Glad you agree, even if I didn't express myself well. I guess the obvious question now is: is the WMF specification public? Again, there are several non-MS tools that deal in WMF files.
Take for example a Word document that has an Excel graph embedded in it via OLE. This is great from a user's point of view. But if your WP is not equipped to read Excel objects then you will have a problem. The trouble is NOT with the Word part of it, it is with an embedded object. One single.DOC (or any other file for that matter) can contain all sorts of objects of other sorts embedded via OLE. All of the specifications and interfaces for this is published. It's just a lot of work for a package to handle embedded objects it wasn't designed for.
Um, this is lame. DOC format is specified on MSDN. I remember in a C programming course, learning how to read and display MS Word 6.DOC files.
How do you explain the various programs for Linux that all read and MS Word.DOC files perfectly well? For example, Corel's word processor, and all those DOC -> PS convertors.
The problem is to calculate the chance that if n random numbers exist, in a range 1...N, then what is the chance that two are the same? (This is relevant in deciding if keys will collide).
It is called the birthday problem because of the following settings: Consider your class at school (say it has 28 people). What is the chance that two of them will have the same birthday? [Note: Leap years are ignored for convenience here.]
In other terms, what is the chance that if you have 28 numbers in the range 1...365, what is the chance that two will be the same?
The answer is found by: 1 - ((364/365) * (363/365) * (362/365) *... * ((366 - 28)/365)), which works out to about 0.67 (ie. 67%, about 2/3 chance). This result can be somewhat surprising at first.
If you don't understand the derivation -- imagine there are two people in your class. The chance someone else's birthday is NOT the same as yours is 364/365. So the chance that you both have the same birthday is 1 - (364/365). And so on. HTH.
I think the 16 hex digits will not be enough for anonymity, if this method becomes popular. 16 hex digits means 2^64 unique filenames. For comparison, this is the square of 2^32, the number of IP addresses.
Once there are 2^32 keys around, then the chance of a collision is quite high. I suggest using 32 hex digits (ie. 2^128 unique names). Another possibility, on top of this, would be to encode the first 16 bytes in a more efficient manner than hex digits.
A unix note here, the given command
dd if=/dev/urandom of=pad.dat bs=1k count=128
od -t x1 pad.dat | head -1 mv pad.dat pad(sixteen first digits of dump given by previous command).dat
In order for somebody to have their free speech readable, they would also have to distribute the names of the pads needed to decode it.
The author's idea seems to be the following: since no piece of data can actually be said to contain incriminating speech, nobody can be prosecuted for writing it.
Did neural nets come to anyone else's mind? All that is being done here is that the data is being stored in distributed fashion. If anyone can read the message, prosecutors can too, and the fact is that the author transmitted the message (albeit by an unusual message).
The other major benefit of this method claims to be anonymity.
Practically speaking, are there not many many existing anonymous-posting methods? (Eg. use hacked dialup; use anonymous http proxy; use long chain of telnets and format computers on the way, etc.) Or even worse, just post something from someone else's equipment, without their knowledge (eg. public library) and then leave.
What do you mean, "only works with IE" ? IE is an ActiveX control.
Most ActiveX controls (in fact, all of them but one) are not IE, and most of them do not depend on it, unless the author specifically wishes it to be so. (This is no 'worse' then a Linux package that "depends on" (your phrase) glibc, for example.)
ActiveX controls work with anybody's product, not just MS (I gave an example of Borland products in the original post).
It was documented from day 1. For example, plenty of companies wrote OLE (the precursor to COM) applications (look at all those progs that accept drag-and-drop from another application - that is OLE).
Eh? ActiveX is (practically speaking) another name for Microsoft's COM (Component Object Model), which is open, fully documented, easy, and MS encourage everybody to use it so that there will be a plethora of components which can all communicate easily with each other, and you can use anybody else's component in your code, free of licencing worries or anything like that GPL mess. For example, I can make an application that includes a web browser and document viewer (IE and Word ActiveX controls) and do whatever I like with them. Power!
I'll reiterate the point in case you missed it: the COM is explicitly specified and documented in detail. That's why there can be multiple COM development packages -- not just Microsoft's. I develop COM objects with Borland tools, for example.
It's also ironic that when MS do something good like this, competitors immediately try and deface it and rip it off and "embrace and extend" it. Look at KOM, xpCOM, etc. These people could have used the existing standard, but no, they make their own cheap hack which is deliberately incompatible with all the rest.
(To that guy who tried to tell me NS tried to make xpCOM compatible with COM but couldnt cos "MS sucked" - as evidence that they didn't, they *changed the name* of the default interface that COM objects have - the one that lets an object query another object to see what functionality it has. How sad.)
Interesting to note that in the article in the story, there is a small comments board afterwards -- and it has a first-poster!
Slashdot's influence is spreading...
Flash to court scene 10 years from now Judge: Would you like to make the opening address now, Counsel? Lawyer: Yes! Yes! first comment! Ahha, D sux0rz! Judge: -1, Offtopic
In fact, a good definition of 'algorithm' is 'anything that can be run on a computer' (or more precisely, on a universal Turing machine). When Turing designed Turing Machines, his goal was to define computation and algorithms, and his results are largely accepted.
void main(void)/* This really IS void, no error here. */
This is not ANSI-compliant. With this sort of thing around, no wonder GCC is the only compiler that will compile Linux. And people complain when MS don't adhere to standards....
Ok, you chose the PC because it is the same type as your school. People I know bought Macs because our school used Macs. Where does a monopoly come into this?
The sun has only become abnormally dangerous in the last couple of decades, due to ozone destruction by human industry. This is too short a time span for evolution to play its part.
So, when you were deciding which OS to pick, you thought to yourself "Ok, who has a monopoly? Microsoft does, so I had better increase their monopoly by buying their product."
Yeah right. You chose Windows because it supports everything that you want to do. This is because Windows is superior in its support for a variety of uses.
How is it that Linux ssh is alright to download (my linux distro, shipped from the US, sure had it), but clients like SecureCRT are subject to arms export restrictions and cannot be downloaded from the US ?
MS provided a demonstration tape that involved two different PCs (as is common among trade demo tapes which the producing techs were used to making). After the court pointed out that this wasn't good enough, MS came back *the next day* with a new tape all recorded on the one PC, and this was accepted.
Why do people continue to treat IE as a separate application?
The only setup that makes sense in our current Internet world is to have Internet tools in your face, in the OS, maybe even in the kernel.
How many OSs can you name that ship *without* Internet tools? Linux, Solaris, etc. all definitely DO come with web browsers! All these operating systems also allow the use of alternative browsers (eg. Solaris ships with HotJava, but you can install Netscape).
In fact, MS (and I hope everybody else) has been tending towards HTML interfaces for everything. Few people would doubt that it is easiest to write a user interface in HTML/XML/.../{insert favourite script language}. The entire Windows desktop will be a XML page, as soon as they can do this without all the backwater redneck laggards crying foul because they didn't think of it first.
I hope that IE gets in with the OS division and not the Apps division. It is, after all, the Windows equivalent of Linux's "bash".
Re:Gnutella is closed source, hence not secure
on
Gnutella VBS Worm
·
· Score: 1
Oh rubbish.
When it happens in MS Outlook Express, it's MS's fault and OE's fault. When it happens in Gnutella it's the operating system's fault. Couldn't see that one coming from you Linux zealots.
Having executable files is not an OS fault. .VBS is no different to.EXE , as far as executability goes. The problem is with dumb users who execute the executable file, or with software that allows an executable file to be automatically executed.
Note: Executable file does not necessarily mean +x on *nix; as script files handled by a script processor do not need to be +x (eg. perl, python, php, ini, bashrc, etc.)
Slashdot Mirror
Glad you agree, even if I didn't express myself well. I guess the obvious question now is: is the WMF specification public? Again, there are several non-MS tools that deal in WMF files.
This was a bug in Word 97 RTF handling, which has since been fixed.
Take for example a Word document that has an Excel graph embedded in it via OLE. This is great from a user's point of view. But if your WP is not equipped to read Excel objects then you will have a problem. The trouble is NOT with the Word part of it, it is with an embedded object. .DOC (or any other file for that matter) can contain all sorts of objects of other sorts embedded via OLE. All of the specifications and interfaces for this is published. It's just a lot of work for a package to handle embedded objects it wasn't designed for.
One single
Um, this is lame. DOC format is specified on MSDN. I remember in a C programming course, learning how to read and display MS Word 6 .DOC files.
.DOC files perfectly well? For example, Corel's word processor, and all those DOC -> PS convertors.
How do you explain the various programs for Linux that all read and MS Word
This article seems to be just FUD.
A note on the 'birthday problem' he mentions:
... * ((366 - 28)/365)), which works out to about 0.67 (ie. 67%, about 2/3 chance). This result can be somewhat surprising at first.
The problem is to calculate the chance that if n random numbers exist, in a range 1...N, then what is the chance that two are the same? (This is relevant in deciding if keys will collide).
It is called the birthday problem because of the following settings: Consider your class at school (say it has 28 people). What is the chance that two of them will have the same birthday?
[Note: Leap years are ignored for convenience here.]
In other terms, what is the chance that if you have 28 numbers in the range 1...365, what is the chance that two will be the same?
The answer is found by: 1 - ((364/365) * (363/365) * (362/365) *
If you don't understand the derivation -- imagine there are two people in your class. The chance someone else's birthday is NOT the same as yours is 364/365. So the chance that you both have the same birthday is 1 - (364/365).
And so on.
HTH.
The people who are rich and famous are those who not only have good ideas, but act on them :)
Once there are 2^32 keys around, then the chance of a collision is quite high. I suggest using 32 hex digits (ie. 2^128 unique names). Another possibility, on top of this, would be to encode the first 16 bytes in a more efficient manner than hex digits.
A unix note here, the given command
can be more efficiently written as:In order for somebody to have their free speech readable, they would also have to distribute the names of the pads needed to decode it.
The author's idea seems to be the following: since no piece of data can actually be said to contain incriminating speech, nobody can be prosecuted for writing it.
Did neural nets come to anyone else's mind? All that is being done here is that the data is being stored in distributed fashion. If anyone can read the message, prosecutors can too, and the fact is that the author transmitted the message (albeit by an unusual message).
The other major benefit of this method claims to be anonymity.
Practically speaking, are there not many many existing anonymous-posting methods? (Eg. use hacked dialup; use anonymous http proxy; use long chain of telnets and format computers on the way, etc.) Or even worse, just post something from someone else's equipment, without their knowledge (eg. public library) and then leave.
What do you mean, "only works with IE" ?
IE is an ActiveX control.
Most ActiveX controls (in fact, all of them but one) are not IE, and most of them do not depend on it, unless the author specifically wishes it to be so.
(This is no 'worse' then a Linux package that "depends on" (your phrase) glibc, for example.)
ActiveX controls work with anybody's product, not just MS (I gave an example of Borland products in the original post).
It was documented from day 1. For example, plenty of companies wrote OLE (the precursor to COM) applications (look at all those progs that accept drag-and-drop from another application - that is OLE).
Did you actually read what I wrote?
By the way, the full specification for COM is at http://www.microsoft.com/com/, in case you thought I was trolling or anything.
Eh? ActiveX is (practically speaking) another name for Microsoft's COM (Component Object Model), which is open, fully documented, easy, and MS encourage everybody to use it so that there will be a plethora of components which can all communicate easily with each other, and you can use anybody else's component in your code, free of licencing worries or anything like that GPL mess. For example, I can make an application that includes a web browser and document viewer (IE and Word ActiveX controls) and do whatever I like with them. Power!
I'll reiterate the point in case you missed it: the COM is explicitly specified and documented in detail. That's why there can be multiple COM development packages -- not just Microsoft's. I develop COM objects with Borland tools, for example.
It's also ironic that when MS do something good like this, competitors immediately try and deface it and rip it off and "embrace and extend" it. Look at KOM, xpCOM, etc. These people could have used the existing standard, but no, they make their own cheap hack which is deliberately incompatible with all the rest.
(To that guy who tried to tell me NS tried to make xpCOM compatible with COM but couldnt cos "MS sucked" - as evidence that they didn't, they *changed the name* of the default interface that COM objects have - the one that lets an object query another object to see what functionality it has. How sad.)
Slashdot's influence is spreading...
Flash to court scene 10 years from now
Judge: Would you like to make the opening address now, Counsel?
Lawyer: Yes! Yes! first comment! Ahha, D sux0rz!
Judge: -1, Offtopic
Um, what is RDF?
.RDF reference somewhere that will specify exactly how the input will be?
The file in the linx looks like an XML version of Slashdot's headlines.
So a correct answer to this haiku problem, by a bot, would be a haiku containing text from its <title> and <description> tags?
eg.
Plasma Propulsion
News for Nerds, Stuff That Matters
Easter Eggs In Source
Is there a
Any computer program is an algorithm.
In fact, a good definition of 'algorithm' is 'anything that can be run on a computer' (or more precisely, on a universal Turing machine). When Turing designed Turing Machines, his goal was to define computation and algorithms, and his results are largely accepted.
Unix API and interface has been around for 25 years, Windows (seriously) for less than 10, and you call Windows legacy ?
"Task manager" has nothing whatsoever to do with cron functions , I suggest you take a closer look at it next time.
void main(void) /* This really IS void, no error here. */
This is not ANSI-compliant. With this sort of thing around, no wonder GCC is the only compiler that will compile Linux. And people complain when MS don't adhere to standards....
Who the fuck is steve woston.
MSNBC only says this because MS Pinball sucks.
Ok, you chose the PC because it is the same type as your school. People I know bought Macs because our school used Macs. Where does a monopoly come into this?
The sun has only become abnormally dangerous in the last couple of decades, due to ozone destruction by human industry. This is too short a time span for evolution to play its part.
So, when you were deciding which OS to pick, you thought to yourself "Ok, who has a monopoly? Microsoft does, so I had better increase their monopoly by buying their product."
Yeah right. You chose Windows because it supports everything that you want to do. This is because Windows is superior in its support for a variety of uses.
How is it that Linux ssh is alright to download (my linux distro, shipped from the US, sure had it), but clients like SecureCRT are subject to arms export restrictions and cannot be downloaded from the US ?
"fake videotape" ?
MS provided a demonstration tape that involved two different PCs (as is common among trade demo tapes which the producing techs were used to making). After the court pointed out that this wasn't good enough, MS came back *the next day* with a new tape all recorded on the one PC, and this was accepted.
Try getting some facts instead of just hype.
Why do people continue to treat IE as a separate application?
The only setup that makes sense in our current Internet world is to have Internet tools in your face, in the OS, maybe even in the kernel.
How many OSs can you name that ship *without* Internet tools? Linux, Solaris, etc. all definitely DO come with web browsers! All these operating systems also allow the use of alternative browsers (eg. Solaris ships with HotJava, but you can install Netscape).
In fact, MS (and I hope everybody else) has been tending towards HTML interfaces for everything. Few people would doubt that it is easiest to write a user interface in HTML/XML/.../{insert favourite script language}. The entire Windows desktop will be a XML page, as soon as they can do this without all the backwater redneck laggards crying foul because they didn't think of it first.
I hope that IE gets in with the OS division and not the Apps division. It is, after all, the Windows equivalent of Linux's "bash".
Oh rubbish.
.EXE , as far as executability goes. The problem is with dumb users who execute the executable file, or with software that allows an executable file to be automatically executed.
When it happens in MS Outlook Express, it's MS's fault and OE's fault. When it happens in Gnutella it's the operating system's fault. Couldn't see that one coming from you Linux zealots.
Having executable files is not an OS fault.
.VBS is no different to
Note: Executable file does not necessarily mean +x on *nix; as script files handled by a script processor do not need to be +x (eg. perl, python, php, ini, bashrc, etc.)