Sorry, restores are even more important. I hope you check your backup strategy by trying a recovery every so often. Many a time I have heard people who "thought they had a backup" and then it turns out that the thing that was being backed up was in an inconsistent state.
All these people posting anonymously. Nobody should punish you becase you run Microsoft, you must suffer enough already. However the original poster and the replies really put their finger on it.
MS Exchange isn't a bad thing. It is quite useful and a lot easier than having zillions of mail files. Unfortunately, being proprietary, it is difficult to repair because you don't have the sources to hack around yourself. Even if a standard MS database was used like SQL Server, there would be more possibility of sucessfully repairing the thing. With a fully open-source message repository, it would be even better.
Fork isn't just a four letter word!!!!
on
Debian And WineX
·
· Score: 2
There is no problem at all. When a project has been GPLed, the author loses a very important piece of control. If the author isn't willing to continue development of the open source version, someone else can continue with it. The same goes for reduced open source functionality with a second commercial licence with more functionality. There is nothing to stop the open source community from taking over and extending the software in the public domain.
Not if you are on ADSL or broadband (the DOSer's favourite target). You have a permanent link to the net, the links are usually programmed to resestablish themselves automatically. The ISP will usually then allocate a fresh IP address for each connection attempt. Total timout, a few seconds.
AFAIK, IPV6 has some optional facilities for cryptographically signing router updates. Some major backbones are V6 but the real world isn't.
The other issue is variable IP. Many broadband users are given a variable IP to stop their customers from running servers. Once a user has bust a quote for a given IP address, they can just reconnect and probably get a new IP assigned and repeat the process. They may get the ISP address pool blocked, but that is an issue by itself if the ISP is big enough.
North Islander: Nah, not us, its those hicks down in the south island.
South Islander: Nah, not us, its those guys in the next valley, could swear they were a little strange.
The Kiwis have a strong suspicion that some of them have gone a little "too rural", which is why many there consider Denial of Service as a ewe with a chastity belt.
The Ozzies get upset if you suggest that they have án unnatural relationship with sheep. Personally, I reckon it's guilt.
I believe that was the one that I saw a little of. It doesn't really compare of course, to the copies taken from DVDs (interestingly enough, from DVDs distributed within the industry). Those are threatening, because they are as good or better than VHS. I have a bad but legal version of the Empire Strikes Back on VHS, and a pirate copy on CD. I reckon that given the fact I'm stuck overseas and can not replace the bad video, I am sort of entitled to a decent copy. As it happens, the CD is much better than VHS.
Ok, this is an old film, but what about those Screeners of LOTR floating around?
We have a http filter here that protects against things such as www.sex.com (being PC, it also stops theOnion and fuckedcompany). They even filter out the fish, in case you use it as a proxy to get non-PC pages.
Unfortunately, it doesn't protect against 'cekc' (I can't be bothered to get type this in Cyrillic here).
We have had a stockmarket crash since last year, well maybe not a real sudden crash but between the dot-bomb of last summer and 9/11, the markets haven't been doing well and people aren't spending money (Retail figures are down). In Europe, the Euro has proved a useful excuse for everyone including the main cinema theatre chains to pump up prices.
If I produced any non-essential in such an environment, I would expect sales to be somewhat depressed. Sorry guys, Cinema isn't an essential. Produce a good movie, such as Spidey then we will probably go and see it. Unfortunate the industry distrubutes a lot of rubbish. I say distributes advisedly because some good stuff is produced (even ocassionally inside the studio system). However, it often doesn't get out unless it fits the business model of the season.
I want more creatives like this guy to stand up and say where the MPAA is getting things wrong when it tries for ever more content protection.
Some people may have heard about the much trumpeted Spidey raid in the UK. What was being (expensively) copied onto DVD? The only version I have seen listed would fit into a small part of a CD and as someone else commented who has seen it, the quality was barely worth the effort of watching. Maybe the industry itself has problems with higher quality masters escaping?
Last point in this ramble, the Gruniad article made the very good point that having a secure digital chain between distributor and projector is a great way of locking other content producers out of the theatre.
Bio-weapons are banned for some very good reasons. It is very difficult to differentiate between a manufacturing plant that produces one kind of weaponised bug to another that perhaps produces something a good deal more lethal to humans.
Simple weed-killer (a non-human chemical weapon) in the form of "Agent Orange" caused enough problems (and court cases from soldier/airmen) who were harmed whilst handling the stuff.
Last point, is how to educate these little critters as that eating your own creator's stuff is unamerican? Sorry, cordite is cordite and explosives are explosives.
Some idiots don't know the reason behind this other DECSS program. If so many MPAA droids are pouring over web-sites trying to decide where to launch their next legal salvo at, it kind of gets interesting when there is a totally 100% legal program also called DECSS out there as well.
As far as HARM-type missles are concerned (which home in on EM radiation), one only need look at the use example of the Serbs where they suffered a devestating series of attacks, but mostly on microwave ovens.
Um nope. The military uses a lot of standard stuff like Fortezza (uses the Capstone algorithms)as well as other stuff. Interestingly enough the military has had a traditional fondness for stream ciphers but hasn't made so much use of block ciphers which is one of the main differenceds between military and civilian cryptography.
The technologies in deployment are far from cutting edge because it takes so long for technologies to be deployed. As far as frequency agile communications are concerned, they are jamming and intercept resistant, but they are hardly jamming or intercept-proof.
The last point is that equipment in action over enemy terroritory can be lost, so any hardware is vulnerable to capture.
I know that this is not the place where we like this, but whether you are in the UK or the US, somebody is out there telling us this. It is very difficult to explain that those organisations that protect us don't do so without promptly being branded a snivvelling crypto-marxist/Islamic Terrorist sympathisers by the stupid white men and their cronies. They like to tell us Trust Us, but this case is a very good exmple of the danger of doing so.
It is kind of frightening, but most people will gladly hand over their freedom to some anonymous government agency "because they know best". These people do not read Slashdot or Risks and certainly not extreme left-wing journals like The Guardian. They know that strong government is good government, etc., and examples like this are needed to show that even if an organisation isn't corrupt, it is composed of individuals who may be.
It is theoretically nice to have a trusted someone that checks all our correspondence, etc., but any organisation is full of human beings who may be fallible.
Anyone who thought that the FBI is beyond reproach only had to look at the Hanssen case. This one, however, is even more interesting because it represents commercial use of sensitive information. I will treasure this as an example of why Governments should also have a 'need-to-know' applied to them.
Kazaa without Authentication?
on
KaZaA Collapses
·
· Score: 2
In my understanding, Kazaa relies on user/client authentication by a server. This will ensure that the client is the one that is full of spyware etc. However, it was determined during the Morpheus collapse that if there was no logon server, the older Morpheus client could contuinue (it was just a one-time lock out in the registry that prevented the client from continuing).
Is this true? Regrettably, Gnutella doesn't seem to be as effective for P2P, so it would be good if Kazaa clients can continue. In particular, it is plagued by tar-pits, that is people setting themselves up as supernodes or for unlimited uploading without having adequte processing power or bandwidth.
Interesting but confusing system, must make it fun to index these cases. In England/Wales they have the Queen vs. whoever for any case launched for or against the state.
It is an interesting issue because if licensed software can be terminated so easily, how can it be treated as an asset on the balance sheet? It is always a risk that support could be withdrawn, but if the right to use can also be be taken away, it kind of makes a good argument for Open Source software, particularly those licenses which are irrevokable.
I am not Phil but I worked on PGP 1.x through 2.x or so, mostly on one of the ports. First a bit of history.
Theoretically PGP in the early days could use RSAREF from RSA Labs but it needed some calls that were not in the published interface and thus broke RSA Labs non-commercial licence.
The thing is that Phil requested that none of our software was GPLed as he wanted to try to use parts of it commercially. Fair enough, he would keep the non-commercial version as open as he could. Actually it was pretty open by then because contributors were working in France, Germany, even, I think, Russia.
When the program was first passed to Viacrypt. They had there own licensed RSA engine and could drop it into PGP. However PGP still used another patented algorithm, IDEA. This had to be licensed (about $15) for commercial users.
Viacrypt then got swallowed by NAI or at least PGP was transferred with it together with Phil Zimmerman. PGP moved away from algorithms like RSA and IDEA so didn't have so many patent issues. We ended up through Phil's efforts with a version of PGP free for non-commercial use an a licensed version for the corporates. However, many of the platforms were dropped.
The source code of PGP was printed by MIT in an OCR freindly font and the whole thing was exported legally to Norway, scanned nd put up on the pgpi server. Later, NAI did something similar to get the code to their office in Switzerland and with the availability of commercial PGP in Europe, the free version went non-commercial only.
NAI stopped publishing source code after 6.5.8 so a lot of people stopped there with that release. Strangely, a commercially licensed user was not allowed to recompile from the free source.
Ok, history lesson over. PGP always has had a bit of a chequered past because some people don't like it one little bit. It was a difficult product to sell but NAI seemed to have had a steady business with it. That they dropped it after 9/11 came as no suprise to anyone (it may have been making money but not enough to want to compromise sales of other s/w to the US government). However, in the background we have the OpenPGP standard (well, RFC) being developed that gave a chance for other interoperable programs like GnuPG to be developed. This project has the backing of the German government, who seem to believe in strong encryption for the masses. The software is currently far from perfect (try recompiling the Windows version), but it works and without the patented algorithms. There are some front-ends that make it reasonably user friendly. It isn't there yet, but it will be.
In the mean time, I have seen PGP in use in Central Asia, not by terrorists, but by a Central Bank for interbank money transfers. That terrorists and criminals have used PGP is certain, but so do people like Amnesty and the Red-Cross. The use of PGP to co-ordinate attacks against the US is a massive red-herring to cover up incompetence by the FBI and INS.
In my understanding. This is a partial release (a little like the WinCE offering). This means that you may be able to build parts of the OS but not the entire OS or what was shipped.
The caveat is that you get code, but not the right to correct it. the advantage really being for those people who need an exact knowledge of the internal APIs (think Citrix).
Sorry I'm not a Code Janitor, I'm a software archeologist. The code is the documentation for the older stuff so you have to dig deep and extract meaning from the Cobol crud here (which is still being written).
It is a side comment to the porinciple of The Cab Rank Rule, but this is also one of the reasons that the death penalty was dropped in England and Wales. When a capital offence was to be tried, if the defendant did not have anyone suitable, a solicitor and barrister would be appointed (the appointment could be theoretically refused, but couldn't be in practice). They would be paid out of the public purse but as they were expected to be the best, this was at a substantial discount to their normal fees. Whether or not the solitor/barrister had any qualms about the death penalty, they hated to be tied up in a murder case which they couldn't refuse.
Digital used to like using TLAs in its operating systems. Their security stuff introduced around V4.5 included three data structures: KGB, CIA and NSA.
These actually referred to "Key Grant Block", "Compound Intrusion Analysis" and "Notional Security Access". Nothing too bad there and the source listings were provided for a while with VMS so you could verify that this was just an elaborate joke.
Maybe NSAkey is just someone's idea of a joke but unless we have sources , we can't tell. Some people outside MS have access to partial source, but their souls are mortgaged with an NDA, so they can't even tell us if it is in their sources.
Slashdot Mirror
Sorry, restores are even more important. I hope you check your backup strategy by trying a recovery every so often. Many a time I have heard people who "thought they had a backup" and then it turns out that the thing that was being backed up was in an inconsistent state.
MS Exchange isn't a bad thing. It is quite useful and a lot easier than having zillions of mail files. Unfortunately, being proprietary, it is difficult to repair because you don't have the sources to hack around yourself. Even if a standard MS database was used like SQL Server, there would be more possibility of sucessfully repairing the thing. With a fully open-source message repository, it would be even better.
There is no problem at all. When a project has been GPLed, the author loses a very important piece of control. If the author isn't willing to continue development of the open source version, someone else can continue with it. The same goes for reduced open source functionality with a second commercial licence with more functionality. There is nothing to stop the open source community from taking over and extending the software in the public domain.
Not if you are on ADSL or broadband (the DOSer's favourite target). You have a permanent link to the net, the links are usually programmed to resestablish themselves automatically. The ISP will usually then allocate a fresh IP address for each connection attempt. Total timout, a few seconds.
The other issue is variable IP. Many broadband users are given a variable IP to stop their customers from running servers. Once a user has bust a quote for a given IP address, they can just reconnect and probably get a new IP assigned and repeat the process. They may get the ISP address pool blocked, but that is an issue by itself if the ISP is big enough.
The Kiwis have a strong suspicion that some of them have gone a little "too rural", which is why many there consider Denial of Service as a ewe with a chastity belt.
The Ozzies get upset if you suggest that they have án unnatural relationship with sheep. Personally, I reckon it's guilt.
Ok, this is an old film, but what about those Screeners of LOTR floating around?
Unfortunately, it doesn't protect against 'cekc' (I can't be bothered to get type this in Cyrillic here).
If I produced any non-essential in such an environment, I would expect sales to be somewhat depressed. Sorry guys, Cinema isn't an essential. Produce a good movie, such as Spidey then we will probably go and see it. Unfortunate the industry distrubutes a lot of rubbish. I say distributes advisedly because some good stuff is produced (even ocassionally inside the studio system). However, it often doesn't get out unless it fits the business model of the season.
I want more creatives like this guy to stand up and say where the MPAA is getting things wrong when it tries for ever more content protection.
Some people may have heard about the much trumpeted Spidey raid in the UK. What was being (expensively) copied onto DVD? The only version I have seen listed would fit into a small part of a CD and as someone else commented who has seen it, the quality was barely worth the effort of watching. Maybe the industry itself has problems with higher quality masters escaping?
Last point in this ramble, the Gruniad article made the very good point that having a secure digital chain between distributor and projector is a great way of locking other content producers out of the theatre.
Simple weed-killer (a non-human chemical weapon) in the form of "Agent Orange" caused enough problems (and court cases from soldier/airmen) who were harmed whilst handling the stuff.
Last point, is how to educate these little critters as that eating your own creator's stuff is unamerican? Sorry, cordite is cordite and explosives are explosives.
Some idiots don't know the reason behind this other DECSS program. If so many MPAA droids are pouring over web-sites trying to decide where to launch their next legal salvo at, it kind of gets interesting when there is a totally 100% legal program also called DECSS out there as well.
As far as HARM-type missles are concerned (which home in on EM radiation), one only need look at the use example of the Serbs where they suffered a devestating series of attacks, but mostly on microwave ovens.
The technologies in deployment are far from cutting edge because it takes so long for technologies to be deployed. As far as frequency agile communications are concerned, they are jamming and intercept resistant, but they are hardly jamming or intercept-proof.
The last point is that equipment in action over enemy terroritory can be lost, so any hardware is vulnerable to capture.
It is kind of frightening, but most people will gladly hand over their freedom to some anonymous government agency "because they know best". These people do not read Slashdot or Risks and certainly not extreme left-wing journals like The Guardian. They know that strong government is good government, etc., and examples like this are needed to show that even if an organisation isn't corrupt, it is composed of individuals who may be.
Anyone who thought that the FBI is beyond reproach only had to look at the Hanssen case. This one, however, is even more interesting because it represents commercial use of sensitive information. I will treasure this as an example of why Governments should also have a 'need-to-know' applied to them.
Is this true? Regrettably, Gnutella doesn't seem to be as effective for P2P, so it would be good if Kazaa clients can continue. In particular, it is plagued by tar-pits, that is people setting themselves up as supernodes or for unlimited uploading without having adequte processing power or bandwidth.
Interesting but confusing system, must make it fun to index these cases. In England/Wales they have the Queen vs. whoever for any case launched for or against the state.
Hey, can I come as Captain Kirk's Hairpiece? It was certainly more sentient than what was under it.
It is an interesting issue because if licensed software can be terminated so easily, how can it be treated as an asset on the balance sheet? It is always a risk that support could be withdrawn, but if the right to use can also be be taken away, it kind of makes a good argument for Open Source software, particularly those licenses which are irrevokable.
Theoretically PGP in the early days could use RSAREF from RSA Labs but it needed some calls that were not in the published interface and thus broke RSA Labs non-commercial licence.
The thing is that Phil requested that none of our software was GPLed as he wanted to try to use parts of it commercially. Fair enough, he would keep the non-commercial version as open as he could. Actually it was pretty open by then because contributors were working in France, Germany, even, I think, Russia.
When the program was first passed to Viacrypt. They had there own licensed RSA engine and could drop it into PGP. However PGP still used another patented algorithm, IDEA. This had to be licensed (about $15) for commercial users.
Viacrypt then got swallowed by NAI or at least PGP was transferred with it together with Phil Zimmerman. PGP moved away from algorithms like RSA and IDEA so didn't have so many patent issues. We ended up through Phil's efforts with a version of PGP free for non-commercial use an a licensed version for the corporates. However, many of the platforms were dropped.
The source code of PGP was printed by MIT in an OCR freindly font and the whole thing was exported legally to Norway, scanned nd put up on the pgpi server. Later, NAI did something similar to get the code to their office in Switzerland and with the availability of commercial PGP in Europe, the free version went non-commercial only.
NAI stopped publishing source code after 6.5.8 so a lot of people stopped there with that release. Strangely, a commercially licensed user was not allowed to recompile from the free source.
Ok, history lesson over. PGP always has had a bit of a chequered past because some people don't like it one little bit. It was a difficult product to sell but NAI seemed to have had a steady business with it. That they dropped it after 9/11 came as no suprise to anyone (it may have been making money but not enough to want to compromise sales of other s/w to the US government). However, in the background we have the OpenPGP standard (well, RFC) being developed that gave a chance for other interoperable programs like GnuPG to be developed. This project has the backing of the German government, who seem to believe in strong encryption for the masses. The software is currently far from perfect (try recompiling the Windows version), but it works and without the patented algorithms. There are some front-ends that make it reasonably user friendly. It isn't there yet, but it will be.
In the mean time, I have seen PGP in use in Central Asia, not by terrorists, but by a Central Bank for interbank money transfers. That terrorists and criminals have used PGP is certain, but so do people like Amnesty and the Red-Cross. The use of PGP to co-ordinate attacks against the US is a massive red-herring to cover up incompetence by the FBI and INS.
The caveat is that you get code, but not the right to correct it. the advantage really being for those people who need an exact knowledge of the internal APIs (think Citrix).
Sorry I'm not a Code Janitor, I'm a software archeologist. The code is the documentation for the older stuff so you have to dig deep and extract meaning from the Cobol crud here (which is still being written).
It is a side comment to the porinciple of The Cab Rank Rule, but this is also one of the reasons that the death penalty was dropped in England and Wales. When a capital offence was to be tried, if the defendant did not have anyone suitable, a solicitor and barrister would be appointed (the appointment could be theoretically refused, but couldn't be in practice). They would be paid out of the public purse but as they were expected to be the best, this was at a substantial discount to their normal fees. Whether or not the solitor/barrister had any qualms about the death penalty, they hated to be tied up in a murder case which they couldn't refuse.
These actually referred to "Key Grant Block", "Compound Intrusion Analysis" and "Notional Security Access". Nothing too bad there and the source listings were provided for a while with VMS so you could verify that this was just an elaborate joke.
Maybe NSAkey is just someone's idea of a joke but unless we have sources , we can't tell. Some people outside MS have access to partial source, but their souls are mortgaged with an NDA, so they can't even tell us if it is in their sources.
You forgot OTC derivatives. Very good way of laundering lots of money!