It's easy to get free certs -- I'll make 'em and hand em out myself, no problem.
The question is who determines "Foobar, Inc" is legitimate. In a trust network, the burden of evaluation is distributed. In the CA model, the CA is responsible for determining who is legitimate.
cacert.org may grant free certs (it's just a cgi running a script somewhere), but they aren't going to be doing free evaluation (actual human involvement required).
Unfortunately, other areas of audio have suffered. There is no "OpenGL" of 3D audio because Creative owns all of the patents from its acquisition of companies like Aureal and Sensaura. They will always have the one-up on 3D audio performance over their customers, and any improvements will be at their own pace.
This has become standard practice for technology companies over the past few years, since sometime in the nineties. Basically, large technology companies maintain a staff of researchers whose job it is to churn out patents related to their product -- not necessarily new or interesting technology, but to shotgun enough that at least some get through. They then cross-license with all other manufacturers in the arena that they are in. At that point, the patents stop having value for driving production of useful new technology, since any patent is simply immediately available to all competitors. Instead, they are solely used to prevent any new competitors from entering the arena -- they act as oligarchy maintainers. This means that the only competition each company has is the other existing companies in the arena -- as those are bought out or go out of business, the market is left more and more to the remaining players. It is an extremely damaging attack on free markets, and is a business practice that is now in widespread use. The hard drive companies (Seagate, IBM and friends) do it. The GPU companies (ATI, NVidia and friends) do it. The CPU manufacturers (AMD, Intel and friends) do it. As a result of this approach, most substantial improvements that could be used against a competitor are not patented, since this allows them to actually be useful competitive tools -- undermining the very reason for having patents in the first place.
Patents, in such situations, no longer serve their purpose at all -- the funding of the creation of useful new things. The only solution is really to eliminate software patents. I have yet to see particularly impressive research coming from such a situation -- I cannot see any reason to maintain the existence of software patents. I'd like to hear from *one* Slashdotter that does good research who is supported by patent royalties (or works in a lab and feels that their patents, rather than the existence of their work and the barriers established by time-to-reimplement, is where their primary value to their lab comes from).
which can preceed the date of filing by many years.
On the other hand, after prior art, there is only a one year period before the date of filing deadline.
"If the invention has been described in a printed publication anywhere, or has been in public use or on sale in this country more than one year before the date on which an application for patent is filed in this country, a patent cannot be obtained."
Cray has been engaging in scare tactics about "America being dominated by overseas competitors" for a while, because they're terrified of losing the lucrative business contracts from government and big business, they'll pull out all the stops. They've come up in the IT press recently a couple of times.
Screw 'em. If there's a need, the market will provide. If it turns out that the important tasks can be parallelized and run on much less expensive clusters, then all that means is that we have a more efficient solution to the problem.
That's an interesting idea, and it reduces the degree of paper counting costs by some percent, and only decreases the trusted nature of the system by that same percent -- and you're right, we can probably get away with less than one hundred percent verification.
But asking people to know this difference is asking a bit much of them. What might be interesting would be a "Phisher Identifier" built into mail clients that could identify bogus or unauthorized URLs based on a very carefully maintained database of legitimate URLs.
I can't agree that this is a good way to go. You'd need a full, global database.
I'd infinitely prefer to have an easy-to-use trust system be provided. The best thing available to most users is PGP, which is *not* idiot-proof, easy to use, or included with all email clients. I'm talking about clicking on a website link to an ".id" file, and choosing to mark this ".id" as trusted, and allowing transitive trust (so that a company can choose to trust its business partners).
A "tax on email" will never work -- Verisign is not the answer.
Mr. Wallace has interesting point, bad conclusion
on
P2P Leaks Surprises
·
· Score: 2, Informative
Mr. Wallace has an interesting point -- stuff is being accidentally shared that people would probably prefer not to be shared. This is interesting. However, I do not agree with his conclusion, that "legislation has not caught up with the P2P world". All P2P does is enable data to be transferred -- people have been accidentally sharing data for a long time. I remember when an journalist (I believe it was Adam Engst, of TidBITS) wrote an article about how he accidentally placed some pictures of himself that he didn't want made public in a directory with an unusual name on a webserver. They were eventually accidentally made public. This is certainly not a problem inherent to P2P systems -- it can be done on any system that allows data transfer, and on any system that is worldwide and allows anyone to provide data (such as P2P networks or the Web), it is quite certain that accidental distribution of data will happen.
Now, I can agree that some P2P apps could use some revision. P2P apps should not scan the entire hard drive for files -- they really need a "shared" directory to be designated, even if it requires the user to do some extra work. But this is a software user interface issue, not a legal issue that requires legislative intervention, as Mr. Wallace seems to feel.
There is certainly nothing of particular significance to P2P when it comes to potential data leaks. Client-server models can allow just as much a problem.
So, write a few patches, or something. Or use another distro.
[shrug] I've set it up, and I've had a friend set it up, and neither wanted to bother with ramming everything through pam. It isn't worth the effort.
I don't know of any major distros that allow this, though I wouldn't be surprised if one did.
Which is silly. Why not just encrypt all partitions that store user data./var/spool,/home, and maybe/tmp ?
A couple reasons. First, encryption has a fair amount of overhead associated with it -- generally, there are a few things that I want encrypted, but most things I really don't care about, and would prefer to not have encrypted.
Second, I use a single partition, not a set of partitions, as is the case for many home workstations.
Or set up gpg and a public key, and install kgpg.
I'm not aware of any system that does this. It doesn't mean that one couldn't be made, but the only thing gpg buys me is file-level encryption (which, FWIW, I do use), not loopback encryption.
Ah, okay. I'm familiar with the old section colors, but not the new ones. I must have been using Slashdot when the regeneration of the pages started, because I kept seeing green on some pages and gold on others (even in the same section) for a bit.
First, it's minimally supported by distros. I can't just set up a Fedora system out of box, and check "use encryption" and have it do an NTFS-style decryption of the file encryption key using the password entered at login for each user to decrypt that users' files. It requires hacking around pam and maybe initscripts.
Second, if that *was* done, it would take a different filesystem per user (per key), which is a pain to maintain.
Third, it can't be enabled by users (would require root dicking around with pam and filesystems) as NTFS encryption can be.
Fourth, it can't be enabled on-the-fly (requires creating new filesystems and copying the contents over, unlike NTFS).
Fifth, it's a pain to maintain -- on NTFS, it's easy for a user to just say "I want the contents of this directory and below to be encrypted" and choose to have things encrypted on a per-directory basis. The equivalent on Linux would be having the root user be creating new filesystems (knowing the appropriate sizes in advance and wasting any excess space allocated) copying over the contents and adding mount points for every filesystem mounted.
Sixth, NTFS supports key recovery with a backup, emergency passphrase (it can maintain two copies of the encryption key, one encrypted with, say, the administrator's password). Dunno about the Linux status of this.
Having an encryption layer above the block layer is a nice idea, but it's not a drop-in substitute for encryption support in the filesystem.
It would be possible to add a layer in which an encryption layer could be *added* (preprocess file/directory contents -- if one *only* wanted encrypted files and not directories, this could already be done with an LUFS or fuse module). Space for such a layer does not currently exist in Linux.
No, but they do lack the "blah blah blah is an OSDN-owned site, which is a parent company of Slashdot" disclaimer, which they normally do put up. An unfortunate oversight, but I don't think that it's epidemic.
Look, I'll agree that many minor OSS projects could use better documentation, but wouldn't it be easier to submit a list of what you'd like included in whatever product pissed you off than writing a long angry article about it? I mean, there are a lot of obscure little Windows closed-source packages that lack good documentation as well.
I haven't had a problem with major projects.
Is it largefile aware?
I really have seen very few closed-source packages that include this in their documentation, either.
Is it scriptable?
I can't think of any open-source packages that are scriptable that don't document the point that they're scriptable.
Most OSS CLI software isn't explicitly "scriptable" because it can simply be easily run and interfaced with from scripts without requiring an internal interface.
I have refrained from naming names here. It would serve no useful purpose, as my sysadmin colleagues can probably think of exactly the projects I'm talking about (as can the respective coders).
Actually, I'd infinitely have preferred that Brian *had* named the names of the OSS projects that he found at issue, and listed some concrete problems. Then they could be addressed.
The bigger problem for you coders, really, is that there are usually 20 different packages on freshmeat that all do the same thing. Of those 20, probably one or two have real-life, usable documentation.
Your problem sounds more like a lack of comparative reviews to assist you in evaluation than a lack of documentation.
This honestly sounds like the sort of problem you get if you start trying out "mp3 sorters" or "IM clients". I'm dubious that this is a severe issue with, say, webservers.
While I'm posting, does anyone have any idea why Slashdot is changing colors on me like mad? I've seen a rather pretty but less usable gold-and-white theme, and I'm currently posting in a black-and-white theme that says "Don't fear the penguins". CmdrTaco put up a test story on the main page yesterday -- what's going on at Slashdot?
Why would someone make a challenge unless they had a close election or completely ridiculous numbers, neither of which need be the case with remotely non-stupid vote fraudsters?
Honestly, if they had a ream of paper coming out of the back of the machine, and the option for Voters to print off a copy for their own records (and to verify their vote was recorded as they expected) a lot of the problems with the electronic voting machines would be alleviated.
Absolutely.
Now how, exactly, do you propose to provide a mechanism in which it is guaranteed to the voter that their recorded vote is the same as that which is on their receipt, without throwing away any of the anonymity characteristics that are also crucial to voting?
Tell the cell towers to notify cops ahead on the road of cell signals that are travelling rapidly along a road, so that they can keep an eye out for drivers using them.
He might be able to chat on his cell-phone and drive quite safely. Just because you can't doesn't mean he should be penalized. That's his point.
I think that few people think "Gee, I can't really handle talking on my cell and driving at the same time. Oh, hell, I'll do it anyway." Everyone is confident that *they* are a good driver, that *they* have the skill required to avoid accidents with only part of their attention on the road.
The problem is that the person who pays for their guessing wrong often isn't them. It's someone else, someone driving to their office who gets nailed by someone talking on their cell, some guy that leaves behind a wife and three children with a newly fucked-up life. I view that risk as more severe than the convenience factor of being able to chat with someone without pulling over or waiting until reaching the drive's destination.
If tastes never changed to keep pace with the times, there'd be a lot of forty-somethings doing nothing but riding their horse into town to the saloon to play checkers and poker with their buddies.
The reason video games are associated with the young is largely because they didn't *exist* during the youth of old folks.
TV did the same thing. Who buys the disgustingly expensive HDTV plasma displays? Middle-aged people.
Yeah, jokes where you pretend to shoot people with real-looking cap guns is REAL funny.
We managed to deal with cops-n-robbers, cowboys-n-indians, and soldiers-n-soldiers for a long, long time, and it's only now that people are bringing it up as an issue.
We used to carry knives as a standard tool -- try taking a knife onto school grounds these days.
Now, maybe we *do* have a new, real issue, but I'm more inclined to blame histronics from gun-control advocates.
Nader is not the Libertarian candidate. You're just repeating the Democratic propaganda that a vote for anybody other than Kerry is a vote for Bush.
It's not simply propaganda. It's a very real issue -- nobody but a Republican or a Democrat will win this election.
I will happily agree with Michael Moore that the country needs voting reform and a change in the voting system to help promote smaller parties. However, refusing to accept the reality of the current voting system just plain doesn't help anyone. The time for that was the past four years, when you could campaign for and push your Senate and House representatives for voting reform. Now it's too late -- the vote is upon us, and it's going to use the traditional system.
A vote for Nader is a vote for Nader, and a vote for Michael Badnarick www.lp.org is a vote for Michael Badnarik, and their respective parties.
Yes, but the practical effect is one half of a vote to help retain Bush in office.
I just don't understand the liberals that keep whining about how scary the government is and yet they want to disarm the people.
Again, I think that it would be just spiffy if we could be a direct democracy on issues like retaining gun rights. But we *aren't* -- we will have a single powerful administration that will decide one way on the other on *all* of our issues. Pretending that that isn't the case doesn't help anyone.
Ultimately, you have to weigh the merits of a Bush administration against a Kerry administration, because one of those two people will be sitting in the White House for the next four years. Anyone that votes Green or Libertarian simply does not provide their input into choosing the next administration of the United States, and into foreign and domestic policy for the next four years. That may suck, but until vote reform goes through, that's the way things are going to be.
I agree that he's in an awfully suspicious position to be honest (someone is butting in on his very lucrative niche). He's using general fear-mongering rather than specific examples of problems. ("The only thing necessary for evil to triumph is for good men to do nothing" as part of a technical critique? Seriously, what *planet* is he living on?) He's made some claims that I find kind of dubious.
However, I'm not sure that the "failing" claim that you've made about them is fair or accurate to them, either.
If I were that guy, I think I'd be arguing other points:
* Linux's lack of certification (he mentioned this, made an error, but the fact is that he's paid to have his products more highly certified)
* Linux's rapidly moving status. Yes, someone can fork at any point, but it's not quite the same. The Linux world does put heavy emphasis on staying up-to-date -- one might even say overly bleeding-edge.
* Linux's more limited security model. SELinux is the only advanced Linux security model that I know of, and it is still not bundled into mainstream distros and been generally hammered on by the world.
* Linux's failings in the RTOS market. Mainstream Linux is not hard RT-capable, and apparently his product is. There are a lot of vendors, like TimeSys, that provide RT-enhanced versions (not sure how they compare). He didn't even mention this -- if I were him, I'd attack fragmented implementations as one of the key points.
As for his arguments, he should have:
He should have given specific applications where Linux is not necessarily safe but his products are. If he knows this field inside out, he should have been able to say "Linux clearly can't appropriately be used for Foo, Bar, and Baz, but my product can."
If he wanted to argue insecurity, he should have taken advantage of the fact that Linux is open source. He should have grabbed a bunch of his programmers, found a handful of kernel-level vulnerabilites in Linux, and then made some (admittedly misleading, but much more compelling than his existing argument) about how *his* people hew to a higher standard of allowing security holes, and how the *Linux* people failed to catch all these issues and given some terrifying scenerios where missiles wouldn't fire at the Reds (or Arabs, or whoever is the current baddie that defense contractors use to sell their products).
2. Windows has been certified at AEL4. This is true, but should be understood that it is a specific version of windows with a specific patch.
If this is the same version that was certified at C2, it was NT4, and only if it's not on a network.
4. GHS Integrity OS is developed solely by US citizens in a controlled environment at a US company. This is provable by GHS and should be taken at face value.
AFAIK, this sort of approach started in the Cold War, right? To avoid the Red peril? Who is to say that we need only US-based production in an environment where everyone can see and is using the same code?
Slashdot Mirror
It's easy to get free certs -- I'll make 'em and hand em out myself, no problem.
The question is who determines "Foobar, Inc" is legitimate. In a trust network, the burden of evaluation is distributed. In the CA model, the CA is responsible for determining who is legitimate.
cacert.org may grant free certs (it's just a cgi running a script somewhere), but they aren't going to be doing free evaluation (actual human involvement required).
Unfortunately, other areas of audio have suffered. There is no "OpenGL" of 3D audio because Creative owns all of the patents from its acquisition of companies like Aureal and Sensaura. They will always have the one-up on 3D audio performance over their customers, and any improvements will be at their own pace.
This has become standard practice for technology companies over the past few years, since sometime in the nineties. Basically, large technology companies maintain a staff of researchers whose job it is to churn out patents related to their product -- not necessarily new or interesting technology, but to shotgun enough that at least some get through. They then cross-license with all other manufacturers in the arena that they are in. At that point, the patents stop having value for driving production of useful new technology, since any patent is simply immediately available to all competitors. Instead, they are solely used to prevent any new competitors from entering the arena -- they act as oligarchy maintainers. This means that the only competition each company has is the other existing companies in the arena -- as those are bought out or go out of business, the market is left more and more to the remaining players. It is an extremely damaging attack on free markets, and is a business practice that is now in widespread use. The hard drive companies (Seagate, IBM and friends) do it. The GPU companies (ATI, NVidia and friends) do it. The CPU manufacturers (AMD, Intel and friends) do it. As a result of this approach, most substantial improvements that could be used against a competitor are not patented, since this allows them to actually be useful competitive tools -- undermining the very reason for having patents in the first place.
Patents, in such situations, no longer serve their purpose at all -- the funding of the creation of useful new things. The only solution is really to eliminate software patents. I have yet to see particularly impressive research coming from such a situation -- I cannot see any reason to maintain the existence of software patents. I'd like to hear from *one* Slashdotter that does good research who is supported by patent royalties (or works in a lab and feels that their patents, rather than the existence of their work and the barriers established by time-to-reimplement, is where their primary value to their lab comes from).
which can preceed the date of filing by many years.
... that's stupid. :-(
On the other hand, after prior art, there is only a one year period before the date of filing deadline.
"If the invention has been described in a printed publication anywhere, or has been in public use or on sale in this country more than one year before the date on which an application for patent is filed in this country, a patent cannot be obtained."
Still, if you're right
Cray has been engaging in scare tactics about "America being dominated by overseas competitors" for a while, because they're terrified of losing the lucrative business contracts from government and big business, they'll pull out all the stops. They've come up in the IT press recently a couple of times.
Screw 'em. If there's a need, the market will provide. If it turns out that the important tasks can be parallelized and run on much less expensive clusters, then all that means is that we have a more efficient solution to the problem.
That's an interesting idea, and it reduces the degree of paper counting costs by some percent, and only decreases the trusted nature of the system by that same percent -- and you're right, we can probably get away with less than one hundred percent verification.
But asking people to know this difference is asking a bit much of them. What might be interesting would be a "Phisher Identifier" built into mail clients that could identify bogus or unauthorized URLs based on a very carefully maintained database of legitimate URLs.
I can't agree that this is a good way to go. You'd need a full, global database.
I'd infinitely prefer to have an easy-to-use trust system be provided. The best thing available to most users is PGP, which is *not* idiot-proof, easy to use, or included with all email clients. I'm talking about clicking on a website link to an ".id" file, and choosing to mark this ".id" as trusted, and allowing transitive trust (so that a company can choose to trust its business partners).
A "tax on email" will never work -- Verisign is not the answer.
Mr. Wallace has an interesting point -- stuff is being accidentally shared that people would probably prefer not to be shared. This is interesting. However, I do not agree with his conclusion, that "legislation has not caught up with the P2P world". All P2P does is enable data to be transferred -- people have been accidentally sharing data for a long time. I remember when an journalist (I believe it was Adam Engst, of TidBITS) wrote an article about how he accidentally placed some pictures of himself that he didn't want made public in a directory with an unusual name on a webserver. They were eventually accidentally made public. This is certainly not a problem inherent to P2P systems -- it can be done on any system that allows data transfer, and on any system that is worldwide and allows anyone to provide data (such as P2P networks or the Web), it is quite certain that accidental distribution of data will happen.
Now, I can agree that some P2P apps could use some revision. P2P apps should not scan the entire hard drive for files -- they really need a "shared" directory to be designated, even if it requires the user to do some extra work. But this is a software user interface issue, not a legal issue that requires legislative intervention, as Mr. Wallace seems to feel.
There is certainly nothing of particular significance to P2P when it comes to potential data leaks. Client-server models can allow just as much a problem.
You're still exchanging a significant degree of anonymity here.
Suppose, for instance, the last line on each printer is "Republican". You know the vote of the previous voter.
So, write a few patches, or something. Or use another distro.
/var/spool, /home, and maybe /tmp ?
[shrug] I've set it up, and I've had a friend set it up, and neither wanted to bother with ramming everything through pam. It isn't worth the effort.
I don't know of any major distros that allow this, though I wouldn't be surprised if one did.
Which is silly. Why not just encrypt all partitions that store user data.
A couple reasons. First, encryption has a fair amount of overhead associated with it -- generally, there are a few things that I want encrypted, but most things I really don't care about, and would prefer to not have encrypted.
Second, I use a single partition, not a set of partitions, as is the case for many home workstations.
Or set up gpg and a public key, and install kgpg.
I'm not aware of any system that does this. It doesn't mean that one couldn't be made, but the only thing gpg buys me is file-level encryption (which, FWIW, I do use), not loopback encryption.
Ah, okay. I'm familiar with the old section colors, but not the new ones. I must have been using Slashdot when the regeneration of the pages started, because I kept seeing green on some pages and gold on others (even in the same section) for a bit.
There are some disadvantages to this approach.
First, it's minimally supported by distros. I can't just set up a Fedora system out of box, and check "use encryption" and have it do an NTFS-style decryption of the file encryption key using the password entered at login for each user to decrypt that users' files. It requires hacking around pam and maybe initscripts.
Second, if that *was* done, it would take a different filesystem per user (per key), which is a pain to maintain.
Third, it can't be enabled by users (would require root dicking around with pam and filesystems) as NTFS encryption can be.
Fourth, it can't be enabled on-the-fly (requires creating new filesystems and copying the contents over, unlike NTFS).
Fifth, it's a pain to maintain -- on NTFS, it's easy for a user to just say "I want the contents of this directory and below to be encrypted" and choose to have things encrypted on a per-directory basis. The equivalent on Linux would be having the root user be creating new filesystems (knowing the appropriate sizes in advance and wasting any excess space allocated) copying over the contents and adding mount points for every filesystem mounted.
Sixth, NTFS supports key recovery with a backup, emergency passphrase (it can maintain two copies of the encryption key, one encrypted with, say, the administrator's password). Dunno about the Linux status of this.
Having an encryption layer above the block layer is a nice idea, but it's not a drop-in substitute for encryption support in the filesystem.
It would be possible to add a layer in which an encryption layer could be *added* (preprocess file/directory contents -- if one *only* wanted encrypted files and not directories, this could already be done with an LUFS or fuse module). Space for such a layer does not currently exist in Linux.
No, but they do lack the "blah blah blah is an OSDN-owned site, which is a parent company of Slashdot" disclaimer, which they normally do put up. An unfortunate oversight, but I don't think that it's epidemic.
Look, I'll agree that many minor OSS projects could use better documentation, but wouldn't it be easier to submit a list of what you'd like included in whatever product pissed you off than writing a long angry article about it? I mean, there are a lot of obscure little Windows closed-source packages that lack good documentation as well.
I haven't had a problem with major projects.
Is it largefile aware?
I really have seen very few closed-source packages that include this in their documentation, either.
Is it scriptable?
I can't think of any open-source packages that are scriptable that don't document the point that they're scriptable.
Most OSS CLI software isn't explicitly "scriptable" because it can simply be easily run and interfaced with from scripts without requiring an internal interface.
I have refrained from naming names here. It would serve no useful purpose, as my sysadmin colleagues can probably think of exactly the projects I'm talking about (as can the respective coders).
Actually, I'd infinitely have preferred that Brian *had* named the names of the OSS projects that he found at issue, and listed some concrete problems. Then they could be addressed.
The bigger problem for you coders, really, is that there are usually 20 different packages on freshmeat that all do the same thing. Of those 20, probably one or two have real-life, usable documentation.
Your problem sounds more like a lack of comparative reviews to assist you in evaluation than a lack of documentation.
This honestly sounds like the sort of problem you get if you start trying out "mp3 sorters" or "IM clients". I'm dubious that this is a severe issue with, say, webservers.
While I'm posting, does anyone have any idea why Slashdot is changing colors on me like mad? I've seen a rather pretty but less usable gold-and-white theme, and I'm currently posting in a black-and-white theme that says "Don't fear the penguins". CmdrTaco put up a test story on the main page yesterday -- what's going on at Slashdot?
Voter checks reciept against the vote they wanted. Stuffs it in aballot box & walks away, you window-lickin', short-bus ridin' retard.
Right. Which simply removes electronic voting from the loop.
I'm talking about using electronic voting meaningfully.
Why would someone make a challenge unless they had a close election or completely ridiculous numbers, neither of which need be the case with remotely non-stupid vote fraudsters?
Honestly, if they had a ream of paper coming out of the back of the machine, and the option for Voters to print off a copy for their own records (and to verify their vote was recorded as they expected) a lot of the problems with the electronic voting machines would be alleviated.
Absolutely.
Now how, exactly, do you propose to provide a mechanism in which it is guaranteed to the voter that their recorded vote is the same as that which is on their receipt, without throwing away any of the anonymity characteristics that are also crucial to voting?
Tell the cell towers to notify cops ahead on the road of cell signals that are travelling rapidly along a road, so that they can keep an eye out for drivers using them.
He might be able to chat on his cell-phone and drive quite safely. Just because you can't doesn't mean he should be penalized. That's his point.
I think that few people think "Gee, I can't really handle talking on my cell and driving at the same time. Oh, hell, I'll do it anyway." Everyone is confident that *they* are a good driver, that *they* have the skill required to avoid accidents with only part of their attention on the road.
The problem is that the person who pays for their guessing wrong often isn't them. It's someone else, someone driving to their office who gets nailed by someone talking on their cell, some guy that leaves behind a wife and three children with a newly fucked-up life. I view that risk as more severe than the convenience factor of being able to chat with someone without pulling over or waiting until reaching the drive's destination.
If tastes never changed to keep pace with the times, there'd be a lot of forty-somethings doing nothing but riding their horse into town to the saloon to play checkers and poker with their buddies.
The reason video games are associated with the young is largely because they didn't *exist* during the youth of old folks.
TV did the same thing. Who buys the disgustingly expensive HDTV plasma displays? Middle-aged people.
Yeah, jokes where you pretend to shoot people with real-looking cap guns is REAL funny.
We managed to deal with cops-n-robbers, cowboys-n-indians, and soldiers-n-soldiers for a long, long time, and it's only now that people are bringing it up as an issue.
We used to carry knives as a standard tool -- try taking a knife onto school grounds these days.
Now, maybe we *do* have a new, real issue, but I'm more inclined to blame histronics from gun-control advocates.
Nader is not the Libertarian candidate. You're just repeating the Democratic propaganda that a vote for anybody other than Kerry is a vote for Bush.
It's not simply propaganda. It's a very real issue -- nobody but a Republican or a Democrat will win this election.
I will happily agree with Michael Moore that the country needs voting reform and a change in the voting system to help promote smaller parties. However, refusing to accept the reality of the current voting system just plain doesn't help anyone. The time for that was the past four years, when you could campaign for and push your Senate and House representatives for voting reform. Now it's too late -- the vote is upon us, and it's going to use the traditional system.
A vote for Nader is a vote for Nader, and a vote for Michael Badnarick www.lp.org is a vote for Michael Badnarik, and their respective parties.
Yes, but the practical effect is one half of a vote to help retain Bush in office.
I just don't understand the liberals that keep whining about how scary the government is and yet they want to disarm the people.
Again, I think that it would be just spiffy if we could be a direct democracy on issues like retaining gun rights. But we *aren't* -- we will have a single powerful administration that will decide one way on the other on *all* of our issues. Pretending that that isn't the case doesn't help anyone.
Ultimately, you have to weigh the merits of a Bush administration against a Kerry administration, because one of those two people will be sitting in the White House for the next four years. Anyone that votes Green or Libertarian simply does not provide their input into choosing the next administration of the United States, and into foreign and domestic policy for the next four years. That may suck, but until vote reform goes through, that's the way things are going to be.
They won't win, but at least that's a vote that sends a clear message.
That either
a) You refuse to accept how the voting system in the US currently works.
or
b) You want to retain Bush in office.
Which one?
PS. You can keep Utah and Oregan
What's wrong with Oregon?
I dunno, Bruce.
I agree that he's in an awfully suspicious position to be honest (someone is butting in on his very lucrative niche). He's using general fear-mongering rather than specific examples of problems. ("The only thing necessary for evil to triumph is for good men to do nothing" as part of a technical critique? Seriously, what *planet* is he living on?) He's made some claims that I find kind of dubious.
However, I'm not sure that the "failing" claim that you've made about them is fair or accurate to them, either.
If I were that guy, I think I'd be arguing other points:
* Linux's lack of certification (he mentioned this, made an error, but the fact is that he's paid to have his products more highly certified)
* Linux's rapidly moving status. Yes, someone can fork at any point, but it's not quite the same. The Linux world does put heavy emphasis on staying up-to-date -- one might even say overly bleeding-edge.
* Linux's more limited security model. SELinux is the only advanced Linux security model that I know of, and it is still not bundled into mainstream distros and been generally hammered on by the world.
* Linux's failings in the RTOS market. Mainstream Linux is not hard RT-capable, and apparently his product is. There are a lot of vendors, like TimeSys, that provide RT-enhanced versions (not sure how they compare). He didn't even mention this -- if I were him, I'd attack fragmented implementations as one of the key points.
As for his arguments, he should have:
He should have given specific applications where Linux is not necessarily safe but his products are. If he knows this field inside out, he should have been able to say "Linux clearly can't appropriately be used for Foo, Bar, and Baz, but my product can."
If he wanted to argue insecurity, he should have taken advantage of the fact that Linux is open source. He should have grabbed a bunch of his programmers, found a handful of kernel-level vulnerabilites in Linux, and then made some (admittedly misleading, but much more compelling than his existing argument) about how *his* people hew to a higher standard of allowing security holes, and how the *Linux* people failed to catch all these issues and given some terrifying scenerios where missiles wouldn't fire at the Reds (or Arabs, or whoever is the current baddie that defense contractors use to sell their products).
2. Windows has been certified at AEL4. This is true, but should be understood that it is a specific version of windows with a specific patch.
If this is the same version that was certified at C2, it was NT4, and only if it's not on a network.
4. GHS Integrity OS is developed solely by US citizens in a controlled environment at a US company. This is provable by GHS and should be taken at face value.
AFAIK, this sort of approach started in the Cold War, right? To avoid the Red peril? Who is to say that we need only US-based production in an environment where everyone can see and is using the same code?