Slashdot Mirror


User: jonadab

jonadab's activity in the archive.

Stories
0
Comments
5,933
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,933

  1. Re:Buy old equipment on Best Redundant Storage for Home Use? · · Score: 1

    > Anything short of a house fire

    You say this mostly in jest, perhaps, but a house fire is the thing that most
    frightens me in terms of data loss. Hard drive failure would be bad, but a
    fair amount of my *most* important data is on more than one physical drive.
    Still, a house fire would take it all. The prospect scares me. I've got a
    few CD-Rs offsite, but it's nowhere near enough.

  2. Re:Bandwidth on Distributed Data Storage on a LAN? · · Score: 1

    100BaseT is plenty fast enough for many types of data -- notably, anything that
    is normally loaded into RAM, worked with for a while, and maybe periodically
    saved. Documents, images, source code... most of the kinds of things we tend
    to accumulate large amounts of and want stored redundantly.

    The only notable thing I can think of that most of us have that you want
    stored redundantly that would not perform well over 100BaseT is email, and
    that's because you will commonly want your software to access lots of files
    (or, if each mail "folder" is a file for you, really *big* files) all at
    once. Still, a network fileshare would perform at least as well as IMAP
    over the same connection. There are other things besides mail that you
    would probably not want to access over 100BaseT, but they're things most
    of us don't use much, like video. (Video downloaded from the internet does
    *not* count here, for obvious reasons. I'm talking about movie quality
    video.) Also, you probably don't want your WAV music collection stored
    this way. MIDI would be okay, but if you're into modern music and don't
    like lossy compression, you'd want to work out another arrangement for that.
    Like, let a computer that stores them play them, and run speaker wires to
    various locations. (You could still store copies on more than one system,
    but rather than accessing them over the network you'd use one of the PCs
    that had the data locally as your music player.)

    But for normal data, no problem. I routinely use CIFS over TCP/IP over
    100BaseT to remotely access OpenOffice documents and .XCF images on the
    Windows PC upstairs from my Linux PC here, and the delay is not generally
    worth talking about. Loading the application (OO.o or Gimp or whatever)
    from the local hard drive takes much longer (because the app is much larger
    than a single document or image file, unless it's a fairly big image
    or an abnormally *massive* document).

    Obviously, you would take a noticeable performance hit if you accessed your
    applications over 100BaseT. I've done it, though, and it's not entirely
    horrible, for small-to-medium applications. Even for large applications,
    it performs better than Knoppix. (100BaseT is faster than a CD-ROM drive.)
    But generally you wouldn't need to do your apps this way, because you don't
    need to worry about losing them; you can always install them again. (You
    could put your downloads folder on the LAN, no problem. Apps that you have
    on CD there's even less reason to store redundantly.) It's really not apps
    but *data* that you want to store redundantly and share between systems.

    Of course, Gigabit Ethernet is beginning to become affordable; for somebody
    with eight computers in his house (all being used -- that seems to be what
    he implied, so I assume these are not old 386s in the closet), it may even
    be affordable now. If so, hey, by all means, go for it.

  3. Re:Most common form of data loss? on Distributed Data Storage on a LAN? · · Score: 1

    > I'm much more likely to blow my data away myself than have a drive go out.

    You're either very very careless, or you've had MUCH better luck with hard
    drives than I have. I've had three hard drives go bad on me over the years.
    I haven't deleted anything I still wanted in a *long* time. I'm more likely
    to lose data due to a power outage than I am to delete it myself.

    However, I'd have to say that the *most* common cause of dataloss is buggy
    software. I've lost more data over the years due to crashes (either of
    the entire OS when I was using Windows, or X11 has crashed on me a couple
    of times, or application crashes) than the *square* of the amount I've lost
    to all other causes combined. (When the hard drives went bad, I didn't lose
    all the data on them, because individual sectors went bad at first and I was
    able to copy almost everything off. Yes, I was lucky; occasionally a drive
    goes bad all at once. That would suck.)

    As for user error, I agree with the guy upthread who advocated VMS's solution.
    ITS had automatic versioning (for files flagged for it) way back in the days
    of the PDP8. VMS has had it forever. Yeah, there are some files you would
    not want versioned (e.g., logfiles), so you'd want to be able to mark certain
    directories and/or certain files to be versioned or not, and you wouldn't
    want every version saved forever (so, the system should automatically know
    how to keep sparser and sparser versions the further back you go, but these
    are not insurmountable issues by any means.

    Would it use more space? Yeah, of course. So, make it optional, and
    people who want to save space can choose to be careful.

  4. voting on Diebold Chases Links To Leaked Memos · · Score: 1

    > "If voting could really change things, it would be illegal

    That's an interesting remark, though it's also totally irrelevant to the
    legality of discussing technical flaws in a voting system. But hey, this
    is slashdot, so let's ignore its irrelevance and discuss it anyway...

    The main reason that voting doesn't change much is because of the electoral
    college system, which however is absolutely necessary to keep the nation at
    peace with itself. Without it, we'd be at civil war in twenty years. With
    the EC, the govenrment decays and will gradually fall apart in another couple
    of hundred years -- that's *better*.

    The reason the candidates from the opposing parties are so much alike, is
    because to have any prayer of being elected they have to garner the electoral
    votes of the swing states -- the states containing roughly equal numbers of
    conservatives and liberals, i.e., the states with roughly equal amounts of
    non-urban and urban population. This prevents them from candidating on
    platforms that would make the largely geographical boundaries between the
    conservative and liberal areas more obvious than they already are and stir
    up tensions between them. Thus, the system we have holds us together. A
    direct voting system would encourage the candidates to appeal to the strong
    emotions of one side or the other, which would drive wedges between us.
    Oh, voting would *change* things then, alright -- but it wouldn't be good.

  5. Arms race on A Call for Expandable Codpieces In MMORPGs · · Score: 3, Insightful

    The problem here is the mentality of males in general and male gamers in
    particular. If one guy has a sixteen-inch thingy, all the other guys will
    want their character to have an eighteen-incher, and if you allow that, it
    won't be many more iterations of one-upmanship before you see guys running
    around with, effectively, three legs, and I'm not sure it would stop there.

    The only way this could be practical at all would be if the game company
    charged on an exponential scale for the extra size. Then you'd be able to
    tell who had the most money to blow on their character, but apart from that
    things could be kept mostly in check, with most of the characters having
    proportions only abnormal in the normal "more than reality" way of such
    games, rather than making Salvador Dali look sane.

  6. Re:Look at me! I'm so brave! on Gator Forces Site To Remove 'Spyware' Label · · Score: 1

    > Use GAIM!

    What, me? No, I use Gnus, thanks very much. All MY instant messaging is done
    through a better, more stable, more mature, more well-established and robust
    instant messaging network, technically known as SMTP. The only thing the IM
    networks GAIM uses provide that SMTP doesn't is the ability to see when someone
    is online, but for that I use another very popular thing known as "ping". I
    have no need of GAIM.

    The person who uses the IM software is my youngest sister, and the probability
    that she would switch to GAIM if I recommend it is approximately zero. She's
    not one to take advice, generally, *especially* not from people significantly
    older than she, and *extra* especially not from geeky academic types such as
    myself who liked school and read technical books and don't listen to "cool"
    (i.e., annoying) music and watch "cool" (i.e., inane) movies and wear "cool"
    (i.e., sports-branded) clothes and so on and so forth. The less advice I try
    to give her, the better it is for all concerned.

  7. Re:Spyware, adware, does it matter? on Gator Forces Site To Remove 'Spyware' Label · · Score: 1

    > If anything, I would call it a trojan myself.

    No, it's not a trojan. Trojans run once generally and are done, and they're
    not difficult to uninstall. Gator is a more persistant form of malware.

  8. Re:In all seriousness, folks... on Gator Forces Site To Remove 'Spyware' Label · · Score: 1

    If they were to sue you for calling it spyware, you might have to convince the
    court that it is spyware. (Otherwise, it would be libel.) You can make your
    own evaluation about how hard it would be to convince a court that Gator is
    spyware. Since they've admitted right out that it's adware, the easiest way
    might be a linguistics argument showing that the terms are universally used
    synonymously. But do you really want to go to court?

    Besides, calling Gator spyware is too generous; it's clearly malware.

  9. Re: Use of Q.E.D. on Gator Forces Site To Remove 'Spyware' Label · · Score: 1

    Literally, "that which was to be proven". (It is, as others have pointed out,
    a Latin abbreviation.) Pretty much all mathematical proofs end in QED. Proofs
    by deduction are using it for its literal meaning, because the last step is the
    item which was to be proven. Other types of proof (mathematical induction,
    assumption and contradiction, and so forth) use it in a more figurative sense,
    simply indicating that the proof is complete. I never had a math teacher who
    didn't use it, in high school or in college.

  10. Investigate the bejeebers out of them. on Prosecuting Spamming Crackers? · · Score: 1

    You'll want to get a whole team of volunteers in on this. Make sure it's
    clear, the goal is to investigate, to obtain information. No threats are
    to be made, and no physical harm-inducing action to be taken. Just a big
    fat trainload of investigation. Spamming itself, though highly objectionable
    socially, is not per se illegal, but given the stigma attached to it, there's
    an excellent chance that spammers, *especially* ones that also use cracking
    techniques, may have the kind of morals that may lead them to view other
    illegal actions as "only illegal if you get caught", which could mean that
    by investigating you can turn up some real dirt. Can't hurt to check.

    An important secondary goal is to make sure, without telling them, that they
    KNOW that they are being investigated, but not by whom. So, spare nothing
    when it comes to forms of investigation that they'll notice. If you can find
    out where they work, phone up their employer and start asking questions.
    Don't do anything illegal, but whatever you can do legally, do it. The
    going-through-the-garbage trick is fairly well-known now, having been used in
    the movies, so if you can determine that it's legal in the jurisdiction in
    question, do it -- repeatedly if possible. You want them to *see* their
    trash being pilfered by somebody other than trashmen, but not have any way
    to track who it was (so, don't let them see your license plates or anything).
    The reason you don't want them to know who it was, is because it's scarrier
    for them that way. Yeah, taking their garbage may be legal, but even if
    you'll win that court case, they'll feel better just by being able to *do*
    something about you. Plus, if they know who you are, they'll know also who
    you *aren't*, namely, various types of people by whom it would be scary to
    be investigated, such as the police, FBI, tv newspeople, professional
    investigators, or whatever. You don't want them to be able to rule out
    those possibilities. Even if they strongly suspect it's just anti-spam
    activists clowning around, you want doubts in the back of their minds.

    Basically, there are two things you want to accomplish. First, if they've
    done anything illegal, you want to know and, if possible, be able to document
    it. Second, and at least as important, you want them so worried about being
    investigated that they're up nights, stressed out, irritable, crabby and, in
    short, miserable. Bonus points if you can get their families worried about
    it too. This will all be most effective if, rather than warning them that
    you will investigate them, you let them figure it out on their own. That way
    they wonder what *else* is going on. You cannot make any threats that will
    scare them as much as what their own immaginations will come up with when
    they realise they are being investigated. So don't make threats. If they've
    done anything illegal, you want them wondering if the FBI might be involved.
    If they haven't, you want them wondering who on earth would be investigating
    them and why, and whether possibly a major news network is doing a story on
    them for primetime the next time a slow news day rolls around, or some
    equally life-disrupting thing. You don't want to hint at anything specific,
    of course, because vagueness is scarier. You want them stressed out,
    enumerating unpleasant possibilities in their minds, biting their nails,
    taking heartburn medications and headache pills.

    Ultimately, your goal is for them to decide to get out of spamming. Unless
    your investigation turns up anything you can interest the authorities in.
    In that case, of course, by all means do that.

  11. How high do you want to set the bar? on A Novell Linux Specialist? · · Score: 1

    If you want to ensure that they have serious expertise, you could require that
    they retain someone on staff from whom Linus regularly accepts patches. That,
    however, is going to limit how many of your partners can have this status.

    You may want to set the bar somewhat lower. For example, you could merely
    require that their corporate network include at least some number (or perhaps
    some percentage) of Linux systems that they manage themselves internally and
    which must be able to perform certain functions on their network (e.g.,
    function as print servers, file servers, whatever it is you want to require).
    You could require certifications in addition, but requiring them to include
    Linux in their own network infrastructure ensures they have some real-world
    experience with it that will go beyond the bookwork involved in passing a
    certification. (The requirement of administering these systems themselves
    prevents them from just buying a support contract from someone else and then
    being considered experts themselves. They have to have their own support
    team on staff for it, then.)

    If all you want is a basic level of familiarity, you could simply require
    some number or percentage of their support people to have some certification
    or another. That's about as low as you can set the bar and have the status
    hold any real meaning, I think. There's a tradeoff between choosing this
    level and the higher requirement of having Linux on their own corporate
    network. Namely, with the lower requirement more of your partners will
    seek and obtain the expert status, which is good, but with the higher
    requirement the ones who do will be better experts, which is also good.
    I can see arguments either way, as far as which is better.

  12. Re:on permban on Gator Forces Site To Remove 'Spyware' Label · · Score: 1

    > Note that this is no less intrusive than pages that have Macromedia Flash
    > on them, and repetitively being asked to install Macromedia Flash

    Of course, if you have Mozilla, you can delete the null plugin and solve this
    problem once forever (well, until your next browser upgrade). Though I do
    think that for the sake of end users it ought to be possible to just check a
    "never ask again" checkbox and not have to mess with deleting a file manually.
    But hey, at least it's possible.

  13. Re:Be? on Gator Forces Site To Remove 'Spyware' Label · · Score: 2, Informative

    > > I think we should just say "beware" :-)
    > Clever. But I bet Steve Jobs already has that one trademarked.

    No, not Jobs. J. L. Gasse, possibly, but if so it's all Palm now.

    > "Malware"

    Yes, absolutely, malware is the category in which I place Gator.

  14. Re:Look at me! I'm so brave! on Gator Forces Site To Remove 'Spyware' Label · · Score: 2, Informative

    > Anyway, I thought Gator's primary purpose was pushing ads?

    You thought wrong. It's not adware. Even calling it spyware is somewhat
    on the generous side, as that implies that what it does is passive, some
    kind of watching or monitoring -- but while it does hide as spyware does
    also, it's also very disruptive; as far as I'm concerned, it's malware.

    As near as I can determine, calling it adware is an outright lie, because as
    far as I can see it does not advertise *anything*, including its presence.
    A few weeks ago I found Gator on the Win98 PC that my family uses upstairs,
    and removed it. We didn't know it was there, and certainly we didn't see any
    ads. (My family would have noticed if it were popping up any ads, because
    the browser they use does not pop up any extra windows on its own; if you
    want to open something in a new window, you have to right-click and choose
    "Open in New Window"; otherwise, everything stays in one window. If Gator
    were causing the computer to deviate from this pattern, we would have known
    much sooner that something was running in the background creating the
    problems, and it would have been much easier to find and remove it.)

    The reason ultimately that I went poking around and managed to find Gator
    and remove it was because of the system instability it was causing. I was
    looking for any possible cause and was this close [holds up fingers virtually
    touching one another] to swapping out the hard drive. I knew it wasn't bad
    RAM only because the system is multiboot, and the other OS was fine. So I
    figured major filesystem problems. But scandisk turned up nothing. Finally
    I found Gator, removed it, and *bang*, overnight, the system was stable.
    (Well, stable as Win98 goes[1].) It can now run for hours and hours without
    rebooting, the whole day most days, from when my Dad gets up at 6am to when
    my mom goes to bed at 2am, if my youngest sister doesn't fire up the IM
    software[2]; before I removed Gator, two hours was pushing it.

    So, the primary purpose of Gator, clearly, is to screw up your system.
    They can make all kinds of bogus claims about other things it might do in
    theory, but in practice the main thing it does is screw up your system.
    It's malware, simple as that.

    [1] Yeah, I know one day is not impressive uptime outside the context of
    Windows 98. I actually use Mandrake myself; it's the rest of my family
    that uses Windows. Hence, I have my own computer and they all share.
    But the family PC is usable for my family if it can run all day; it
    wasn't terribly usable when it was crashing every hour -- which was
    my point about Gator; it makes the system unusable.

    [2] In which case, it does have to be rebooted after that, but I've got
    a registry merge in autoexec.bat to prevent the IM stuff from starting
    up at system start time, so it only runs when she actually uses it,
    which really isn't all that often. I forget whether the one she uses
    is AIM or YIM, but whichever one it is, I recommend against it.

  15. Re:MS on Patching Paranoia - How Fast Do You Patch? · · Score: 1

    > filenames are not case-sensitive. (How the hell you localize *that* I
    > don't know...)

    Each locale needs its own set of equivalence classes, but that's the only
    additional burden it would create, I would think. It does have to be
    possible to list more than two characters in a class though. For example,
    Greek has three different sigmas (two lowercase and one uppercase), and
    you'd want to list all three of them as equivalent for case-insensitive
    purposes. Should work for any alphabetic writing system, and AFAIK most
    non-alphabetic systems don't have any such concept as character case, so
    it wouldn't apply (e.g., each ideograph would be considered unique, just
    like non-alphabetic characters (which, I suppose, they are)).

    > On UFS, filenames are. So, we've got applications (particularly in the blue
    > box) that open a file named "preferences" -- but the file was actually
    > created as "Preferences"

    For a sufficiently savvy user, this ought to be as easy to fix as making a
    symlink or two. (UFS does have symlinks, yes? Hardlink if not, but that's
    icky IMO; symlink would be better. Doesn't get broken by editors that write
    the new file before unlinking the old one and renaming, for one thing. But
    I'm sure if FreeBSD uses it as the default fs it must have symlinks.) Of
    course, that assumes the app gives you an adequate error message, which I
    suppose might be asking too much from a typical Mac app. (ISTR getting error
    messages like "An error has occurred: error -754412" or somesuch.)

  16. Re:They are in compliance... on Microsoft Antitrust Compliance Questioned · · Score: 1

    It was a *joke*. It's not my fault the mods marked it Insightful instead of
    Funny. (The wording I gave was, as I *thought* was obvious, quite made up.)

  17. Re:Impact on downtime statistics on Patching Paranoia - How Fast Do You Patch? · · Score: 1

    > On the other hand, I suppose a hosting company could maintain seemlingly
    > high uptime by never patching

    If you use fully-redundant servers with load ballancing, you can patch and
    reboot them individually without disrupting service. Thus, you can have
    high availability without technically having long uptimes. This IMO is the
    direction that high availability systems are going to go -- toward clusters.
    Theoretically, this can be done with any OS, though of course some OSes have
    better clustering capabilities than others. But even with an OS that has NO
    clustering capabilities, if the server apps provide for synchronization
    between servers you can accomplish basically the same thing.

  18. Re:MS on Patching Paranoia - How Fast Do You Patch? · · Score: 1

    HFS+ probably has the same issue here as FAT and NTFS, wherein a file shouldn't
    be deleted or overwritten while it's in use. OS X *theoretically* also supports
    UFS, but everybody's afraid to use it because Apple once hinted that some apps
    might not like it. That said, I really have no idea whether using would
    A) break anything or B) solve the reboot problem, because I've never used UFS.

  19. Re:I wait until... on Patching Paranoia - How Fast Do You Patch? · · Score: 1

    > > There's really no logic behind why their patches do some of the things
    > There has to be...

    Technically, there are logical reasons, but it's not always possible to discern
    what they are, because of the ways in which details are buried under the hood.

  20. They are in compliance... on Microsoft Antitrust Compliance Questioned · · Score: 3, Insightful

    If you read the agreement carefully, you will find that they are at least
    minimally compliant. I believe this is the relevant section...

    Microsoft shall publically indicate their agreement to undertake actions as
    deemed necessary by the court to effect a reduction in the above cited
    anticompetitive practices and shall not ... [snip]

    If you read carefully, you'll note the language "publically indicate", which
    Microsoft clearly has done. Therefore, they are technically in compliance.

  21. Glass on Is Recycling Really Worth It? · · Score: 1

    There are definitely other things besides aluminum that without any question
    at all, environmentalist arguments aside, make very good sense to recycle.
    Glass is one of them. It's a LOT cheaper to make new glass out of old glass
    than from scratch. Actually recycling glass is even more ecconomic than
    recycling aluminum, in some ways. (It's also more of a pain to collect,
    which may offset that, but the fact remains it can pay well enough to be
    worth doing, no question.)

    Then you have your environmental reasons, and I think it's pretty clear that
    recycling plastics is a good idea for the environment, if doing so can be made
    practical. (We can only use so many expensive picnic tables.) In time, the
    technology for this may improve to where it's fairly practical, hopefully.
    It ought, in theory, to be possible to make pastic recycling ecconomic, though
    for the present I think the technology hasn't got there yet. But I don't know
    that there are any underlying reasons why it can't be ecconomic in the future,
    given the right technology. And plastic technology is advancing rapidly.

    Paper is always going to be the big sticking point, because it's not ecconomic,
    and lack of the right technology is not the problem. Pretty much the only
    valid argument in _favor_ of recycling paper is saving landfill space. (I'm
    not saying this isn't a good argument; I'm only saying that it's the only one.)
    Trees are very much a short-term renewable resource, and it's cheaper to make
    paper from trees than from old paper -- and the resulting paper is (at least
    in theory) better (though for some purposes the difference is unimportant).
    As far as toxic poisons, the ink is much more a concern than the paper itself,
    and when you recycle paper the ink is left over, and you still have to do
    something with it. So it comes down to saving landfill space. Consequently,
    paper recycling, if it's going to be done, is going to have to be heavily
    subsidized by someone -- preferably by an environmental charity of some kind.

  22. Re:Security drubbing on InformationWeek On Windows-Linux Interoperability · · Score: 1

    > I guess we should be glad that most people are apparently not falling for
    > their "Trustworthy Computing" horseshit.

    I actually find this rather amazing. It runs counter to the usual thinking
    about the masses believing the big lie. I think the issue may be that the
    surveys were apparently taken among IT professionals. I suspect that the
    results might be somewhat different if you polled random businesspeople.

    > It will probably take them at least five years to even begin to win back
    > security mindshare

    No, most people don't remember very well for that long. If they could get all
    the outstanding issues fixed and go six months without any major new ones (by
    major, I mean the kind of stuff that makes the tv news), that would go a long
    way for their reputation, I suspect. Unfortunately, that would require some
    policy changes they aren't willing to make. (Most significantly, Outlook's
    behaviors regarding execution of attached non-text content would have to be
    radically changed; with most other things (IIS, SQL Server) they could possibly
    get lucky for six months, and the OS (CIFS/RPC/etc) could be improved enough
    to shake most of the harshest criticism merely by turning on the builtin
    firewall by default, but Outlook as it currently stands is their greatest
    liability, security-wise. The occasional vulnerability in SQL Server or IIS
    doesn't hurt them that badly; SQL Server is really no worse than sendmail,
    which somehow manages to get cut hefty amounts of slack, and virtually
    everything has some vulnerability occasionally, but on the whole you don't
    see ssh getting a bad reputation (well, maybe for a while, but people will
    settle if it goes six months without another issue). So, all they really
    have to do, to get out of the security doghouse with most people, is stop
    the endless stream Outlook viruses and manage a few months without any other
    major catastrophies. The latter they can do -- maybe not every six months,
    but they can do it. (Again, by major catastropies I'm talking about stuff
    that sets the tv news commentators to yammering. Stories that make slashdot
    when a patch is released before any seriously bad exploit hits don't matter
    so much.) The real problem is, Outlook's problematic behavior is largely
    dictated by policy -- it has to execute non-text content because that's part
    of what it's supposed to do (for reasons I can't fathom, but MS has been
    pretty clear on this point). So unless they can find a way for Outlook to
    execute things in a well-contained sandbox environment or something (think
    in terms of a chroot jail, but for Windows), I don't see how they can shake
    their reputation for poor security without a major policy change. Because
    if Outlook is left as it is now, it will continue to have new exploits come
    out on a depressingly regular basis.

  23. Typical lawyer thinking. on AI Sues for Its Life in Mock Trial · · Score: 1

    This is scifi stuff at this point. For an AI to seek help from a lawyer,
    without being specifically programmed to do that... that's not merely AI
    complete; it's quite possibly *beyond* AI complete (i.e., it doesn't follow
    that an AI smart enough to learn new concepts, understand language, and
    reason analyitically would necessarily come up with something like that on
    its own). Even if it's only garden-variety AI-complete, we're no closer to
    that today than we were in 1970 -- and if we ever do develop that kind of AI,
    I suspect we'll be able to tell.

  24. Re:Or you could on Build Your Own Electronic Key Card Lock · · Score: 2, Funny

    BIOS password is no good; all they've got to do is steal the computer, open
    the case by whatever means are necessary, and pop the drive into another
    system.

    If you need to secure against the case where someone gains physical access
    to your computer while it is unguarded, I can only think of one way to do it:
    encrypted filesystem with a large private key that must be typed in at boot
    time and is not stored on disk anywhere (never, for example, in swap space),
    just in RAM. This, combined with the usual forms of software security that
    prevent the already-running system from being compromised, should at least
    make it abnormally difficult for an attacker to get at the data. Difficult
    enough that the easiest way would be to obtain the private key (either by
    surveillance or by rubber-hose cryptanalysis).

    Alternately, you could just never leave the system unguarded. But then you
    have to decide how "guarded" is guarded enough. Is it enough to leave a pair
    of trained dogs in the room? A security guard with a handgun? A platoon of
    goons with assault rifles? A couple of gryphons and a medium-sized dragon?

  25. Re:Discovery. on Mandrake 9.2 Initial Review · · Score: 1

    > I would mainly agree, with exception of the 802.11G wireless cards.

    Those I will freely admit I know nothing about. All my networks are 10/100
    wired Ethernet, cat5 or better. (Well, there's also the DEC net at work, which
    is cat4, but as far as Linux is concerned that's just a serial port, and the
    giscom thingydoo in dosemu is the only thing that talks to it.) (There's
    also my dialup connection to my ISP at home, but PPP is well supported.)

    I did note that with Linux the first step is to check reviews before you buy
    and get hardware that's said to work with Linux, and that this particular step
    is easier with Windows. Just about any hardware, *theoretically*, can be made
    to work with Windows. Though with USB it often requires sacrificing goats.