Had anyone actually seen or even heard of Topsy Turvy before last night? What's it about? Is it worth seeing?
Even though it didn't win any REAL awards (costume design IMHO is no a real award, and best makeup -- Fat Bastard's makeup was WAAAY better), I'm still curious about it.
I did a quick search on EBay for I-Opener, and turned up a bunch of auctions. The I-Opener hardware might not be making the good folks at NetAppliance a ton of money, but this guy seems to be cashing in.
I'm not sure if I agree with you completely. As a musician, you must already understand that the cost of one recording is always going to be higher than the actual media. By the time you've factored in the cost of studio time, recording media (tapes), traycard and insert design, production, mastering, and misc. things like replacing guitar string/amp tubes, you're charging multiples of the actual media cost to break even.
But, I completely agree with your mentality. There's a sound bite at the start of Dave Matthews's performance of Long Black Veil on the Johnny Cash tribute album that goes something like this: "In an era of manufactured stars, this artist earned his fan the old fashioned way. He earned their devotion night after night on the road, putting on great shows, and letting word of mouth take care of the rest." This is that way real music SHOULD be. I've never seen DMB live, but I'm travelling 13 hours to see them this summer. The same thing happens with other bands. Look at Phish. I don't remember ever seeing a Phish music video. As far as I know, I've never seen a television commercial or magazine ad for Phish. Yet, almost eveyone I know, knows OF Phish, and many people love them.
Even though that's the way music SHOULD work, that's not the way it DOES work. It's very unfornute that the 'new' music we see -- yes, see more than hear -- is not true music. Music is an art. True music is made up of the author's heart and soul.
This 'new' music sickens me. Bands that are created for the sole purpose of making money. This isn't music. It's just disgusting.
The Backstreet Boys are very talented individuals, but as far as I'm concerned, they're not doing anyone a favor.
Perhaps he does, but you misunderstand how much a browser knows. The browser has the ability to detect whether or not the image within a page is from the requested domain. The browser is well aware of whatever is in its location field. If the domain doesn't match up with the domain in 'location', it doesn't send the cookie.
Now whether or not this WORKS, I'm not sure, but in theory, it's very possible, and this is what the original poster was describing, not persistent HTTP connections. As you pointed out, it's impossible to persist between two domains.
This is similar to when the browser warns you when you've requested a secure document and have been forwarded to an insecure document.
Yes, and you can also build a low-end pentium to put in your trunk, write some software, build a wiring harness to re-wire your dash, filter and regulate a power supply, and wait for seconds-to-minutes for this device to boot up to play MP3's in your car, OR you could go to the car hardware section of mp3.com to find a device that can do it for you.
My point is that the Tivo is a consumer device. They want people to be able to buy these things at Wal-Mart, not to have to build them themselves. Sure, if you want to spend your own time and energy building one, more power to you. That's what the hacker thing is all about, but if I needed such a device, I'd go out and buy one.
I've seen a similar message on our Prevue Channel (the channel that tells what's on each channel for the next hour 1/2). Somehing like "Insert Laser Disc and Press Any Key To Continue" up there for hours at a time. With a [Copyright 19xx Commodore Amiga Corp.] or something at the bottom.
I can't count the pointless tests and exams that required the students to memorize obscure numbers/events/dates/properties rather than actually understand the problem, and actually THINK about an answer.
I had a paper based Computer Education test in high school that asked "Which of the following key sequesnces does a compile?" (we were at desks, and not allowed to use the computers for the test) A) ALT - R - C - ENTER - ENTER B) ALT - R - F9 - ENTER C) CTRL - V - M - ENTER D) ALT - R - C - C - ENTER
I was extremely put off at this, being at the top of my class, yet not knowing the answer to this question. Of coutse I knew how to compile, and I usually used a CTRL-F9 (or something like that) key sequence. I don't memorize the menus in every software product I use. And if for some reason, I DID need to know what the third item on the RUN menu is, I could simply _click_ the run menu and find out..
The teacher for that class didn't really have much of a clue, but this is just one example of my miseducation.
In my experience, and speaking generally, unix/linux/*bsd users are too paranoid to get a virus.
We often gruel over things like md5's and we encrypt our email with 1024bit encryption.
It's the same thing as any other OS. If you have stupid users (and by stupid, I mean ignorant and uneducated) with access to things they shouldn't have access to (the windows Registry, or a root acct.), Bad Things are bound to happen.
I think most of us are misunderstanding exactly WHAT they're trying to patent. This is NOT about using wildcard DNS. This has been around for years. I remember having a *.spatula.ml.org go through an index.cgi that parsed the headers to figure out what * was, then redirect the browser to the proper URL, this was before I knew that most webservers already have this built in as session management.
The idea is tracking a user session through the HOSTNAME part of the URL, not through the CGI parameter part (everything after the ?).
The url calculator, *.really.fuckingsucks.com, and even my cgi redirector are NOT forms of session management. They just use the host as a variable.
It's actually a pretty simple concept. Why didn't _I_ think of it? (-:
Instead of implementing sessions in the DNS, what they're really doing is accepting a wildcard.
For instance, if I were to run a site at example.com, I could start my splash page at www.example.com, then when a user gets there, redirect them to a1231376213.example.com, because *.example.com point at the same IP.
Now, instead of remembering to append "&urltoken=a1231376213" to every form and link on my site, I can get check the http headers to see what domain the user is requesting, and determine that their session number is a1231376213 based on that.
Browsers automagiacally keep the same host name accross http requests unless told not to (by using an absolute URL).
I hope someone finds prior art. I want to use this. (-:
In fact, most Linux users wouldn't touch AOL with a ten-foot pole.
This is true, but is their market really existing Linux users? No. Their market is people who want a cheap appliance to browse the web and do word processing. And that's what they'll get. So long as AOL on Linux is reliable, and the users aren't looking to run Photoshop, it'll fly. The main downside to these type of users is that their other main use for such an appliance would be game playing, but with more and more games breaking free^H^H^H^Hthrough to this new platform, that might not be such a concern.
While I believe that the domain SHOULD be turned over the the real OpenSSH people, I don't think that this should become a legal battle, or that he should in any way be FORCED to transfer the domain.
This brings to mind my paranoia. If users trust openSSH.com to distribute clean binaries, and the guy who owns openSSH.org decides that he will also start distributing his own binaries, we could be in for some trouble. Users downloading from openSSH.org might think that it is an official source for the binaries. These cannot be trusted. Look at the BitchX.net fiasco.
If I want to control a bunch of boxen, it would probably be trivial to modify the source of openSSH, giving it a backdoor, then put the binaries on openSSH.org and check my server logs to see where the comprimised systems would be.
I don't see how that could work. You only need READ access to an encrypted block to use the keys against it. In order to remove the block altogether, you'd need write access AND it would have to be the ONLY copy of the encrypted text.
I'm not American, so, if I'm way out of line on this, Blame Canada.
Doesn't the Fifth Amendment of your constitution make provisions to allow a defendant to refuse to incriminate themselves? Does this only apply to testimony? Would a key be considered evidence, or testimony? Would location of that key be considered testimony?
Perhaps the best idea that I have is to simply have a convincing fake on hand to lure would be lawyers into thinking something else when it's really not the case.
Woah. I think you might be on to something here.
I'm not a crypto guru. I barely understand public key encryption as it is, but here goes: What if an encryption scheme were devised where the plaintext is encrypted with two or more pivate keys (belonging to one person), plus the other key. The encrypted would decrypt to two or more different texts, depending which key is used.
So, I could encrypt "Meet me at midnight." and "Happy birthday, Ed." With two keys, into one block of encrypted text. Then, if I use my private key A, it returns "Meet me at midnight." and if I use my private key B, it returns "Happy birthday, Ed."
If we could somehow make the number of original plaintexts undetectable, could supply keys to those who demand them, where they would decrypt our code to get "Happy birthday, Ed." when the REAL secret was "Meet me at midnight."
I know I could've worded that better, but is this a possibility? Is it already being done? I know it's a little along the lines of Steganography, where the encrypted text is inserted into a piece of digital media, making it look less like an encrypted message.
Summary: If we could encode, say, 4 strings into one crypto block, and have it return different unencrypted text for 4 different keys, while keeping the number of original strings undeterminable, the party decyphering the string would never know if they have ALL of they keys, thus they would never know if they have the data that the sending party doesn't want them to see.
We have a Dual PII350 machine here in the office that was originally bought for 3D rendering, etc. It's running windows NT now, and is used mostly for backend web programming.
We had NT crash on us a while back (yeah yeah.. I know..) so we decided it would be good to run windows98 because of better hardware support for the VoodooBanshee we planned on puttin in there, as well as being able to run multiple monitors.
The speed decrease upon running a Non-SMP enabled OS wasn't significant. Well, that is, we didn't notice until we tried to burn a CD. The guy who usually uses this machine as a workstation was accustomed to working and burning at the same time. This is a joke with one processor on that machine.
I guess while in SMP mode, the machine monopolises one of the CPUs to handle I/O to the burner, and the other is put into the foreground.
If anyone is looking to grab a few domains, but is not ready to commit to a host/dns provider yet, I suggest you check out soa.granitecanyon.com.
They let you create your own A, CNAME, and MX records, so you can register through any registrar you want, and if you're without DNS, have them point at the granitecanyon set up for DNS resolution. This has saved me many a time.
You know, I think Apple has hit the nail directly on the head with their PDF engine for MacOSX. Vector based interfaces will be the future. Even if that vector art is rendered all purty-like to the point that it looks like raster art, I still believe that a vector based interface will prevail.
Why? I have a 19" Monitor at home that I use on my production machine at 1600x1200x32Bit. One of my roommates on the other hand, has a 14" monitor that he runs at 800x600x16bit. Look at Flash on the web. If I look at a properly done flash site, I can view it at full resolution, stretched to fill my screen, while he can do the same, and they look pretty much identical -- with the same piece of flash 'code'. I don't get pixel-chunky curves when the plugin 'stretches' the flash to full screen for me, and he doesn't lose too much quality when he views it at 1/4 my size, thanks to anti-aliasing.
As monitors get bigger and bigger, faster and faster, and we still need to (at least somewhat) support legacy displays, Vector based interfaces will play a large part in how we view our 'desktop'.
Slashdot Mirror
Had anyone actually seen or even heard of Topsy Turvy before last night? What's it about? Is it worth seeing?
Even though it didn't win any REAL awards (costume design IMHO is no a real award, and best makeup -- Fat Bastard's makeup was WAAAY better), I'm still curious about it.
For 200% PROFIT, I'd be willing to deal with a little 'hassle'. (-;
I did a quick search on EBay for I-Opener, and turned up a bunch of auctions. The I-Opener hardware might not be making the good folks at NetAppliance a ton of money, but this guy seems to be cashing in.
Linux Sombrero Rojo release 6.1 (La Bamba)
Kernel 0.9 on an i386-washedup
login:
Actually, believe it or not, I say Los Lobos last summer. They were pretty good. The did a big jam session that was pretty cool.
I'm not sure if I agree with you completely. As a musician, you must already understand that the cost of one recording is always going to be higher than the actual media. By the time you've factored in the cost of studio time, recording media (tapes), traycard and insert design, production, mastering, and misc. things like replacing guitar string/amp tubes, you're charging multiples of the actual media cost to break even.
But, I completely agree with your mentality. There's a sound bite at the start of Dave Matthews's performance of Long Black Veil on the Johnny Cash tribute album that goes something like this: "In an era of manufactured stars, this artist earned his fan the old fashioned way. He earned their devotion night after night on the road, putting on great shows, and letting word of mouth take care of the rest." This is that way real music SHOULD be. I've never seen DMB live, but I'm travelling 13 hours to see them this summer. The same thing happens with other bands. Look at Phish. I don't remember ever seeing a Phish music video. As far as I know, I've never seen a television commercial or magazine ad for Phish. Yet, almost eveyone I know, knows OF Phish, and many people love them.
Even though that's the way music SHOULD work, that's not the way it DOES work. It's very unfornute that the 'new' music we see -- yes, see more than hear -- is not true music. Music is an art. True music is made up of the author's heart and soul.
This 'new' music sickens me. Bands that are created for the sole purpose of making money. This isn't music. It's just disgusting.
The Backstreet Boys are very talented individuals, but as far as I'm concerned, they're not doing anyone a favor.
You misunderstand HTTP.
Perhaps he does, but you misunderstand how much a browser knows. The browser has the ability to detect whether or not the image within a page is from the requested domain. The browser is well aware of whatever is in its location field. If the domain doesn't match up with the domain in 'location', it doesn't send the cookie.
Now whether or not this WORKS, I'm not sure, but in theory, it's very possible, and this is what the original poster was describing, not persistent HTTP connections. As you pointed out, it's impossible to persist between two domains.
This is similar to when the browser warns you when you've requested a secure document and have been forwarded to an insecure document.
Yes, and you can also build a low-end pentium to put in your trunk, write some software, build a wiring harness to re-wire your dash, filter and regulate a power supply, and wait for seconds-to-minutes for this device to boot up to play MP3's in your car, OR you could go to the car hardware section of mp3.com to find a device that can do it for you.
My point is that the Tivo is a consumer device. They want people to be able to buy these things at Wal-Mart, not to have to build them themselves. Sure, if you want to spend your own time and energy building one, more power to you. That's what the hacker thing is all about, but if I needed such a device, I'd go out and buy one.
I've seen a similar message on our Prevue Channel (the channel that tells what's on each channel for the next hour 1/2). Somehing like "Insert Laser Disc and Press Any Key To Continue" up there for hours at a time. With a [Copyright 19xx Commodore Amiga Corp.] or something at the bottom.
Good old laser discs.
Exactly.
I can't count the pointless tests and exams that required the students to memorize obscure numbers/events/dates/properties rather than actually understand the problem, and actually THINK about an answer.
I had a paper based Computer Education test in high school that asked "Which of the following key sequesnces does a compile?" (we were at desks, and not allowed to use the computers for the test)
A) ALT - R - C - ENTER - ENTER
B) ALT - R - F9 - ENTER
C) CTRL - V - M - ENTER
D) ALT - R - C - C - ENTER
I was extremely put off at this, being at the top of my class, yet not knowing the answer to this question. Of coutse I knew how to compile, and I usually used a CTRL-F9 (or something like that) key sequence. I don't memorize the menus in every software product I use. And if for some reason, I DID need to know what the third item on the RUN menu is, I could simply _click_ the run menu and find out..
The teacher for that class didn't really have much of a clue, but this is just one example of my miseducation.
I think that's because the author attended and went to The International Academy of Redundancy and Repetitiveness.
In my experience, and speaking generally, unix/linux/*bsd users are too paranoid to get a virus.
We often gruel over things like md5's and we encrypt our email with 1024bit encryption.
It's the same thing as any other OS. If you have stupid users (and by stupid, I mean ignorant and uneducated) with access to things they shouldn't have access to (the windows Registry, or a root acct.), Bad Things are bound to happen.
Anyone know what Judge Palmer Robinson's email address is?
<snicker>
People, people.
I think most of us are misunderstanding exactly WHAT they're trying to patent. This is NOT about using wildcard DNS. This has been around for years. I remember having a *.spatula.ml.org go through an index.cgi that parsed the headers to figure out what * was, then redirect the browser to the proper URL, this was before I knew that most webservers already have this built in as session management.
The idea is tracking a user session through the HOSTNAME part of the URL, not through the CGI parameter part (everything after the ?).
The url calculator, *.really.fuckingsucks.com, and even my cgi redirector are NOT forms of session management. They just use the host as a variable.
It's actually a pretty simple concept. Why didn't _I_ think of it? (-:
Instead of implementing sessions in the DNS, what they're really doing is accepting a wildcard.
For instance, if I were to run a site at example.com, I could start my splash page at www.example.com, then when a user gets there, redirect them to a1231376213.example.com, because *.example.com point at the same IP.
Now, instead of remembering to append "&urltoken=a1231376213" to every form and link on my site, I can get check the http headers to see what domain the user is requesting, and determine that their session number is a1231376213 based on that.
Browsers automagiacally keep the same host name accross http requests unless told not to (by using an absolute URL).
I hope someone finds prior art. I want to use this. (-:
In fact, most Linux users wouldn't touch AOL with a ten-foot pole.
This is true, but is their market really existing Linux users? No. Their market is people who want a cheap appliance to browse the web and do word processing. And that's what they'll get. So long as AOL on Linux is reliable, and the users aren't looking to run Photoshop, it'll fly. The main downside to these type of users is that their other main use for such an appliance would be game playing, but with more and more games breaking free^H^H^H^Hthrough to this new platform, that might not be such a concern.
[rs.internic.net]
Whois Server Version 1.1
{snip}
No match for "PLEX86.NET".
No match for "PLEX86.COM".
Domain Name: PLEX86.ORG
Registrar: NETWORK SOLUTIONS, INC.
Whois Server: whois.networksolutions.com
Referral URL: www.networksolutions.com
Name Server: NS1.FASTXS.NET
Name Server: NS2.FASTXS.NET
Updated Date: 06-mar-2000
Wouldn't want to run into an OpenSSH'ish fiasco...
While I believe that the domain SHOULD be turned over the the real OpenSSH people, I don't think that this should become a legal battle, or that he should in any way be FORCED to transfer the domain.
This brings to mind my paranoia. If users trust openSSH.com to distribute clean binaries, and the guy who owns openSSH.org decides that he will also start distributing his own binaries, we could be in for some trouble. Users downloading from openSSH.org might think that it is an official source for the binaries. These cannot be trusted. Look at the BitchX.net fiasco.
If I want to control a bunch of boxen, it would probably be trivial to modify the source of openSSH, giving it a backdoor, then put the binaries on openSSH.org and check my server logs to see where the comprimised systems would be.
Like I said, I'm paranoid.
I don't see how that could work. You only need READ access to an encrypted block to use the keys against it. In order to remove the block altogether, you'd need write access AND it would have to be the ONLY copy of the encrypted text.
Does anybody know anything about mp3 players for your car (I've already seen the cassette adaptor, I'm talking about the real deal)?
Try mp3car.com. There's some cool stuff on there, including DIY info.
I'm not American, so, if I'm way out of line on this, Blame Canada.
Doesn't the Fifth Amendment of your constitution make provisions to allow a defendant to refuse to incriminate themselves? Does this only apply to testimony? Would a key be considered evidence, or testimony? Would location of that key be considered testimony?
Perhaps the best idea that I have is to simply have a convincing fake on hand to lure would be lawyers into thinking something else when it's really not the case.
Woah. I think you might be on to something here.
I'm not a crypto guru. I barely understand public key encryption as it is, but here goes:
What if an encryption scheme were devised where the plaintext is encrypted with two or more pivate keys (belonging to one person), plus the other key. The encrypted would decrypt to two or more different texts, depending which key is used.
So, I could encrypt "Meet me at midnight." and "Happy birthday, Ed." With two keys, into one block of encrypted text. Then, if I use my private key A, it returns "Meet me at midnight." and if I use my private key B, it returns "Happy birthday, Ed."
If we could somehow make the number of original plaintexts undetectable, could supply keys to those who demand them, where they would decrypt our code to get "Happy birthday, Ed." when the REAL secret was "Meet me at midnight."
I know I could've worded that better, but is this a possibility? Is it already being done? I know it's a little along the lines of Steganography, where the encrypted text is inserted into a piece of digital media, making it look less like an encrypted message.
Summary:
If we could encode, say, 4 strings into one crypto block, and have it return different unencrypted text for 4 different keys, while keeping the number of original strings undeterminable, the party decyphering the string would never know if they have ALL of they keys, thus they would never know if they have the data that the sending party doesn't want them to see.
We have a Dual PII350 machine here in the office that was originally bought for 3D rendering, etc. It's running windows NT now, and is used mostly for backend web programming.
We had NT crash on us a while back (yeah yeah.. I know..) so we decided it would be good to run windows98 because of better hardware support for the VoodooBanshee we planned on puttin in there, as well as being able to run multiple monitors.
The speed decrease upon running a Non-SMP enabled OS wasn't significant. Well, that is, we didn't notice until we tried to burn a CD. The guy who usually uses this machine as a workstation was accustomed to working and burning at the same time. This is a joke with one processor on that machine.
I guess while in SMP mode, the machine monopolises one of the CPUs to handle I/O to the burner, and the other is put into the foreground.
Just my 2 cents, though.
Who is HeUnique?
Is it Hemos?
Odd..
If anyone is looking to grab a few domains, but is not ready to commit to a host/dns provider yet, I suggest you check out soa.granitecanyon.com.
They let you create your own A, CNAME, and MX records, so you can register through any registrar you want, and if you're without DNS, have them point at the granitecanyon set up for DNS resolution. This has saved me many a time.
You know, I think Apple has hit the nail directly on the head with their PDF engine for MacOSX. Vector based interfaces will be the future. Even if that vector art is rendered all purty-like to the point that it looks like raster art, I still believe that a vector based interface will prevail.
Why? I have a 19" Monitor at home that I use on my production machine at 1600x1200x32Bit. One of my roommates on the other hand, has a 14" monitor that he runs at 800x600x16bit. Look at Flash on the web. If I look at a properly done flash site, I can view it at full resolution, stretched to fill my screen, while he can do the same, and they look pretty much identical -- with the same piece of flash 'code'. I don't get pixel-chunky curves when the plugin 'stretches' the flash to full screen for me, and he doesn't lose too much quality when he views it at 1/4 my size, thanks to anti-aliasing.
As monitors get bigger and bigger, faster and faster, and we still need to (at least somewhat) support legacy displays, Vector based interfaces will play a large part in how we view our 'desktop'.