You say this mostly in jest, perhaps, but a house fire is the thing that most frightens me in terms of data loss. Hard drive failure would be bad, but a fair amount of my *most* important data is on more than one physical drive. Still, a house fire would take it all. The prospect scares me. I've got a few CD-Rs offsite, but it's nowhere near enough.
100BaseT is plenty fast enough for many types of data -- notably, anything that is normally loaded into RAM, worked with for a while, and maybe periodically saved. Documents, images, source code... most of the kinds of things we tend to accumulate large amounts of and want stored redundantly.
The only notable thing I can think of that most of us have that you want stored redundantly that would not perform well over 100BaseT is email, and that's because you will commonly want your software to access lots of files (or, if each mail "folder" is a file for you, really *big* files) all at once. Still, a network fileshare would perform at least as well as IMAP over the same connection. There are other things besides mail that you would probably not want to access over 100BaseT, but they're things most of us don't use much, like video. (Video downloaded from the internet does *not* count here, for obvious reasons. I'm talking about movie quality video.) Also, you probably don't want your WAV music collection stored this way. MIDI would be okay, but if you're into modern music and don't like lossy compression, you'd want to work out another arrangement for that. Like, let a computer that stores them play them, and run speaker wires to various locations. (You could still store copies on more than one system, but rather than accessing them over the network you'd use one of the PCs that had the data locally as your music player.)
But for normal data, no problem. I routinely use CIFS over TCP/IP over 100BaseT to remotely access OpenOffice documents and.XCF images on the Windows PC upstairs from my Linux PC here, and the delay is not generally worth talking about. Loading the application (OO.o or Gimp or whatever) from the local hard drive takes much longer (because the app is much larger than a single document or image file, unless it's a fairly big image or an abnormally *massive* document).
Obviously, you would take a noticeable performance hit if you accessed your applications over 100BaseT. I've done it, though, and it's not entirely horrible, for small-to-medium applications. Even for large applications, it performs better than Knoppix. (100BaseT is faster than a CD-ROM drive.) But generally you wouldn't need to do your apps this way, because you don't need to worry about losing them; you can always install them again. (You could put your downloads folder on the LAN, no problem. Apps that you have on CD there's even less reason to store redundantly.) It's really not apps but *data* that you want to store redundantly and share between systems.
Of course, Gigabit Ethernet is beginning to become affordable; for somebody with eight computers in his house (all being used -- that seems to be what he implied, so I assume these are not old 386s in the closet), it may even be affordable now. If so, hey, by all means, go for it.
> I'm much more likely to blow my data away myself than have a drive go out.
You're either very very careless, or you've had MUCH better luck with hard drives than I have. I've had three hard drives go bad on me over the years. I haven't deleted anything I still wanted in a *long* time. I'm more likely to lose data due to a power outage than I am to delete it myself.
However, I'd have to say that the *most* common cause of dataloss is buggy software. I've lost more data over the years due to crashes (either of the entire OS when I was using Windows, or X11 has crashed on me a couple of times, or application crashes) than the *square* of the amount I've lost to all other causes combined. (When the hard drives went bad, I didn't lose all the data on them, because individual sectors went bad at first and I was able to copy almost everything off. Yes, I was lucky; occasionally a drive goes bad all at once. That would suck.)
As for user error, I agree with the guy upthread who advocated VMS's solution. ITS had automatic versioning (for files flagged for it) way back in the days of the PDP8. VMS has had it forever. Yeah, there are some files you would not want versioned (e.g., logfiles), so you'd want to be able to mark certain directories and/or certain files to be versioned or not, and you wouldn't want every version saved forever (so, the system should automatically know how to keep sparser and sparser versions the further back you go, but these are not insurmountable issues by any means.
Would it use more space? Yeah, of course. So, make it optional, and people who want to save space can choose to be careful.
> "If voting could really change things, it would be illegal
That's an interesting remark, though it's also totally irrelevant to the legality of discussing technical flaws in a voting system. But hey, this is slashdot, so let's ignore its irrelevance and discuss it anyway...
The main reason that voting doesn't change much is because of the electoral college system, which however is absolutely necessary to keep the nation at peace with itself. Without it, we'd be at civil war in twenty years. With the EC, the govenrment decays and will gradually fall apart in another couple of hundred years -- that's *better*.
The reason the candidates from the opposing parties are so much alike, is because to have any prayer of being elected they have to garner the electoral votes of the swing states -- the states containing roughly equal numbers of conservatives and liberals, i.e., the states with roughly equal amounts of non-urban and urban population. This prevents them from candidating on platforms that would make the largely geographical boundaries between the conservative and liberal areas more obvious than they already are and stir up tensions between them. Thus, the system we have holds us together. A direct voting system would encourage the candidates to appeal to the strong emotions of one side or the other, which would drive wedges between us. Oh, voting would *change* things then, alright -- but it wouldn't be good.
The problem here is the mentality of males in general and male gamers in particular. If one guy has a sixteen-inch thingy, all the other guys will want their character to have an eighteen-incher, and if you allow that, it won't be many more iterations of one-upmanship before you see guys running around with, effectively, three legs, and I'm not sure it would stop there.
The only way this could be practical at all would be if the game company charged on an exponential scale for the extra size. Then you'd be able to tell who had the most money to blow on their character, but apart from that things could be kept mostly in check, with most of the characters having proportions only abnormal in the normal "more than reality" way of such games, rather than making Salvador Dali look sane.
What, me? No, I use Gnus, thanks very much. All MY instant messaging is done through a better, more stable, more mature, more well-established and robust instant messaging network, technically known as SMTP. The only thing the IM networks GAIM uses provide that SMTP doesn't is the ability to see when someone is online, but for that I use another very popular thing known as "ping". I have no need of GAIM.
The person who uses the IM software is my youngest sister, and the probability that she would switch to GAIM if I recommend it is approximately zero. She's not one to take advice, generally, *especially* not from people significantly older than she, and *extra* especially not from geeky academic types such as myself who liked school and read technical books and don't listen to "cool" (i.e., annoying) music and watch "cool" (i.e., inane) movies and wear "cool" (i.e., sports-branded) clothes and so on and so forth. The less advice I try to give her, the better it is for all concerned.
If they were to sue you for calling it spyware, you might have to convince the court that it is spyware. (Otherwise, it would be libel.) You can make your own evaluation about how hard it would be to convince a court that Gator is spyware. Since they've admitted right out that it's adware, the easiest way might be a linguistics argument showing that the terms are universally used synonymously. But do you really want to go to court?
Besides, calling Gator spyware is too generous; it's clearly malware.
Literally, "that which was to be proven". (It is, as others have pointed out, a Latin abbreviation.) Pretty much all mathematical proofs end in QED. Proofs by deduction are using it for its literal meaning, because the last step is the item which was to be proven. Other types of proof (mathematical induction, assumption and contradiction, and so forth) use it in a more figurative sense, simply indicating that the proof is complete. I never had a math teacher who didn't use it, in high school or in college.
You'll want to get a whole team of volunteers in on this. Make sure it's clear, the goal is to investigate, to obtain information. No threats are to be made, and no physical harm-inducing action to be taken. Just a big fat trainload of investigation. Spamming itself, though highly objectionable socially, is not per se illegal, but given the stigma attached to it, there's an excellent chance that spammers, *especially* ones that also use cracking techniques, may have the kind of morals that may lead them to view other illegal actions as "only illegal if you get caught", which could mean that by investigating you can turn up some real dirt. Can't hurt to check.
An important secondary goal is to make sure, without telling them, that they KNOW that they are being investigated, but not by whom. So, spare nothing when it comes to forms of investigation that they'll notice. If you can find out where they work, phone up their employer and start asking questions. Don't do anything illegal, but whatever you can do legally, do it. The going-through-the-garbage trick is fairly well-known now, having been used in the movies, so if you can determine that it's legal in the jurisdiction in question, do it -- repeatedly if possible. You want them to *see* their trash being pilfered by somebody other than trashmen, but not have any way to track who it was (so, don't let them see your license plates or anything). The reason you don't want them to know who it was, is because it's scarrier for them that way. Yeah, taking their garbage may be legal, but even if you'll win that court case, they'll feel better just by being able to *do* something about you. Plus, if they know who you are, they'll know also who you *aren't*, namely, various types of people by whom it would be scary to be investigated, such as the police, FBI, tv newspeople, professional investigators, or whatever. You don't want them to be able to rule out those possibilities. Even if they strongly suspect it's just anti-spam activists clowning around, you want doubts in the back of their minds.
Basically, there are two things you want to accomplish. First, if they've done anything illegal, you want to know and, if possible, be able to document it. Second, and at least as important, you want them so worried about being investigated that they're up nights, stressed out, irritable, crabby and, in short, miserable. Bonus points if you can get their families worried about it too. This will all be most effective if, rather than warning them that you will investigate them, you let them figure it out on their own. That way they wonder what *else* is going on. You cannot make any threats that will scare them as much as what their own immaginations will come up with when they realise they are being investigated. So don't make threats. If they've done anything illegal, you want them wondering if the FBI might be involved. If they haven't, you want them wondering who on earth would be investigating them and why, and whether possibly a major news network is doing a story on them for primetime the next time a slow news day rolls around, or some equally life-disrupting thing. You don't want to hint at anything specific, of course, because vagueness is scarier. You want them stressed out, enumerating unpleasant possibilities in their minds, biting their nails, taking heartburn medications and headache pills.
Ultimately, your goal is for them to decide to get out of spamming. Unless your investigation turns up anything you can interest the authorities in. In that case, of course, by all means do that.
If you want to ensure that they have serious expertise, you could require that they retain someone on staff from whom Linus regularly accepts patches. That, however, is going to limit how many of your partners can have this status.
You may want to set the bar somewhat lower. For example, you could merely require that their corporate network include at least some number (or perhaps some percentage) of Linux systems that they manage themselves internally and which must be able to perform certain functions on their network (e.g., function as print servers, file servers, whatever it is you want to require). You could require certifications in addition, but requiring them to include Linux in their own network infrastructure ensures they have some real-world experience with it that will go beyond the bookwork involved in passing a certification. (The requirement of administering these systems themselves prevents them from just buying a support contract from someone else and then being considered experts themselves. They have to have their own support team on staff for it, then.)
If all you want is a basic level of familiarity, you could simply require some number or percentage of their support people to have some certification or another. That's about as low as you can set the bar and have the status hold any real meaning, I think. There's a tradeoff between choosing this level and the higher requirement of having Linux on their own corporate network. Namely, with the lower requirement more of your partners will seek and obtain the expert status, which is good, but with the higher requirement the ones who do will be better experts, which is also good. I can see arguments either way, as far as which is better.
> Note that this is no less intrusive than pages that have Macromedia Flash > on them, and repetitively being asked to install Macromedia Flash
Of course, if you have Mozilla, you can delete the null plugin and solve this problem once forever (well, until your next browser upgrade). Though I do think that for the sake of end users it ought to be possible to just check a "never ask again" checkbox and not have to mess with deleting a file manually. But hey, at least it's possible.
> Anyway, I thought Gator's primary purpose was pushing ads?
You thought wrong. It's not adware. Even calling it spyware is somewhat on the generous side, as that implies that what it does is passive, some kind of watching or monitoring -- but while it does hide as spyware does also, it's also very disruptive; as far as I'm concerned, it's malware.
As near as I can determine, calling it adware is an outright lie, because as far as I can see it does not advertise *anything*, including its presence. A few weeks ago I found Gator on the Win98 PC that my family uses upstairs, and removed it. We didn't know it was there, and certainly we didn't see any ads. (My family would have noticed if it were popping up any ads, because the browser they use does not pop up any extra windows on its own; if you want to open something in a new window, you have to right-click and choose "Open in New Window"; otherwise, everything stays in one window. If Gator were causing the computer to deviate from this pattern, we would have known much sooner that something was running in the background creating the problems, and it would have been much easier to find and remove it.)
The reason ultimately that I went poking around and managed to find Gator and remove it was because of the system instability it was causing. I was looking for any possible cause and was this close [holds up fingers virtually touching one another] to swapping out the hard drive. I knew it wasn't bad RAM only because the system is multiboot, and the other OS was fine. So I figured major filesystem problems. But scandisk turned up nothing. Finally I found Gator, removed it, and *bang*, overnight, the system was stable. (Well, stable as Win98 goes[1].) It can now run for hours and hours without rebooting, the whole day most days, from when my Dad gets up at 6am to when my mom goes to bed at 2am, if my youngest sister doesn't fire up the IM software[2]; before I removed Gator, two hours was pushing it.
So, the primary purpose of Gator, clearly, is to screw up your system. They can make all kinds of bogus claims about other things it might do in theory, but in practice the main thing it does is screw up your system. It's malware, simple as that.
[1] Yeah, I know one day is not impressive uptime outside the context of
Windows 98. I actually use Mandrake myself; it's the rest of my family
that uses Windows. Hence, I have my own computer and they all share.
But the family PC is usable for my family if it can run all day; it
wasn't terribly usable when it was crashing every hour -- which was
my point about Gator; it makes the system unusable.
[2] In which case, it does have to be rebooted after that, but I've got
a registry merge in autoexec.bat to prevent the IM stuff from starting
up at system start time, so it only runs when she actually uses it,
which really isn't all that often. I forget whether the one she uses
is AIM or YIM, but whichever one it is, I recommend against it.
> filenames are not case-sensitive. (How the hell you localize *that* I > don't know...)
Each locale needs its own set of equivalence classes, but that's the only additional burden it would create, I would think. It does have to be possible to list more than two characters in a class though. For example, Greek has three different sigmas (two lowercase and one uppercase), and you'd want to list all three of them as equivalent for case-insensitive purposes. Should work for any alphabetic writing system, and AFAIK most non-alphabetic systems don't have any such concept as character case, so it wouldn't apply (e.g., each ideograph would be considered unique, just like non-alphabetic characters (which, I suppose, they are)).
> On UFS, filenames are. So, we've got applications (particularly in the blue > box) that open a file named "preferences" -- but the file was actually > created as "Preferences"
For a sufficiently savvy user, this ought to be as easy to fix as making a symlink or two. (UFS does have symlinks, yes? Hardlink if not, but that's icky IMO; symlink would be better. Doesn't get broken by editors that write the new file before unlinking the old one and renaming, for one thing. But I'm sure if FreeBSD uses it as the default fs it must have symlinks.) Of course, that assumes the app gives you an adequate error message, which I suppose might be asking too much from a typical Mac app. (ISTR getting error messages like "An error has occurred: error -754412" or somesuch.)
It was a *joke*. It's not my fault the mods marked it Insightful instead of Funny. (The wording I gave was, as I *thought* was obvious, quite made up.)
> On the other hand, I suppose a hosting company could maintain seemlingly > high uptime by never patching
If you use fully-redundant servers with load ballancing, you can patch and reboot them individually without disrupting service. Thus, you can have high availability without technically having long uptimes. This IMO is the direction that high availability systems are going to go -- toward clusters. Theoretically, this can be done with any OS, though of course some OSes have better clustering capabilities than others. But even with an OS that has NO clustering capabilities, if the server apps provide for synchronization between servers you can accomplish basically the same thing.
HFS+ probably has the same issue here as FAT and NTFS, wherein a file shouldn't be deleted or overwritten while it's in use. OS X *theoretically* also supports UFS, but everybody's afraid to use it because Apple once hinted that some apps might not like it. That said, I really have no idea whether using would A) break anything or B) solve the reboot problem, because I've never used UFS.
> > There's really no logic behind why their patches do some of the things > There has to be...
Technically, there are logical reasons, but it's not always possible to discern what they are, because of the ways in which details are buried under the hood.
If you read the agreement carefully, you will find that they are at least minimally compliant. I believe this is the relevant section...
Microsoft shall publically indicate their agreement to undertake actions as deemed necessary by the court to effect a reduction in the above cited anticompetitive practices and shall not... [snip]
If you read carefully, you'll note the language "publically indicate", which Microsoft clearly has done. Therefore, they are technically in compliance.
There are definitely other things besides aluminum that without any question at all, environmentalist arguments aside, make very good sense to recycle. Glass is one of them. It's a LOT cheaper to make new glass out of old glass than from scratch. Actually recycling glass is even more ecconomic than recycling aluminum, in some ways. (It's also more of a pain to collect, which may offset that, but the fact remains it can pay well enough to be worth doing, no question.)
Then you have your environmental reasons, and I think it's pretty clear that recycling plastics is a good idea for the environment, if doing so can be made practical. (We can only use so many expensive picnic tables.) In time, the technology for this may improve to where it's fairly practical, hopefully. It ought, in theory, to be possible to make pastic recycling ecconomic, though for the present I think the technology hasn't got there yet. But I don't know that there are any underlying reasons why it can't be ecconomic in the future, given the right technology. And plastic technology is advancing rapidly.
Paper is always going to be the big sticking point, because it's not ecconomic, and lack of the right technology is not the problem. Pretty much the only valid argument in _favor_ of recycling paper is saving landfill space. (I'm not saying this isn't a good argument; I'm only saying that it's the only one.) Trees are very much a short-term renewable resource, and it's cheaper to make paper from trees than from old paper -- and the resulting paper is (at least in theory) better (though for some purposes the difference is unimportant). As far as toxic poisons, the ink is much more a concern than the paper itself, and when you recycle paper the ink is left over, and you still have to do something with it. So it comes down to saving landfill space. Consequently, paper recycling, if it's going to be done, is going to have to be heavily subsidized by someone -- preferably by an environmental charity of some kind.
> I guess we should be glad that most people are apparently not falling for > their "Trustworthy Computing" horseshit.
I actually find this rather amazing. It runs counter to the usual thinking about the masses believing the big lie. I think the issue may be that the surveys were apparently taken among IT professionals. I suspect that the results might be somewhat different if you polled random businesspeople.
> It will probably take them at least five years to even begin to win back > security mindshare
No, most people don't remember very well for that long. If they could get all the outstanding issues fixed and go six months without any major new ones (by major, I mean the kind of stuff that makes the tv news), that would go a long way for their reputation, I suspect. Unfortunately, that would require some policy changes they aren't willing to make. (Most significantly, Outlook's behaviors regarding execution of attached non-text content would have to be radically changed; with most other things (IIS, SQL Server) they could possibly get lucky for six months, and the OS (CIFS/RPC/etc) could be improved enough to shake most of the harshest criticism merely by turning on the builtin firewall by default, but Outlook as it currently stands is their greatest liability, security-wise. The occasional vulnerability in SQL Server or IIS doesn't hurt them that badly; SQL Server is really no worse than sendmail, which somehow manages to get cut hefty amounts of slack, and virtually everything has some vulnerability occasionally, but on the whole you don't see ssh getting a bad reputation (well, maybe for a while, but people will settle if it goes six months without another issue). So, all they really have to do, to get out of the security doghouse with most people, is stop the endless stream Outlook viruses and manage a few months without any other major catastrophies. The latter they can do -- maybe not every six months, but they can do it. (Again, by major catastropies I'm talking about stuff that sets the tv news commentators to yammering. Stories that make slashdot when a patch is released before any seriously bad exploit hits don't matter so much.) The real problem is, Outlook's problematic behavior is largely dictated by policy -- it has to execute non-text content because that's part of what it's supposed to do (for reasons I can't fathom, but MS has been pretty clear on this point). So unless they can find a way for Outlook to execute things in a well-contained sandbox environment or something (think in terms of a chroot jail, but for Windows), I don't see how they can shake their reputation for poor security without a major policy change. Because if Outlook is left as it is now, it will continue to have new exploits come out on a depressingly regular basis.
This is scifi stuff at this point. For an AI to seek help from a lawyer, without being specifically programmed to do that... that's not merely AI complete; it's quite possibly *beyond* AI complete (i.e., it doesn't follow that an AI smart enough to learn new concepts, understand language, and reason analyitically would necessarily come up with something like that on its own). Even if it's only garden-variety AI-complete, we're no closer to that today than we were in 1970 -- and if we ever do develop that kind of AI, I suspect we'll be able to tell.
BIOS password is no good; all they've got to do is steal the computer, open the case by whatever means are necessary, and pop the drive into another system.
If you need to secure against the case where someone gains physical access to your computer while it is unguarded, I can only think of one way to do it: encrypted filesystem with a large private key that must be typed in at boot time and is not stored on disk anywhere (never, for example, in swap space), just in RAM. This, combined with the usual forms of software security that prevent the already-running system from being compromised, should at least make it abnormally difficult for an attacker to get at the data. Difficult enough that the easiest way would be to obtain the private key (either by surveillance or by rubber-hose cryptanalysis).
Alternately, you could just never leave the system unguarded. But then you have to decide how "guarded" is guarded enough. Is it enough to leave a pair of trained dogs in the room? A security guard with a handgun? A platoon of goons with assault rifles? A couple of gryphons and a medium-sized dragon?
> I would mainly agree, with exception of the 802.11G wireless cards.
Those I will freely admit I know nothing about. All my networks are 10/100 wired Ethernet, cat5 or better. (Well, there's also the DEC net at work, which is cat4, but as far as Linux is concerned that's just a serial port, and the giscom thingydoo in dosemu is the only thing that talks to it.) (There's also my dialup connection to my ISP at home, but PPP is well supported.)
I did note that with Linux the first step is to check reviews before you buy and get hardware that's said to work with Linux, and that this particular step is easier with Windows. Just about any hardware, *theoretically*, can be made to work with Windows. Though with USB it often requires sacrificing goats.
> Anything short of a house fire
You say this mostly in jest, perhaps, but a house fire is the thing that most
frightens me in terms of data loss. Hard drive failure would be bad, but a
fair amount of my *most* important data is on more than one physical drive.
Still, a house fire would take it all. The prospect scares me. I've got a
few CD-Rs offsite, but it's nowhere near enough.
100BaseT is plenty fast enough for many types of data -- notably, anything that
.XCF images on the
is normally loaded into RAM, worked with for a while, and maybe periodically
saved. Documents, images, source code... most of the kinds of things we tend
to accumulate large amounts of and want stored redundantly.
The only notable thing I can think of that most of us have that you want
stored redundantly that would not perform well over 100BaseT is email, and
that's because you will commonly want your software to access lots of files
(or, if each mail "folder" is a file for you, really *big* files) all at
once. Still, a network fileshare would perform at least as well as IMAP
over the same connection. There are other things besides mail that you
would probably not want to access over 100BaseT, but they're things most
of us don't use much, like video. (Video downloaded from the internet does
*not* count here, for obvious reasons. I'm talking about movie quality
video.) Also, you probably don't want your WAV music collection stored
this way. MIDI would be okay, but if you're into modern music and don't
like lossy compression, you'd want to work out another arrangement for that.
Like, let a computer that stores them play them, and run speaker wires to
various locations. (You could still store copies on more than one system,
but rather than accessing them over the network you'd use one of the PCs
that had the data locally as your music player.)
But for normal data, no problem. I routinely use CIFS over TCP/IP over
100BaseT to remotely access OpenOffice documents and
Windows PC upstairs from my Linux PC here, and the delay is not generally
worth talking about. Loading the application (OO.o or Gimp or whatever)
from the local hard drive takes much longer (because the app is much larger
than a single document or image file, unless it's a fairly big image
or an abnormally *massive* document).
Obviously, you would take a noticeable performance hit if you accessed your
applications over 100BaseT. I've done it, though, and it's not entirely
horrible, for small-to-medium applications. Even for large applications,
it performs better than Knoppix. (100BaseT is faster than a CD-ROM drive.)
But generally you wouldn't need to do your apps this way, because you don't
need to worry about losing them; you can always install them again. (You
could put your downloads folder on the LAN, no problem. Apps that you have
on CD there's even less reason to store redundantly.) It's really not apps
but *data* that you want to store redundantly and share between systems.
Of course, Gigabit Ethernet is beginning to become affordable; for somebody
with eight computers in his house (all being used -- that seems to be what
he implied, so I assume these are not old 386s in the closet), it may even
be affordable now. If so, hey, by all means, go for it.
> I'm much more likely to blow my data away myself than have a drive go out.
You're either very very careless, or you've had MUCH better luck with hard
drives than I have. I've had three hard drives go bad on me over the years.
I haven't deleted anything I still wanted in a *long* time. I'm more likely
to lose data due to a power outage than I am to delete it myself.
However, I'd have to say that the *most* common cause of dataloss is buggy
software. I've lost more data over the years due to crashes (either of
the entire OS when I was using Windows, or X11 has crashed on me a couple
of times, or application crashes) than the *square* of the amount I've lost
to all other causes combined. (When the hard drives went bad, I didn't lose
all the data on them, because individual sectors went bad at first and I was
able to copy almost everything off. Yes, I was lucky; occasionally a drive
goes bad all at once. That would suck.)
As for user error, I agree with the guy upthread who advocated VMS's solution.
ITS had automatic versioning (for files flagged for it) way back in the days
of the PDP8. VMS has had it forever. Yeah, there are some files you would
not want versioned (e.g., logfiles), so you'd want to be able to mark certain
directories and/or certain files to be versioned or not, and you wouldn't
want every version saved forever (so, the system should automatically know
how to keep sparser and sparser versions the further back you go, but these
are not insurmountable issues by any means.
Would it use more space? Yeah, of course. So, make it optional, and
people who want to save space can choose to be careful.
> "If voting could really change things, it would be illegal
That's an interesting remark, though it's also totally irrelevant to the
legality of discussing technical flaws in a voting system. But hey, this
is slashdot, so let's ignore its irrelevance and discuss it anyway...
The main reason that voting doesn't change much is because of the electoral
college system, which however is absolutely necessary to keep the nation at
peace with itself. Without it, we'd be at civil war in twenty years. With
the EC, the govenrment decays and will gradually fall apart in another couple
of hundred years -- that's *better*.
The reason the candidates from the opposing parties are so much alike, is
because to have any prayer of being elected they have to garner the electoral
votes of the swing states -- the states containing roughly equal numbers of
conservatives and liberals, i.e., the states with roughly equal amounts of
non-urban and urban population. This prevents them from candidating on
platforms that would make the largely geographical boundaries between the
conservative and liberal areas more obvious than they already are and stir
up tensions between them. Thus, the system we have holds us together. A
direct voting system would encourage the candidates to appeal to the strong
emotions of one side or the other, which would drive wedges between us.
Oh, voting would *change* things then, alright -- but it wouldn't be good.
The problem here is the mentality of males in general and male gamers in
particular. If one guy has a sixteen-inch thingy, all the other guys will
want their character to have an eighteen-incher, and if you allow that, it
won't be many more iterations of one-upmanship before you see guys running
around with, effectively, three legs, and I'm not sure it would stop there.
The only way this could be practical at all would be if the game company
charged on an exponential scale for the extra size. Then you'd be able to
tell who had the most money to blow on their character, but apart from that
things could be kept mostly in check, with most of the characters having
proportions only abnormal in the normal "more than reality" way of such
games, rather than making Salvador Dali look sane.
> Use GAIM!
What, me? No, I use Gnus, thanks very much. All MY instant messaging is done
through a better, more stable, more mature, more well-established and robust
instant messaging network, technically known as SMTP. The only thing the IM
networks GAIM uses provide that SMTP doesn't is the ability to see when someone
is online, but for that I use another very popular thing known as "ping". I
have no need of GAIM.
The person who uses the IM software is my youngest sister, and the probability
that she would switch to GAIM if I recommend it is approximately zero. She's
not one to take advice, generally, *especially* not from people significantly
older than she, and *extra* especially not from geeky academic types such as
myself who liked school and read technical books and don't listen to "cool"
(i.e., annoying) music and watch "cool" (i.e., inane) movies and wear "cool"
(i.e., sports-branded) clothes and so on and so forth. The less advice I try
to give her, the better it is for all concerned.
> If anything, I would call it a trojan myself.
No, it's not a trojan. Trojans run once generally and are done, and they're
not difficult to uninstall. Gator is a more persistant form of malware.
If they were to sue you for calling it spyware, you might have to convince the
court that it is spyware. (Otherwise, it would be libel.) You can make your
own evaluation about how hard it would be to convince a court that Gator is
spyware. Since they've admitted right out that it's adware, the easiest way
might be a linguistics argument showing that the terms are universally used
synonymously. But do you really want to go to court?
Besides, calling Gator spyware is too generous; it's clearly malware.
Literally, "that which was to be proven". (It is, as others have pointed out,
a Latin abbreviation.) Pretty much all mathematical proofs end in QED. Proofs
by deduction are using it for its literal meaning, because the last step is the
item which was to be proven. Other types of proof (mathematical induction,
assumption and contradiction, and so forth) use it in a more figurative sense,
simply indicating that the proof is complete. I never had a math teacher who
didn't use it, in high school or in college.
You'll want to get a whole team of volunteers in on this. Make sure it's
clear, the goal is to investigate, to obtain information. No threats are
to be made, and no physical harm-inducing action to be taken. Just a big
fat trainload of investigation. Spamming itself, though highly objectionable
socially, is not per se illegal, but given the stigma attached to it, there's
an excellent chance that spammers, *especially* ones that also use cracking
techniques, may have the kind of morals that may lead them to view other
illegal actions as "only illegal if you get caught", which could mean that
by investigating you can turn up some real dirt. Can't hurt to check.
An important secondary goal is to make sure, without telling them, that they
KNOW that they are being investigated, but not by whom. So, spare nothing
when it comes to forms of investigation that they'll notice. If you can find
out where they work, phone up their employer and start asking questions.
Don't do anything illegal, but whatever you can do legally, do it. The
going-through-the-garbage trick is fairly well-known now, having been used in
the movies, so if you can determine that it's legal in the jurisdiction in
question, do it -- repeatedly if possible. You want them to *see* their
trash being pilfered by somebody other than trashmen, but not have any way
to track who it was (so, don't let them see your license plates or anything).
The reason you don't want them to know who it was, is because it's scarrier
for them that way. Yeah, taking their garbage may be legal, but even if
you'll win that court case, they'll feel better just by being able to *do*
something about you. Plus, if they know who you are, they'll know also who
you *aren't*, namely, various types of people by whom it would be scary to
be investigated, such as the police, FBI, tv newspeople, professional
investigators, or whatever. You don't want them to be able to rule out
those possibilities. Even if they strongly suspect it's just anti-spam
activists clowning around, you want doubts in the back of their minds.
Basically, there are two things you want to accomplish. First, if they've
done anything illegal, you want to know and, if possible, be able to document
it. Second, and at least as important, you want them so worried about being
investigated that they're up nights, stressed out, irritable, crabby and, in
short, miserable. Bonus points if you can get their families worried about
it too. This will all be most effective if, rather than warning them that
you will investigate them, you let them figure it out on their own. That way
they wonder what *else* is going on. You cannot make any threats that will
scare them as much as what their own immaginations will come up with when
they realise they are being investigated. So don't make threats. If they've
done anything illegal, you want them wondering if the FBI might be involved.
If they haven't, you want them wondering who on earth would be investigating
them and why, and whether possibly a major news network is doing a story on
them for primetime the next time a slow news day rolls around, or some
equally life-disrupting thing. You don't want to hint at anything specific,
of course, because vagueness is scarier. You want them stressed out,
enumerating unpleasant possibilities in their minds, biting their nails,
taking heartburn medications and headache pills.
Ultimately, your goal is for them to decide to get out of spamming. Unless
your investigation turns up anything you can interest the authorities in.
In that case, of course, by all means do that.
If you want to ensure that they have serious expertise, you could require that
they retain someone on staff from whom Linus regularly accepts patches. That,
however, is going to limit how many of your partners can have this status.
You may want to set the bar somewhat lower. For example, you could merely
require that their corporate network include at least some number (or perhaps
some percentage) of Linux systems that they manage themselves internally and
which must be able to perform certain functions on their network (e.g.,
function as print servers, file servers, whatever it is you want to require).
You could require certifications in addition, but requiring them to include
Linux in their own network infrastructure ensures they have some real-world
experience with it that will go beyond the bookwork involved in passing a
certification. (The requirement of administering these systems themselves
prevents them from just buying a support contract from someone else and then
being considered experts themselves. They have to have their own support
team on staff for it, then.)
If all you want is a basic level of familiarity, you could simply require
some number or percentage of their support people to have some certification
or another. That's about as low as you can set the bar and have the status
hold any real meaning, I think. There's a tradeoff between choosing this
level and the higher requirement of having Linux on their own corporate
network. Namely, with the lower requirement more of your partners will
seek and obtain the expert status, which is good, but with the higher
requirement the ones who do will be better experts, which is also good.
I can see arguments either way, as far as which is better.
> Note that this is no less intrusive than pages that have Macromedia Flash
> on them, and repetitively being asked to install Macromedia Flash
Of course, if you have Mozilla, you can delete the null plugin and solve this
problem once forever (well, until your next browser upgrade). Though I do
think that for the sake of end users it ought to be possible to just check a
"never ask again" checkbox and not have to mess with deleting a file manually.
But hey, at least it's possible.
> > I think we should just say "beware" :-)
> Clever. But I bet Steve Jobs already has that one trademarked.
No, not Jobs. J. L. Gasse, possibly, but if so it's all Palm now.
> "Malware"
Yes, absolutely, malware is the category in which I place Gator.
> Anyway, I thought Gator's primary purpose was pushing ads?
You thought wrong. It's not adware. Even calling it spyware is somewhat
on the generous side, as that implies that what it does is passive, some
kind of watching or monitoring -- but while it does hide as spyware does
also, it's also very disruptive; as far as I'm concerned, it's malware.
As near as I can determine, calling it adware is an outright lie, because as
far as I can see it does not advertise *anything*, including its presence.
A few weeks ago I found Gator on the Win98 PC that my family uses upstairs,
and removed it. We didn't know it was there, and certainly we didn't see any
ads. (My family would have noticed if it were popping up any ads, because
the browser they use does not pop up any extra windows on its own; if you
want to open something in a new window, you have to right-click and choose
"Open in New Window"; otherwise, everything stays in one window. If Gator
were causing the computer to deviate from this pattern, we would have known
much sooner that something was running in the background creating the
problems, and it would have been much easier to find and remove it.)
The reason ultimately that I went poking around and managed to find Gator
and remove it was because of the system instability it was causing. I was
looking for any possible cause and was this close [holds up fingers virtually
touching one another] to swapping out the hard drive. I knew it wasn't bad
RAM only because the system is multiboot, and the other OS was fine. So I
figured major filesystem problems. But scandisk turned up nothing. Finally
I found Gator, removed it, and *bang*, overnight, the system was stable.
(Well, stable as Win98 goes[1].) It can now run for hours and hours without
rebooting, the whole day most days, from when my Dad gets up at 6am to when
my mom goes to bed at 2am, if my youngest sister doesn't fire up the IM
software[2]; before I removed Gator, two hours was pushing it.
So, the primary purpose of Gator, clearly, is to screw up your system.
They can make all kinds of bogus claims about other things it might do in
theory, but in practice the main thing it does is screw up your system.
It's malware, simple as that.
[1] Yeah, I know one day is not impressive uptime outside the context of
Windows 98. I actually use Mandrake myself; it's the rest of my family
that uses Windows. Hence, I have my own computer and they all share.
But the family PC is usable for my family if it can run all day; it
wasn't terribly usable when it was crashing every hour -- which was
my point about Gator; it makes the system unusable.
[2] In which case, it does have to be rebooted after that, but I've got
a registry merge in autoexec.bat to prevent the IM stuff from starting
up at system start time, so it only runs when she actually uses it,
which really isn't all that often. I forget whether the one she uses
is AIM or YIM, but whichever one it is, I recommend against it.
> filenames are not case-sensitive. (How the hell you localize *that* I
> don't know...)
Each locale needs its own set of equivalence classes, but that's the only
additional burden it would create, I would think. It does have to be
possible to list more than two characters in a class though. For example,
Greek has three different sigmas (two lowercase and one uppercase), and
you'd want to list all three of them as equivalent for case-insensitive
purposes. Should work for any alphabetic writing system, and AFAIK most
non-alphabetic systems don't have any such concept as character case, so
it wouldn't apply (e.g., each ideograph would be considered unique, just
like non-alphabetic characters (which, I suppose, they are)).
> On UFS, filenames are. So, we've got applications (particularly in the blue
> box) that open a file named "preferences" -- but the file was actually
> created as "Preferences"
For a sufficiently savvy user, this ought to be as easy to fix as making a
symlink or two. (UFS does have symlinks, yes? Hardlink if not, but that's
icky IMO; symlink would be better. Doesn't get broken by editors that write
the new file before unlinking the old one and renaming, for one thing. But
I'm sure if FreeBSD uses it as the default fs it must have symlinks.) Of
course, that assumes the app gives you an adequate error message, which I
suppose might be asking too much from a typical Mac app. (ISTR getting error
messages like "An error has occurred: error -754412" or somesuch.)
It was a *joke*. It's not my fault the mods marked it Insightful instead of
Funny. (The wording I gave was, as I *thought* was obvious, quite made up.)
> On the other hand, I suppose a hosting company could maintain seemlingly
> high uptime by never patching
If you use fully-redundant servers with load ballancing, you can patch and
reboot them individually without disrupting service. Thus, you can have
high availability without technically having long uptimes. This IMO is the
direction that high availability systems are going to go -- toward clusters.
Theoretically, this can be done with any OS, though of course some OSes have
better clustering capabilities than others. But even with an OS that has NO
clustering capabilities, if the server apps provide for synchronization
between servers you can accomplish basically the same thing.
HFS+ probably has the same issue here as FAT and NTFS, wherein a file shouldn't
be deleted or overwritten while it's in use. OS X *theoretically* also supports
UFS, but everybody's afraid to use it because Apple once hinted that some apps
might not like it. That said, I really have no idea whether using would
A) break anything or B) solve the reboot problem, because I've never used UFS.
> > There's really no logic behind why their patches do some of the things
> There has to be...
Technically, there are logical reasons, but it's not always possible to discern
what they are, because of the ways in which details are buried under the hood.
If you read the agreement carefully, you will find that they are at least
... [snip]
minimally compliant. I believe this is the relevant section...
Microsoft shall publically indicate their agreement to undertake actions as
deemed necessary by the court to effect a reduction in the above cited
anticompetitive practices and shall not
If you read carefully, you'll note the language "publically indicate", which
Microsoft clearly has done. Therefore, they are technically in compliance.
There are definitely other things besides aluminum that without any question
at all, environmentalist arguments aside, make very good sense to recycle.
Glass is one of them. It's a LOT cheaper to make new glass out of old glass
than from scratch. Actually recycling glass is even more ecconomic than
recycling aluminum, in some ways. (It's also more of a pain to collect,
which may offset that, but the fact remains it can pay well enough to be
worth doing, no question.)
Then you have your environmental reasons, and I think it's pretty clear that
recycling plastics is a good idea for the environment, if doing so can be made
practical. (We can only use so many expensive picnic tables.) In time, the
technology for this may improve to where it's fairly practical, hopefully.
It ought, in theory, to be possible to make pastic recycling ecconomic, though
for the present I think the technology hasn't got there yet. But I don't know
that there are any underlying reasons why it can't be ecconomic in the future,
given the right technology. And plastic technology is advancing rapidly.
Paper is always going to be the big sticking point, because it's not ecconomic,
and lack of the right technology is not the problem. Pretty much the only
valid argument in _favor_ of recycling paper is saving landfill space. (I'm
not saying this isn't a good argument; I'm only saying that it's the only one.)
Trees are very much a short-term renewable resource, and it's cheaper to make
paper from trees than from old paper -- and the resulting paper is (at least
in theory) better (though for some purposes the difference is unimportant).
As far as toxic poisons, the ink is much more a concern than the paper itself,
and when you recycle paper the ink is left over, and you still have to do
something with it. So it comes down to saving landfill space. Consequently,
paper recycling, if it's going to be done, is going to have to be heavily
subsidized by someone -- preferably by an environmental charity of some kind.
> I guess we should be glad that most people are apparently not falling for
> their "Trustworthy Computing" horseshit.
I actually find this rather amazing. It runs counter to the usual thinking
about the masses believing the big lie. I think the issue may be that the
surveys were apparently taken among IT professionals. I suspect that the
results might be somewhat different if you polled random businesspeople.
> It will probably take them at least five years to even begin to win back
> security mindshare
No, most people don't remember very well for that long. If they could get all
the outstanding issues fixed and go six months without any major new ones (by
major, I mean the kind of stuff that makes the tv news), that would go a long
way for their reputation, I suspect. Unfortunately, that would require some
policy changes they aren't willing to make. (Most significantly, Outlook's
behaviors regarding execution of attached non-text content would have to be
radically changed; with most other things (IIS, SQL Server) they could possibly
get lucky for six months, and the OS (CIFS/RPC/etc) could be improved enough
to shake most of the harshest criticism merely by turning on the builtin
firewall by default, but Outlook as it currently stands is their greatest
liability, security-wise. The occasional vulnerability in SQL Server or IIS
doesn't hurt them that badly; SQL Server is really no worse than sendmail,
which somehow manages to get cut hefty amounts of slack, and virtually
everything has some vulnerability occasionally, but on the whole you don't
see ssh getting a bad reputation (well, maybe for a while, but people will
settle if it goes six months without another issue). So, all they really
have to do, to get out of the security doghouse with most people, is stop
the endless stream Outlook viruses and manage a few months without any other
major catastrophies. The latter they can do -- maybe not every six months,
but they can do it. (Again, by major catastropies I'm talking about stuff
that sets the tv news commentators to yammering. Stories that make slashdot
when a patch is released before any seriously bad exploit hits don't matter
so much.) The real problem is, Outlook's problematic behavior is largely
dictated by policy -- it has to execute non-text content because that's part
of what it's supposed to do (for reasons I can't fathom, but MS has been
pretty clear on this point). So unless they can find a way for Outlook to
execute things in a well-contained sandbox environment or something (think
in terms of a chroot jail, but for Windows), I don't see how they can shake
their reputation for poor security without a major policy change. Because
if Outlook is left as it is now, it will continue to have new exploits come
out on a depressingly regular basis.
This is scifi stuff at this point. For an AI to seek help from a lawyer,
without being specifically programmed to do that... that's not merely AI
complete; it's quite possibly *beyond* AI complete (i.e., it doesn't follow
that an AI smart enough to learn new concepts, understand language, and
reason analyitically would necessarily come up with something like that on
its own). Even if it's only garden-variety AI-complete, we're no closer to
that today than we were in 1970 -- and if we ever do develop that kind of AI,
I suspect we'll be able to tell.
BIOS password is no good; all they've got to do is steal the computer, open
the case by whatever means are necessary, and pop the drive into another
system.
If you need to secure against the case where someone gains physical access
to your computer while it is unguarded, I can only think of one way to do it:
encrypted filesystem with a large private key that must be typed in at boot
time and is not stored on disk anywhere (never, for example, in swap space),
just in RAM. This, combined with the usual forms of software security that
prevent the already-running system from being compromised, should at least
make it abnormally difficult for an attacker to get at the data. Difficult
enough that the easiest way would be to obtain the private key (either by
surveillance or by rubber-hose cryptanalysis).
Alternately, you could just never leave the system unguarded. But then you
have to decide how "guarded" is guarded enough. Is it enough to leave a pair
of trained dogs in the room? A security guard with a handgun? A platoon of
goons with assault rifles? A couple of gryphons and a medium-sized dragon?
> I would mainly agree, with exception of the 802.11G wireless cards.
Those I will freely admit I know nothing about. All my networks are 10/100
wired Ethernet, cat5 or better. (Well, there's also the DEC net at work, which
is cat4, but as far as Linux is concerned that's just a serial port, and the
giscom thingydoo in dosemu is the only thing that talks to it.) (There's
also my dialup connection to my ISP at home, but PPP is well supported.)
I did note that with Linux the first step is to check reviews before you buy
and get hardware that's said to work with Linux, and that this particular step
is easier with Windows. Just about any hardware, *theoretically*, can be made
to work with Windows. Though with USB it often requires sacrificing goats.