There are two problems I see: trojan horses and worms. We can help deter the worms, not defeat, by setting intelligent network firewalls (or buying cheap $50 NAS-firewalls like Linksys, D-link, etc.). Portscanning seems to be the big payoff for internet connected computers -even with brain-dead firewall software. We can deter the trojan horses by educating users about how to maintain a secure computer. This entails showing them how to check for updates/vulnerabilities through mailing lists, websites for their software and for their virus checker. This also entails showing the user a broad spectrum of choice, particularly in web browsers. This also entails teaching them how to understand email headers, dns and dns lookups, whois queries, and webpage loading, cookies, SSL, and javascript. Armed with this intelligence, the user can spot something fishy immediately as well as avoid falling prey to crafted web pages, IM messages and URLs, malware, spyware, and trojan-ware.
Whoever came up with this concept of "transparent" computing should be dragged into the street and shot. How is it, developers never thought of using log daemons in Win9x? How is it that hex code should be printed to the BSODs and error windows instead of REAL english in the release version of the OS? (oh, wait, that was MAC-OS 6-9...;) How is it that Windows never came with instructions on how to use the command line? Why try to make all the system programs hard to find in the system folder while not providing any shortcuts in the Start menu? (like winipcfg, ping, nbtstat, ipconfig, netstat, route, msconfig) And the instructions for these programs were a bit lacking too. Also why in a release version of ANY windows version do the default settings SUCK? Lets see, firewalling OFF, WFP/SFP SILENT, etc.
The real problem is not stupid users (though they DO exist), the real problem is that windows has not created a Smart User Environment (SUE) for
users to operate their computer. This is analagous -I believe- to the problems of the USA lacking female mathematicians, physicists, and computer scientists, as opposed to other countries. The moment we realize that software and automation (though, helpful) cannot replace security-conscious users, is the moment we make a leap forward in computer security.
Then you better join a campaign outlawing hardware-level integration of DRM. Because that's the only way I can think of to stop it.
Who says you can stop it? It looks like its going to happen, the uninformed WILL continue to support their HP,DELL, etc. DRM supported hardware, and the informed will probably purchase non-DRM boards from ebay,Soyo, Asus, etc. I think besides contacting your congressman, you should spend more time informing joe-consumer about this. This would work for spam too, see, if noone buys DRM enabled sw/hw, or rather the non-drm sw/hw sells like hotcakes, then there is no demand to keep selling the DRM stuff....but these people are so insidious they'll try to bury DRM lock-in mechanisms everywhere....we'll see.
Although, I think its going to backfire. What if the system were "accidently" set to play "unauthorized media" at startup, how much of longhorn would break? Or what about a new plague of viruses that create DoS attacks on your own machine by using an authorized program to manipulate files and make your system believe that all the data on your hardrive is copyrighted and you were unauthorized to view it? Oops, cant view user32.dll. Has MS/HP/Intel considered these issues, or will they just wait until their support lines get "slashdotted" by joe-consumers? Like:
Joe: "Hello, I keep getting 'copyright error: unauthorized access' messages on my screen when my son tries to open his word document, and he has to finish typing his book report by tomorrow morning, how can I turn this damn thing off?" drone: have you tried restarting the machine? Joe: yes, several times. drone: Ok...have you tried reinstalling windows? Joe: WHAT?!! drone: Oh sorry, wrong script....Lets see here...Oh ok, you have to contact the IP owner of the data you are trying to access." Joe: "WTF? He IS the owner" Drone: "I am sorry sir, computers do not lie so clearly he must be plagerizing. I cannot help you any further. Thank you for calling, have a nice day."
You knew something was wrong with this program when quotes
from Laura DiDio started popping up. She seems to provide her "insight" for the truly desperate. Indeed, before this praise, it seemed like she was playing good cop/bad cop with them to get more sales for licenses. Judging from this article, I guess it worked.
C'mon, if secrecy or access control worked, then the windows source code wouldnt have leaked.
Just a thought, but why not just make these databases public? At least then, there would no longer be this false sense of security. I think some people care more if their neighbors and/or churches have access to this info rather than some random criminal. If people want privacy to be taken seriously, then you need to get *everyone* involved, which means everyone has to experience a little negative reinforcement. When people start to realize that the information in government databases is world-accessible, they will start to safeguard any information NOT released. As opposed to right now where people don't care becuase they assume all their personal info is protected. Hence, the rise in identity theft. Then, when people get phone calls from scam artists trying to solicit personal information, they'll start to wonder why their so-and-so company front doesn't already have access to such information. Thus producing a more security conscious person. Take for example hackers and virus writers. Would we be motivated to care about security if noone cared to exploit vulnerabilities? [Do Canadians lock their front doors?:)] Without negative reinforcement, noone cares.
I think people have to start thinking in terms a world where secrecy provides little or no protection. If you want protection, you have to control the access *yourself*. In an ideal world, a government would provide administrator priveleges to citizens over their own information. They would have firewall-like protection over who can access the database, from where, from when, and what parts can be accessed. The information would be dynamic and treated like UNIX passwords. Social Security (and other) numbers would change annually to a random permutation. etc. We live in a windows-help-desk world, where people are too scared or lazy to RTFM, store passwords on sticky notes under the keyboard, and assume big brother will provide us with security. But in an ideal world, people live their lives for knowledge and not money or power. People would take responsibility seriously and follow protocols. Also, we would know what information is important, so we could write a computer program that follows our everyday activities,indicates when certain information is important, and suggest procedures to deal with it.
Then again, if someone is determined to get information, they will get it. You can invest $X million in security, but its worthless after I drive a truck with 100 ninjas through the front door, kidnap you, and apply duress. I could either leave you for dead while I exploit the information or I could have been more stealthy, too, if I needed you to be unaware so that information remains the same.
Which brings us back to this ideology of assuming nothing is secret and making decisions based off that. You're better off losing sleep over the fact that one day you might die rather than if some unauthorized individual will access your personal information. Why flirt with disaster when you can just face it head on and make contigiencies? [ Disclaimer: milege will vary.:) ]
Its an issue because of the absurdity. Absurdity is news in case you havent heard.;)
But are they *that* hard up for money that they cannot refund her for purchasing stolen goods from them? (NO) I would say stolen goods count as a fair 30-day return policy, but I'm not familiar with their return policies. Then, after refund, they could return the stolen goods, or whats left of them, to (her) the rightful owner or at least the police. Aside from them breaking state law, why is this so hard? Even if their return policy does not include a clause for stolen goods, its good for PR and karma just to take them back since she's obviously not satisfied with her purchase.
By insisting that her purchase was legit, they have not only broken the 15-day hold law, but have also ripped her off. And now they KNOW they did and yet they still maintain this. Although, considering the issues surrounding Florida's 1996 Pawnbroking Act, it would seem this kind of thing happens often in Florida and/or the "pawn shops" strike a fine line near anarchy. If there is a strong correlation between the increase in pawn shops disobeying proper protocol (or "communication breakdown", as one EB spokesman puts it) and theft, then this should be issue, indeed. The burglar, who was just trying to pay the rent, even said he chose EB because of their lazy procedures.....hmm.
compare and contrast the civilization now with
that 1 year ago, 10 years ago, 100 years, etc.
First of all, technology occurs in booms, so you if you want to more data: research historical accounts. Now, you might find interesting patterns if you try to compare "techno-revolution" eras with periods of slow progression. Perhaps people weren't as stressful during the slow periods. However, one era's slow progression (like say, dark ages) may have seemed revolutional. There are other factors that will control EMOTION too, So results should be relative to perspective from that age.
Lets look at todays perspective. If we assume that emotions are ONLY effected by the stress we experience from technology, then you may be on to something. You may even find a correlation. But that assumption would be bogus. Take, for example, the differing perspectives on violent video games, violent tv, controversial radio, SCO, etc.
Personally, I have found technology to be challenging, frustrating, and rewarding. Take Procmail for example. I use it to sort my incoming email into different folders, while many others try to use it to sort out spam. I subscribed to a few high volume mailing lists, so I was always worrying about deleting an important mail by mistake. Now procmail decreases the probability of that event occuring which decreases my stress at the cost of the stress with learning something new. The point is that you will always find stress in technology because many times you have to learn something new (which *someone* probably spent years trying to model/program/study/invent/etc.). But why do many people interpret this stress as bad? Could it be that they are afraid of learning something new, or rather feel that they have learned "enough"? Assuming our minds will "forget" stuff after a lengthy period of time, then our knowledge appears to decrease over time. Doh! Time to apply for that grad degree...or two. Or could it be that people are just lazier now, so their stress levels are relatively higher? This could also explain the explosion in obesity and job outsourcing from the US -psychological disorders aside-, but lets not go there. Or could it be that technology is really just a BAD thing because it only complicates our lives? Hmm, sounds pretty logical and open minded... in a sun-revolves-around-the-earch sort of way, but then we would have to attribute the computational solutions which broke the Enigma cipher as bad too.
Stress isn't a bad thing. Repeat after me, "stress makes me feel alive". By definition, we stress during sex, excercise, reading, etc. We can stress over anything. How about this: try correlating "laziness" or "productivity" versus "stress" in certain cultures/businesses/states over time. Definitions will vary.
Some people don't have time to rewrite a nicely worded article, so they post a link to someone else's. I think your also forgetting about sites that provide their own content like Ars Technica and HardOCP which were smallfry's a few years back. The number of "E-zines" and blog sites are continually growing, so people will less and less quote from the Times, The New Scientist or the BBC because they'll find the news elsewhere. And more so if the big fish want to inconvenience their readership with registration.
And then you'll have content that noone has written something up for, so that gives the reader his/her chance to be famous for a day. Look!!! I just found a nice layout of a Terra V rocket. Some people might find this interesting, regardless of the credibility of me or the site. Or take someone's writeup of RoboSapien,
or someone else
plugging his own webblog because he received a check from the RIAA, or someone plugging their personal coverage of the CodeCon conference,
etc. This notion of credibility-by-link should have been shattered as soon as you saw this
troll get posted.
Your statement is analagous to the trustworthiness of proprietary code because the corporation is credible or well known. Which means on the flipside that because many open-source coders aren't "credible", then the code should not be trustworthy. Both are bad logic, and sometimes slashdot mods are like that after going through a mind-numbing XY,000+ submissions per day, but it doesnt hold true enough to call it law.
I can easily forsee the day when there won't be any "free" news sites that do not require registration.
Depends on what you call "news". I can easily forsee the day when mass media no longer controls the definition of "news"; this will be the day when only a dozen users log into subscription-based news sites to view the half-rational biased thoughts from a has-been writer musing on some female musician who exposed herself on national tv, whereas others will go to the FREE sites (probably a blog of some sort) where a potpourri of writers will submit what they feel is news from distinct areas of the globe which mass media feels is unimportant and try to inject their unbiased thoughts on the subject. And to make the users feel more welcome, there will be forums for each submission accepted. These sites will probably have some trendy name like hackdot or flashdot or dashdot or something....These blogs will probably have links to free mp3 albums from musicians promoting their next concert (concerts being the next business model for musicians).
The assumption you make, is that the media controls the outlet of news, when in reality it is WE who create the news. Its just a matter of getting off our ass and reporting it to the world. The web is a great outlet for this because those who will listen will listen, and those who dont will go somewhere else. But the news will get reported, nonetheless. And no firewall in China can stop it from getting through eventually.
The fact that this comes out right on the heels of this quote just makes me laugh:
"I'm not naive enough to think that proprietary commercial operating system software doesn't have the same sort of vulnerability, but the barriers to implementing them are much higher, because the source is better protected." --A. Russell Jones,
"Open Source Is Fertile Ground for Foul Play".
(Granted, the context was policing code insertion.)
>It's a bit of a cop-out to say that the creators of a network of file sharing systems can't be responsible for its content.
On the flipside of the coin, then I guess they should start lawsuits against people who create ftp, http, ssh clients. Hell, ANY service that can transfer data has the potential to share file content. For example, you could pretty much create your own (decentralized)P2P service by installing an {SSH,FTP,HTTP,SMTP} server and client on each users end, play with the port numbers, and forward your address and open ports to some majordomo@theglobalfilesharing-list-com. Users can check on what files you have by viewing your HTTP site, which they can then download via some u/l-d/l ratio-based FTP/SSH anonymous account. Wasn't this the premise for Hotline? But since these P2P apps are easier to set up (for non-computer-saavy), then thats why it is so widespread and thats where the radars go off in the offices of the content-nazis.
The legitimate uses for FTP, HTTP, SMTP,... carry over to P2P as well, its just a matter of where the users with their sharing needs go. If you shut off Kazaa, either another P2P app will become popular or people will start getting clever with FTP, HTTP, SMTP as they did before napster. Blame the users who are pirating, not the application that already uses the file sharing techniques of old.
Re:Anything you say will be taken down and used ..
on
Darl Goes to Harvard
·
· Score: 1
>>>Both statements are equivalent, and both Xmessage variables can be used in interchangable ways
>>NO!
>YES!
NO!:)
What part of "On the other hand, pmessage is a pointer, initialized to point to a string constant; the pointer may subsequently be modified to point elsewhere, but the result is undefined if you try to modify the string contents" do you not understand? (pg. 104).
>>They are NOT the same since you can change the contents of amessage but not necessarily the string pointed to by pmessage.
>Yes you can change both. Nothing in the C language definition prevents you from doing that.
Yes, and nothing stops us from coding segfaulty code either, so what part of "not necessarily" did you not understand?
>First of all, it is not my little hack.
It doesn't hold water if you try to determine equality with "if (amessage == pmessage)". Therefore its a hack, as that was the intent of your post, no? And since its less than 1k, then that makes it a little hack, but why are you so concerned with size? Fine, it was a HUGE hack. Happy?...or did you think I was being condescending? Well, I was.:)
>Secondly, there are NO strings in C. There ARE arrays of characters...
hmm...could of sworn I said something about quoting K&R on page 104, which is probably the context from which I am using the term "string".
> But my original reply was that the code WOULD COMPILE, contrary to the parent comment. Not that it was good programming form.
Look, I dont care for a fight on semantics, or the intent of your original post. In fact, I thought your code was pretty clever, but your message ended short of informing neophyte programmers that this isn't proper code. Rather, someone listening in might get ideas of: "if code compiles, then code is good," which brings us to the topics of security and memory leaks...so let's move on.
Re:Anything you say will be taken down and used ..
on
Darl Goes to Harvard
·
· Score: 1
>...There are NO arrays as such in C....
Wrong! I suggest you read the book "The C Programming language: 2nd Ed." by Kernighan and Ritchie. You'll notice I pretty much quoted word-from-word section 5.5, pg. 104.
>Both statements are equivalent, and both Xmessage variables can be used in interchangable ways
NO! Again, reread my reply and run the code. They are NOT the same since you can change the contents of amessage but not necessarily the string pointed to by pmessage. Furthermore, you're little hack will not determine equality between amessage and the string pointed to by pmessage, yet they are strings. I hate to see people giving bogus programming tips, and your's was bogus.
Re:Anything you say will be taken down and used ..
on
Darl Goes to Harvard
·
· Score: 1
Well...it works, which could possibly mean it is legitimate, however you cannot use your hack to compare
char amessage[] = "now is the time";/*an array*/
char *pmessage = "now is the time";/* a pointer */
Since amessage is an array just big enough to hold the sequence of characters and '/0' that initializes it, while pmessage is a pointer initialized to point to a string constant. Individual characters may be changed in the former, whereas the result is undefined if you try to change the contents of the latter. Here, try this code and tell me if there exists an equality operator defined over strings:
and the equaly irresponsible "but I want to run my own mail server-- how dare you try to take away my toy!" To be fair, there are legitimate reasons that a person might need to run their own mail server, but they are quite few and far between-- certainly less in number than spammers!
No, to be fair, you don't even need a legitimate reason to run a mail server. If Jill-Sendmail wants to toy around with her computer because she wants to see what administration is like without having to pay $4000 for certifications, then so be it.
Who are we to judge Jill's authority over her own computer? If her machine gets a virus, is misconfigured and spews gigabytes all over the place, or if she accidently creates an open relay, well thats a job for her ISP. But spammers dont even need your computer, they can just walk into an insecure library computer lab, boot up Knoppix, and create their own open relay.
Oh yeah, block port 25, that'll stop em! Then a couple months later, they'll start hacking gateways or start wardialing for wireless connections. Hell, all they have do is split their pay with someone crafty enough to crack into whitelisted computers and use them as proxies for more the spammers. So what's next: port 80? port 21? Hell, let's block all the ports, that'll stop those bastards!! Sooner or later, you have to realize that spam exists because there are stupid humans who can be suckered into buying anything and perpetuated by stupid humans who having nothing better to contribute to society! And if people start becoming network-nazi's, then they will be stupid too. Its like a hardcore sysadmin who forces her users to memorize MD5 sums as their passwords and then changes them weekly! Sooner or later, people are going to start leaving their passwords on sticky-notes under their keyboards while the cracker finds a faster way in via social engineering. Humans are the weakest link here, not sendmail, not the SMTP protocol, and certainly not the firewall scripts. And when you figure there are probably only around 200 spammers, you have to wonder who the real dups are here: the ones spending $1,000's in man hours on bayesian filters and spam-laws, the ones buying penis enlargement kits, or the ones sending mass mail from a cheapo Pentium-2 laptop with a textfile containing over 5M email addresses? Consider if only 0.5% are interested in that mail...because that's all it takes. No, I have a better proposal: educate people on how NOT to be conned. Educate them on how to recognize spam and/dev/null it. Eventually, commercial interests would spend less on email mass marketing, which would mean spamming is less lucrative to spammers.
>If my usage of `reliable' is confusing, I am referring to a system which is designed to restrict the behaviour of user applications, such that they are protected from each other, and the system from them (e.g. an application cannot crash either another application or the system). MS-DOS would naturally not meet such a requirement (nor would Windows 3.1 or Windows 9x).
Well, that definition sounds agreeable, but my point was that these concepts of reliability and stability are relative to the end-user. No machine or operating system is perfect. NASA can tell you this. Think: quality control. There are those who need real-time systems with 0% downtime, those who need a fast computer that will number crunch for weeks, those who need a game machine for LAN parties, and those who need something to check their email or send/retrieve data from a database (ie. a dumb WYSE-60 terminal to scan your ID). In each of these cases, the end-user will describe their system as reliable or stable if the amount of time it is in a state that renders it unusable (lets call this "downtime") is tolerable by that end-user. In an ideal world, this downtime would be zero. However. if it is untolerable, then it is unreliable, and the user has a choice to lower their standards of tolerence or replace their machine with something that will be reliable.
Hence, Win95 is reliable enough to install on a machine that will be deployed to a place where the users are very tolerant and it will only be used to browse the web.
>When saying it's relatively easy to design a reliable OS, what I I mean is that it is a well understood problem, with well understood solutions.
So in other words, its relatively easy to design a reliable OS if you stick with what you know. Then I guess most kernel developers don't understand buffer overflows and gaurding a function's return address, etc. since these problems are not fixed.lthough, even if you try to restrict the design of your OS to these well understood problems that have well understood solutions, it doesnt remove the fact that the problems that you don't understand still exist. Nor does it treat the well understood problems without well understood solutions. So this OS may SEEM reliable to the programmer because it deals with these well-understood problems, but in reality it is not reliable enough to handle the unknowns. In fact, "relatively easy" implies to me that these unknowns are unimportant, which makes me instantly think of your description of microsoft's design plan for Win9x. So according to microsoft, windows is reliable since they've restricted their designs to problems they understand which have solutions they understand.
But for all we know, the coders at the time may have only known a dozen or so understandable problems, including: "how can we get an MSN icon onto the desktop?". Which brings us back to quality control...
>The existence of bugs does not mean a system is not a reliable design,
well....only if the severity of the bug is tolerable to the end-user.
>For the most part, applications will only be able to exploit the occasional bug in a reliable system if explicitly written to do so (e.g. viruses).
Here's a counterexample. Consider tcpdump running on FreeBSD (stable, no?). A little while back, there was a bug that allowed remote execution of code. Suppose that on the same network which the FreeBSD machine is listening to via tcpdump there is a networked print server (jetdirect). Now if someone is printing something in postscript to this print server and all of a sudden a
bug in the print server starts reacting to the postscript code by broadcasting random packets, does the possibility not exist that these random packets could end up being the same ones that cause tcpdump to start executing some random code? Clearly this was not intentional, yet tc
> A lot of people without a solid understanding of operating system design hold such mistaken ideas. The reality is that designing a reliable system for capable hardware is relatively easy, and has been for decades.
Ok, I have taken a 500-level CS Operating Systems design class which covered NT and many *nix flavors, but noone ever told me how relatively easy it was to design a reliable system. I beg to differ. If designing a reliable system was so easy, then tell me why we still bother to maintain old linux kernels at all? If they were so reliable, then the code should be frozen, right? DOS was very stable, at least from my perception -keyword:percievable stability-, so designing its replica should be easy, right? I don't agree. If you followed the progress of FreeDOS, then you might wonder why it wasn't easy for them to complete version 1.0 5-6 years ago? Maybe they don't have all the time in the world, but I am not convinced that designing a reliable system is easy. Or maybe I should say: Designing is easy, building and testing is rather difficult. Is that what you meant? Also, I'd like to know what your definition of stability and reliabilty mean because you'll get different answers from NASA-geeks, IT-nuts, code-monkeys, and mom and pop. Personally, I don't care how fast my SOYO motherboard will degrade from exposure to solar radiation, therefore it is reliable in that sense. But ask anyone who deals with ruggedness and most modern PC boards will not be in their wishlist. On the other hand, I do care if my board will get too hot and cause the saulder holding my RAM chips together to melt.
Ok, semantics aside, take the apparently "stable" MS-DOS 6.22 and wrap a GUI file browser/shell around it. Let's call this OS: Winblows95, or W95 for short. Let's ignore HOW this system was designed but just assume it is designed poorly and full of bugs. Even though we know the system is not ready to ship, I'm going to put out a lot of hype and maintain that this system is reliable. Is that wrong? Should people complain? Yes.
>I have no patience with those who complain about the reliability of Windows 95/98/Me.
Well, then why did you reply? My standards of a reliable OS have improved, but I still have friends and family who, not as computer adept as me, have already purchased these lame operating systems or it came with the computer. Is it their fault that they fell for the hype or felt comfortable because there workplace purchased the same OS? No. They just didnt know. Unfortunately, now they are LOCKED-IN with their proprietary drivers and games and need my help for maintaining their system. Should I complain? Yes.
You see, these problems perpetuate from a software company with a 90% market share with users who trust the same operating systems their workplace or family and friends use. Noone thinks about reliablity until AFTER the fact because you weren't given a choice of Operating system when you bought your PC years ago. It was windows or mac. And would you question the reliability of a product from a BIG company?
Anyway, the damage has been done and we're still cleaning up. Obviously, if there weren't people who still use w98, then MS wouldnt waste their money keeping there support open till 2006, now would they? I don't care what was wrong with win9x and I dont care how reliable it is, I just know that winME has a lot of good drivers and can still function as an OS for mom and pop without having to spend wads of $$ on WinXP, which is even more bloated than all of the win9x series combined. I also know that it can be stripped down while XP cant (yet?).
When a ghost image for a bare bones system requires more than one CD, I complain. And realize that if it were my choice, I would install some linux distro, but its not ready for mom and pop, and they are not ready for linux yet. And what happens when I'm not around? Win9x was pretty intuitive, while XP's operations are more tra
oops, forgot one important thing. If anyone decides to mess with any.inf files before an install, you'll need update the file size for that.inf file in layout1.inf files or setup will
claim the cab file is corrupt. For example, after truncating amovie.inf to 100 bytes, you need to change the entry "amovie.inf 1,,19824" to "amovie.inf 1,,100".
I should probably document this on a webpage sometime....
>And from experience, if you're looking for a stable Linux distribution, Red Hat ought to be one of your last choices.
umm...Red Hat has always worked just fine on my end (RH6x,RH7x,RH8x). I would take you seriously on this concept of distribution-stableness if this were BSD, but this is linux country where distributions are modular! Packages can be downloaded and recompiled on a whim. To judge a linux distro by its kernel release (or compile) is naive at best, if not shameful. Most of the code included in any distro is pretty much outdated within weeks and there are several kernels to download if you dont want to recompile the stock one.
If your getting core dumps or kernel panics from a RH distro, then you should check redhat's errata, download fresh code, or check to make sure your hardware is both supported and functional. Not to start the flamewar, but you should consider the needs that slackware, gentoo, knoppix, RH, etc. fulfill rather than the kernel they stock before you start bashing linux distros. For example, RH can serve as a good home install because of the number of packages it packs. It also provides the novice with a good introduction to this concept we call "choice" -something most locked-in windows users do not have, at least not without a $price$. Or if you need something slim and fast for older machines whose use will probably only be a private server or router, then there's slackware. Or if you need an emergency boot disk or merely want to test how linux runs on another machine (ie. BestBuy display models, laptops, etc.) there's knoppix.
>most crash-prone Windows machines have been "crashy" due to poor hardware setup/faulty hardware.
Actually, most "crashy" windows machines, especially win9x, were due to unchecked memory leaks throughout the entire system which could have been prevented if not for that whole 1995, 1998 deadlines they imposed on themselves. And then there's all the crap they stuff into their OS. I proved this to myself a little while back. You see, I wanted to reduce the help calls I got from family and friends, so I decided to build a windows install (actually a bootable system disk with a ghost image) that everyone could use and wouldn't contain so many bugs and security vulnerabilities. So I edited the install.inf files to a windows ME installation in order to prevent the installation of useless.dll's, exe's (based on google searches to figure out what each one did), windows media player crap, and internet explorer. Basically, I just opened precopy1.cab, perused layout*.inf to see which cab files had the.inf's I was looking for, and deleted everything under the file header. Sometimes, minor edits were only possible to remove things like "winpopup" since microsoft included it in the tcpip.inf's. (Why?) After recabbing, installing (using an install script, msbatch.inf, to skip being bothered by user prompts and a few "secret" setup.exe commandline switches), and a little tweeking, I had the install down to 150mb (not including the backup cab files)! The shell didnt work, but it was crap anyway so I replaced it with LiteStep (smaller, faster, configurable) and used an alternate file browser (AB Commander) instead. After installing everything I would need for a bare bones install, I ghosted the machine onto ONE CD. Try doing that with XP! Anyway, the machine has been tested for over a year now under several hardware variations and user patterns, and can run for several weeks without a restart. Which just goes to show that the extra CRAP does have a significant impact on your systems performance. Take for example "active desktop", SFP, "system restore", all the failed "innovations" that didnt make it to win2k and XP, and all the excess registry keys that are associated to other MS products you may never use. While some of this crap may work for some, it is rather presumptious of Microsoft to assum
> If anyone asks you what this sco fiaSCO is about, you can direct them to this article.
AND THEN you direct them to these published Novell vs. SCO correspondances,
Make sure to point out McBride's (SCO's) intentions as stated in their own words back in 2002 compared to his open letter a year later. It shouldn't be too hard for anyone not keeping up with/. to come to the conclusions that SCO is seriously smoking Crack, CRaCK, CRACK!. Although, it may just be easier to point them to this simulated IRC chat which seems to epitomize the entire series of events leading to this big mess. Oh and supposedly SCO is suing trees now.
>Apparently, there's Unix code in these plants information processing systems.
Jan 22, 2003
FAXED
Mr. Ponderosa Pine
Trees, etc.
[address]
Dear Mr. Pine:
SCO holds the rights to the UNIX operating system software originally licensed by AT&T to approximately 6,000 companies and institutions worldwide (the "UNIX Licenses"). The vast majority of UNIX software used in enterprise applications today is a derivative work of the software originally distributed under our UNIX Licenses. Like you, we have an obligation to our shareholders to protect our intellectual property and other valuable rights. ...etc...
Similar to analogous efforts underway in the music industry, we are prepared to take all actions necessary to stop the ongoing violation of our intellectual property or other rights.
SCO's actions may prove unpopular with those trees who wish to advance or otherwise benefit from breathing air as a free software system for use in enterprise applications. However, our property and contract rights are important and valuable; not only to us, but to every individual and every company whose livelihood depends on the continued viability of intellectual and intangible property rights in a digital age.
Yours truly,
THE SCO GROUP
By:
Darl McBride
President and CEO
[And in response...]
VIA FAX AND CERTIFIED MAIL
RETURN RECEIPT REQUESTED
Jan 23, 2003
Mr. Darl McBride
President and CEO
The SCO Group
[address]
Re: SCO's "Letter to pine trees"
Dear Darl:
As you may have already known, we have been
around longer than humans, and like whales, have
memories that stretch far back into the distant past. In fact, our history starts in the Devonian period, long before this concept you speak of, UNIX, existed. We clean the air you breath and provide much sustenance for many animals, including yourselves.
Put simply, we are certain that we have established prior art considering our vast population and lengthy lifespan. Furthermore,
we would like to point out that our systems have long been embraced and are crucial to the operations of earth as you know it today. Hence a disruption in our services from any action taken by SCO would deprive our partners, including the human race, of valuable oxygen which may result in the demise of the human race.
Due to the vagueness of your letter, we are unsure as to what infringing code is being run in our systems. If there is infringing code, then most likely it would be from your supposed UNIX systems, since our codebase has been used for thousands of years and is rarely modified.
Therefore, we invite you to either provide specific evidence substantiating your claims or
withdraw your recent allegations against the trees et al. We hope you understand the potential significant legal liability SCO faces for the possible harm it is causing. SCO's actions, if carried forward, will lead to the loss of life and planet.
well....maybe your a troll, SCO exec, or a newb but here's a quick answer since you weren't modded away, the rush is over, and I'm bored: NO. Submitting code is not as easy as mailing a letter to mom. And for one thing, you actually have to contribute something useful for it to be accepted. To get the idea, Check this site out and think about the chances of someone actually pulling it off. You know, this person would actually need access to good code, USEFUL code, code that gets accepted; this person would have to maintain that code because things break when someone adds ANYTHING to the source and it would look mighty suspicious if the person drops contact all of a sudden. This person would also need to leave a nil traceable papertrail. Not impossible, but if its so easy, why dont you try to slip one past and see for yourself? On the other hand, if someone contributes code and claims negligence because they didn't know that they did not in fact own the rights to the code, then the person who leaked that code should be held responsible, not the project maintainers who knew nothing of the incedent. Now the iffy legal part is correctly establishing who owns the code and whether it was leaked illegally. If so, then it should be identified and removed.
But... how does this add up to the GPL being flawed? It is a LICENSE that was meant to preserve the IP and recognition of the author(s) without having to close the source -which means people wouldnt have to keep reinventing the wheel; it cannot function as a cvs/rcs source code accounting program. I cannot stress this enough: The GPL is an inanimate object. It has no means of control over who submits code to that of which it is licensing, no means on how to defend itself against "pirates" who want to burn the license and claim the code on their own behalfs. In fact, NO LICENSE, beit shareware, EULA, freeware, BSD, etc., can control these types of issues, people will do what they want. Its up to the authors of the code to decide how they want to license their software and perceive if someone has wronged them by failing to comply with the license; users are not forced to use the software and noone is pushing acceptance of the $free$ GPL'd code down the developers throats; the courts will decide what and if anything should be enforced, and the police will decide how to enforce it.
No, the GPL has been around for 20 years now and is just fine - its U.S. copyright and DMCA laws that are inherantly flawed. Its the proving whose code is whose that this mess is about, and someone is clearly lying. This weakness you speak of is a social issue. There would be no SCO stories if everyone shared their code like civilized humans, kept IP royalties to less than seven years, and linus had a crystal ball to tell him years ago that he should keep a fascist code insertion policy into the kernel to avoid the allegations that freaks would spend their time trying to sabotage the kernel. And if you check out freshmeat.net, you'll find much GPL'd code that is doing fine. Time will tell when the GPL's value will be tested. Proving authorship is another issue entirely, but if the GPL cannot convince a court that you released the code with a binding request to those who modify and redistribute it that they must also include the original source code, and if it can't convince the court that those who break it should be penalized, then the license has served only to provide a false sense of security. But if it makes you feel better about posting your hard work to millions of people, most of whom will probably not care and some might try to steal, then so be it. Its better than keeping it locked in a vault until you die merely because its not bringing you $$$. I believe that most non-profit open source is just someone's pet project that they want to share for either fame & glory or just to make the world a better place. Its annoying if someone takes your code and br
On a similar note, try "Microsoft sucks". I come up with around 150,000 from MSN, 473,000 from google, 488,000 from alltheweb, and 304,000 from yahoo.
With "linux sucks" I get
137,000 from MSN,
561,000 from google,
348,000 from alltheweb,
369,000 from yahoo
I'm sure you could go on forever and run into some wacky results somewhere. ie. political bias, religious bias, software bias, etc. Although, I dont think the inclusion of particular sites will indicate the fairness of the search. For example, google could have just programmed the inclusion of googlesucks.org in order to appear fair.
Consider the discrepancies between the dubbing and subtitles in cowboy bebop, for example. Since the correctness of translating one language to another is dependant on dictionary compatibility, and the integrity of dictionaries are relative to the year, locale, and publisher, it is no wonder there are so many versions of the the Old Testament and the Bible. Now back to dubbed vs. subbed anime:
after a japanese translator writes the subtitles in english, its not unusual for him/her to fix mistakes because of differences in japanese and english interpretations of english sentences. Take, for example, the sentences: "You look like a good man" and "You are a good-looking man", which may in fact look the same to your average japanese
student trying to learn english. Now, the question is whether or not these changes, when converting the subtitles to a dubbed script, are changed because the english subtitles infer some bad english/american connotations or if there were "better" english words to convey the meanings of the original japanese script. These may sound like they are the same thing, but what if an american word has a bad slang or cursing connotation as one of its meanings and simultaneously providing the single best meaning to convey the point of the japanese script? Then chances are, you won't find a better word in english. Now if the distributors of the dub-version choose to replace the word because of its slang connotation, then this represents a situation in which a sub->dub conversion can be corrupted. Hence, the subtitles will provide the non-native speaker with a better meaning.
But you probably already knew that. The real question the parent (i think / i hope) intended was whether or not providing a dubbed version is a good comprimise between preserving japanese culture and getting more sales. I mean, its all good to live, speak, and drink "american", but it seems to me that "americans" are starting to expect everything handed to them in english. Not that that is a bad thing, but the animation was not created in the U.S., which, I might add, does NOT have a national language. (Here is an interesting ACLU paper with more discussion on this.) Now as more and more international corporations start to embrace this standard and treat english as the "language of commerce", we will probably start to see this trait get passed down to local, private businesses in the vicinity of those same corporations. Which means that eventually, the city (or even the country) will start to embrace it because they must deal with or work for these same private businesses, which means more awareness of the "language of commerce".
Since humans are more prone to finding an easier way to live, then we may not be far from the point when people are going to start speaking only ONE language. Which language? Probably english. While japanese will bite the dust because it didnt catch on in the stock market as the "language of champions". I'm sure there will be (bi-/tri-/n-)linguals, but only so long as the other language(s) serve a purpose. The only purpose I can think of is culture, unless someone finds a way of quantifying the efficiency of language, which would then provide an actual value to languages. But if, for some reason, japanese cultural awareness starts to decline, then the japanese language will end up like cobol. Not that cobol is dead...yet.
Anyway, IANAL (I Am Not a Linguist), but I'd hope this is why there are purists you speak of, because they are embracing the culture from which sprang forth the anime. But I'm sure there also exist anal retentives who just like purity for pureness-sake, in which case you're right, they should probably have a few drinks, sit back, and enjoy the show.
Slashdot Mirror
There are two problems I see: trojan horses and worms. We can help deter the worms, not defeat, by setting intelligent network firewalls (or buying cheap $50 NAS-firewalls like Linksys, D-link, etc.). Portscanning seems to be the big payoff for internet connected computers -even with brain-dead firewall software. We can deter the trojan horses by educating users about how to maintain a secure computer. This entails showing them how to check for updates/vulnerabilities through mailing lists, websites for their software and for their virus checker. This also entails showing the user a broad spectrum of choice, particularly in web browsers. This also entails teaching them how to understand email headers, dns and dns lookups, whois queries, and webpage loading, cookies, SSL, and javascript. Armed with this intelligence, the user can spot something fishy immediately as well as avoid falling prey to crafted web pages, IM messages and URLs, malware, spyware, and trojan-ware.
;) How is it that Windows never came with instructions on how to use the command line? Why try to make all the system programs hard to find in the system folder while not providing any shortcuts in the Start menu? (like winipcfg, ping, nbtstat, ipconfig, netstat, route, msconfig) And the instructions for these programs were a bit lacking too. Also why in a release version of ANY windows version do the default settings SUCK? Lets see, firewalling OFF, WFP/SFP SILENT, etc.
Whoever came up with this concept of "transparent" computing should be dragged into the street and shot. How is it, developers never thought of using log daemons in Win9x? How is it that hex code should be printed to the BSODs and error windows instead of REAL english in the release version of the OS? (oh, wait, that was MAC-OS 6-9...
The real problem is not stupid users (though they DO exist), the real problem is that windows has not created a Smart User Environment (SUE) for users to operate their computer. This is analagous -I believe- to the problems of the USA lacking female mathematicians, physicists, and computer scientists, as opposed to other countries. The moment we realize that software and automation (though, helpful) cannot replace security-conscious users, is the moment we make a leap forward in computer security.
Who says you can stop it? It looks like its going to happen, the uninformed WILL continue to support their HP,DELL, etc. DRM supported hardware, and the informed will probably purchase non-DRM boards from ebay,Soyo, Asus, etc. I think besides contacting your congressman, you should spend more time informing joe-consumer about this. This would work for spam too, see, if noone buys DRM enabled sw/hw, or rather the non-drm sw/hw sells like hotcakes, then there is no demand to keep selling the DRM stuff....but these people are so insidious they'll try to bury DRM lock-in mechanisms everywhere....we'll see.
Although, I think its going to backfire. What if the system were "accidently" set to play "unauthorized media" at startup, how much of longhorn would break? Or what about a new plague of viruses that create DoS attacks on your own machine by using an authorized program to manipulate files and make your system believe that all the data on your hardrive is copyrighted and you were unauthorized to view it? Oops, cant view user32.dll. Has MS/HP/Intel considered these issues, or will they just wait until their support lines get "slashdotted" by joe-consumers? Like:
Joe: "Hello, I keep getting 'copyright error: unauthorized access' messages on my screen when my son tries to open his word document, and he has to finish typing his book report by tomorrow morning, how can I turn this damn thing off?"
drone: have you tried restarting the machine?
Joe: yes, several times.
drone: Ok...have you tried reinstalling windows?
Joe: WHAT?!!
drone: Oh sorry, wrong script....Lets see here...Oh ok, you have to contact the IP owner of the data you are trying to access."
Joe: "WTF? He IS the owner"
Drone: "I am sorry sir, computers do not lie so clearly he must be plagerizing. I cannot help you any further. Thank you for calling, have a nice day."
a fool and his money are soon parted.
You knew something was wrong with this program when quotes from Laura DiDio started popping up. She seems to provide her "insight" for the truly desperate. Indeed, before this praise, it seemed like she was playing good cop/bad cop with them to get more sales for licenses. Judging from this article, I guess it worked.
Obviously, the final release or even the beta releases will not consume this much of the system resources.
Is MS in bed with hardware manufacturers?
C'mon, if secrecy or access control worked, then the windows source code wouldnt have leaked. Just a thought, but why not just make these databases public? At least then, there would no longer be this false sense of security. I think some people care more if their neighbors and/or churches have access to this info rather than some random criminal. If people want privacy to be taken seriously, then you need to get *everyone* involved, which means everyone has to experience a little negative reinforcement. When people start to realize that the information in government databases is world-accessible, they will start to safeguard any information NOT released. As opposed to right now where people don't care becuase they assume all their personal info is protected. Hence, the rise in identity theft. Then, when people get phone calls from scam artists trying to solicit personal information, they'll start to wonder why their so-and-so company front doesn't already have access to such information. Thus producing a more security conscious person. Take for example hackers and virus writers. Would we be motivated to care about security if noone cared to exploit vulnerabilities? [Do Canadians lock their front doors? :)] Without negative reinforcement, noone cares.
:) ]
I think people have to start thinking in terms a world where secrecy provides little or no protection. If you want protection, you have to control the access *yourself*. In an ideal world, a government would provide administrator priveleges to citizens over their own information. They would have firewall-like protection over who can access the database, from where, from when, and what parts can be accessed. The information would be dynamic and treated like UNIX passwords. Social Security (and other) numbers would change annually to a random permutation. etc. We live in a windows-help-desk world, where people are too scared or lazy to RTFM, store passwords on sticky notes under the keyboard, and assume big brother will provide us with security. But in an ideal world, people live their lives for knowledge and not money or power. People would take responsibility seriously and follow protocols. Also, we would know what information is important, so we could write a computer program that follows our everyday activities,indicates when certain information is important, and suggest procedures to deal with it.
Then again, if someone is determined to get information, they will get it. You can invest $X million in security, but its worthless after I drive a truck with 100 ninjas through the front door, kidnap you, and apply duress. I could either leave you for dead while I exploit the information or I could have been more stealthy, too, if I needed you to be unaware so that information remains the same.
Which brings us back to this ideology of assuming nothing is secret and making decisions based off that. You're better off losing sleep over the fact that one day you might die rather than if some unauthorized individual will access your personal information. Why flirt with disaster when you can just face it head on and make contigiencies? [ Disclaimer: milege will vary.
Its an issue because of the absurdity. Absurdity is news in case you havent heard. ;)
But are they *that* hard up for money that they cannot refund her for purchasing stolen goods from them? (NO) I would say stolen goods count as a fair 30-day return policy, but I'm not familiar with their return policies. Then, after refund, they could return the stolen goods, or whats left of them, to (her) the rightful owner or at least the police. Aside from them breaking state law, why is this so hard? Even if their return policy does not include a clause for stolen goods, its good for PR and karma just to take them back since she's obviously not satisfied with her purchase.
By insisting that her purchase was legit, they have not only broken the 15-day hold law, but have also ripped her off. And now they KNOW they did and yet they still maintain this. Although, considering the issues surrounding Florida's 1996 Pawnbroking Act, it would seem this kind of thing happens often in Florida and/or the "pawn shops" strike a fine line near anarchy. If there is a strong correlation between the increase in pawn shops disobeying proper protocol (or "communication breakdown", as one EB spokesman puts it) and theft, then this should be issue, indeed. The burglar, who was just trying to pay the rent, even said he chose EB because of their lazy procedures.....hmm.
compare and contrast the civilization now with that 1 year ago, 10 years ago, 100 years, etc. First of all, technology occurs in booms, so you if you want to more data: research historical accounts. Now, you might find interesting patterns if you try to compare "techno-revolution" eras with periods of slow progression. Perhaps people weren't as stressful during the slow periods. However, one era's slow progression (like say, dark ages) may have seemed revolutional. There are other factors that will control EMOTION too, So results should be relative to perspective from that age.
Lets look at todays perspective. If we assume that emotions are ONLY effected by the stress we experience from technology, then you may be on to something. You may even find a correlation. But that assumption would be bogus. Take, for example, the differing perspectives on violent video games, violent tv, controversial radio, SCO, etc.
Personally, I have found technology to be challenging, frustrating, and rewarding. Take Procmail for example. I use it to sort my incoming email into different folders, while many others try to use it to sort out spam. I subscribed to a few high volume mailing lists, so I was always worrying about deleting an important mail by mistake. Now procmail decreases the probability of that event occuring which decreases my stress at the cost of the stress with learning something new. The point is that you will always find stress in technology because many times you have to learn something new (which *someone* probably spent years trying to model/program/study/invent/etc.). But why do many people interpret this stress as bad? Could it be that they are afraid of learning something new, or rather feel that they have learned "enough"? Assuming our minds will "forget" stuff after a lengthy period of time, then our knowledge appears to decrease over time. Doh! Time to apply for that grad degree...or two. Or could it be that people are just lazier now, so their stress levels are relatively higher? This could also explain the explosion in obesity and job outsourcing from the US -psychological disorders aside-, but lets not go there. Or could it be that technology is really just a BAD thing because it only complicates our lives? Hmm, sounds pretty logical and open minded... in a sun-revolves-around-the-earch sort of way, but then we would have to attribute the computational solutions which broke the Enigma cipher as bad too.
Stress isn't a bad thing. Repeat after me, "stress makes me feel alive". By definition, we stress during sex, excercise, reading, etc. We can stress over anything. How about this: try correlating "laziness" or "productivity" versus "stress" in certain cultures/businesses/states over time. Definitions will vary.
Some people don't have time to rewrite a nicely worded article, so they post a link to someone else's. I think your also forgetting about sites that provide their own content like Ars Technica and HardOCP which were smallfry's a few years back. The number of "E-zines" and blog sites are continually growing, so people will less and less quote from the Times, The New Scientist or the BBC because they'll find the news elsewhere. And more so if the big fish want to inconvenience their readership with registration.
And then you'll have content that noone has written something up for, so that gives the reader his/her chance to be famous for a day. Look!!! I just found a nice layout of a Terra V rocket. Some people might find this interesting, regardless of the credibility of me or the site. Or take someone's writeup of RoboSapien, or someone else plugging his own webblog because he received a check from the RIAA, or someone plugging their personal coverage of the CodeCon conference, etc. This notion of credibility-by-link should have been shattered as soon as you saw this troll get posted.
Your statement is analagous to the trustworthiness of proprietary code because the corporation is credible or well known. Which means on the flipside that because many open-source coders aren't "credible", then the code should not be trustworthy. Both are bad logic, and sometimes slashdot mods are like that after going through a mind-numbing XY,000+ submissions per day, but it doesnt hold true enough to call it law.
I can easily forsee the day when there won't be any "free" news sites that do not require registration.
Depends on what you call "news". I can easily forsee the day when mass media no longer controls the definition of "news"; this will be the day when only a dozen users log into subscription-based news sites to view the half-rational biased thoughts from a has-been writer musing on some female musician who exposed herself on national tv, whereas others will go to the FREE sites (probably a blog of some sort) where a potpourri of writers will submit what they feel is news from distinct areas of the globe which mass media feels is unimportant and try to inject their unbiased thoughts on the subject. And to make the users feel more welcome, there will be forums for each submission accepted. These sites will probably have some trendy name like hackdot or flashdot or dashdot or something....These blogs will probably have links to free mp3 albums from musicians promoting their next concert (concerts being the next business model for musicians).
The assumption you make, is that the media controls the outlet of news, when in reality it is WE who create the news. Its just a matter of getting off our ass and reporting it to the world. The web is a great outlet for this because those who will listen will listen, and those who dont will go somewhere else. But the news will get reported, nonetheless. And no firewall in China can stop it from getting through eventually.
The fact that this comes out right on the heels of this quote just makes me laugh:
"I'm not naive enough to think that proprietary commercial operating system software doesn't have the same sort of vulnerability, but the barriers to implementing them are much higher, because the source is better protected."
--A. Russell Jones, "Open Source Is Fertile Ground for Foul Play".
(Granted, the context was policing code insertion.)
>It's a bit of a cop-out to say that the creators of a network of file sharing systems can't be responsible for its content.
On the flipside of the coin, then I guess they should start lawsuits against people who create ftp, http, ssh clients. Hell, ANY service that can transfer data has the potential to share file content. For example, you could pretty much create your own (decentralized)P2P service by installing an {SSH,FTP,HTTP,SMTP} server and client on each users end, play with the port numbers, and forward your address and open ports to some majordomo@theglobalfilesharing-list-com. Users can check on what files you have by viewing your HTTP site, which they can then download via some u/l-d/l ratio-based FTP/SSH anonymous account. Wasn't this the premise for Hotline? But since these P2P apps are easier to set up (for non-computer-saavy), then thats why it is so widespread and thats where the radars go off in the offices of the content-nazis.
The legitimate uses for FTP, HTTP, SMTP,... carry over to P2P as well, its just a matter of where the users with their sharing needs go. If you shut off Kazaa, either another P2P app will become popular or people will start getting clever with FTP, HTTP, SMTP as they did before napster. Blame the users who are pirating, not the application that already uses the file sharing techniques of old.
>>>Both statements are equivalent, and both Xmessage variables can be used in interchangable ways
:)
...or did you think I was being condescending? Well, I was. :)
>>NO!
>YES!
NO!
What part of "On the other hand, pmessage is a pointer, initialized to point to a string constant; the pointer may subsequently be modified to point elsewhere, but the result is undefined if you try to modify the string contents" do you not understand? (pg. 104).
>>They are NOT the same since you can change the contents of amessage but not necessarily the string pointed to by pmessage.
>Yes you can change both. Nothing in the C language definition prevents you from doing that.
Yes, and nothing stops us from coding segfaulty code either, so what part of "not necessarily" did you not understand?
>First of all, it is not my little hack.
It doesn't hold water if you try to determine equality with "if (amessage == pmessage)". Therefore its a hack, as that was the intent of your post, no? And since its less than 1k, then that makes it a little hack, but why are you so concerned with size? Fine, it was a HUGE hack. Happy?
>Secondly, there are NO strings in C. There ARE arrays of characters...
hmm...could of sworn I said something about quoting K&R on page 104, which is probably the context from which I am using the term "string".
> But my original reply was that the code WOULD COMPILE, contrary to the parent comment. Not that it was good programming form.
Look, I dont care for a fight on semantics, or the intent of your original post. In fact, I thought your code was pretty clever, but your message ended short of informing neophyte programmers that this isn't proper code. Rather, someone listening in might get ideas of: "if code compiles, then code is good," which brings us to the topics of security and memory leaks...so let's move on.
>...There are NO arrays as such in C. ...
Wrong! I suggest you read the book "The C Programming language: 2nd Ed." by Kernighan and Ritchie. You'll notice I pretty much quoted word-from-word section 5.5, pg. 104.
>Both statements are equivalent, and both Xmessage variables can be used in interchangable ways
NO! Again, reread my reply and run the code. They are NOT the same since you can change the contents of amessage but not necessarily the string pointed to by pmessage. Furthermore, you're little hack will not determine equality between amessage and the string pointed to by pmessage, yet they are strings. I hate to see people giving bogus programming tips, and your's was bogus.
Well...it works, which could possibly mean it is legitimate, however you cannot use your hack to compare
/*an array*/ /* a pointer */
... //This works ... //This works too ... //and so does this
... //This however should not work. ... //and neither should this.
char amessage[] = "now is the time";
char *pmessage = "now is the time";
Since amessage is an array just big enough to hold the sequence of characters and '/0' that initializes it, while pmessage is a pointer initialized to point to a string constant. Individual characters may be changed in the former, whereas the result is undefined if you try to change the contents of the latter. Here, try this code and tell me if there exists an equality operator defined over strings:
char *UserName = "DarylMcB";
char *Loser = "DarylMcB";
char Name[] = "DarylMcB";
char *Lusername;
Lusername=UserName;
printf("UserName == %s\n",UserName);
printf("Name == %s\n",Name);
if (UserName=="DarylMcB")
if (Lusername=="DarylMcB")
if (UserName == Loser)
if (UserName == Name)
if (Name == "DarylMcB")
and the equaly irresponsible "but I want to run my own mail server-- how dare you try to take away my toy!" To be fair, there are legitimate reasons that a person might need to run their own mail server, but they are quite few and far between-- certainly less in number than spammers!
/dev/null it. Eventually, commercial interests would spend less on email mass marketing, which would mean spamming is less lucrative to spammers.
No, to be fair, you don't even need a legitimate reason to run a mail server. If Jill-Sendmail wants to toy around with her computer because she wants to see what administration is like without having to pay $4000 for certifications, then so be it. Who are we to judge Jill's authority over her own computer? If her machine gets a virus, is misconfigured and spews gigabytes all over the place, or if she accidently creates an open relay, well thats a job for her ISP. But spammers dont even need your computer, they can just walk into an insecure library computer lab, boot up Knoppix, and create their own open relay.
Oh yeah, block port 25, that'll stop em! Then a couple months later, they'll start hacking gateways or start wardialing for wireless connections. Hell, all they have do is split their pay with someone crafty enough to crack into whitelisted computers and use them as proxies for more the spammers. So what's next: port 80? port 21? Hell, let's block all the ports, that'll stop those bastards!! Sooner or later, you have to realize that spam exists because there are stupid humans who can be suckered into buying anything and perpetuated by stupid humans who having nothing better to contribute to society! And if people start becoming network-nazi's, then they will be stupid too. Its like a hardcore sysadmin who forces her users to memorize MD5 sums as their passwords and then changes them weekly! Sooner or later, people are going to start leaving their passwords on sticky-notes under their keyboards while the cracker finds a faster way in via social engineering. Humans are the weakest link here, not sendmail, not the SMTP protocol, and certainly not the firewall scripts. And when you figure there are probably only around 200 spammers, you have to wonder who the real dups are here: the ones spending $1,000's in man hours on bayesian filters and spam-laws, the ones buying penis enlargement kits, or the ones sending mass mail from a cheapo Pentium-2 laptop with a textfile containing over 5M email addresses? Consider if only 0.5% are interested in that mail...because that's all it takes. No, I have a better proposal: educate people on how NOT to be conned. Educate them on how to recognize spam and
>If my usage of `reliable' is confusing, I am referring to a system which is designed to restrict the behaviour of user applications, such that they are protected from each other, and the system from them (e.g. an application cannot crash either another application or the system). MS-DOS would naturally not meet such a requirement (nor would Windows 3.1 or Windows 9x).
Well, that definition sounds agreeable, but my point was that these concepts of reliability and stability are relative to the end-user. No machine or operating system is perfect. NASA can tell you this. Think: quality control. There are those who need real-time systems with 0% downtime, those who need a fast computer that will number crunch for weeks, those who need a game machine for LAN parties, and those who need something to check their email or send/retrieve data from a database (ie. a dumb WYSE-60 terminal to scan your ID). In each of these cases, the end-user will describe their system as reliable or stable if the amount of time it is in a state that renders it unusable (lets call this "downtime") is tolerable by that end-user. In an ideal world, this downtime would be zero. However. if it is untolerable, then it is unreliable, and the user has a choice to lower their standards of tolerence or replace their machine with something that will be reliable. Hence, Win95 is reliable enough to install on a machine that will be deployed to a place where the users are very tolerant and it will only be used to browse the web.
>When saying it's relatively easy to design a reliable OS, what I I mean is that it is a well understood problem, with well understood solutions.
So in other words, its relatively easy to design a reliable OS if you stick with what you know. Then I guess most kernel developers don't understand buffer overflows and gaurding a function's return address, etc. since these problems are not fixed.lthough, even if you try to restrict the design of your OS to these well understood problems that have well understood solutions, it doesnt remove the fact that the problems that you don't understand still exist. Nor does it treat the well understood problems without well understood solutions. So this OS may SEEM reliable to the programmer because it deals with these well-understood problems, but in reality it is not reliable enough to handle the unknowns. In fact, "relatively easy" implies to me that these unknowns are unimportant, which makes me instantly think of your description of microsoft's design plan for Win9x. So according to microsoft, windows is reliable since they've restricted their designs to problems they understand which have solutions they understand. But for all we know, the coders at the time may have only known a dozen or so understandable problems, including: "how can we get an MSN icon onto the desktop?". Which brings us back to quality control...
>The existence of bugs does not mean a system is not a reliable design,
well....only if the severity of the bug is tolerable to the end-user.
>For the most part, applications will only be able to exploit the occasional bug in a reliable system if explicitly written to do so (e.g. viruses).
Here's a counterexample. Consider tcpdump running on FreeBSD (stable, no?). A little while back, there was a bug that allowed remote execution of code. Suppose that on the same network which the FreeBSD machine is listening to via tcpdump there is a networked print server (jetdirect). Now if someone is printing something in postscript to this print server and all of a sudden a bug in the print server starts reacting to the postscript code by broadcasting random packets, does the possibility not exist that these random packets could end up being the same ones that cause tcpdump to start executing some random code? Clearly this was not intentional, yet tc
Very informative, but....
> A lot of people without a solid understanding of operating system design hold such mistaken ideas. The reality is that designing a reliable system for capable hardware is relatively easy, and has been for decades.
Ok, I have taken a 500-level CS Operating Systems design class which covered NT and many *nix flavors, but noone ever told me how relatively easy it was to design a reliable system. I beg to differ. If designing a reliable system was so easy, then tell me why we still bother to maintain old linux kernels at all? If they were so reliable, then the code should be frozen, right? DOS was very stable, at least from my perception -keyword:percievable stability-, so designing its replica should be easy, right? I don't agree. If you followed the progress of FreeDOS, then you might wonder why it wasn't easy for them to complete version 1.0 5-6 years ago? Maybe they don't have all the time in the world, but I am not convinced that designing a reliable system is easy. Or maybe I should say: Designing is easy, building and testing is rather difficult. Is that what you meant? Also, I'd like to know what your definition of stability and reliabilty mean because you'll get different answers from NASA-geeks, IT-nuts, code-monkeys, and mom and pop. Personally, I don't care how fast my SOYO motherboard will degrade from exposure to solar radiation, therefore it is reliable in that sense. But ask anyone who deals with ruggedness and most modern PC boards will not be in their wishlist. On the other hand, I do care if my board will get too hot and cause the saulder holding my RAM chips together to melt.
Ok, semantics aside, take the apparently "stable" MS-DOS 6.22 and wrap a GUI file browser/shell around it. Let's call this OS: Winblows95, or W95 for short. Let's ignore HOW this system was designed but just assume it is designed poorly and full of bugs. Even though we know the system is not ready to ship, I'm going to put out a lot of hype and maintain that this system is reliable. Is that wrong? Should people complain? Yes.
>I have no patience with those who complain about the reliability of Windows 95/98/Me.
Well, then why did you reply? My standards of a reliable OS have improved, but I still have friends and family who, not as computer adept as me, have already purchased these lame operating systems or it came with the computer. Is it their fault that they fell for the hype or felt comfortable because there workplace purchased the same OS? No. They just didnt know. Unfortunately, now they are LOCKED-IN with their proprietary drivers and games and need my help for maintaining their system. Should I complain? Yes. You see, these problems perpetuate from a software company with a 90% market share with users who trust the same operating systems their workplace or family and friends use. Noone thinks about reliablity until AFTER the fact because you weren't given a choice of Operating system when you bought your PC years ago. It was windows or mac. And would you question the reliability of a product from a BIG company?
Anyway, the damage has been done and we're still cleaning up. Obviously, if there weren't people who still use w98, then MS wouldnt waste their money keeping there support open till 2006, now would they? I don't care what was wrong with win9x and I dont care how reliable it is, I just know that winME has a lot of good drivers and can still function as an OS for mom and pop without having to spend wads of $$ on WinXP, which is even more bloated than all of the win9x series combined. I also know that it can be stripped down while XP cant (yet?). When a ghost image for a bare bones system requires more than one CD, I complain. And realize that if it were my choice, I would install some linux distro, but its not ready for mom and pop, and they are not ready for linux yet. And what happens when I'm not around? Win9x was pretty intuitive, while XP's operations are more tra
oops, forgot one important thing. If anyone decides to mess with any .inf files before an install, you'll need update the file size for that .inf file in layout1.inf files or setup will
claim the cab file is corrupt. For example, after truncating amovie.inf to 100 bytes, you need to change the entry "amovie.inf 1,,19824" to "amovie.inf 1,,100".
I should probably document this on a webpage sometime....
>And from experience, if you're looking for a stable Linux distribution, Red Hat ought to be one of your last choices.
.inf files to a windows ME installation in order to prevent the installation of useless .dll's, exe's (based on google searches to figure out what each one did), windows media player crap, and internet explorer. Basically, I just opened precopy1.cab, perused layout*.inf to see which cab files had the .inf's I was looking for, and deleted everything under the file header. Sometimes, minor edits were only possible to remove things like "winpopup" since microsoft included it in the tcpip .inf's. (Why?) After recabbing, installing (using an install script, msbatch.inf, to skip being bothered by user prompts and a few "secret" setup.exe commandline switches), and a little tweeking, I had the install down to 150mb (not including the backup cab files)! The shell didnt work, but it was crap anyway so I replaced it with LiteStep (smaller, faster, configurable) and used an alternate file browser (AB Commander) instead. After installing everything I would need for a bare bones install, I ghosted the machine onto ONE CD. Try doing that with XP! Anyway, the machine has been tested for over a year now under several hardware variations and user patterns, and can run for several weeks without a restart. Which just goes to show that the extra CRAP does have a significant impact on your systems performance. Take for example "active desktop", SFP, "system restore", all the failed "innovations" that didnt make it to win2k and XP, and all the excess registry keys that are associated to other MS products you may never use. While some of this crap may work for some, it is rather presumptious of Microsoft to assum
umm...Red Hat has always worked just fine on my end (RH6x,RH7x,RH8x). I would take you seriously on this concept of distribution-stableness if this were BSD, but this is linux country where distributions are modular! Packages can be downloaded and recompiled on a whim. To judge a linux distro by its kernel release (or compile) is naive at best, if not shameful. Most of the code included in any distro is pretty much outdated within weeks and there are several kernels to download if you dont want to recompile the stock one.
If your getting core dumps or kernel panics from a RH distro, then you should check redhat's errata, download fresh code, or check to make sure your hardware is both supported and functional. Not to start the flamewar, but you should consider the needs that slackware, gentoo, knoppix, RH, etc. fulfill rather than the kernel they stock before you start bashing linux distros. For example, RH can serve as a good home install because of the number of packages it packs. It also provides the novice with a good introduction to this concept we call "choice" -something most locked-in windows users do not have, at least not without a $price$. Or if you need something slim and fast for older machines whose use will probably only be a private server or router, then there's slackware. Or if you need an emergency boot disk or merely want to test how linux runs on another machine (ie. BestBuy display models, laptops, etc.) there's knoppix.
>most crash-prone Windows machines have been "crashy" due to poor hardware setup/faulty hardware.
Actually, most "crashy" windows machines, especially win9x, were due to unchecked memory leaks throughout the entire system which could have been prevented if not for that whole 1995, 1998 deadlines they imposed on themselves. And then there's all the crap they stuff into their OS. I proved this to myself a little while back. You see, I wanted to reduce the help calls I got from family and friends, so I decided to build a windows install (actually a bootable system disk with a ghost image) that everyone could use and wouldn't contain so many bugs and security vulnerabilities. So I edited the install
> If anyone asks you what this sco fiaSCO is about, you can direct them to this article.
/. to come to the conclusions that SCO is seriously smoking Crack, CRaCK, CRACK!. Although, it may just be easier to point them to this simulated IRC chat which seems to epitomize the entire series of events leading to this big mess. Oh and supposedly SCO is suing trees now.
AND THEN you direct them to these published Novell vs. SCO correspondances, Make sure to point out McBride's (SCO's) intentions as stated in their own words back in 2002 compared to his open letter a year later. It shouldn't be too hard for anyone not keeping up with
Here are some more SCO courtroom skits for your enjoyment.
>Apparently, there's Unix code in these plants information processing systems.
...etc...
Jan 22, 2003
FAXED
Mr. Ponderosa Pine
Trees, etc.
[address]
Dear Mr. Pine:
SCO holds the rights to the UNIX operating system software originally licensed by AT&T to approximately 6,000 companies and institutions worldwide (the "UNIX Licenses"). The vast majority of UNIX software used in enterprise applications today is a derivative work of the software originally distributed under our UNIX Licenses. Like you, we have an obligation to our shareholders to protect our intellectual property and other valuable rights.
Similar to analogous efforts underway in the music industry, we are prepared to take all actions necessary to stop the ongoing violation of our intellectual property or other rights.
SCO's actions may prove unpopular with those trees who wish to advance or otherwise benefit from breathing air as a free software system for use in enterprise applications. However, our property and contract rights are important and valuable; not only to us, but to every individual and every company whose livelihood depends on the continued viability of intellectual and intangible property rights in a digital age.
Yours truly,
THE SCO GROUP
By:
Darl McBride
President and CEO
[And in response...]
VIA FAX AND CERTIFIED MAIL
RETURN RECEIPT REQUESTED
Jan 23, 2003
Mr. Darl McBride
President and CEO
The SCO Group
[address]
Re: SCO's "Letter to pine trees"
Dear Darl:
As you may have already known, we have been around longer than humans, and like whales, have memories that stretch far back into the distant past. In fact, our history starts in the Devonian period, long before this concept you speak of, UNIX, existed. We clean the air you breath and provide much sustenance for many animals, including yourselves.
Put simply, we are certain that we have established prior art considering our vast population and lengthy lifespan. Furthermore, we would like to point out that our systems have long been embraced and are crucial to the operations of earth as you know it today. Hence a disruption in our services from any action taken by SCO would deprive our partners, including the human race, of valuable oxygen which may result in the demise of the human race.
Due to the vagueness of your letter, we are unsure as to what infringing code is being run in our systems. If there is infringing code, then most likely it would be from your supposed UNIX systems, since our codebase has been used for thousands of years and is rarely modified.
Therefore, we invite you to either provide specific evidence substantiating your claims or withdraw your recent allegations against the trees et al. We hope you understand the potential significant legal liability SCO faces for the possible harm it is causing. SCO's actions, if carried forward, will lead to the loss of life and planet.
Sincerely,
Ponderosa Pine
well....maybe your a troll, SCO exec, or a newb but here's a quick answer since you weren't modded away, the rush is over, and I'm bored: NO. Submitting code is not as easy as mailing a letter to mom. And for one thing, you actually have to contribute something useful for it to be accepted. To get the idea, Check this site out and think about the chances of someone actually pulling it off. You know, this person would actually need access to good code, USEFUL code, code that gets accepted; this person would have to maintain that code because things break when someone adds ANYTHING to the source and it would look mighty suspicious if the person drops contact all of a sudden. This person would also need to leave a nil traceable papertrail. Not impossible, but if its so easy, why dont you try to slip one past and see for yourself? On the other hand, if someone contributes code and claims negligence because they didn't know that they did not in fact own the rights to the code, then the person who leaked that code should be held responsible, not the project maintainers who knew nothing of the incedent. Now the iffy legal part is correctly establishing who owns the code and whether it was leaked illegally. If so, then it should be identified and removed.
But... how does this add up to the GPL being flawed? It is a LICENSE that was meant to preserve the IP and recognition of the author(s) without having to close the source -which means people wouldnt have to keep reinventing the wheel; it cannot function as a cvs/rcs source code accounting program. I cannot stress this enough: The GPL is an inanimate object. It has no means of control over who submits code to that of which it is licensing, no means on how to defend itself against "pirates" who want to burn the license and claim the code on their own behalfs. In fact, NO LICENSE, beit shareware, EULA, freeware, BSD, etc., can control these types of issues, people will do what they want. Its up to the authors of the code to decide how they want to license their software and perceive if someone has wronged them by failing to comply with the license; users are not forced to use the software and noone is pushing acceptance of the $free$ GPL'd code down the developers throats; the courts will decide what and if anything should be enforced, and the police will decide how to enforce it.
No, the GPL has been around for 20 years now and is just fine - its U.S. copyright and DMCA laws that are inherantly flawed. Its the proving whose code is whose that this mess is about, and someone is clearly lying. This weakness you speak of is a social issue. There would be no SCO stories if everyone shared their code like civilized humans, kept IP royalties to less than seven years, and linus had a crystal ball to tell him years ago that he should keep a fascist code insertion policy into the kernel to avoid the allegations that freaks would spend their time trying to sabotage the kernel. And if you check out freshmeat.net, you'll find much GPL'd code that is doing fine. Time will tell when the GPL's value will be tested. Proving authorship is another issue entirely, but if the GPL cannot convince a court that you released the code with a binding request to those who modify and redistribute it that they must also include the original source code, and if it can't convince the court that those who break it should be penalized, then the license has served only to provide a false sense of security. But if it makes you feel better about posting your hard work to millions of people, most of whom will probably not care and some might try to steal, then so be it. Its better than keeping it locked in a vault until you die merely because its not bringing you $$$. I believe that most non-profit open source is just someone's pet project that they want to share for either fame & glory or just to make the world a better place. Its annoying if someone takes your code and br
On a similar note, try "Microsoft sucks". I come up with around
150,000 from MSN,
473,000 from google,
488,000 from alltheweb,
and 304,000 from yahoo.
With "linux sucks" I get
137,000 from MSN,
561,000 from google,
348,000 from alltheweb,
369,000 from yahoo
I'm sure you could go on forever and run into some wacky results somewhere. ie. political bias, religious bias, software bias, etc. Although, I dont think the inclusion of particular sites will indicate the fairness of the search. For example, google could have just programmed the inclusion of googlesucks.org in order to appear fair.
Consider the discrepancies between the dubbing and subtitles in cowboy bebop, for example. Since the correctness of translating one language to another is dependant on dictionary compatibility, and the integrity of dictionaries are relative to the year, locale, and publisher, it is no wonder there are so many versions of the the Old Testament and the Bible. Now back to dubbed vs. subbed anime: after a japanese translator writes the subtitles in english, its not unusual for him/her to fix mistakes because of differences in japanese and english interpretations of english sentences. Take, for example, the sentences: "You look like a good man" and "You are a good-looking man", which may in fact look the same to your average japanese student trying to learn english. Now, the question is whether or not these changes, when converting the subtitles to a dubbed script, are changed because the english subtitles infer some bad english/american connotations or if there were "better" english words to convey the meanings of the original japanese script. These may sound like they are the same thing, but what if an american word has a bad slang or cursing connotation as one of its meanings and simultaneously providing the single best meaning to convey the point of the japanese script? Then chances are, you won't find a better word in english. Now if the distributors of the dub-version choose to replace the word because of its slang connotation, then this represents a situation in which a sub->dub conversion can be corrupted. Hence, the subtitles will provide the non-native speaker with a better meaning.
But you probably already knew that. The real question the parent (i think / i hope) intended was whether or not providing a dubbed version is a good comprimise between preserving japanese culture and getting more sales. I mean, its all good to live, speak, and drink "american", but it seems to me that "americans" are starting to expect everything handed to them in english. Not that that is a bad thing, but the animation was not created in the U.S., which, I might add, does NOT have a national language. (Here is an interesting ACLU paper with more discussion on this.) Now as more and more international corporations start to embrace this standard and treat english as the "language of commerce", we will probably start to see this trait get passed down to local, private businesses in the vicinity of those same corporations. Which means that eventually, the city (or even the country) will start to embrace it because they must deal with or work for these same private businesses, which means more awareness of the "language of commerce".
Since humans are more prone to finding an easier way to live, then we may not be far from the point when people are going to start speaking only ONE language. Which language? Probably english. While japanese will bite the dust because it didnt catch on in the stock market as the "language of champions". I'm sure there will be (bi-/tri-/n-)linguals, but only so long as the other language(s) serve a purpose. The only purpose I can think of is culture, unless someone finds a way of quantifying the efficiency of language, which would then provide an actual value to languages. But if, for some reason, japanese cultural awareness starts to decline, then the japanese language will end up like cobol. Not that cobol is dead...yet.
Anyway, IANAL (I Am Not a Linguist), but I'd hope this is why there are purists you speak of, because they are embracing the culture from which sprang forth the anime. But I'm sure there also exist anal retentives who just like purity for pureness-sake, in which case you're right, they should probably have a few drinks, sit back, and enjoy the show.