You know, that's an interesting point. Restauraunts are a good at soaking up short-term surges in economy. What happens when people get bonuses and the like? They go out to eat.
I don't buy it. That's the same argument that a farmer using manual laborers would use against the automation (and associated massive efficiency increases -- we now produce far more food per worker) of farming.
Industries always improve efficiency. As a matter of fact, that's one of the key reasons for having free markets. As part of this process, people get put out of their jobs and forced to find new work. Perhaps reimplementing word processors isn't a viable job any more, and programmers will be forced to work on, say, font creation software.
Until that day when there isn't a thing in the world that computers could potentially be made to do that they can't do, there will be jobs for every software developer in the world.
Also note that there are more people working on custom code and vertical-market code than horizontal-market code. Horizontal-market code derives the most benefit from open-sourcing -- if you're doing up a custom forum system, *some* of the work may be done for you if you start with an existing base, but it's unlikely that everything is complete.
I think that you should be more concerned about improvements in ease of programming. If everyone had to code in assembly, it would take many more man-hours to write a package. High level languages like Java, SQL, and perl allow people to produce software much more quickly. This *does* affect vertical-market and custom development.
He's probably referring to the fact that for a home user today, to get a well-integrated desktop Linux system (like what many of us used RedHat for), we have very, very limited options.
I don't think so -- it seemed to be a direct criticism of Red Hat for home use, which definitely confuses me. I can see complaints about Red Hat -- they're too tied up in making things "free" (second only to Debian, IMHO), they've done a poor job of managing Fedora PR, etc, but them not being usable as a home machine is an entirely new complaint to me. Most distributions, except for specialized ones, would seem to be quite good for home use.
If you looked a week ago, you would have Fedora Core 2, which suffers from this major bug
That's a bug, though, not a fundamental distribution problem. I'm not too familiar with this aside from the Slashdot article, but I would be surprised if there isn't an update issued to fix it. Plus, the poster is comparing Red Hat to Mandrake -- and Mandrake 10 suffers from the same bug, according to your link.
WRT the Mandrake update procedures, I would think that this is not so much a problem for home users as it is for people that have been doing beta testing. Whatever the "Community Edition" is (it sounds something vaguely like the Red Hat FC test releases).
A quick look on SuSe's downloads page shows that they do offer it free (minus commercial components), but it's either in LiveCD format or has to be installed via FTP.
I agree with you that SuSE is about the least free of all the distributions that currently exist (Caldera tended to push a couple of non-free buttons as well). I certainly wouldn't use SuSE myself. However it's still affordable and usable by a home user.
Sure we could use Debian, or Gentoo, or even go out on a limb and try FreeBSD - but none of these are desktop-oriented, though you can achieve a nice desktop system if you work at it.
I'm not sure why one would say that Debian and Gentoo are not desktop-oriented. I guess that I cannot speak with as much knowledge when talking about Gentoo, but I remember synaptic being made for Debian -- surely that is an example of a desktop-oriented administration tool?
I have only a little experience with the BSDs, and none admining a BSD box, but surely FreeBSD would be the BSD most oriented at desktop use?
This is the second "offtopic" modded posts I've seen today (the other post was not mine) that I don't think is reasonable.
In general, people seem to be at least reasonable with "Troll" and "Flamebait" tags. Even "Overrated" is somewhat sane, if someone just wants something modded down for a non-mentioned reason. I cannot tell why on earth my post would be considered "Offtopic", though. It was a direct, relevant response to an on-topic post.
It is very heartwarming to see some major Linux vendor is interested in the individual home Linux user after RedHat dumped them like yesterday's trash.
But the current one *is* a protocol handler problem, and there have been attacks before against systems that mingle internal and external handlers -- it's not a problem that should just be ignored.
...first remember hearing about protocol handlers...
This should be "...first remember hearing about security problems with protocol handlers.... Heck if I know when I first heard about protocol handlers.
You know, the first I remember hearing about protocol handlers was when Microsoft started pushing the combination of the browser and the desktop.
Microsoft *very* commonly fails to draw a clear line between those data that can affect those things that can be externally-invoked (such as protocol handlers) and those things that may only be internally invoked. There is no reason for, say, a "help" protocol handler, though there is for an "ftp" protocol handler. There is clearly a need for two separate systems -- "remote" and "local" handlers, where "local" systems are only invoked by trusted software running on the system.
If Apple took bad ideas from Microsoft, they deserve to chew on the bitter taste a bit.
Note that GNOME (and I'll bet KDE, though I'm not familiar enough with KDE to know) also took this broken security design from Microsoft, and it's even bets that they have some of the same problems.
I should be able to set things like the following with "local" handlers (ones that will only be passed "trusted good" data, and can poentially do destructive things like overwrite files based on the data passed them: * my terminal program (xterm, gnome-terminal, konsole, rxvt, aterm, etc) * my file manager * my "error" handler -- could spit out junk to the console, play an error sound, send stuff to syslog, bring up a dialog, whatever. * my password manager (this lets programs add entries automatically -- for example, my FTP program can tell my password manager to store my password whenever I bookmark a passworded site). This lets me keep an encrypted password collection without extensive manual effort. * My download manager, so that software can pass off downloads that they want *downloaded*, not just displayed.
Then there are external protocol handlers. These are programs to handle each of the standard URL prefixes -- news, telnet, http, ftp, etc. It's fine for these to be systemwide, but they *never* should be combined with internal handlers. It's a really *bad* idea, and one of Microsoft's worse "innovations". They may not perform destructive acts based on the arguments passed them, and must be carefully examined to ensure that they robustly handle input passed to them.
The RIAA is asking for protections greater than they recieve for analog radio.
The problem is that none of the justifications they claim for extended protections apply here.
The earlier justification was that "digital copies allow infinite generations of lossless copies to be made."
If someone is recording from the analog radio, they make a digital copy of a lossy transmission. At that point, they can make an infinite number of copies.
If someone is recording from digital radio, they can make an infinite number of copies of a lossily (probably MP3) encoded stream. Exact same thing.
Furthermore, because of the nature of streaming data networks, it can be more efficient to use retransmission -- to send one stream of audio to a single host in Sweden that then rebroadcasts ten streams to other Swedish hosts. This is superior than directly sending to eleven Swedish hosts. This would prohibit network structures of such a variety.
I can't even figure out why the RIAA managed to impose per-stream fees on Internet radio. That's *absurd*. Normal radio has a smaller transmission cost (i.e. not linear in the number of listeners), and has potential audiences several orders of magnitude larger than Internet radio. Why Internet radio stations can't enjoy small, flat rate fees for playing music is beyond me.
I'm so frusterated with the RIAA. If there was a single vote that could remove all their lobbying, I'd vote for it in a second. But instead, it's a long, unending, slow grind against people that have the potential to make scads more money by swaying a couple of votes.
The fact is, if we are going to try to export democratic values to a country that hasn't experienced them before, maybe we should try to treat their citizens the way our citizens would expect to be treated
Oh, we've already done a number on that count. The occupational authority doesn't allow freedom of press, and has prevented newspapers from criticizing US troops. The people in Iraq, despite that fanfare about "democratic rights" being brought to them, do not enjoy anything like what citizens of the United States do.
I don't see anything about the Geneva Convention not applying to suspected terrorists.
That's because the Geneva Convention has the effect of maintaining the status quo. It protects and assists countries with traditional armies, while not extending protection to other combatants. Sure, countries will sign the Geneva Convention. It increases their power relative to anyone *not* currently in power. Take, for instance, rebel groups that are trying to seize control of a country -- these people are not a regular army, and are hence not entitled to Geneva Convention protection. The regular army is easier to build up, because that army can expect Geneva Convention protection if they ever go to war against another country. However, they do not need to respsect Geneva Convention rights WRT rebels, terrorists, freedom fighters, etc.
So why are guerilla tactics used by an opposing force often decried as unfair or underhanded?
Because many Americans can be sold on someone (let's say bin Laden) being "cowardly" or "underhanded" and thus more deserving of death.
This guy is a military type. He thoroughly appreciates the benefits of having an advantage over an enemy, and has no illusions as to maintaining a "fair fight".
The people claiming that bin Laden and friends are "cowardly" and "underhanded" are politicians trying to sway American civilian minds. They would take an entirely different tack.
In a smiliar manner, a politician like Rumsfield is not going to go on at length about how great interrogation is unless he's forced to. Citizens don't like confronting unpleasant realities like that. The military guy is going to do whatever he can to get information and give his side a better kill ratio.
This fellow seems to back that up, unless having a lopsided fight is only sporting when it's his team doing the slaughtering.
It's not "sporting" that's the issue. It's which is a *good idea*. The US has maintained something like a 10:1 to a 100:1 kill ratio in recent conflicts. That's effective use of tactics. It's damned well not sporting.
The only reason we haven't simply nuked the entire middle east into a glass parking lot is oil.
Um, no. Nations can't act quite in quite that isolated of a manner.
We have the ability to ignore other folks to a good degree -- "We're going to invade Iraq" versus "Don't invade Iraq, the UN says not to do so" is one thing. (It turned out to be a damned stupid move, but we had the ability to do it.)
That does not extend to mass extermination of nations.
The United States is militarily powerful, but (a) many, if not most Americans would refuse to support (and would probably throw out) any leader that arbitrarily decided to compltely obliterate a nation, even if it was after the fact and (b) the rest of the world would unite against the United States (and that includes Britain, Canada, and the Aussies) if the United States attempte to literally exterminate everyone in a nation. That doesn't necessarily mean that the United States would be attacked en masse, but it does mean that massive embargoes would be put in place, the US would lose their foreign military bases and treaties, a number of people *would* begin attacking Americans...America would be *far* worse off for having done such a thing. I doubt that Bush would live out the year if something like that was ordered -- some extremist would kill him. The military is not a blind arm that simply does whatever Bush and friends want -- sympathy for and spying for other neations would increase, as would information leaks.
So, yes, in theory the United States could literally destroy the people and the nation of Iraq. In reality, the US will never do so, as it would be incredibly foolish for the United States due to the resulting repercussions.
A fully-efficient solar panel reflects no light at all. It would be like wearing completely non-reflective black, but it wouldn't get hot because everything is being channeled into electrical power.
It really doesn't matter, though, because they were talking about using 15 watts (if I had to carry around something dissipating 15 watts on my chest in desert heat, I'd be pissed off). You aren't going to get 15 watts from a non-flat surface on your helmet. Solar cells are not enough.
If I were working on a technological revamp, I think I'd:
(a) As mentioned, make infantry-carried parts physically fit together.
(b) Work on ad-hoc networks to help transmit data back to the support radio. The less signal strength required on a soldier, the less power dissipation, and the harder it is to spot a soldier's location. Ideally, computers would handle setting up an ad-hoc route if at all possible, and the only thing that commanders would have to do is to position radio repeaters with enough strength to reach the soldiers. You might have soldiers transmitting to a vehicle which transmits to another vehicle closer to base, which transmits to a base. Maybe a communications aircraft is part of the chain. The point is to make the only manual work that soldiers have to do WRT their electronic crap is to maintain a chain of communication and not worry about misconfiguration. Make *all* comm and data systems use the same system -- I keep reading horror stories about four different systems in place. That's way too much manual management effort in place if someone is shooting at you.
(c) Forget the heart-rate and pulse-rate sensor crap. The only thing that that's going to do is provide more useless data to command. It takes power, adds weight and complexity to the uniform, adds another system that can break. What are folks at command going to do "Oh, this guy's scared" or "This guy's heart meter has gone flat?" There are so many ways that a heart meter could be damaged in combat and return false data that I really don't think that this is a good idea. It's just as easy to have soldiers report in.
(d) I have a vision of future combat where each squad (or, ideally, each *soldier*) has a "controller" assigned to him back at base. This requires reliable communications, which is why having good automated ad-hoc networks is important. This controller serves something like an air traffic controller -- he is responsible for handling issues that the soldier/squad has and providing any information that the soldier/squad needs. If a soldier needs to know where he is relative to, say, an important building, the controller starts working on it or hands off his request to comm people. If a soldier starts screaming "Our air support is dropping bombs *on* me", instead of going from a soldier to the squad commander (possibly to the squad comm guy -- dunno about current military convention, though this would have been par for WWII) to the comm plane overhead to command and control to the air support plane, it goes directly (well, from a human interaction standpoint) to this soldier's controller back at base, who is responsible for getting a "stop bombing" message to command and from there to air support (he's much better suited than the commander in the field, who may be getting shot at and have a lot of other things to deal with in addition to having difficuty hearing what is going on).
I'd also like to see a log of audio messages available to such a controller. Every message that is broadcast by his soldier would appear on some kind of display in front of him. If he doesn't catch something because someone else is talking, he just plays back what the soldier just said. This means that humans don't have to handle retransmit-level protocol work. It also means that during quiet bits (or, say, if a soldier is killed, the controller can review the last data available from the soldier and try to figure out who killed him).
I'd standardize on a *single* comm system. Each soldier w
Another problem is that Open Source stuff only gets maintained by the community if the community, you know, actually uses said stuff. It's unlikely that people are going to continue to maintain helmetcam drivers unless everyone has one...which would eliminate the technological advantage that the Pentagon is trying to maintain.
The consumer is best off when reviewers are impartial and unbiased.
We already have to deal with product managers doing everything they can to convince reviewers to give high rankings to sell product. The video game industry suffers particularly much from this, with game publishers taking reviewers (often young people that are not paid much for their review work) on special trips or given gifts. It's hard to find a good, unbiased source of reviews.
So now, there are two more variables -- reviewers are *directly determining* income of developers, and one movie publisher now has incentive for rankings to *drop* if they are near the 70% mark.
This reminds me of an article I read once before -- I believe that it might have been a MacUser article by Andy Ihnatkno. Andy was reviewing a software package, and was contacted by the product manager at the developer early in the week, asking how the review process was going. Now, normally Andy wouldn't say anything, but the product manager was insistent, and finally he reluctantly said "Well, I would have liked it if you hadn't forced me to do task X manually." The reviewer thanked him and hung up, and Andy got back to reviewing.
Next morning, Andy recieved a package via courier. It contained a new version of the software package, and a handwritten note from the product manager -- "I hope that you'll consider trying this version". It turns out that this version contained the automation feature that Andy had mentioned that he missed. That afternoon, the product manager called up again and asked "What do you think of the product?" Andy again mentioned something that the product didn't do, and next morning, another brown package arrived via courier. Andy thought "You know, this really isn't how the review process is supposed to work" -- but the software *was* getting better. Some poor developer had clearly spent a frantic 24/7 over the weekend adding and testing code. This continued on for a bit, and finally Andy finished his review -- giving the software package a good rating.
This is, surprisingly, a bad thing for the end user. Yes, the software package had some new features when done, but here is the problem. A reviewer will only find a certain percentage of the lacks in a software package -- some will go unnoticed. The user depends on the reviewer reviewing the entire package based on his analysis of the lacking features and bugginess of a subset of the package. The reviewer's opinion can then be extrapolated to the entire package. If the developer can change things as the review is happening -- something like a student changing stuff as his professor is grading his assignment -- this leads to a disproportionately good subset of the product and an inflated rating.
Furthermore, it's already a hard thing to pan a product, knowing that it will cut into sales -- publically criticizing people is something that humans don't like to do. How much harder will it be to pan the product of someone like Will Wright, which the reviewer might know personally, knowing that there will be a *direct* impact on the income of that developer?
I could see reviewers refusing to review products where their ratings are used in such a manner as a policy. This can only tend to distort ratings and increase pressure on them to mis-review products.
My guess is that this may be an attempt to help compensate the movie publisher if the movie publisher was the one that did a good job. Enter The Matrix, the game in question, has frequently been criticized as being a bad game. The reason that it sold well may be more due to the efforts of the movie publisher than the developer -- heavy marketing effort from the movie, and a good movie coming out.
This pay-based-on-review policy will tend to decrease royalties for licensed games (especially movie releases). These are frequently done on an extremely tight schedule to ensure a game release shortly after a hit movie. This tends to mak
Red Hat puts up a good set of manuals on their site.
This is a subset of what you will need to know, but it's very useful to know how to do things "The Red Hat Way". I would *discourage* trying to immediately do everything manually (like, say, modifying your initscripts to directly start up dhcpcd or something similar). You'll get a bunch of configuration that doesn't play nicely or auto-upgrade cleanly to new versions. It's much easier to have things set up properly, and be able to examine a working system when learning how things work (and I *do* recommend digging around on the system, through the initscripts and the config files, but it should come second). Occasionally you'll want to do something for which there is no easy, automated configuration setup available, and it's good to know what to do then and when it's necessary.
I'd set up a test box pronto to play with and to test out configuration changes.
I'm curious as to whether it's mostly Americans that have the poor economic sense to be duped by razor-and-blades models.
I thought that it was facinating that cell phone plans generally work on the razor-and-blades model in the US (inexpensive or free phones, with money made back on the phone plans and surcharges on things like text messaging), whereas in Canada and Europe, razor-and-blades doesn't seem to have caught on as well.
Oh, and while I'm talking...I find it quite ironic (and really, a bit depressing) that *Carly* is defending engineers -- she's the same one that promptly canned HP's calculator engineering division after showing up on the scene ("we don't need no steeenking engineering"). HP had a long tradition of steadily acquiring and retaining good engineers, and then putting anyone not currently working on a product to work on things that might be profitable in the future. Carly decided to run things in a more "bare bones" manner.
I occasionally like memnonic passwords, but another good alternative is a randomly-generated but pronounceable password. It turns out that we're much better at remembering passwords that we can pronounce. (Where "Voolakun5" is pronounceable and "zqx17yvy" is not).
FIPS-181 describes a NIST-endorsed system for producing pronounceable passwords. There is a GPLed FIPS-181 implementation here.
Sample run:
$ apg dyijenuloa bifliecar yishjied& IfHydrovia yutsOlg/ DipUkcat
APG is a lot more sophisticated than this, and allows you to do a lot of tweaking of the types of passwords it outputs, print pronunciation guides. It's a good tool, IMHO, for security-conscious types to have around.
For Fedora Core 2 users, Red Hat does not package apg in the base distribution, but it is available from freshrpms.
1) Is it really a codec? Seems to me it is a compression method for media, like.zip.tar etc., not an encoder... technically.
Compressers are encoders of a particular variety. They just choose a different data representation as an encoder does, but make an effort to take advantage of specific known characteristics of the data they are compressing to get a smaller, reasonable representation..
ZIP and gzip (tar does not do compression, just file joining) do very poorly at compressing audio. They do things like look for patterns of repeating (or at least commonly seen) sequences of data, and simply say something like "every time you see "z1", I really mean ";lt&a href="". This approach often works very well in computer-generated files.
However, it's very unlikely that you will get exactly the same sequence of bits in an audio recording, so.zip/.gzip are very poor at compressing audio recordings. FLAC and similar lossless audio compression look for things like (I would imagine) relatively small deltas from each sample point to the next, since this is a common characteristic of audio data.
MP3 players got *heavily* marketed after Napster and friends got press and serious college use. "MP3" became associated with "free music". They took off.
The iPod, a decent but not earth-shattering MP3 player, sold *much* better than other MP3 players out there. Why? Marketing. Lots of ads -- the only significant difference to cause such a change.
Vorbis doesn't have a lot of ad money behind it pushing it.
I'd also like to point out that:
* People still use CBR MP3s. CBR was designed for exactly one reason -- allowing constant-rate streaming. It's *stupid* to use CBR for locally stored files -- it gets significantly worse quality for the size -- I've generally found that on the music I listen to, using VBR is equivalent to at least a 30% increase in bitrate in terms of my ability to distinguish between a master an an MP3. If people cared about quality, CBR MP3s would not exist. They wouldn't even have to switch their hardware/software around, since it's the same format, but they won't even go that far.
I *really* get a kick out of it when people buy an MP3 player and a pair of high-end earbuds. It's just plain inane. They just purchased a low-quality audio playback device and then spent a huge amount of money on an expensive pair of earbuds that don't let them hear the now missing nuances of the audio. It's the ultimate in trendiness -- like buying Nike or Banana Republic clothing. iPod + expensive earbuds is not "the ultimate in sound reproduction" even if you really, honestly gave a lot of retailers a whole lot of money for the combo.
I conducted a double-blind test on my own, unrelated to this test, between MP3 (VBR, LAME) and Vorbis. This was about a year ago.
In general, using the particular (percussion-heavy) piece I was listening to, I could consistently distinguish between the ogg and the original wav file at a higher bitrate. Drums just sound slightly different when compressed with Vorbis.
However, the Vorbis artifacts didn't make the music sound unpleasant to listen to. MP3 artifacts sound *awful*, turning cymbals into swooshing and wooshing sounds. As a result, I use vorbis rather than mp3.
Keep in mind that this test is a year old, and as the study indicated, Vorbis has undergone significant improvements, so my results may be less useful than they once were -- I would not be surprised if LAME's psychoacoustic model has been changed as well.
Also, I only worked with a single clip of music, thirty seconds long. It's likely that some codecs do significantly better or worse on particular songs.
FWIW, whatever Microsoft and Akamai currently have going on is producing lengthy CNAME chains (which is not exactly the norm):
$ host download.microsoft.com download.microsoft.com is an alias for dl-geodir.microsoft.akadns.net. dl-geodir.microso ft.akadns.net is an alias for loadsplit-dom-dl.microsoft.akadns.net. loadsplit- dom-dl.microsoft.akadns.net is an alias for www.download.microsoft.akadns.net. www.download.m icrosoft.akadns.net has address 207.46.249.92
I don't notice cordless delay, but visual effects that require time are incredibly annoying. The slow to-appear time for the Start Menu under Windows is also very annoying.
Slashdot Mirror
You know, that's an interesting point. Restauraunts are a good at soaking up short-term surges in economy. What happens when people get bonuses and the like? They go out to eat.
I don't buy it. That's the same argument that a farmer using manual laborers would use against the automation (and associated massive efficiency increases -- we now produce far more food per worker) of farming.
Industries always improve efficiency. As a matter of fact, that's one of the key reasons for having free markets. As part of this process, people get put out of their jobs and forced to find new work. Perhaps reimplementing word processors isn't a viable job any more, and programmers will be forced to work on, say, font creation software.
Until that day when there isn't a thing in the world that computers could potentially be made to do that they can't do, there will be jobs for every software developer in the world.
Also note that there are more people working on custom code and vertical-market code than horizontal-market code. Horizontal-market code derives the most benefit from open-sourcing -- if you're doing up a custom forum system, *some* of the work may be done for you if you start with an existing base, but it's unlikely that everything is complete.
I think that you should be more concerned about improvements in ease of programming. If everyone had to code in assembly, it would take many more man-hours to write a package. High level languages like Java, SQL, and perl allow people to produce software much more quickly. This *does* affect vertical-market and custom development.
He's probably referring to the fact that for a home user today, to get a well-integrated desktop Linux system (like what many of us used RedHat for), we have very, very limited options.
I don't think so -- it seemed to be a direct criticism of Red Hat for home use, which definitely confuses me. I can see complaints about Red Hat -- they're too tied up in making things "free" (second only to Debian, IMHO), they've done a poor job of managing Fedora PR, etc, but them not being usable as a home machine is an entirely new complaint to me. Most distributions, except for specialized ones, would seem to be quite good for home use.
If you looked a week ago, you would have Fedora Core 2, which suffers from this major bug
That's a bug, though, not a fundamental distribution problem. I'm not too familiar with this aside from the Slashdot article, but I would be surprised if there isn't an update issued to fix it. Plus, the poster is comparing Red Hat to Mandrake -- and Mandrake 10 suffers from the same bug, according to your link.
WRT the Mandrake update procedures, I would think that this is not so much a problem for home users as it is for people that have been doing beta testing. Whatever the "Community Edition" is (it sounds something vaguely like the Red Hat FC test releases).
A quick look on SuSe's downloads page shows that they do offer it free (minus commercial components), but it's either in LiveCD format or has to be installed via FTP.
I agree with you that SuSE is about the least free of all the distributions that currently exist (Caldera tended to push a couple of non-free buttons as well). I certainly wouldn't use SuSE myself. However it's still affordable and usable by a home user.
Sure we could use Debian, or Gentoo, or even go out on a limb and try FreeBSD - but none of these are desktop-oriented, though you can achieve a nice desktop system if you work at it.
I'm not sure why one would say that Debian and Gentoo are not desktop-oriented. I guess that I cannot speak with as much knowledge when talking about Gentoo, but I remember synaptic being made for Debian -- surely that is an example of a desktop-oriented administration tool?
I have only a little experience with the BSDs, and none admining a BSD box, but surely FreeBSD would be the BSD most oriented at desktop use?
I cannot figure out why my post is offtopic.
This is the second "offtopic" modded posts I've seen today (the other post was not mine) that I don't think is reasonable.
In general, people seem to be at least reasonable with "Troll" and "Flamebait" tags. Even "Overrated" is somewhat sane, if someone just wants something modded down for a non-mentioned reason. I cannot tell why on earth my post would be considered "Offtopic", though. It was a direct, relevant response to an on-topic post.
It is very heartwarming to see some major Linux vendor is interested in the individual home Linux user after RedHat dumped them like yesterday's trash.
What are you talking about?
But the current one *is* a protocol handler problem, and there have been attacks before against systems that mingle internal and external handlers -- it's not a problem that should just be ignored.
...first remember hearing about protocol handlers...
This should be "...first remember hearing about security problems with protocol handlers.... Heck if I know when I first heard about protocol handlers.
You know, the first I remember hearing about protocol handlers was when Microsoft started pushing the combination of the browser and the desktop.
Microsoft *very* commonly fails to draw a clear line between those data that can affect those things that can be externally-invoked (such as protocol handlers) and those things that may only be internally invoked. There is no reason for, say, a "help" protocol handler, though there is for an "ftp" protocol handler. There is clearly a need for two separate systems -- "remote" and "local" handlers, where "local" systems are only invoked by trusted software running on the system.
If Apple took bad ideas from Microsoft, they deserve to chew on the bitter taste a bit.
Note that GNOME (and I'll bet KDE, though I'm not familiar enough with KDE to know) also took this broken security design from Microsoft, and it's even bets that they have some of the same problems.
I should be able to set things like the following with "local" handlers (ones that will only be passed "trusted good" data, and can poentially do destructive things like overwrite files based on the data passed them:
* my terminal program (xterm, gnome-terminal, konsole, rxvt, aterm, etc)
* my file manager
* my "error" handler -- could spit out junk to the console, play an error sound, send stuff to syslog, bring up a dialog, whatever.
* my password manager (this lets programs add entries automatically -- for example, my FTP program can tell my password manager to store my password whenever I bookmark a passworded site). This lets me keep an encrypted password collection without extensive manual effort.
* My download manager, so that software can pass off downloads that they want *downloaded*, not just displayed.
Then there are external protocol handlers. These are programs to handle each of the standard URL prefixes -- news, telnet, http, ftp, etc. It's fine for these to be systemwide, but they *never* should be combined with internal handlers. It's a really *bad* idea, and one of Microsoft's worse "innovations". They may not perform destructive acts based on the arguments passed them, and must be carefully examined to ensure that they robustly handle input passed to them.
I for one wont buy another atari sequel to those games.
And there you have it -- Atari is *already* being punished for poor quality standards.
This is absurd.
The RIAA is asking for protections greater than they recieve for analog radio.
The problem is that none of the justifications they claim for extended protections apply here.
The earlier justification was that "digital copies allow infinite generations of lossless copies to be made."
If someone is recording from the analog radio, they make a digital copy of a lossy transmission. At that point, they can make an infinite number of copies.
If someone is recording from digital radio, they can make an infinite number of copies of a lossily (probably MP3) encoded stream. Exact same thing.
Furthermore, because of the nature of streaming data networks, it can be more efficient to use retransmission -- to send one stream of audio to a single host in Sweden that then rebroadcasts ten streams to other Swedish hosts. This is superior than directly sending to eleven Swedish hosts. This would prohibit network structures of such a variety.
I can't even figure out why the RIAA managed to impose per-stream fees on Internet radio. That's *absurd*. Normal radio has a smaller transmission cost (i.e. not linear in the number of listeners), and has potential audiences several orders of magnitude larger than Internet radio. Why Internet radio stations can't enjoy small, flat rate fees for playing music is beyond me.
I'm so frusterated with the RIAA. If there was a single vote that could remove all their lobbying, I'd vote for it in a second. But instead, it's a long, unending, slow grind against people that have the potential to make scads more money by swaying a couple of votes.
The fact is, if we are going to try to export democratic values to a country that hasn't experienced them before, maybe we should try to treat their citizens the way our citizens would expect to be treated
Oh, we've already done a number on that count. The occupational authority doesn't allow freedom of press, and has prevented newspapers from criticizing US troops. The people in Iraq, despite that fanfare about "democratic rights" being brought to them, do not enjoy anything like what citizens of the United States do.
I don't see anything about the Geneva Convention not applying to suspected terrorists.
That's because the Geneva Convention has the effect of maintaining the status quo. It protects and assists countries with traditional armies, while not extending protection to other combatants. Sure, countries will sign the Geneva Convention. It increases their power relative to anyone *not* currently in power. Take, for instance, rebel groups that are trying to seize control of a country -- these people are not a regular army, and are hence not entitled to Geneva Convention protection. The regular army is easier to build up, because that army can expect Geneva Convention protection if they ever go to war against another country. However, they do not need to respsect Geneva Convention rights WRT rebels, terrorists, freedom fighters, etc.
So why are guerilla tactics used by an opposing force often decried as unfair or underhanded?
Because many Americans can be sold on someone (let's say bin Laden) being "cowardly" or "underhanded" and thus more deserving of death.
This guy is a military type. He thoroughly appreciates the benefits of having an advantage over an enemy, and has no illusions as to maintaining a "fair fight".
The people claiming that bin Laden and friends are "cowardly" and "underhanded" are politicians trying to sway American civilian minds. They would take an entirely different tack.
In a smiliar manner, a politician like Rumsfield is not going to go on at length about how great interrogation is unless he's forced to. Citizens don't like confronting unpleasant realities like that. The military guy is going to do whatever he can to get information and give his side a better kill ratio.
This fellow seems to back that up, unless having a lopsided fight is only sporting when it's his team doing the slaughtering.
It's not "sporting" that's the issue. It's which is a *good idea*. The US has maintained something like a 10:1 to a 100:1 kill ratio in recent conflicts. That's effective use of tactics. It's damned well not sporting.
The only reason we haven't simply nuked the entire middle east into a glass parking lot is oil.
Um, no. Nations can't act quite in quite that isolated of a manner.
We have the ability to ignore other folks to a good degree -- "We're going to invade Iraq" versus "Don't invade Iraq, the UN says not to do so" is one thing. (It turned out to be a damned stupid move, but we had the ability to do it.)
That does not extend to mass extermination of nations.
The United States is militarily powerful, but (a) many, if not most Americans would refuse to support (and would probably throw out) any leader that arbitrarily decided to compltely obliterate a nation, even if it was after the fact and (b) the rest of the world would unite against the United States (and that includes Britain, Canada, and the Aussies) if the United States attempte to literally exterminate everyone in a nation. That doesn't necessarily mean that the United States would be attacked en masse, but it does mean that massive embargoes would be put in place, the US would lose their foreign military bases and treaties, a number of people *would* begin attacking Americans...America would be *far* worse off for having done such a thing. I doubt that Bush would live out the year if something like that was ordered -- some extremist would kill him. The military is not a blind arm that simply does whatever Bush and friends want -- sympathy for and spying for other neations would increase, as would information leaks.
So, yes, in theory the United States could literally destroy the people and the nation of Iraq. In reality, the US will never do so, as it would be incredibly foolish for the United States due to the resulting repercussions.
A fully-efficient solar panel reflects no light at all. It would be like wearing completely non-reflective black, but it wouldn't get hot because everything is being channeled into electrical power.
It really doesn't matter, though, because they were talking about using 15 watts (if I had to carry around something dissipating 15 watts on my chest in desert heat, I'd be pissed off). You aren't going to get 15 watts from a non-flat surface on your helmet. Solar cells are not enough.
If I were working on a technological revamp, I think I'd:
(a) As mentioned, make infantry-carried parts physically fit together.
(b) Work on ad-hoc networks to help transmit data back to the support radio. The less signal strength required on a soldier, the less power dissipation, and the harder it is to spot a soldier's location. Ideally, computers would handle setting up an ad-hoc route if at all possible, and the only thing that commanders would have to do is to position radio repeaters with enough strength to reach the soldiers. You might have soldiers transmitting to a vehicle which transmits to another vehicle closer to base, which transmits to a base. Maybe a communications aircraft is part of the chain. The point is to make the only manual work that soldiers have to do WRT their electronic crap is to maintain a chain of communication and not worry about misconfiguration. Make *all* comm and data systems use the same system -- I keep reading horror stories about four different systems in place. That's way too much manual management effort in place if someone is shooting at you.
(c) Forget the heart-rate and pulse-rate sensor crap. The only thing that that's going to do is provide more useless data to command. It takes power, adds weight and complexity to the uniform, adds another system that can break. What are folks at command going to do "Oh, this guy's scared" or "This guy's heart meter has gone flat?" There are so many ways that a heart meter could be damaged in combat and return false data that I really don't think that this is a good idea. It's just as easy to have soldiers report in.
(d) I have a vision of future combat where each squad (or, ideally, each *soldier*) has a "controller" assigned to him back at base. This requires reliable communications, which is why having good automated ad-hoc networks is important. This controller serves something like an air traffic controller -- he is responsible for handling issues that the soldier/squad has and providing any information that the soldier/squad needs. If a soldier needs to know where he is relative to, say, an important building, the controller starts working on it or hands off his request to comm people. If a soldier starts screaming "Our air support is dropping bombs *on* me", instead of going from a soldier to the squad commander (possibly to the squad comm guy -- dunno about current military convention, though this would have been par for WWII) to the comm plane overhead to command and control to the air support plane, it goes directly (well, from a human interaction standpoint) to this soldier's controller back at base, who is responsible for getting a "stop bombing" message to command and from there to air support (he's much better suited than the commander in the field, who may be getting shot at and have a lot of other things to deal with in addition to having difficuty hearing what is going on).
I'd also like to see a log of audio messages available to such a controller. Every message that is broadcast by his soldier would appear on some kind of display in front of him. If he doesn't catch something because someone else is talking, he just plays back what the soldier just said. This means that humans don't have to handle retransmit-level protocol work. It also means that during quiet bits (or, say, if a soldier is killed, the controller can review the last data available from the soldier and try to figure out who killed him).
I'd standardize on a *single* comm system. Each soldier w
Another problem is that Open Source stuff only gets maintained by the community if the community, you know, actually uses said stuff. It's unlikely that people are going to continue to maintain helmetcam drivers unless everyone has one...which would eliminate the technological advantage that the Pentagon is trying to maintain.
That is bad for end users.
The consumer is best off when reviewers are impartial and unbiased.
We already have to deal with product managers doing everything they can to convince reviewers to give high rankings to sell product. The video game industry suffers particularly much from this, with game publishers taking reviewers (often young people that are not paid much for their review work) on special trips or given gifts. It's hard to find a good, unbiased source of reviews.
So now, there are two more variables -- reviewers are *directly determining* income of developers, and one movie publisher now has incentive for rankings to *drop* if they are near the 70% mark.
This reminds me of an article I read once before -- I believe that it might have been a MacUser article by Andy Ihnatkno. Andy was reviewing a software package, and was contacted by the product manager at the developer early in the week, asking
how the review process was going. Now, normally Andy wouldn't say anything, but the product manager was insistent, and finally he reluctantly said "Well, I would have liked it if you hadn't forced me to do task X manually." The reviewer thanked him and hung up, and Andy got back to reviewing.
Next morning, Andy recieved a package via courier. It contained a new version of the software package, and a handwritten note from the product manager -- "I hope that you'll consider trying this version". It turns out that this version contained the automation feature that Andy had mentioned that he missed. That afternoon, the product manager called up again and asked "What do you think of the product?" Andy again mentioned something that the product didn't do, and next morning, another brown package arrived via courier. Andy thought "You know, this really isn't how the review process is supposed to work" -- but the software *was* getting better. Some poor developer had clearly spent a frantic 24/7 over the weekend adding and testing code. This continued on for a bit, and finally Andy finished his review -- giving the software package a good rating.
This is, surprisingly, a bad thing for the end user. Yes, the software package had some new features when done, but here is the problem. A reviewer will only find a certain percentage of the lacks in a software package -- some will go unnoticed. The user depends on the reviewer reviewing the entire package based on his analysis of the lacking features and bugginess of a subset of the package. The reviewer's opinion can then be extrapolated to the entire package. If the developer can change things as the review is happening -- something like a student changing stuff as his professor is grading his assignment -- this leads to a disproportionately good subset of the product and an inflated rating.
Furthermore, it's already a hard thing to pan a product, knowing that it will cut into sales -- publically criticizing people is something that humans don't like to do. How much harder will it be to pan the product of someone like Will Wright, which the reviewer might know personally, knowing that there will be a *direct* impact on the income of that developer?
I could see reviewers refusing to review products where their ratings are used in such a manner as a policy. This can only tend to distort ratings and increase pressure on them to mis-review products.
My guess is that this may be an attempt to help compensate the movie publisher if the movie publisher was the one that did a good job. Enter The Matrix, the game in question, has frequently been criticized as being a bad game. The reason that it sold well may be more due to the efforts of the movie publisher than the developer -- heavy marketing effort from the movie, and a good movie coming out.
This pay-based-on-review policy will tend to decrease royalties for licensed games (especially movie releases). These are frequently done on an extremely tight schedule to ensure a game release shortly after a hit movie. This tends to mak
Red Hat puts up a good set of manuals on their site.
This is a subset of what you will need to know, but it's very useful to know how to do things "The Red Hat Way". I would *discourage* trying to immediately do everything manually (like, say, modifying your initscripts to directly start up dhcpcd or something similar). You'll get a bunch of configuration that doesn't play nicely or auto-upgrade cleanly to new versions. It's much easier to have things set up properly, and be able to examine a working system when learning how things work (and I *do* recommend digging around on the system, through the initscripts and the config files, but it should come second). Occasionally you'll want to do something for which there is no easy, automated configuration setup available, and it's good to know what to do then and when it's necessary.
I'd set up a test box pronto to play with and to test out configuration changes.
Two words: ink cartridges.
I'm curious as to whether it's mostly Americans that have the poor economic sense to be duped by razor-and-blades models.
I thought that it was facinating that cell phone plans generally work on the razor-and-blades model in the US (inexpensive or free phones, with money made back on the phone plans and surcharges on things like text messaging), whereas in Canada and Europe, razor-and-blades doesn't seem to have caught on as well.
Oh, and while I'm talking...I find it quite ironic (and really, a bit depressing) that *Carly* is defending engineers -- she's the same one that promptly canned HP's calculator engineering division after showing up on the scene ("we don't need no steeenking engineering"). HP had a long tradition of steadily acquiring and retaining good engineers, and then putting anyone not currently working on a product to work on things that might be profitable in the future. Carly decided to run things in a more "bare bones" manner.
I occasionally like memnonic passwords, but another good alternative is a randomly-generated but pronounceable password. It turns out that we're much better at remembering passwords that we can pronounce. (Where "Voolakun5" is pronounceable and "zqx17yvy" is not).
FIPS-181 describes a NIST-endorsed system for producing pronounceable passwords. There is a GPLed FIPS-181 implementation here.
Sample run:
$ apg
dyijenuloa
bifliecar
yishjied&
IfHydrovia
yutsOlg/
DipUkcat
APG is a lot more sophisticated than this, and allows you to do a lot of tweaking of the types of passwords it outputs, print pronunciation guides. It's a good tool, IMHO, for security-conscious types to have around.
For Fedora Core 2 users, Red Hat does not package apg in the base distribution, but it is available from freshrpms.
1) Is it really a codec? Seems to me it is a compression method for media, like .zip .tar etc., not an encoder... technically.
.zip/.gzip are very poor at compressing audio recordings. FLAC and similar lossless audio compression look for things like (I would imagine) relatively small deltas from each sample point to the next, since this is a common characteristic of audio data.
Compressers are encoders of a particular variety. They just choose a different data representation as an encoder does, but make an effort to take advantage of specific known characteristics of the data they are compressing to get a smaller, reasonable representation..
ZIP and gzip (tar does not do compression, just file joining) do very poorly at compressing audio. They do things like look for patterns of repeating (or at least commonly seen) sequences of data, and simply say something like "every time you see "z1", I really mean ";lt&a href="". This approach often works very well in computer-generated files.
However, it's very unlikely that you will get exactly the same sequence of bits in an audio recording, so
FLAC is indeed lossless.
It could also be marketing.
MP3 players got *heavily* marketed after Napster and friends got press and serious college use. "MP3" became associated with "free music". They took off.
The iPod, a decent but not earth-shattering MP3 player, sold *much* better than other MP3 players out there. Why? Marketing. Lots of ads -- the only significant difference to cause such a change.
Vorbis doesn't have a lot of ad money behind it pushing it.
I'd also like to point out that:
* People still use CBR MP3s. CBR was designed for exactly one reason -- allowing constant-rate streaming. It's *stupid* to use CBR for locally stored files -- it gets significantly worse quality for the size -- I've generally found that on the music I listen to, using VBR is equivalent to at least a 30% increase in bitrate in terms of my ability to distinguish between a master an an MP3. If people cared about quality, CBR MP3s would not exist. They wouldn't even have to switch their hardware/software around, since it's the same format, but they won't even go that far.
I *really* get a kick out of it when people buy an MP3 player and a pair of high-end earbuds. It's just plain inane. They just purchased a low-quality audio playback device and then spent a huge amount of money on an expensive pair of earbuds that don't let them hear the now missing nuances of the audio. It's the ultimate in trendiness -- like buying Nike or Banana Republic clothing. iPod + expensive earbuds is not "the ultimate in sound reproduction" even if you really, honestly gave a lot of retailers a whole lot of money for the combo.
I conducted a double-blind test on my own, unrelated to this test, between MP3 (VBR, LAME) and Vorbis. This was about a year ago.
In general, using the particular (percussion-heavy) piece I was listening to, I could consistently distinguish between the ogg and the original wav file at a higher bitrate. Drums just sound slightly different when compressed with Vorbis.
However, the Vorbis artifacts didn't make the music sound unpleasant to listen to. MP3 artifacts sound *awful*, turning cymbals into swooshing and wooshing sounds. As a result, I use vorbis rather than mp3.
Keep in mind that this test is a year old, and as the study indicated, Vorbis has undergone significant improvements, so my results may be less useful than they once were -- I would not be surprised if LAME's psychoacoustic model has been changed as well.
Also, I only worked with a single clip of music, thirty seconds long. It's likely that some codecs do significantly better or worse on particular songs.
FWIW, whatever Microsoft and Akamai currently have going on is producing lengthy CNAME chains (which is not exactly the norm):
o ft.akadns.net is an alias for loadsplit-dom-dl.microsoft.akadns.net.- dom-dl.microsoft.akadns.net is an alias for www.download.microsoft.akadns.net.m icrosoft.akadns.net has address 207.46.249.92
$ host download.microsoft.com
download.microsoft.com is an alias for dl-geodir.microsoft.akadns.net.
dl-geodir.micros
loadsplit
www.download.
I don't notice cordless delay, but visual effects that require time are incredibly annoying. The slow to-appear time for the Start Menu under Windows is also very annoying.