Security lists should be even more aware of DMCA legislation. When dealing with US-based businesses security experts should demand an outside US contact-address to send the report to, as well as a document stating that the information will not be divulged to US citizens or residents.
Posting the report to a Site accessible from USA gives anyone who wants the means to sue to their liking, and the only reason Microsoft didn't already sue bug-reporters into submissive silence is the cry of outrage to be expected after such a move. But we'll probably soon see that nevertheless with their hacked Mediaformat.
He not only tries to make a point, but he has valid reasons for fearing to be dragged into an US court. Maybe it wouldn't make much sense for the US to sue him, nevertheless he is avoiding to act against the letter of US-law, and that is what is held against you when you end up in court: Neither your intentions, nor the intentions of the law, but the letter of the law.
If any of the patches or future patches even touch the handling of DVD-Players, or future FUCK-ware (Futile Unnecessary Control Keping Hard/Software) he'd better present, what US-lawyers consider a clean west to avoid being dragged through courts until hell freezes over because some corporation is then likely to use the DMCA as a lever and make a public example of him.
Since Skylarov this law has become a very real threat to non-US-citizens.
The real problem is, that all those security holes make their software look bad. Especially compared to other software. When he mentions that softwaremakers are more aware of security and faster putting out patches, he conveniently forgets to mention, that specifically Microsoft was extremely reluctant to react on security-flaws until they were publicized widely. He also neglects to mention, that it's not only important that there is a patch, but also to make peolpe aware of it. It is very true, that beyond the complexity of "Hello World" there is rarely a piece of perfect software, but he addresses that statement to the wrong people. The security experts already know this, but the customers of microsoft very obviously don't.
Also it must be said, that most of the damage the worms did was to the image of microsoft. These worms showed the extent of vulnerable machines all over the world, but had there been no worms there would be even more vulnerable machines now, with backdoors open to anyone intelligent and motivated enough to write their own exploit. All those worms that draw so much publicity to the security flaws are just the tip of the iceberg. Someone really malicious will have the abilities to sneak in through a hole without a ready script, and he won't do it with a worm that creates a lot of traffic, but silently install a backdoor and do whatever he set out to do.
When calculating the damages a worm did, that always includes a complete system check for data integrity, backdoors, etc. But if the hole was there and had to be patched, who is to say, there wasn't someone/thing else than a well known worm that came in, installed backdoors and corrupted data? And that person will probably do far more damage, since he probably choose that computer for a reason. Much damage is already done, when the system had a hole and was attackable for some time, since that means that system security and integrity can no longer be guaranteed. Many worms are only making aware of that fact.
Microsoft could do far more for the security of their products by making people aware of the importance of patches, but probably that doesn't sit well with marketing.
... POP3 service is only available when using MSN Explorer, Microsoft Outlook, or Microsoft Outlook Express
No it couldn't. "A is only available when doing B" means: "Do B, only then A is available" and not "If you do B only A is available". Since "A" equals to POP3 here, and i see no alternative mailhandling to POP3 in the FAQ it translates to:
Use MSN Explorer, Microsoft Outlook, or Microsoft Outlook Express to be able to send and get e-mail.
InstantDB is strange in that it was often referred to as an open source product by many (including Lutris employees), but no one outside Lutris ever actually got to see the source.
"Open Source" isn't a trademarked expression, so people should watch out if someone is calling something "Open Source". There is a telltale sign: the source itself, and a licence attached to it, that gives anyone the right to do development of the source and distribute the source further under the same conditions. It should also ensure that this will continue to be so in the future. That license may be BSD or GPL or something similar, but it has to be there, together with the source. Unless that happened the thing is simply not open source.
This only serves as an example, that people should be more aware of the difference between marketing speech and what actually is reality. "Open Source" is a good 'brandmark' for marketing some products, even Microsoft tries to benefit from that with their "Shared Source". Now with Microsoft everyone understood the difference between marketing talk and what really happens. Why isn't the same scrunity applied to the rest of the business? If someone announces they will "soon" go Open Source the answer should be (more or less): "Fine, when?". When they fail to get their stuff together and fail to show some of the source (hey, we even have a term for that, it's vaporware) some scathing remarks and general awareness of foulplay should come up a little earlier than more than a year after the announced date, and a fait accompli, so the rest of the community knows them as the jokers they are and they get some negative publicity (after they cashed in on the Open Source "Trademark").
This is not meant to be critique about the article, it is asking, why the issue was raised so late and hoping the next time people will be more alert.
My feeling with the Linux distributions i've seen in stores was, that they always seemed a little dated. I know which kernel is out at the moment, and while in many cases the kernel makes as much a difference as the MHz-Number of your processor when it's between 1400 and 1600, the step from 2.2 to 2.4 was quite large, especially for folks with newer Hardware. Often the kernel-version announced on the package doesn't even tell the whole story, since the mandrake kernels even include many patches which didn't make it into the Linus kernel yet (but have a good chance to get there), but there's only so much you can print on the side of a box and not have it covered in fineprint.
I think this is quite a problem when selling Linux on CD, since i believe many folks who think about buying Linux in the store at least know the kernel version (but probably don't bother about glibc, gcc,...). With the fast paced and openly visible development in Open Source Software anything three month old already looks slightly dated. So the distributions must frequently issue new versions, and they must get them to the stores as fast as possible (since few people would buy 8.0 knowing 8.1 soon to be out). So when frequently issuing new versions another problem emerges: with the advent of the new version the old CDs drastically loose value, but the new ones need some time from being announced to appearing in the stores.
The folks at Mandrake know all this, their distributions contain all the most recent stuff, their development rpms (cooker) are really cutting edge, and they even offered to sell 8.1 as preview and send the actual CDs when they're out. I run Mandrake and am quite happy with it. I'll probably buy 8.1 just for the manual and being able to install it on some friends computer (and also since i think it's worth the money), since i think Mandrake is a great distribution to start with, and also a good one to stay with, especially if one likes to toy around with the newest stuff (no distro wars please).
What mindset is needed?
on
Bert Is Evil
·
· Score: 3, Insightful
As it emerges, that bert apparently appeared on the real poster, i wonder what kind of mindset the person has, that put him there. I think the practical joker approach is out of the question, since making practical jokes including bin Laden are probably quite deadly with fundamentalists. Nevertheless, that muppet sitting next to bin Laden looks quite funny, so to include it in the poster it's maker either didn't think at all, doing just what he was told, or he didn't dare edit/censor anything that included bin Laden. It's those kind of mindless followers, doing only what their superiors tell them, that empower people like bin Laden.
A picture search on google
on
Bert Is Evil
·
· Score: 2
... like this brings up the evilbert image on the very first page. Also note, that it is one of the pictures with a bright background. So if someone searched google for an image of bin Laden for a poster collage with a sandcolored background, this one would be first choice.
It's a war against sationary targets. Some buildings will be destroyed with high precision. But will that work against terrorists who are in hiding, maybe not even in the country and who travel light? Or against a government, that has no scruples to hold their own people as well as the american people hostage, and that is not bound to locations like administrative buildings and the like?
Also what damage will be done to relations with arabic countries? The early (and probably long prepared) press statement shows, that bin Laden has expected, even wanted this to happen, to kindle a "holy war". It's probably even hard to find a building in afghanistan that's worth more than the bombshell that hits it. But it gives bin Laden and other radical fundamentalists the means to polarize the islam peoples, and probably get even more followers. The war is only a few hours old, and we will only later see, what was achieved by bombing of some buildings and, on the other hand, by accusing the americans to attack the islam people of afghanistan.
I don't know how to do it better, but the aim should be, to isolate bin Laden and other fundamentalists, to rob them of support, support from neighbouring countries, and support from their own people, to show them as the warmongers they are, and to show, how they misuse religion for their own personal goals. The point is, that the "resources" of the terrorists are people, and support from people, and not some buildings. And bombings are the wrong tools to hunt down people.
Bottom line: Just because a particular program is open source, does NOT automatically mean that particular program can truly be trusted.
Well, as mentioned on their site they hope these patches will find their way into the 2.5 kernel. As such it would go the way other patches go too: code will be cleaned, modified, looked over, streamlined, whatever. In the process there will be individuals outside the NSA gaining deep insight into the inner workings of (parts) of this code, they would blow the whistle if anything is fishy, and it stands to hope, that the NSA knows better, than to gain a reputation as mischievous backdoor inserters. Also there are quite a few papers presented by them, and many of the ideas will find their ways into a secure Linux Distribution, be it the actual patches or not.
Revised Bottom line: in a high profile project like this suspicious stuff will surface sooner or later, and the NSA knows this.
Note how this (like the DMCA before) is aimed at the average consumer, and definitly not against criminals. It's aim is to make criminals out of anyone who wants to View/Copy/Transmit any piece of content in ways not approved by the RIAA and MPAA. This includes cutting out advertisement, playing a piece of Music as often, whereever, whenever, and to as large an audience and in as good a quality as you want. Also anyone who wants to create, market or distribute content (that is anyone possibly competing with established industry to make money from content) finds himself at a disadvantage: he has to pay license fees for encoding, probably needs to set up a huge infrastructure or again pay for the use of an infrastructure to distribute his content in the 'right way' (since he can't just distribute an mp3, but needs to provide servers to serve the 'keys' necessary to unlock his content), and generally has to build his business modell around some very rigid legislation and the technology it allows.
Anyone who is ripping off and selling content in Volume won't be affected anyway. He is already engaged in criminal activity, using unauthorized soft/hardware is the least of his worries, and to believe this hardware/software wouldn't be available because of such legislation is just plain ridiculous. Probably directions how to remove the copyprotection will be available all over the net, like it was with disabling DVD-Region-Codes.
What is happening is, that the Record- and Movie Industries want their old business protected by laws. But the internet and the digital representation of content have already changed the world, and change always means hard times for established business, but it also means opportunities for new business. Adhering to the old ways means leaving out these opportunities, and if the USA as a country choose not to use these opportunities, they may find, that other countries are not willing to do so for the sake of Disney.
This is a lot like legislating that every car has to have a horse running in front of it after the event of the Otto motor, just to ensure, that all the industry around horses doesn't go out of business. I think even the USA can't afford to abandon the technological progress the new media will bring, and these laws will only help to establish the old industry for the next 10 years or so, at the cost of halting progress on that sector for about the same time.
The article builds up to the end of the first paragraph to the "overwhelming feeling of guilt" part (the sad thing is, that a lot of people won't read any further, jumping to the conclusion, that even a reknown cryptanalyst is now against the use of strong cryptogrtaphy). This 'setting' overshadows the whole article.
Then the rest aof the article slowly comes around to Phils opinion, that strong crypto is still necessary, and that backdoors severely weaken security protocols including them (they just open up more possibilities of attack). The clear reasoning in that part of the article is inconsistent with the first paragraph, someone applying such reasoning is not "overwhelmed" with guilt.
Also anyone who jumped to aforementioned conclusion is in for a rollercoaster ride, when he reads on and is taken through a whole 180 before being let out of the article. So the whole piece isn't consistent in itself, and someone proofreading, let alone writing it should spot that with a little narrative experience.
I still think that the writer somehow let his own opinions on the matter guide his hand, maybe not even consciously. But i really wonder what picture of Phil Zimmerman that reporter must have created in his mind, to come up with someone overwhelmed with guilt and yet reasoning it all away.
- The screensaver could very well have something to do with the network, if it was required to collect some statistical information, or if the advertisers wanted all screensavers display the same ad at a time. Also the screensavers would probably grab new ads from some central resource, or do you think a sysadmin is running around replacing screensavers every week?
- The screensaver is looked at before you need the screen for work again (at least) also during work hours you can expect someone looking at it accidentally every now and then.
- That screensavers now don't have click-through doesn't mean they can't ever have such a feature.
- A clever 1% working their way through the systems would probably remove the software on all machines they use at some time. the question then is, how fast/often it is fixed. Also the really clever ones might disable it on all systems at once. Then i doubt your 1% number, especially since the clever ones will tell the others.
- Maybe they could try to generate revenue by selling cycles
If they're talking about putting it on machines that belong to students, then this is objectionable in the extreme.
No, but it would be dumb in the extreme, since the university has no say in what the students do with their computers (as long as it's not offensive). Also the students would know pretty fast, how to get rid of those annoying ads, or just use an operating system where the ads mysteriously wouldn't work (maybe because any process that is named 'adpause' recives a 'SIGBUS' signal from the OS).
The notion of forcing an individual to look at obnoxioous ads (probably including sound effects, i can just imagine a CIP-Pool of machines bleeping their ads) on his own hardware is just plain ridiculous. And the webadvertisers better get their head around that too. If they want me to look at an ad, they better make it so good, i want to look at it.
You can not duplicate a quantum state. You can create two electrons with identical spin, but what you can not do is, taking one electron with an arbitrary spin and prepare a second electron with identical spin without altering the first one. What you can do is 'transmit' the spin from the first to the second electron. But in the process the spin of the first electron will be destroyed. To do this you need quantum entanglement between the affected electrons, maybe mediated by something (polarized photons maybe) and maybe a transmission of conventional information (the result of a mesurement process).
A spin is only an example for a very simple quantum object, a more complex object is just described by more quantum states (this is of course a huge understatement, working with more than simple assemblies of a few spins poses a lot of technical problems, and that is where the experiment made a major contribution). You can 'classically' copy an object (that is, you can put all the right atoms at the right places) but you can not copy the quantum state, you can only transfer the quantum state from the first object to the second (and maybe even transfer state 2 to object 1 in the same process), so the question is, if a 'classical' copy is sufficient to 'copy' a person, or if the quantum state makes all the difference.
I think there is a lot of that going on in proprietary software too. Only there it's harder to catch, since you don't get to see the source. And melquiades' meaning (which you so purposefully misread) was, that in this case (as in many others) you can deal with copyrightviolations much easier and without the help of lawyers, because what most open source programmers want is, that their name stays affixed to the code they wrote, and that the spirit of the license they choose is served. For proprietary software it's usually a kneejerk reaktion of the company owning the ip to start any lawsuit they think they can win and make it as costly as possible.
And if you want to use proprietary code of someone else because you think it'd work well with your program you have to go through lawyers to write up the contracts if you want to do it the legal way. This does not only cost money, but, what's far more important, time, and in the end severely restricts the usability of your code. We once wanted to include a proprietary solver in a scientific project. After a year of haggling (when the project already ran without that solver) we ended up with a license that wouldn't allow us to share our program with other scientists.
This serves to demonstrate the 'costs' of using proprietary software. Even the costs of the lawyers will probably hinder many smaller companies to even think about going through this process. But even more important is the lost time, in a business, where being half a year late to market may decide over success or failure of a specific Software. Even more severe consequences might arise from the constrains in the terms of usage.
Apparently they're even incapable of processing what they already have. Apparently there where hints for this attack as early as 1995, including flight plans and flight routes to WTC, Pentagon and the White House. Obviously none of the TLA's was capable on following up on that hints. So what do they want increased input of information for, if they can't handle what they already have?
Also lack of success is a strange track record to present when asking for more money and more allowances.
Terrorism thrieves on fear and hate
on
A New Kind of War
·
· Score: 2
So anyone who really wants to fight terrorism must fight that fear and that hate. Weapons and the threat of war are the wrong means for that. Careful diplomacy, propaganda and seeking for cooperation are the right means. Also Bush is using the wrong religious references. He shouldn't speak of sending terrorists to hell, thus only helping them to kindle the religious war they so obviously want. Instead he should ask the Leaders, and more importantly the people of that countries, if Allah could have wanted that. He should show those nations not the picture of a lone cowboy seeking revenge (a reference they probably don't understand anyway), but the pictures of the hurt and wrongful death of innocents this attack brought, and make those people understand, what the attack did to people and families very much like them.
If Bush thinks he must bomb afghanistan, he better bomb it with TV-sets and radio broadcasts. If he wants to rely on intelligence he should have his advisors teach him, how to talk to those people, how to show them the moral wrong the terrorists did. The aim must be, not to take revenge on a nation of mostly innocents, or to use those civillians as hostages much like terrorists use civillians as hostages, but to turn the opinion of those people against the terrorists, thus deprieving the terrorists of support.
you could run a P4 without a fan, although it's probably not recommended, voids all warranties, etc. etc., and slows the thing down considerably. It'd be interesting to see how much power it needs and some performance data on this, maybe compared to notebook processors. Instead of going for MHz-Rates nobody needs and which give only very small Performance-Benefits anyway, maybe the industry should consider to think more about processors needing less power and hence less cooling.
Think not only laptops, but also desktops in a work-environment, where small, silent, easy handling and even powerconsumption is much more of a concern, than computing power. Embedded devices, where a noisy and large heatsink+fan is not an option, or even computing power per m^3 when heatdissipation starts becoming a limiting factor.
It emerges, that some prisoner in germany tried to warn the US government. he even got a phonecall to the White House, but was ignored because he was a prisoner and under psychiatric treatment. Sure, there are enough lunatics making wild claims every day, but nevertheless such hints should be passed on to the right authorities. Before sifting tons of encrypted e-mail, maybe they should consider to followup some cleartext-hints as well. Maybe next time someone wants to warn the government of something he better send some triple encrypted messages around via e-mail, instead of phoning them.
neither is it some people accidentily living there. It is a people with a common culture and ideals. Freedom and protection of the individual, including its privacy, is one of the paramount ideals in the US of America. This culture is one of the greatest things, the USA exports. And this ideal of freedom is a bright light which the USA is holding high, and which Lady Liberty is a symbol of. Please let not that terrorist attack become an attack on those ideals as well!
Terrorism is no way to conduct politics.
on
More On Tragedy
·
· Score: 2
The terrorists may claim, that these are the reasons for their deed, or maybe there's some other 'political cause' they wanted to enforce. I don't care, and nobody should. Terrorism is just no way to make politics. That would really mean inviting terror, for everyone with any political aim would then consider terror to get to his aim. This cannot be. If someone hits you he has to be punished for hitting you, not given a reward.
There has to be made a distinction between the terrorists and other people with maybe similar political aims. It has to be made crystal clear, that the only way to get to those aims is via diplomacy, and that terrorism only is a setback in the process. Also the forces/parties/organisations seeking this dialogue have to be supported, so they gain support in their own countries. In the same way the reactionist and extremist forces, terrorists and the people backing and supporting them, have to be weakened, but the best way to do this would be, to make their own people see them for the inhumans and even traitors to their own countries they are.
The terrorist organisations need the hate between countries to find followers, one way to reduce their support is reducing that hate. Still it must be made clear, that the terrorists and their financial backers must first be found out and punished, before peace talks can go on. It must be also clear, that these are actions against the terrorists, not against countries or peoples. The Governments of the Countries where the terrorists are suspected are well advised to distance themselves from the terrorists, and even help the USA with their investigations.
If the Arab countries are aware, that now the opinion is swinging against them, then it should be also clear, that the terrorists are not working for, but against them, and that they're their enemies as well as the USAs. This may be hard on that nations, and against the emotions and education of their own people. But then it's time to change that education, and remember, that a government has to make rational decisions, and not be guided by some irrational extremist minority playing on their peoples emotions. If the US-decisions where guided by the gut-feelings of some american people, the middle east would be a nuclear wasteland by now. And the Arab people in fear of irrational revenge should try to see the other side, and think what they and their leaders would/should have done, were the situation reversed. Maybe then they come to the insight, that the terrorists are their enemies as well.
I heard, there where still some people surviving but locked in by debris. Some of them even used mobiles. I wonder if it might be possible to get easier access through some subway or sewer tunnels, especially since i read, that one subway tunnel passed very close and even had to be considered when building the WTC.
Do you really think, that more death, especially the death of innocents, will make anyone better about this? What you propose, hitting "suspected terrorist hangouts", regardless of who really launched this terrorist attacks, and regardless of civillians who might reside at or near those "terrorist hangouts" will only escalate the already horrendous situation.
On the contrary, the USA should seek active help from the countries where they suspect the origin of these attacks. Which country could deny that? The whole world is in shock about the events, and even terroristic organisations where quick in distancing themselves from this. The aim must be, to uncover who is responsible for this, to get worldwide support against terrorism, not to strike blindly at places all around the world, and just provoke revenge for (maybe unjustified) revenge.
The "issue", that more power to intelligence agencies to spy on US-citicens might have prevented this is simply unfounded. With all the possibilities they already have they didn't prevent anything from happening. And you don't even know if internet, phone, or encryption played a role in the event anyways. I wouldn't be so quick about giving up privacy on the unlikely chance, that that will help against well organized terrorists who wont be affected by anti-encryption laws anyway.
I also think you should reconsider that Franklin quote. Read "liberty" as "liberty to protect my privacy and to free speech", and "safety" as "safety from terrorist attacks coordinated over phone/internet" (which i consider very little indeed) and there you are.
Slashdot Mirror
Security lists should be even more aware of DMCA legislation. When dealing with US-based businesses security experts should demand an outside US contact-address to send the report to, as well as a document stating that the information will not be divulged to US citizens or residents.
Posting the report to a Site accessible from USA gives anyone who wants the means to sue to their liking, and the only reason Microsoft didn't already sue bug-reporters into submissive silence is the cry of outrage to be expected after such a move. But we'll probably soon see that nevertheless with their hacked Mediaformat.
He not only tries to make a point, but he has valid reasons for fearing to be dragged into an US court. Maybe it wouldn't make much sense for the US to sue him, nevertheless he is avoiding to act against the letter of US-law, and that is what is held against you when you end up in court: Neither your intentions, nor the intentions of the law, but the letter of the law.
If any of the patches or future patches even touch the handling of DVD-Players, or future FUCK-ware (Futile Unnecessary Control Keping Hard/Software) he'd better present, what US-lawyers consider a clean west to avoid being dragged through courts until hell freezes over because some corporation is then likely to use the DMCA as a lever and make a public example of him.
Since Skylarov this law has become a very real threat to non-US-citizens.
The real problem is, that all those security holes make their software look bad. Especially compared to other software. When he mentions that softwaremakers are more aware of security and faster putting out patches, he conveniently forgets to mention, that specifically Microsoft was extremely reluctant to react on security-flaws until they were publicized widely. He also neglects to mention, that it's not only important that there is a patch, but also to make peolpe aware of it. It is very true, that beyond the complexity of "Hello World" there is rarely a piece of perfect software, but he addresses that statement to the wrong people. The security experts already know this, but the customers of microsoft very obviously don't.
Also it must be said, that most of the damage the worms did was to the image of microsoft. These worms showed the extent of vulnerable machines all over the world, but had there been no worms there would be even more vulnerable machines now, with backdoors open to anyone intelligent and motivated enough to write their own exploit. All those worms that draw so much publicity to the security flaws are just the tip of the iceberg. Someone really malicious will have the abilities to sneak in through a hole without a ready script, and he won't do it with a worm that creates a lot of traffic, but silently install a backdoor and do whatever he set out to do.
When calculating the damages a worm did, that always includes a complete system check for data integrity, backdoors, etc. But if the hole was there and had to be patched, who is to say, there wasn't someone/thing else than a well known worm that came in, installed backdoors and corrupted data? And that person will probably do far more damage, since he probably choose that computer for a reason. Much damage is already done, when the system had a hole and was attackable for some time, since that means that system security and integrity can no longer be guaranteed. Many worms are only making aware of that fact.
Microsoft could do far more for the security of their products by making people aware of the importance of patches, but probably that doesn't sit well with marketing.
... POP3 service is only available when using MSN Explorer, Microsoft Outlook, or Microsoft Outlook Express
No it couldn't. "A is only available when doing B" means: "Do B, only then A is available" and not "If you do B only A is available". Since "A" equals to POP3 here, and i see no alternative mailhandling to POP3 in the FAQ it translates to:
Use MSN Explorer, Microsoft Outlook, or Microsoft Outlook Express to be able to send and get e-mail.
InstantDB is strange in that it was often referred to as an open source product by many (including Lutris employees), but no one outside Lutris ever actually got to see the source.
"Open Source" isn't a trademarked expression, so people should watch out if someone is calling something "Open Source". There is a telltale sign: the source itself, and a licence attached to it, that gives anyone the right to do development of the source and distribute the source further under the same conditions. It should also ensure that this will continue to be so in the future. That license may be BSD or GPL or something similar, but it has to be there, together with the source. Unless that happened the thing is simply not open source.
This only serves as an example, that people should be more aware of the difference between marketing speech and what actually is reality. "Open Source" is a good 'brandmark' for marketing some products, even Microsoft tries to benefit from that with their "Shared Source". Now with Microsoft everyone understood the difference between marketing talk and what really happens. Why isn't the same scrunity applied to the rest of the business? If someone announces they will "soon" go Open Source the answer should be (more or less): "Fine, when?". When they fail to get their stuff together and fail to show some of the source (hey, we even have a term for that, it's vaporware) some scathing remarks and general awareness of foulplay should come up a little earlier than more than a year after the announced date, and a fait accompli, so the rest of the community knows them as the jokers they are and they get some negative publicity (after they cashed in on the Open Source "Trademark").
This is not meant to be critique about the article, it is asking, why the issue was raised so late and hoping the next time people will be more alert.
My feeling with the Linux distributions i've seen in stores was, that they always seemed a little dated. I know which kernel is out at the moment, and while in many cases the kernel makes as much a difference as the MHz-Number of your processor when it's between 1400 and 1600, the step from 2.2 to 2.4 was quite large, especially for folks with newer Hardware. Often the kernel-version announced on the package doesn't even tell the whole story, since the mandrake kernels even include many patches which didn't make it into the Linus kernel yet (but have a good chance to get there), but there's only so much you can print on the side of a box and not have it covered in fineprint.
...). With the fast paced and openly visible development in Open Source Software anything three month old already looks slightly dated. So the distributions must frequently issue new versions, and they must get them to the stores as fast as possible (since few people would buy 8.0 knowing 8.1 soon to be out). So when frequently issuing new versions another problem emerges: with the advent of the new version the old CDs drastically loose value, but the new ones need some time from being announced to appearing in the stores.
I think this is quite a problem when selling Linux on CD, since i believe many folks who think about buying Linux in the store at least know the kernel version (but probably don't bother about glibc, gcc,
The folks at Mandrake know all this, their distributions contain all the most recent stuff, their development rpms (cooker) are really cutting edge, and they even offered to sell 8.1 as preview and send the actual CDs when they're out. I run Mandrake and am quite happy with it. I'll probably buy 8.1 just for the manual and being able to install it on some friends computer (and also since i think it's worth the money), since i think Mandrake is a great distribution to start with, and also a good one to stay with, especially if one likes to toy around with the newest stuff (no distro wars please).
As it emerges, that bert apparently appeared on the real poster, i wonder what kind of mindset the person has, that put him there. I think the practical joker approach is out of the question, since making practical jokes including bin Laden are probably quite deadly with fundamentalists. Nevertheless, that muppet sitting next to bin Laden looks quite funny, so to include it in the poster it's maker either didn't think at all, doing just what he was told, or he didn't dare edit/censor anything that included bin Laden. It's those kind of mindless followers, doing only what their superiors tell them, that empower people like bin Laden.
... like this brings up the evilbert image on the very first page. Also note, that it is one of the pictures with a bright background. So if someone searched google for an image of bin Laden for a poster collage with a sandcolored background, this one would be first choice.
It's a war against sationary targets. Some buildings will be destroyed with high precision. But will that work against terrorists who are in hiding, maybe not even in the country and who travel light? Or against a government, that has no scruples to hold their own people as well as the american people hostage, and that is not bound to locations like administrative buildings and the like?
Also what damage will be done to relations with arabic countries? The early (and probably long prepared) press statement shows, that bin Laden has expected, even wanted this to happen, to kindle a "holy war". It's probably even hard to find a building in afghanistan that's worth more than the bombshell that hits it. But it gives bin Laden and other radical fundamentalists the means to polarize the islam peoples, and probably get even more followers. The war is only a few hours old, and we will only later see, what was achieved by bombing of some buildings and, on the other hand, by accusing the americans to attack the islam people of afghanistan.
I don't know how to do it better, but the aim should be, to isolate bin Laden and other fundamentalists, to rob them of support, support from neighbouring countries, and support from their own people, to show them as the warmongers they are, and to show, how they misuse religion for their own personal goals. The point is, that the "resources" of the terrorists are people, and support from people, and not some buildings. And bombings are the wrong tools to hunt down people.
Bottom line: Just because a particular program is open source, does NOT automatically mean that particular program can truly be trusted.
Well, as mentioned on their site they hope these patches will find their way into the 2.5 kernel. As such it would go the way other patches go too: code will be cleaned, modified, looked over, streamlined, whatever. In the process there will be individuals outside the NSA gaining deep insight into the inner workings of (parts) of this code, they would blow the whistle if anything is fishy, and it stands to hope, that the NSA knows better, than to gain a reputation as mischievous backdoor inserters. Also there are quite a few papers presented by them, and many of the ideas will find their ways into a secure Linux Distribution, be it the actual patches or not.
Revised Bottom line: in a high profile project like this suspicious stuff will surface sooner or later, and the NSA knows this.
Note how this (like the DMCA before) is aimed at the average consumer, and definitly not against criminals. It's aim is to make criminals out of anyone who wants to View/Copy/Transmit any piece of content in ways not approved by the RIAA and MPAA. This includes cutting out advertisement, playing a piece of Music as often, whereever, whenever, and to as large an audience and in as good a quality as you want. Also anyone who wants to create, market or distribute content (that is anyone possibly competing with established industry to make money from content) finds himself at a disadvantage: he has to pay license fees for encoding, probably needs to set up a huge infrastructure or again pay for the use of an infrastructure to distribute his content in the 'right way' (since he can't just distribute an mp3, but needs to provide servers to serve the 'keys' necessary to unlock his content), and generally has to build his business modell around some very rigid legislation and the technology it allows.
Anyone who is ripping off and selling content in Volume won't be affected anyway. He is already engaged in criminal activity, using unauthorized soft/hardware is the least of his worries, and to believe this hardware/software wouldn't be available because of such legislation is just plain ridiculous. Probably directions how to remove the copyprotection will be available all over the net, like it was with disabling DVD-Region-Codes.
What is happening is, that the Record- and Movie Industries want their old business protected by laws. But the internet and the digital representation of content have already changed the world, and change always means hard times for established business, but it also means opportunities for new business. Adhering to the old ways means leaving out these opportunities, and if the USA as a country choose not to use these opportunities, they may find, that other countries are not willing to do so for the sake of Disney.
This is a lot like legislating that every car has to have a horse running in front of it after the event of the Otto motor, just to ensure, that all the industry around horses doesn't go out of business. I think even the USA can't afford to abandon the technological progress the new media will bring, and these laws will only help to establish the old industry for the next 10 years or so, at the cost of halting progress on that sector for about the same time.
The article builds up to the end of the first paragraph to the "overwhelming feeling of guilt" part (the sad thing is, that a lot of people won't read any further, jumping to the conclusion, that even a reknown cryptanalyst is now against the use of strong cryptogrtaphy). This 'setting' overshadows the whole article.
Then the rest aof the article slowly comes around to Phils opinion, that strong crypto is still necessary, and that backdoors severely weaken security protocols including them (they just open up more possibilities of attack). The clear reasoning in that part of the article is inconsistent with the first paragraph, someone applying such reasoning is not "overwhelmed" with guilt.
Also anyone who jumped to aforementioned conclusion is in for a rollercoaster ride, when he reads on and is taken through a whole 180 before being let out of the article. So the whole piece isn't consistent in itself, and someone proofreading, let alone writing it should spot that with a little narrative experience.
I still think that the writer somehow let his own opinions on the matter guide his hand, maybe not even consciously. But i really wonder what picture of Phil Zimmerman that reporter must have created in his mind, to come up with someone overwhelmed with guilt and yet reasoning it all away.
Maybe next time try out
"It is forbidden to spit on the floor - The Mgt."
- The screensaver could very well have something to do with the network, if it was required to collect some statistical information, or if the advertisers wanted all screensavers display the same ad at a time. Also the screensavers would probably grab new ads from some central resource, or do you think a sysadmin is running around replacing screensavers every week?
...
- The screensaver is looked at before you need the screen for work again (at least) also during work hours you can expect someone looking at it accidentally every now and then.
- That screensavers now don't have click-through doesn't mean they can't ever have such a feature.
- A clever 1% working their way through the systems would probably remove the software on all machines they use at some time. the question then is, how fast/often it is fixed. Also the really clever ones might disable it on all systems at once. Then i doubt your 1% number, especially since the clever ones will tell the others.
- Maybe they could try to generate revenue by selling cycles
... I can't tell either
If they're talking about putting it on machines that belong to students, then this is objectionable in the extreme.
No, but it would be dumb in the extreme, since the university has no say in what the students do with their computers (as long as it's not offensive). Also the students would know pretty fast, how to get rid of those annoying ads, or just use an operating system where the ads mysteriously wouldn't work (maybe because any process that is named 'adpause' recives a 'SIGBUS' signal from the OS).
The notion of forcing an individual to look at obnoxioous ads (probably including sound effects, i can just imagine a CIP-Pool of machines bleeping their ads) on his own hardware is just plain ridiculous. And the webadvertisers better get their head around that too. If they want me to look at an ad, they better make it so good, i want to look at it.
You can not duplicate a quantum state. You can create two electrons with identical spin, but what you can not do is, taking one electron with an arbitrary spin and prepare a second electron with identical spin without altering the first one. What you can do is 'transmit' the spin from the first to the second electron. But in the process the spin of the first electron will be destroyed. To do this you need quantum entanglement between the affected electrons, maybe mediated by something (polarized photons maybe) and maybe a transmission of conventional information (the result of a mesurement process).
A spin is only an example for a very simple quantum object, a more complex object is just described by more quantum states (this is of course a huge understatement, working with more than simple assemblies of a few spins poses a lot of technical problems, and that is where the experiment made a major contribution). You can 'classically' copy an object (that is, you can put all the right atoms at the right places) but you can not copy the quantum state, you can only transfer the quantum state from the first object to the second (and maybe even transfer state 2 to object 1 in the same process), so the question is, if a 'classical' copy is sufficient to 'copy' a person, or if the quantum state makes all the difference.
I think there is a lot of that going on in proprietary software too. Only there it's harder to catch, since you don't get to see the source. And melquiades' meaning (which you so purposefully misread) was, that in this case (as in many others) you can deal with copyrightviolations much easier and without the help of lawyers, because what most open source programmers want is, that their name stays affixed to the code they wrote, and that the spirit of the license they choose is served. For proprietary software it's usually a kneejerk reaktion of the company owning the ip to start any lawsuit they think they can win and make it as costly as possible.
And if you want to use proprietary code of someone else because you think it'd work well with your program you have to go through lawyers to write up the contracts if you want to do it the legal way. This does not only cost money, but, what's far more important, time, and in the end severely restricts the usability of your code. We once wanted to include a proprietary solver in a scientific project. After a year of haggling (when the project already ran without that solver) we ended up with a license that wouldn't allow us to share our program with other scientists.
This serves to demonstrate the 'costs' of using proprietary software. Even the costs of the lawyers will probably hinder many smaller companies to even think about going through this process. But even more important is the lost time, in a business, where being half a year late to market may decide over success or failure of a specific Software. Even more severe consequences might arise from the constrains in the terms of usage.
Apparently they're even incapable of processing what they already have. Apparently there where hints for this attack as early as 1995, including flight plans and flight routes to WTC, Pentagon and the White House. Obviously none of the TLA's was capable on following up on that hints. So what do they want increased input of information for, if they can't handle what they already have?
Also lack of success is a strange track record to present when asking for more money and more allowances.
So anyone who really wants to fight terrorism must fight that fear and that hate. Weapons and the threat of war are the wrong means for that. Careful diplomacy, propaganda and seeking for cooperation are the right means. Also Bush is using the wrong religious references. He shouldn't speak of sending terrorists to hell, thus only helping them to kindle the religious war they so obviously want. Instead he should ask the Leaders, and more importantly the people of that countries, if Allah could have wanted that. He should show those nations not the picture of a lone cowboy seeking revenge (a reference they probably don't understand anyway), but the pictures of the hurt and wrongful death of innocents this attack brought, and make those people understand, what the attack did to people and families very much like them.
If Bush thinks he must bomb afghanistan, he better bomb it with TV-sets and radio broadcasts. If he wants to rely on intelligence he should have his advisors teach him, how to talk to those people, how to show them the moral wrong the terrorists did. The aim must be, not to take revenge on a nation of mostly innocents, or to use those civillians as hostages much like terrorists use civillians as hostages, but to turn the opinion of those people against the terrorists, thus deprieving the terrorists of support.
you could run a P4 without a fan, although it's probably not recommended, voids all warranties, etc. etc., and slows the thing down considerably. It'd be interesting to see how much power it needs and some performance data on this, maybe compared to notebook processors. Instead of going for MHz-Rates nobody needs and which give only very small Performance-Benefits anyway, maybe the industry should consider to think more about processors needing less power and hence less cooling.
Think not only laptops, but also desktops in a work-environment, where small, silent, easy handling and even powerconsumption is much more of a concern, than computing power. Embedded devices, where a noisy and large heatsink+fan is not an option, or even computing power per m^3 when heatdissipation starts becoming a limiting factor.
It emerges, that some prisoner in germany tried to warn the US government. he even got a phonecall to the White House, but was ignored because he was a prisoner and under psychiatric treatment. Sure, there are enough lunatics making wild claims every day, but nevertheless such hints should be passed on to the right authorities. Before sifting tons of encrypted e-mail, maybe they should consider to followup some cleartext-hints as well. Maybe next time someone wants to warn the government of something he better send some triple encrypted messages around via e-mail, instead of phoning them.
neither is it some people accidentily living there. It is a people with a common culture and ideals. Freedom and protection of the individual, including its privacy, is one of the paramount ideals in the US of America. This culture is one of the greatest things, the USA exports. And this ideal of freedom is a bright light which the USA is holding high, and which Lady Liberty is a symbol of. Please let not that terrorist attack become an attack on those ideals as well!
The terrorists may claim, that these are the reasons for their deed, or maybe there's some other 'political cause' they wanted to enforce. I don't care, and nobody should. Terrorism is just no way to make politics. That would really mean inviting terror, for everyone with any political aim would then consider terror to get to his aim. This cannot be. If someone hits you he has to be punished for hitting you, not given a reward.
There has to be made a distinction between the terrorists and other people with maybe similar political aims. It has to be made crystal clear, that the only way to get to those aims is via diplomacy, and that terrorism only is a setback in the process. Also the forces/parties/organisations seeking this dialogue have to be supported, so they gain support in their own countries. In the same way the reactionist and extremist forces, terrorists and the people backing and supporting them, have to be weakened, but the best way to do this would be, to make their own people see them for the inhumans and even traitors to their own countries they are.
The terrorist organisations need the hate between countries to find followers, one way to reduce their support is reducing that hate. Still it must be made clear, that the terrorists and their financial backers must first be found out and punished, before peace talks can go on. It must be also clear, that these are actions against the terrorists, not against countries or peoples. The Governments of the Countries where the terrorists are suspected are well advised to distance themselves from the terrorists, and even help the USA with their investigations.
If the Arab countries are aware, that now the opinion is swinging against them, then it should be also clear, that the terrorists are not working for, but against them, and that they're their enemies as well as the USAs. This may be hard on that nations, and against the emotions and education of their own people. But then it's time to change that education, and remember, that a government has to make rational decisions, and not be guided by some irrational extremist minority playing on their peoples emotions. If the US-decisions where guided by the gut-feelings of some american people, the middle east would be a nuclear wasteland by now. And the Arab people in fear of irrational revenge should try to see the other side, and think what they and their leaders would/should have done, were the situation reversed. Maybe then they come to the insight, that the terrorists are their enemies as well.
I heard, there where still some people surviving but locked in by debris. Some of them even used mobiles. I wonder if it might be possible to get easier access through some subway or sewer tunnels, especially since i read, that one subway tunnel passed very close and even had to be considered when building the WTC.
Do you really think, that more death, especially the death of innocents, will make anyone better about this? What you propose, hitting "suspected terrorist hangouts", regardless of who really launched this terrorist attacks, and regardless of civillians who might reside at or near those "terrorist hangouts" will only escalate the already horrendous situation.
On the contrary, the USA should seek active help from the countries where they suspect the origin of these attacks. Which country could deny that? The whole world is in shock about the events, and even terroristic organisations where quick in distancing themselves from this. The aim must be, to uncover who is responsible for this, to get worldwide support against terrorism, not to strike blindly at places all around the world, and just provoke revenge for (maybe unjustified) revenge.
The "issue", that more power to intelligence agencies to spy on US-citicens might have prevented this is simply unfounded. With all the possibilities they already have they didn't prevent anything from happening. And you don't even know if internet, phone, or encryption played a role in the event anyways. I wouldn't be so quick about giving up privacy on the unlikely chance, that that will help against well organized terrorists who wont be affected by anti-encryption laws anyway.
I also think you should reconsider that Franklin quote. Read "liberty" as "liberty to protect my privacy and to free speech", and "safety" as "safety from terrorist attacks coordinated over phone/internet" (which i consider very little indeed) and there you are.