? Because 1) most system-level scripts are written in sh, and 2) when major programming languages perform a "shell" call, e.g., system(), it uses sh to do the work.
There is a POSIX specification of sh which cleans up all the wacky historical bugs. The resulting shell is actually ksh.
The csh/tcsh family were originally meant to be more friendly to programmers (a C-style syntax), but it all seriously backfired. Every other shell allows the user to write subroutines.
Not csh. Instead, you get a goto command. No, I'm not joking.
tcsh is just some user-friendly features added to csh, but the annoyances and lack of comparative features just doesn't make up for it.
The only real choices today as far as user login shells go are bash 2.x, ksh (ksh93, not ksh88), and zsh, all of which continue to cross-pollinate good ideas.
are watching the BBC video stream. It's much more clear and less "ooooh, shiny tanks!" than the major American newsfeeds. Pulling that stream over the transatlantic channels is always going to be slow.
A friend of mine told me he's only been watching the Naked News since the war started. Apparently reports of massive explosions, hundreds of tanks, and Iraqi citizens partying in the streets just seems to sound so much clearer when reported by nude people. I'll have to try it.
I'm tired of reassuring the coding standards people that, yes, such-and-such a pointer has been tested against the platinum/iridium void* kept in a vault in Paris.
...major OS that doesn't have some kind of filesystem-snapshot support.
And this, more than any marketspeak CTO buzzwords, is what prevents Linux's entry into really mainstream server usage. Every sysadmin senior enough to make the decision of "do we use Linux for " knows that backing up a live filesystem is simply stupid. Right now -- and for the foreseeable future, since nobody seems to be working on it -- you have to unmount a filesystem and then use a program that speaks raw devices. And there went your 24/7 customer uptime.
(The alternative solution is usually something like "run a mirrored RAID, then take one of the mirrors offline, back it up, and bring it back online." That only works when the RAID implementation isn't constantly being rewritten between every kernel release.)
Slashdot Mirror
Some time back, everyone connected to the US Air Force (military, civil service, contractors, you name it) had to go through basic "here's how to not fuck up your password security" training. Everyone from generals to secretaries.
Few weeks later, an AF-wide email was sent out from the internal security people. It was very short (I forget the exact text), and it pointed people at a .mil website.
The website had a simple "type in your username and password" form.
Ungodly numbers of people blindly typed it in. Everyone from generals to secretaries. Clicking on the "submit" button logged your username in a database of Incredibly Stupid Gullible People who immediately had their accounts locked. :-)
(Some of the smart people in my branch just killed the web browser without entering anything. I think my coworker and I entered name/pass pairs like "verycutetrick/nicetry".)
A few days later, another AF-wide email from the security people, scolding everyone. Those who had fucked up were required to write a half-page essay justifying why they should have their account re-enabled even though they just handed access to an unknown group of people. I was pleased.
A few days after that, the essay requirement was revoked. Seems some N-star general with more stars than functioning neurons felt he shouldn't have to justify himself to anyone. I was disappointed.
Now we have card readers in addition to passwords. Pull out the card, the terminal locks. And the "if you mess up, your account is revoked" rule is (finally!) enforced by official AF directive.
Something else that just occured to me: I'm still on the "old" SBC/Ameritech service. Thus far I've not gone to their site to downgrade to the Yahoo! service, and I won't until I'm forced to.
No idea whether that makes a difference or not; the change may only be in billing and annoying services, not back-end authentication.
I also am forced to use SBC CrapperNet (please, Speakeasy, please), and have a simple Linksys home router sitting between my box and the modem.
The trick is to use the direct connection for your initial signup (this sets the PPPoE username/password on their end), then drop the router in place and tell it about the PPPoE settings. I don't believe I had to do the MAC cloning bit.
Then throw out the CrapperNet stuff and simply point your computer to the router, just like a standard net connection.
If you're unlazy enough to read the article, you're unlazy enough to click the link to my homepage. I think you'll find (unless you're determined to never admit your own mistakes) that I'm a programmer, not an astroturfer.
I find plenty of positive aspects to the article; several other /. readers have already pointed them out. You'll have seen those, unless you're deliberately ignoring all the +5 posts.
The simple fact is, this is not as bad as it could have been. Or as bad as it could become.
Who the fuck said anything about falling asleep?
When I point out that (for example) Congress is threatening to block funding for TIA, I'm expecting that a discussion site that was truly concerned about privacy would welcome the news, post it, and encourage readers to write letters to their Congressional representative, saying, "yay, this is good, funding SHOULD be blocked unless they have these guarantees, keep up the good work."
At no point anywhere did I suggest that /. should post the news and say, "well, that problem's solved, everyone go to sleep now." It's dishonest of you to presume such a thing. And I would expect nobody on /. would be stupid enough to fall for it.
You don't get any points for the one-sided editorializing in the article body. It's extremely unprofessional, and is the major reason why I'm too embarassed to point friends and family (unaware of current issues) at
You (chrisd) do, however, get mega points for actually reading and responding to the /. comments. Most of the editors operate in a fire-and-forget mode. Seeing at least one editor actually participate in discussions is refreshing.
Of course they didn't.
But hey, it's the /. editor's professional duty to not pay attention to any positive side of the story.
The story later mentions the infamous Total Awareness Office, and notes that "Congress said it will suspend funding for the Defense Department project unless the administration can demonstrate that it will not violate constitutional privacy rights." Naturally, that runs counter to the /. rule that "every privacy-related story must be in alarmist mode" so the editors always reject my submissions regarding Congress' threat to put TIA on hold.
I've seen SCSI-over-Ethernet.
I've even seen IDE-over-Ethernet, although it was intended as a joke.
If you can tell me how to tunnel video signals over Ethernet, then I'll consider Ethernet. Until then, I'm liking the firewire idea that another poster talked about.
would be to store the heat-producing noisy things in a different room than the humans.
(Perhaps this is mentioned in the article. I can't tell because their webserver is on fire.)
Both at home and at work, I'm tired of noisy machines. I work to minimize the noise. I'd love to just say, "fuck it, be as noisy as you want," as I lovingly place all the equipment on the other side of a wall, leaving nothing but a monitor and the input devices in front of me.
My home ADSL is 1.5Mb.
Where I work (the R&D hub of the Air Force) has OC-12s and -48s and who knows what else, coming out of its ears.
But the link from inside to outside goes through so many filters and firewalls that reading email, loading a web page, or trying to download the latest security patch goes far far faster at home than at work.
(And it's not competing traffic from the rest of the base's inhabitants, either. Trying to pull stuff off the net in the middle of the night when nobody else is there isn't any faster. Grumble.)
A string of error messages due to unclosed sed expressions?
You're confusing "Von Neumann device" with "Von Neumann {computer,architecture}", which is an easy mistake to make.
VN devices are what you said they are, and no, they don't exist yet.
A VN architecture (or "stored-program architecture") is one where the code for the program gets loaded into the same memory as the data for the program, i.e., essentially everything that you use today. This was in contrast to earlier architectures where the memory was used to store only runtime data, and the code was read in from, e.g., punch cards. A separated architecture still has its uses today, but they're not very common nor visible.
Turing machines are an abstract idea; all the current stuff are implementations of Turing machines. There is a difference but most people don't care.
at the scene in the recent The Count of Monte Christo movie, where the police of Napoleonic France come to arrest the hero.
"I place you under arrest."
"For what crime?"
"That information is secret." *clink*
When the crappy movie was first released, I remember one of my more airheaded friends crowing about how glad she was that "nonsense like that can't happen here, cuz this is AMERICA." (Moron.)
My first or second project on sourceforge was inspired by a severe lack of functionality in the 1.0 version of a particular piece of software. So I wrote a replacement; it went through a couple of revisions, then it achieved its purpose and stopped.
Since then, the other piece of software has been rewritten. Version 2.x does everything that I had originally wanted, and is official GNUware now. The last thing I did for the SF project was to change the homepage to read, "this is outdated, you really should use ThisOtherPackage 2.x, but here's the old stuff if you really want it."
Great way to test the UPS batteries and auto-shutdown software is to walk over to the wall and yank the power cord of the UPS out of the socket.
Plugging it back in after 30 seconds is good way to test the "power came back, cancel the shutdown" part of the software, too.
Bastard, you nearly owed me the price of a new keyboard. Now I have to wipe coffee off of the walls instead.
Nice one!
Journeying from city to city looking for a job doesn't count.
(Okay, sorry, couldn't resist. I recognize the word, too, and I agree that this is a Good Thing To Be.)
Uniform syntax for instructions and data, trivial to parse, no assumed meanings... So, with a little more effort, and maybe some standardization, XML will eventually reach the same place that LISP has been for decades.
If I may quote Sherlock Holmes, who was quoting the book of Ecclesiastes: There is nothing new under the sun. It has all been done before.
Use C, or not use C, that is the question:
Whether 'tis nobler in the mind to suffer
The flags and warnings of a rude compiler,
Or to take arms against a sea of errors,
And by debugging, fix them? To code, to hack,
No more; and by a hack to say we end
The type-check and the thousand other checks
Pascal is heir to, 'tis a compilation
Devoutly to be wish'd. To code, to hack;
To hack! perchance to test: ay, there's the rub;
For in that hacker's bliss what bugs may come,
When we have written out this awful code,
Must give us pause: there's the respect
That makes development of such long life.
My notes credit this gem to Wes Munsil.
Programmable completion has been in bash for a while now. See the original project page for more, or use the debian bash package, which includes the completion libraries by default.
I actually had to disable the cvs-subcommand-autocomplete. I would try to complete the name of an actual file, and the cvs-completion would fire... generating network traffic to the CVS server... taking forever... when all I wanted was a local filename.
Some random facts:
The only real choices today as far as user login shells go are bash 2.x, ksh (ksh93, not ksh88), and zsh, all of which continue to cross-pollinate good ideas.
are watching the BBC video stream. It's much more clear and less "ooooh, shiny tanks!" than the major American newsfeeds. Pulling that stream over the transatlantic channels is always going to be slow.
A friend of mine told me he's only been watching the Naked News since the war started. Apparently reports of massive explosions, hundreds of tanks, and Iraqi citizens partying in the streets just seems to sound so much clearer when reported by nude people. I'll have to try it.
I'm tired of reassuring the coding standards people that, yes, such-and-such a pointer has been tested against the platinum/iridium void* kept in a vault in Paris.
I'm not claiming that dump provides the snapshot. The sequence goes like this:
Of course you don't dump a live filesystem. It's just stupid.
Moderators, this person was not informative, they were simply missing the point.
...major OS that doesn't have some kind of filesystem-snapshot support.
And this, more than any marketspeak CTO buzzwords, is what prevents Linux's entry into really mainstream server usage. Every sysadmin senior enough to make the decision of "do we use Linux for " knows that backing up a live filesystem is simply stupid. Right now -- and for the foreseeable future, since nobody seems to be working on it -- you have to unmount a filesystem and then use a program that speaks raw devices. And there went your 24/7 customer uptime.
(The alternative solution is usually something like "run a mirrored RAID, then take one of the mirrors offline, back it up, and bring it back online." That only works when the RAID implementation isn't constantly being rewritten between every kernel release.)