The reason why is called the "gorilla-arm problem" -- human beings are designed in such a way that holding your hand up in the air for long periods, making many fine-grained motions, isn't particularly pleasant. Tack a sheet of paper to the wall at eye level and try writing on it while seated to see what I mean. Light-pen-based systems manufacturers learned this the hard way.
Surface-mounting the touchpad-display in your desk solves this problem, but that requires specialized furniture.
I don't want to carry a laptop or a PDA (too expensive, plus I want to be away from computers at least those 2 weeks per year). Any suggestions for a light, cheap, keyboard-equipped device? Like a travel clock + keyboard and more memory and USB?
This almost sounds like a troll -- "I don't want to carry a PDA, but I want a device with a keyboard and USB. A travel clock with a keyboard? What universe are you from?
Anyway, I recommend getting a cheap early-model Palm Pilot (circa $100 or so, especially if you get 'em used) and a keyboard. I used the Palm m500 and a Logitech keyboard (about $75, less used, I assume) to write a travelogue on a trip this summer. The battery life on the plam impressive, and if you lose it, you're only out less than $200. Or much, much less if you buy used.
One caveat: the accuracy on those tiny keyboards sucks. Expect to spend some time cleaning up yuor speling on your home pc.
I'd be pretty pissed if she died after 10 years. Think of how amazingly expensive this procedure probably was for their insurance company! That's money that you and I have to foot the bill for. At 6 months old, wouldn't it make a hell of a lot more sense to let her die and start over? If your computer is SO fucked up that you need a new motherboard, CPU, memory, hard drive, DVD-ROM, floppy drive, and there's a huge ass dent and scratch in your case and the plastic front is all cracked, wouldn't you just say fuck it and start from scratch? It may sound cruel and heartless, but this kind of surgery is just ludicrous for a baby. She's going to be fucked up for the rest of her life now whereas if they would've just let her die peacefully they could've started fresh.
As usual, the Slashdot moderation is used to mod down people who have unusual but nevertheless legitimate points of view. (See my last comment.) This fellow expressed a view not unlike Peter Singer, a well-known (if highly controversial) Australian philosopher. (details)
In a college or university setting (or even at a bar somewhere), we'd have a debate over this point, but on Slashdot, it becomes "-1, Flamebait".
One part of the problem is that the net's standards are controlled by bodies like Icann and the Web Consortium whose primary interest is technical stability and corporate interests.
[...]
Before we can change the net, and make it more able to reflect the real public interest, taking it under democratic control, we must remove it from the hands of these groups, whose time, like that of the elves in Middle-Earth, is over.
I'm tempted to guess that he wrote it with the intention of raising the ire of slashdot readers, and getting the expected bazillion comments that every idiotic net-reform proposal gets.
Of course, there's always the chance that he really did think the proposal reasonable, and didn't intend to be trolling. If you believe that, check out his closing paragraphs:
Of course, one consequence of giving control of the net to governments is that some governments are bad, prying on their citizens, denying human rights and reneging on international obligations.
But not everywhere is the United States or China, and I would rather see the network in the hands of governments who can be lobbied, replaced and argued with, than leave it in the hands of the large corporations who develop the programs or standards bodies who are blind to people's real interests.
Lumping the United States with China on a list of countries that "[deny] human rights"? News flash, Thompson! Can you guess what would have happened to Dan Ellsberg if he'd stolen the Pentagon Papers from the British government and published them in the NY Times? He'd STILL be in jail under the Offical Secrets Act! (Of course, the real irony is that Thompson is complaing about the U.S.-controlled internet because it's too free.) Your flamebait counter should be redlined about now.
So it's basically an MD5 (or equiv hashing method) of the image at the time it's taken? Too bad -- I thought they had a unique idea to verify images that had already been taken.
[snip]
What's to stop me from editing the MD5sum on the image and the smart media (it's presumably read/write)?
Obviously, just storing the checksum of the image in the EXIF headers (or somewhere else) won't work -- you could just modify the image and calculate a new checksum.
One variant on that scheme that would work (reasonably well) would be the following: each camera would be assigned a RSA private key. Canon would keep a record of which key was assigned to which camera (by associating it with the camera's serial number). The private key would be stored in a tamper-resistant chip on the camera's logic board. The camera could then digitally sign all of the images it captures. If the camera saved both its serial number and the digital signature in the EXIF headers of each image (or the JPEG comments, or whatever), a third party who wanted to verify the image could go to the Canon website, get the public key for that serial number, and verify the digitial signature.
The weak point is in the 'tamperproof' chip -- research on smart cards has shown that virtually any so-called 'tamperproof' security system can be cracked. A court could demand to see one's camera (to ascertain that it had not been altered), but some smartcard attacks (such as those based on timing or power consumption) don't even need to modify the card to get at the key -- some of these attacks might translate to cameras, as well.
It would be possible to provide pretty good image verification with this system. But a determined attacker could break it.
That's fair -- but it strikes me that game production is way, way, way more involved than level design. If you want to work in games, it's perfectly reasonable that you've never built one yourself -- it's not practical for modern games. But given that level design *can* be done by one person, that level-design tools exist for it, and that the Internet is teeming with player-designed levels for a variety of games, it seems suprising that the author implies that he's never designed one before.
Perhaps I'm reasing his question incorrectly, but it sounds as if he hasn't tried any of the design tools available. That led me to wonder: how did he get the idea that he wanted to do level design, in that case?
No one actually applies for most of the schoolarships out there... I have a nephew that has won a ton of money by virtue of being the only entrant.
Write a generic, flexible essay and, well, crap-flood it everywhere. You'll be amazed at the checks you'll be cashing at the end of the semester, after all of your tuition, housing, and books have been paid by other people...
I think your nephew must have had more going for him than the fact that he was the only person applying for these scholarships. The idea that there are loads of unclaimed scholarships that are open to whomever turns in an essay, regardless of their merits, is nonsense, pure and simple.
Peterson's, which is an authoritative a source as any, explains:
Myth 1
Billions of scholarship dollars go unclaimed.
The mother of all scholarship myths, this one has been around since the word scholarship was invented. "I can't get a handle on where it comes from," says Carmichael. "It certainly is not from college financial aid offices." As for Clemson, Carmichael says they seldom have unawarded scholarships, and if so, it's usually because of timing or it's a highly restricted scholarship.
There are lots of scholarships out there, but they're all fairly competitive.
You can also download the videos with mmsclient. It works like wget -- you just give it the mms:// url. You can get it here. That site has an XMMS plugin, too, but I haven't tried it.
The Office of Information Technology at Princeton is divided
between thoughtful and clueful people who are an absolute pleasure to
work with --- and, regrettably, a few people like those who wrote the
above article for Syllabus.
If you look beyond the cheap shots at OS/FS, he's defending
PeopleSoft, which makes the CRM-like software that runs the
University's bureaucratic systems. The company certainly needs
some defending. Case in point: up until last year, Princeton course
registration was paper-based. Fill out a scan-tron sheet, have your
adviser sign it, and take it to the Registrar. Simple, but students
complained about the long walks to remote parts of campus.
Last year, the Registrar finally implemented a new computerized
system based on PeopleSoft. The steps for a student to register as
follows:
Pull up the registrar's website; find the PDF form for course registration.
Fill in the form with your courses.
Print out the form, and take it to your adviser for their signature.
Deliver the form to your department's secretary, so he or she can manually enter the course selections from the
forms into the system.
Maybe I'm not subtle enough, but I fail to see how this represents
a step forward. It would seem trivial to save the course
information on the registration system so the adviser could approve it
with a mouse-click at their meeting with the student. But let me guess
--- does PeopleSoft not support that? In fairness, PeopleSoft might
support it. But if it did, one wonders why the registrar chose a more
inefficient solution. Why a three-way paper-shuffle? Is that what
PeopleSoft's
"aging, over-21 staff" thought was a good idea?
I will not begrudge Mr. Strauss his vitriol --- he reminds me of the
apologists for any broken platform. If you're stuck with it, you might
as well at least pretend that you like it, and that the competition is junk.
Also -- I can't help but note the omission of a link to the student-run Linux/Unix Users'
Group at Princeton. (Consider this a shameless plug.)
Tonny Yu, founder and CEO of Mailshell, says that any new
and better replacement for SMTP would have to have some sort of
certification system to guarantee that senders are who they say they
are.
The other important requirement, according to Yu, is a
system for tracking resource usage per sender. Basically this means
that profiles should be established for normal amounts of mail sending
from different types of users. If you limited normal users to 100
messages per second and major companies to 10,000 messages a second it
would be hard for legitimate users to complain, but spamming would be
much harder.
This would take a centralized authority -- without one, enforcement
is left to the commons, and we all know what happens then.
I'm sure we'd have no trouble finding a decent, well-respected,
centralized authority to control all of the world's email. After all, no one has any cause to complain about
the Internet's existing centralized authorities!
Prof. Felten has a weblog, Freedom to Tinker. It may answer some questions in advance. He is also teaching a class this semester called "Information Technology and the Law". The readings are online.
The article alludes to a "ultra low cost machine being supplied by the Telford office of Taiwanese company GCI, price ?299, including a smart card reader." This machine is "'stateless,' so a user can log on with their smartcard from any machine on the network, and get immediate access to their personal desktop,".
That sounds a lot like the Sun Ray. I can't find any info GCI from Taiwan (those who can read Chinese could look here to see if GCI==gci.com.tw. It looks like an ordinary retailer.) Does GCI sell Sun Rays, or do they have a new solution?
US $467-per-box seems surprisingly high (conversion by xe.com/ucc/) for a thin client. Thin clients (at least the ones I've seen) are usually built around stripped-down architectures -- essentially, a USB controller, a video card, a NIC, and the minimum that's needed to tie them together.
Then again, if you toss in the price of an LCD monitor (space concerns) and a smart card reader, $467 may be reasonable.
Does anyone know what GCI sells? The Oracle of Google doesn't reveal anything about GCI and "smart card" or "thin client". (It does reveal a
page saying that there is a "ANSWER GCI LTD", originally from Taiwan, in Telford, but supplies no details beyond the fact that they're in "computer sales.") If they're a reseller, reselling thin clients, I would be intrigued to discover which ones.
I should be shocked, shocked! that the Slashback blurb on the
Princeton-Yale fiasco is heavily editorialized, and don't even bother
linking to the primary
source. (ObDisclosure: I'm an undergrad there, and I know LeMenager) But I'll let that slide.
I'm still curious as to three things:
Why did the editors post this blurb without indicating that
independent investigators concluded that admissions director
LeMenager intended only to check the security of Yale's
website? The implication that he intended to spy on innocent
applicants who entrusted him with their personal information is irresponsible.
Mr. LeMenager entered the Yale site by using the name,
birth date and social security number of a Princeton applicant who he
thought might also have applied to Yale, fully expecting that he would
then be asked for a password or an ID number. He was surprised to
learn that there was no security beyond name, birth date and social
security number.
If LeMenager was actually committing "identity fraud" for fun and
profit, why on earth would he tell Yale exactly what he did at
an admissions conference in May? Read the source.
LeMenager made the mistake of repeating the entry to demonstrate how
it was done. That hardly qualifies him for dismissal.
Quoth the press
release.
While we do not in any way condone
these actions, there is no evidence that there was any intention on
Mr. LeMenager's part to do anything other than test, and then
demonstrate, the site's security or that he used confidential
information for any other purpose.
Lest we forget, Yale sat on this story for two months before releasing
it. I've no idea why.
Given the sheer quantity of Slashdot wailing and chest-beating
about the tragic propensity for computer-security whistleblowers to
get reprimanded, sacked, or prosecuted, the sarcasm of the last
paragraph of the blurb is unexpected, if not downright hypocritical.
I can understand why the mainstream news calls this a 'hack'. But
Slashdot should know better. I'm not referring to the ESR/RMS
"Editor, when you say hacker, you really mean cracker" lexicographic crusade
-- I'm referring to the fact that using a name/SSN pair obtained legitimately (i.e., from an applicant who mailed it
to you) to access a website is not "hacking" by even the most tortured definition of
the term. It is social engineering, maybe. It is illegitimate, if done with
malice, sure. But it is not "hacking."
I can understand why the mainstream press screws up. Six years ago,
how often could you find an article about the Internet that didn't
contain enough glaring errors to qualify it for a good MST3King? How much
better are they today? Not much.
Slashdot Mirror
The reason why is called the "gorilla-arm problem" -- human beings are designed in such a way that holding your hand up in the air for long periods, making many fine-grained motions, isn't particularly pleasant. Tack a sheet of paper to the wall at eye level and try writing on it while seated to see what I mean. Light-pen-based systems manufacturers learned this the hard way.
Surface-mounting the touchpad-display in your desk solves this problem, but that requires specialized furniture.
A 6-point computerized grading system. Hmmm. Moderators, watch out -- your jobs are about to become obsolete!
This almost sounds like a troll -- "I don't want to carry a PDA, but I want a device with a keyboard and USB. A travel clock with a keyboard? What universe are you from?
Anyway, I recommend getting a cheap early-model Palm Pilot (circa $100 or so, especially if you get 'em used) and a keyboard. I used the Palm m500 and a Logitech keyboard (about $75, less used, I assume) to write a travelogue on a trip this summer. The battery life on the plam impressive, and if you lose it, you're only out less than $200. Or much, much less if you buy used.
One caveat: the accuracy on those tiny keyboards sucks. Expect to spend some time cleaning up yuor speling on your home pc.
As usual, the Slashdot moderation is used to mod down people who have unusual but nevertheless legitimate points of view. (See my last comment.) This fellow expressed a view not unlike Peter Singer, a well-known (if highly controversial) Australian philosopher. (details)
In a college or university setting (or even at a bar somewhere), we'd have a debate over this point, but on Slashdot, it becomes "-1, Flamebait".
Whoops. You're right. Chalk it up to rhetorical excess ;)
Note the excessively arrogant language, and the prevailing assumption that the author is already right, and the implication all that remains is to hammer out the implementation details of his perfectly reasonable proposal. This is pure flamebait. Thompson might as well have called this "A Modest Proposal for Preventing the Internet from being a Burden to the Children and Despotic Governments of the World, and for making it Beneficial to Media Conglomorates."
I'm tempted to guess that he wrote it with the intention of raising the ire of slashdot readers, and getting the expected bazillion comments that every idiotic net-reform proposal gets.
Of course, there's always the chance that he really did think the proposal reasonable, and didn't intend to be trolling. If you believe that, check out his closing paragraphs:
Lumping the United States with China on a list of countries that "[deny] human rights"? News flash, Thompson! Can you guess what would have happened to Dan Ellsberg if he'd stolen the Pentagon Papers from the British government and published them in the NY Times? He'd STILL be in jail under the Offical Secrets Act! (Of course, the real irony is that Thompson is complaing about the U.S.-controlled internet because it's too free.) Your flamebait counter should be redlined about now.
It's a troll. Nothing to see here, move along.
The weak point is in the 'tamperproof' chip -- research on smart cards has shown that virtually any so-called 'tamperproof' security system can be cracked. A court could demand to see one's camera (to ascertain that it had not been altered), but some smartcard attacks (such as those based on timing or power consumption) don't even need to modify the card to get at the key -- some of these attacks might translate to cameras, as well. It would be possible to provide pretty good image verification with this system. But a determined attacker could break it.
That's fair -- but it strikes me that game production is way, way, way more involved than level design. If you want to work in games, it's perfectly reasonable that you've never built one yourself -- it's not practical for modern games. But given that level design *can* be done by one person, that level-design tools exist for it, and that the Internet is teeming with player-designed levels for a variety of games, it seems suprising that the author implies that he's never designed one before.
Perhaps I'm reasing his question incorrectly, but it sounds as if he hasn't tried any of the design tools available. That led me to wonder: how did he get the idea that he wanted to do level design, in that case?
If you've never designed a level before, how did you hit on the idea of designing them for a living?
(I don't mean this as a flame; I'm just curious.)
Write a generic, flexible essay and, well, crap-flood it everywhere. You'll be amazed at the checks you'll be cashing at the end of the semester, after all of your tuition, housing, and books have been paid by other people...
I think your nephew must have had more going for him than the fact that he was the only person applying for these scholarships. The idea that there are loads of unclaimed scholarships that are open to whomever turns in an essay, regardless of their merits, is nonsense, pure and simple.
Peterson's, which is an authoritative a source as any, explains:
There are lots of scholarships out there, but they're all fairly competitive.
You can also download the videos with mmsclient. It works like wget -- you just give it the mms:// url. You can get it here. That site has an XMMS plugin, too, but I haven't tried it.
The Office of Information Technology at Princeton is divided between thoughtful and clueful people who are an absolute pleasure to work with --- and, regrettably, a few people like those who wrote the above article for Syllabus.
If you look beyond the cheap shots at OS/FS, he's defending PeopleSoft, which makes the CRM-like software that runs the University's bureaucratic systems. The company certainly needs some defending. Case in point: up until last year, Princeton course registration was paper-based. Fill out a scan-tron sheet, have your adviser sign it, and take it to the Registrar. Simple, but students complained about the long walks to remote parts of campus.
Last year, the Registrar finally implemented a new computerized system based on PeopleSoft. The steps for a student to register as follows:
Maybe I'm not subtle enough, but I fail to see how this represents a step forward. It would seem trivial to save the course information on the registration system so the adviser could approve it with a mouse-click at their meeting with the student. But let me guess --- does PeopleSoft not support that? In fairness, PeopleSoft might support it. But if it did, one wonders why the registrar chose a more inefficient solution. Why a three-way paper-shuffle? Is that what PeopleSoft's "aging, over-21 staff" thought was a good idea?
I will not begrudge Mr. Strauss his vitriol --- he reminds me of the apologists for any broken platform. If you're stuck with it, you might as well at least pretend that you like it, and that the competition is junk.
Also -- I can't help but note the omission of a link to the student-run Linux/Unix Users' Group at Princeton. (Consider this a shameless plug.)
Try SMTP AUTH. Any respectable MTA implements it.
This would take a centralized authority -- without one, enforcement is left to the commons, and we all know what happens then.
I'm sure we'd have no trouble finding a decent, well-respected, centralized authority to control all of the world's email. After all, no one has any cause to complain about the Internet's existing centralized authorities!
Adam, a classmate of mine in a course on Information Technology and the Law noted on the course newsgroup that FindLaw has the complaints online.
The irony is that this happened the same week we discussed the Napster case in the class.
Prof. Felten has a weblog, Freedom to Tinker. It may answer some questions in advance. He is also teaching a class this semester called "Information Technology and the Law". The readings are online.
That sounds a lot like the Sun Ray. I can't find any info GCI from Taiwan (those who can read Chinese could look here to see if GCI==gci.com.tw. It looks like an ordinary retailer.) Does GCI sell Sun Rays, or do they have a new solution?
US $467-per-box seems surprisingly high (conversion by xe.com/ucc/) for a thin client. Thin clients (at least the ones I've seen) are usually built around stripped-down architectures -- essentially, a USB controller, a video card, a NIC, and the minimum that's needed to tie them together. Then again, if you toss in the price of an LCD monitor (space concerns) and a smart card reader, $467 may be reasonable.
Does anyone know what GCI sells? The Oracle of Google doesn't reveal anything about GCI and "smart card" or "thin client". (It does reveal a page saying that there is a "ANSWER GCI LTD", originally from Taiwan, in Telford, but supplies no details beyond the fact that they're in "computer sales.") If they're a reseller, reselling thin clients, I would be intrigued to discover which ones.
I'm still curious as to three things:
-
Why did the editors post this blurb without indicating that
independent investigators concluded that admissions director
LeMenager intended only to check the security of Yale's
website? The implication that he intended to spy on innocent
applicants who entrusted him with their personal information is irresponsible.
- Given the sheer quantity of Slashdot wailing and chest-beating
about the tragic propensity for computer-security whistleblowers to
get reprimanded, sacked, or prosecuted, the sarcasm of the last
paragraph of the blurb is unexpected, if not downright hypocritical.
- I can understand why the mainstream news calls this a 'hack'. But
Slashdot should know better. I'm not referring to the ESR/RMS
"Editor, when you say hacker, you really mean cracker" lexicographic crusade
-- I'm referring to the fact that using a name/SSN pair obtained legitimately (i.e., from an applicant who mailed it
to you) to access a website is not "hacking" by even the most tortured definition of
the term. It is social engineering, maybe. It is illegitimate, if done with
malice, sure. But it is not "hacking."
I can understand why the mainstream press screws up. Six years ago, how often could you find an article about the Internet that didn't contain enough glaring errors to qualify it for a good MST3King? How much better are they today? Not much.Quoth the press release.
If LeMenager was actually committing "identity fraud" for fun and profit, why on earth would he tell Yale exactly what he did at an admissions conference in May? Read the source. LeMenager made the mistake of repeating the entry to demonstrate how it was done. That hardly qualifies him for dismissal. Quoth the press release.
Lest we forget, Yale sat on this story for two months before releasing it. I've no idea why.
I expected better from Slashdot.
Joe
Qin Lv, one of the researchers, was a TA in one of my classes last semester. She has a website, and the paper is posted there.