They're against it because these mandated copy controls lower the value of their product, and so they will either sell fewer units, or have to sell them at a lower price. --
I've noticed that too. Seems like the best way to get moderated up is to begin your post with "I know I'll get moderated down for saying this, but...."
I think there ought to be a new category of "moderator baiting" for which one can be moderated down. --
bash holds your command history in memory and doesn't write it to a file until you logout.
ksh (the *real* ksh, not pdksh) writes every command to a file as you run it.
Why is this important? On the machines I administer (about 50 RS/6000s and 7 Sun boxen), I constantly find myself typing a complex command at the prompt, only to realize after I run it that I forgot to su first. With bash, this means I have to retype the whole command, or cut-n-paste from X. With ksh, after I su, I just type "ESC K K", and I've got the command back.
Just to put in my $.02 for "favorite flavor of Unix": (1) Irix 6.x, (2) Debian GNU/Linux. The BSDs are nice, but I prefer apt-get to the ports tree. Least favorite: SCO (*shudder*). --
The S&L scandal had nothing to do with liberalism or conservatism: it had to do with bad management.
In case anyone isn't old enough to remember what happened, in the early 80s S&Ls were deregulated to the point where they could actually loan themselves money: federally insured money. This opened the door for crooks like Keating (and GWB's brother Neil) to make high-risk investments *with federally insured money*. When they went belly up, the federal goverment had to bail them out, because the federal government had insured the money.
The fault lay not only with the crooks like Keating, but with the idiots under Reagan who let them do anything they want with federally insured money. That's bad management!
The only thing liberal or conservative about the whole mess was that a lot of the crooks were big-ticket Republican donors. --
The Congress may determine the time of choosing the electors, and the day on which they shall give their votes; which day shall be the same
throughout the United States.
It's clear that "which day shall be the same" is referring to "the day on which they [the electors] shall give their votes" (Dec. 18). There's nothing that requires that voting for the electors themselves must take place on the same day. If there were, early voting and absentee ballots sent by mail would be unconstitutional!
(Personally, I think voting by mail is a dreadful idea. Total lack of anonymity, and too much potential for fraud.) --
IE, at least on Windows, and in the versions I've tested on Linux, is just faster, more stable, more flexible in terms of add-ons it will accept without problems... better.
I see a lot of people outraged here, which I think comes from the American assumption that they're talking about *health* insurance here, which they're not.
Yes, it would be unfair to deny someone health insurance because of a genetic predisposition for a disease. (And as a poster above put it, this shows that insurance is a stupid system for delivering health care.)
But Britain has nationalized health care. (Which I wish we had in the US.) So they're talking about life insurance in the article. And allowing insurers to ask about Huntington's disease, including whether you've already been screened, is very reasonable. Otherwise, you've got a wide open chance for someone with the Huntington's gene to screw the insurance companies royally!
Think about it: suppose you knew that you had a genetic disease that pretty much guarantees that you'll die before age 50, but the insurance companies were prohibited from asking you. Wouldn't you go buy as much term life insurance as you possibly could? Have your benficiaries pay for it at a rate of 150%, skim that 50% off the top for yourself, and it would still be a good investment for them.
Americans: don't let your justifiable loathing of the health insurance companies and their support of a broken health-care system taint your opinion of other insurance companies, which are, in my experience, honest businesses that provide a good service. I do believe that access to quality health care should be a legal right. But life (and auto, and property) insurance should not be.
Claims: a method for increasing the number of points (karma) awarded to one's on-line persona for submitting material to an on-line, HTML-based message board which is moderated by its general readership, consisting of the following steps:
(1) Creation of a second on-line persona, distinct from the one to which the "karma" is to be awarded.
(2) Posting to the message board using the first on-line persona.
(3) Logging in to the message board using the second on-line persona.
(4) Using the message board's moderation system to rate the post by submitted as the first persona as "informative", "insightful", or "funny".
Re:I'm a Maths Graduate but ...
on
Does P = NP?
·
· Score: 2
I am of the opinion that NP = P (or not) is one of the hardest problems in mathematics...
It's not just your opinion: there's a sense in which you can prove it's one of the hardest problems in computer science.
In one of my complexity theory textbooks (I'll post title/author after I get off work), it's proved that a proof of P!=NP cannot be done with diagonalization, which is the traditional means of proving two classes distinct (think of the proof that there are more real numbers than rational numbers, or the proof that the halting problem cannot be solved by a Turing machine).
So if you're going to prove that P!=NP, you're going to have to come up with a whole new method of proof. (Note: this was around four years ago, and complexity theory is a rapidly-moving field, so there may be some advances I'm not aware of.)
Of course, proving P=NP will be easy, if it's true. Just find a polynomial time solution to a NP-complete problem.:) Which is what this paper claims to do.
2 years ago we had the bad kind of hacker: he rooted the whole damn system and never told us how they gained entry.
Damn, I can't believe I've been reading slashdot for that long!
I seem to recall consensus at the time was that the attacker probably got in through a hole in BIND 4.9.6, which was distributed with the version of RedHat (5.0? 5.1?) slashdot was running.
Ironically, however, the linux port of OpenBSD's ftpd was not vulnerable, because linux doesn't have proctitle, which is where the vulnerablity lay.
And IMHO, a world readable home directory is good for new users in a multi-user environment. That way, they can ask their colleages for help when they screw their.profile up, instead of bothering the overworked sysadmin.
Last time I installed Debian, I had to use fdisk to set up partitions, but maybe I just selected the advanced option. I dunno.
Anyway, unless the machine is a remote syslog server, this opens you up to (at most) a "local denial of service attack". And the only way to deal with those is with a baseball bat.
(2) Crypt instead of MD5 passwords.
The only advantage MD5 has over crypt is that you can chose passwords with more than 8 characters, and a larger salt to make dictionary building harder. Lousy passwords are lousy passwords, no matter how you hash them. And good passwords (8 characters, including non-alphanumerics) are good, even when they're hashed with crypt.
(3) Services in inetd. (discard, daytime, rsh, etc.)
Yeah, these should probably default to off, but none of them are security problems in and of themselves. It'd be nice to ship with openssh, but they can't do that until Sept. 20 when the RSA patent expires.
(4) dpkg not able to check signatures.
This is your one legitimate point.
(5) Home directories world readable, umask 022.
No real security problem here. If a user wants to hide something from prying eyes, they should learn about permissions, or better, how to use cryptography. In general, you shouldn't expect anything on a multi-user system to be private.
(6) LILO.
To "exploit" this, you'd need physical access, at which point the attacker could just as well boot off a floppy. If an attacker has physical access, the game is over.
IMHO, they shouldn't have even bothered with using "sulogin" when entering single user mode.
(7) Apache and ProFTPD versions.
Okay, Apache could stand to be updated, but the cross-site scripting hack is hardly a major security problem.
And your statement about ProFTPD 1.2.0pre10 being exploitable is just plain false! It's ProFTPD 1.2.0pre8 and earlier that have known root exploits.
IMHO they should be using the OpenBSD ftpd by default, but at least it's not wu-ftpd ("Providing remote root since 1994!"), which is the default ftp daemon on RedHat.
In general, I've found that Debian releases security patches just as fast as RedHat and SuSE, slightly quicker than Mandrake, and way quicker than Turbo and Caldera, which run about a week behind.
And the convenience of apt makes getting the security fixes much easier than trying to find a RedHat mirror that's both up-to-date and not completely overloaded.
the xbox might even be good for linux
on
Salon on the XBox
·
· Score: 1
The author makes a lot of good points about how the xbox could save gamers from the PC. (It's much too complex to be a good game development platform, and costs way more than a gaming console.)
This could, as a side effect, help Linux. After all, what's the only excuse geeks have these days for keeping Windows around? Games.
People want to be able to play games on their PCs: this ties them to Windows, and most people don't want to go to the trouble of dual-booting and learning the ins and outs of two different operating systems.
Frankly, I don't care too much for games, but I was reluctantly forced to install Windows at home because my wife wanted to play the Sims.
If there were a cheap console that could play the Sims, I would have bought one instead of having that revolting thing they call an OS from Redmond running on one of my PCs. (I've had more problems with Win98 than I have with Linux on any of the three platforms I run it on: x86, PPC, and Sparc.)
Wow, WWI and WWII were fought for the sake of Capitalism?
Funny, I thought the Allies (in both wars) were fighting against the Imperialist expansionism of Germany (and in WWII, Japan).
(And please don't trot out that old saw about "Nazi" being short for "National Socialism". Nazi Germany was about as socialist as the Democratic Republic of Germany (East Germany) was democratic.)
Don't forget, the USSR was one of the Allies in WWII. The millions of Russians who died (the USSR suffered more casualties in WWII than any other country) certainly didn't die for the sake of Capitalism.
People berate Katz for making everything into Corporatism vs. Individualism -- please don't one up him by making the entirety of 20th century history into a battle of Capitalism vs. Socialism.
Am I the only one amazed that people are more concerned about economic systems (Capitalism vs. Socialism) than they are about political systems (democracy vs. authoritarianism)? A country can be ruled by a brutal dictator, but if that dictator is friendly to the powerful property owners and U.S. corporations, they're a U.S. ally. That's sad. --
If you're interested in evangelizing open source to Mac developers, perhaps you should start with the one major open source success story on the Mac platform - John Norstad's NewsWatcher.
Since John Norstad released the code to NewsWatcher under a very permissive (BSD-like) license, it spawned a long list of feature-enhanced derivatives: YA-NewsWatcher, MT-NewsWatcher, WS-NewsWatcher, Value-Added NewsWatcher.
(And NewsWatcher and its derivatives are still the best news readers on any platform. Nothing compares on Unix or Win32.) --
However, it has been generally agreed that a binary that is prepared for use with a library is a derivative work. That's why GNU readline, for example, is GPLed, and (IIRC) the reasoning behind why NeXT had to release their Objective C compiler under the GPL. And that's the reasoning behind Sleepycat software's licensing of the Berkeley DBM libraries.
Now either copyright law permits the copyright holder on a library to restrict distribution of binaries that dynamically link to that library, or it doesn't.
If it does, then all we have is a semantic quibble over the meaning of "derivative work", since it is clearly the intention of the GPL to place restrictions on such distribution. In that case, then the conflict could be solved by distributing Qt under the GPL, with a footnote to the effect that dynamically linked binaries are considered to be a "derivative work". This would clearly be compatible with the GPL.
If it doesn't, then no license whatsoever will protect TrollTech from people who want to distribute proprietary binaries which dynamically link with Qt code. (As long as they don't also want to distribute Qt as part of the same package.)
When Erik Eng tries to explain why they didn't put the QT libraries under the GPL, he perpetuates the biggest myth about the GPL: that the GPL forbids making proprietary derivative works.
It doesn't. It just doesn't permit making proprietary derivative works. Copyright law forbids making derivative works without permission; licenses, such as the GPL, give that permission.
If TrollTech GPLed QT, they could still make money by selling it to people who wanted to use it for developing proprietary software. This is exactly what Sleepycat Software does. They make the ubiquitous Berkeley DB libraries, which are used for free software development under a very GPL-like license. (Essentially the GPL, without the long rant at the beginning.) But if you want to use their libraries to make proprietary software you pay them for a different license.
Maybe QT has other good reasons for not GPLing QT, but claiming that the GPLing it would preclude it's use for proprietary software development is just plain false. --
A guy in our local LUG (see URL above) once had an ethernet card catch on fire spontaneously. He showed us the wreckage of the box at a meeting. Damnedest thing I've ever seen. --
deducting donated software?
on
Copyrant
·
· Score: 1
From the article:
Microsoft, of course, can cheerfully continue to donate software licenses and take tax write-offs for the full retail price of the software, a strategy which saves them hundreds of millions of dollars in taxes every year at a cost to them of approximately zero.
Can someone with in expertise tax law tell us whether this is true? This strikes me as the sort of patent tax dodge that the IRS wouldn't stand for: just like a consultant can't take a tax deduction for time donated to a charitable organization. --
Slashdot Mirror
They're against it because these mandated copy controls lower the value of their product, and so they will either sell fewer units, or have to sell them at a lower price.
--
Umm... Because the government is the entity that granted the corporate shareholders the privilige of limited liability?
Or maybe you think that forming limited liability corporations is a natural right?
--
I've noticed that too. Seems like the best way to get moderated up is to begin your post with "I know I'll get moderated down for saying this, but...."
I think there ought to be a new category of "moderator baiting" for which one can be moderated down.
--
The one reason I prefer ksh to bash:
bash holds your command history in memory and doesn't write it to a file until you logout.
ksh (the *real* ksh, not pdksh) writes every command to a file as you run it.
Why is this important? On the machines I administer (about 50 RS/6000s and 7 Sun boxen), I constantly find myself typing a complex command at the prompt, only to realize after I run it that I forgot to su first. With bash, this means I have to retype the whole command, or cut-n-paste from X. With ksh, after I su, I just type "ESC K K", and I've got the command back.
Just to put in my $.02 for "favorite flavor of Unix": (1) Irix 6.x, (2) Debian GNU/Linux. The BSDs are nice, but I prefer apt-get to the ports tree. Least favorite: SCO (*shudder*).
--
I have been told by an Apple rep that the correct pronunciation is "ten".
--
It's called Turing's World, and it was written by John Barwise and John Etchemendy, philosophers at Stanford.
I never could have done the homework for my computability and logic class without it. Debugging turing machines on paper is a bitch!
--
The S&L scandal had nothing to do with liberalism or conservatism: it had to do with bad management.
In case anyone isn't old enough to remember what happened, in the early 80s S&Ls were deregulated to the point where they could actually loan themselves money: federally insured money. This opened the door for crooks like Keating (and GWB's brother Neil) to make high-risk investments *with federally insured money*. When they went belly up, the federal goverment had to bail them out, because the federal government had insured the money.
The fault lay not only with the crooks like Keating, but with the idiots under Reagan who let them do anything they want with federally insured money. That's bad management!
The only thing liberal or conservative about the whole mess was that a lot of the crooks were big-ticket Republican donors.
--
The Congress may determine the time of choosing the electors, and the day on which they shall give their votes; which day shall be the same throughout the United States.
It's clear that "which day shall be the same" is referring to "the day on which they [the electors] shall give their votes" (Dec. 18). There's nothing that requires that voting for the electors themselves must take place on the same day. If there were, early voting and absentee ballots sent by mail would be unconstitutional!
(Personally, I think voting by mail is a dreadful idea. Total lack of anonymity, and too much potential for fraud.)
--
Heinlein may have taken the quote from Joyce, but Joyce took it from the Bible (Exodus 2:22, KJV):
And she [Zipporah] bare him [Moses] a son, and he called his name Gershom: for he said, I have been a stranger in a strange land.
--
IE, at least on Windows, and in the versions I've tested on Linux, is just faster, more stable, more flexible in terms of add-ons it will accept without problems... better.
There's no such thing as IE for Linux.
--
I see a lot of people outraged here, which I think comes from the American assumption that they're talking about *health* insurance here, which they're not.
Yes, it would be unfair to deny someone health insurance because of a genetic predisposition for a disease. (And as a poster above put it, this shows that insurance is a stupid system for delivering health care.)
But Britain has nationalized health care. (Which I wish we had in the US.) So they're talking about life insurance in the article. And allowing insurers to ask about Huntington's disease, including whether you've already been screened, is very reasonable. Otherwise, you've got a wide open chance for someone with the Huntington's gene to screw the insurance companies royally!
Think about it: suppose you knew that you had a genetic disease that pretty much guarantees that you'll die before age 50, but the insurance companies were prohibited from asking you. Wouldn't you go buy as much term life insurance as you possibly could? Have your benficiaries pay for it at a rate of 150%, skim that 50% off the top for yourself, and it would still be a good investment for them.
Americans: don't let your justifiable loathing of the health insurance companies and their support of a broken health-care system taint your opinion of other insurance companies, which are, in my experience, honest businesses that provide a good service. I do believe that access to quality health care should be a legal right. But life (and auto, and property) insurance should not be.
Claims: a method for increasing the number of points (karma) awarded to one's on-line persona for submitting material to an on-line, HTML-based message board which is moderated by its general readership, consisting of the following steps:
(1) Creation of a second on-line persona, distinct from the one to which the "karma" is to be awarded.
(2) Posting to the message board using the first on-line persona.
(3) Logging in to the message board using the second on-line persona.
(4) Using the message board's moderation system to rate the post by submitted as the first persona as "informative", "insightful", or "funny".
It's not just your opinion: there's a sense in which you can prove it's one of the hardest problems in computer science.
In one of my complexity theory textbooks (I'll post title/author after I get off work), it's proved that a proof of P!=NP cannot be done with diagonalization, which is the traditional means of proving two classes distinct (think of the proof that there are more real numbers than rational numbers, or the proof that the halting problem cannot be solved by a Turing machine).
So if you're going to prove that P!=NP, you're going to have to come up with a whole new method of proof. (Note: this was around four years ago, and complexity theory is a rapidly-moving field, so there may be some advances I'm not aware of.)
Of course, proving P=NP will be easy, if it's true. Just find a polynomial time solution to a NP-complete problem. :) Which is what this paper claims to do.
Damn, I can't believe I've been reading slashdot for that long!
I seem to recall consensus at the time was that the attacker probably got in through a hole in BIND 4.9.6, which was distributed with the version of RedHat (5.0? 5.1?) slashdot was running.
--
Actually, Linus Torvalds is 30. His birthday is December 28, 1969.
--
Ironically, however, the linux port of OpenBSD's ftpd was not vulnerable, because linux doesn't have proctitle, which is where the vulnerablity lay.
.profile up, instead of bothering the overworked sysadmin.
And IMHO, a world readable home directory is good for new users in a multi-user environment. That way, they can ask their colleages for help when they screw their
At any rate, it's not a security problem.
(1) "Defaulting to one partition."
Last time I installed Debian, I had to use fdisk to set up partitions, but maybe I just selected the advanced option. I dunno.
Anyway, unless the machine is a remote syslog server, this opens you up to (at most) a "local denial of service attack". And the only way to deal with those is with a baseball bat.
(2) Crypt instead of MD5 passwords.
The only advantage MD5 has over crypt is that you can chose passwords with more than 8 characters, and a larger salt to make dictionary building harder. Lousy passwords are lousy passwords, no matter how you hash them. And good passwords (8 characters, including non-alphanumerics) are good, even when they're hashed with crypt.
(3) Services in inetd. (discard, daytime, rsh, etc.)
Yeah, these should probably default to off, but none of them are security problems in and of themselves. It'd be nice to ship with openssh, but they can't do that until Sept. 20 when the RSA patent expires.
(4) dpkg not able to check signatures.
This is your one legitimate point.
(5) Home directories world readable, umask 022.
No real security problem here. If a user wants to hide something from prying eyes, they should learn about permissions, or better, how to use cryptography. In general, you shouldn't expect anything on a multi-user system to be private.
(6) LILO.
To "exploit" this, you'd need physical access, at which point the attacker could just as well boot off a floppy. If an attacker has physical access, the game is over.
IMHO, they shouldn't have even bothered with using "sulogin" when entering single user mode.
(7) Apache and ProFTPD versions.
Okay, Apache could stand to be updated, but the cross-site scripting hack is hardly a major security problem.
And your statement about ProFTPD 1.2.0pre10 being exploitable is just plain false! It's ProFTPD 1.2.0pre8 and earlier that have known root exploits.
IMHO they should be using the OpenBSD ftpd by default, but at least it's not wu-ftpd ("Providing remote root since 1994!"), which is the default ftp daemon on RedHat.
In general, I've found that Debian releases security patches just as fast as RedHat and SuSE, slightly quicker than Mandrake, and way quicker than Turbo and Caldera, which run about a week behind.
And the convenience of apt makes getting the security fixes much easier than trying to find a RedHat mirror that's both up-to-date and not completely overloaded.
The author makes a lot of good points about how the xbox could save gamers from the PC. (It's much too complex to be a good game development platform, and costs way more than a gaming console.)
This could, as a side effect, help Linux. After all, what's the only excuse geeks have these days for keeping Windows around? Games.
People want to be able to play games on their PCs: this ties them to Windows, and most people don't want to go to the trouble of dual-booting and learning the ins and outs of two different operating systems.
Frankly, I don't care too much for games, but I was reluctantly forced to install Windows at home because my wife wanted to play the Sims.
If there were a cheap console that could play the Sims, I would have bought one instead of having that revolting thing they call an OS from Redmond running on one of my PCs. (I've had more problems with Win98 than I have with Linux on any of the three platforms I run it on: x86, PPC, and Sparc.)
Maybe they should replace the director and screenwriter with CGI as well. It would be an improvement over the Phantom Menace.
Wow, WWI and WWII were fought for the sake of Capitalism?
Funny, I thought the Allies (in both wars) were fighting against the Imperialist expansionism of Germany (and in WWII, Japan).
(And please don't trot out that old saw about "Nazi" being short for "National Socialism". Nazi Germany was about as socialist as the Democratic Republic of Germany (East Germany) was democratic.)
Don't forget, the USSR was one of the Allies in WWII. The millions of Russians who died (the USSR suffered more casualties in WWII than any other country) certainly didn't die for the sake of Capitalism.
People berate Katz for making everything into Corporatism vs. Individualism -- please don't one up him by making the entirety of 20th century history into a battle of Capitalism vs. Socialism.
Am I the only one amazed that people are more concerned about economic systems (Capitalism vs. Socialism) than they are about political systems (democracy vs. authoritarianism)? A country can be ruled by a brutal dictator, but if that dictator is friendly to the powerful property owners and U.S. corporations, they're a U.S. ally. That's sad.
--
If you're interested in evangelizing open source to Mac developers, perhaps you should start with the one major open source success story on the Mac platform - John Norstad's NewsWatcher.
Since John Norstad released the code to NewsWatcher under a very permissive (BSD-like) license, it spawned a long list of feature-enhanced derivatives: YA-NewsWatcher, MT-NewsWatcher, WS-NewsWatcher, Value-Added NewsWatcher.
(And NewsWatcher and its derivatives are still the best news readers on any platform. Nothing compares on Unix or Win32.)
--
Point taken. I had misread a crucial sentence.
However, it has been generally agreed that a binary that is prepared for use with a library is a derivative work. That's why GNU readline, for example, is GPLed, and (IIRC) the reasoning behind why NeXT had to release their Objective C compiler under the GPL. And that's the reasoning behind Sleepycat software's licensing of the Berkeley DBM libraries.
Now either copyright law permits the copyright holder on a library to restrict distribution of binaries that dynamically link to that library, or it doesn't.
If it does, then all we have is a semantic quibble over the meaning of "derivative work", since it is clearly the intention of the GPL to place restrictions on such distribution. In that case, then the conflict could be solved by distributing Qt under the GPL, with a footnote to the effect that dynamically linked binaries are considered to be a "derivative work". This would clearly be compatible with the GPL.
If it doesn't, then no license whatsoever will protect TrollTech from people who want to distribute proprietary binaries which dynamically link with Qt code. (As long as they don't also want to distribute Qt as part of the same package.)
--
When Erik Eng tries to explain why they didn't put the QT libraries under the GPL, he perpetuates the biggest myth about the GPL: that the GPL forbids making proprietary derivative works.
It doesn't. It just doesn't permit making proprietary derivative works. Copyright law forbids making derivative works without permission; licenses, such as the GPL, give that permission.
If TrollTech GPLed QT, they could still make money by selling it to people who wanted to use it for developing proprietary software. This is exactly what Sleepycat Software does. They make the ubiquitous Berkeley DB libraries, which are used for free software development under a very GPL-like license. (Essentially the GPL, without the long rant at the beginning.) But if you want to use their libraries to make proprietary software you pay them for a different license.
Maybe QT has other good reasons for not GPLing QT, but claiming that the GPLing it would preclude it's use for proprietary software development is just plain false.
--
A guy in our local LUG (see URL above) once had an ethernet card catch on fire spontaneously. He showed us the wreckage of the box at a meeting. Damnedest thing I've ever seen.
--
Microsoft, of course, can cheerfully continue to donate software licenses and take tax write-offs for the full retail price of the software, a strategy which saves them hundreds of millions of dollars in taxes every year at a cost to them of approximately zero.
Can someone with in expertise tax law tell us whether this is true? This strikes me as the sort of patent tax dodge that the IRS wouldn't stand for: just like a consultant can't take a tax deduction for time donated to a charitable organization.
--