This guy is not "the media". If you read the whole article, you would know that. He is involved in using commodity processors and systems to deploy reliable real-time systems, and he is rightly worried that this may impede his ability to continue in the near future.
This is not alarmist, there are real issues being raised. Even he would admit that some of it is rhetoric, but this doesn't diminish the points.
In a word, yes. That's really the whole point of the argument. DRM is a trojan for the entire industry (if it succeeds). I don't really see how it can win since it is only a gift for a very small segment of the market. MS and to a lesser degree Intel are the big gorillas here. Only MS has the monopoly power to make it widely deployed, but they have a harder time pushing it in Congress because they are already seen as a monopolist bully by many. The [RM]IAA are the ones doing all the lobbying, and trying to make everyone think they are harmed by all those nasty pirates. MS is only too happy to supply the technical means to implement it. It's one of those conspiricies that can't be attacked because the collaboration is silent.
Perhaps he stretched a few things for the sake of argument, but the central points are completely valid and worrisome.
The part about ABC and XYZ word processor (or insert any content editing program) is very persuasive and will be the first place we will see this pushed beyond sensible limits. Many people will still say "shut up and use MSWord". Once it gets to this point it may already be too late.
My hope is that by raising awareness through intellegent articles like this one, more people will see the extent of the risks. The fact is that the kind of pervasive DRM that is being pushed is incompatible with many applications, and as the engineers designing these systems begin to understand the issues, they will apply "due diligence" as described in the article.
If the extreme DRM approach wins in the marketplace, we will all suffer from the kind of thing described in the article, and more. At the very least, it will increase the cost of developing and deploying the kind of critical systems described because they will lose access to a lot of commodity technologies because of these concerns. What will emerge is two technology worlds one with and one without locked in DRM controls.
IMHO, the DRM side will lose because of all the unintended consequences of their badly implemented technology. It's a monopolist's approach, and the real strength of PC hardware is the competitive markets for all the component technologies. The worry is that we will all be happily resting in the warm water before we realize it is too late.
Just because you don't know about something doesn't mean it never happens. It's just about impossible to know what information is being gathered through the cookie mechanism, and nobody is going to tell you. All it takes is a software bug to expose you to all sorts of attacks, and it takes time to figure out how to exploit security holes, so the accumulated risks start to pile up over time. Also, the exploit may be used to gather data for a long period of time before using it to damage anyone, piling up even more cumulative risks.
What's wrong with encoding a session identifier in the URL? You don't have to put it in a query string if you don't want to. The entire URL is available for coding state.
Cookies are evil and software architects need to get that through their heads. Unfortunately, many projects are staffed only with developers and application programmers incapable of a deep analysis of anything.
All of these comments point to the same idea: serious cryptographic security is not possible for private commercial entities.
Yes, it is. You seem to be talking about perfect security, which is probably never possible because of the nature of negative proofs. My claim is that you can get as high a level as you need/want if you pay attention to the right details. I'm not going to deal with all of your points because you don't really seem to be concerned with real problems, just poking holes without any reference to the actual situation at hand.
The only issue here is to be able to make sure that you can rely on the digital signatures used in releasing and distributing the code. Yes, there are other places to compromise the system, but those are much less likely. They are still analysing what happened in this case, but the code base was never compromised, just the download site. This would have been immediately detected if everyone checked their downloaded tarballs against the signatures.
Given the existence of this attack, it is necessary to go a bit further to clean up some problems, and the key is to make a minumal robust process easy so there is no reason not to do it. That is exactly the problem I was addressing, so a lot of this is completely irrelevant. If signatures are verified back to a trusted CA an attack of this type would be next to impossible.
Because the CA is the key point, I will address a couple of your points related to that. No, if they design the process correctly, there are no complete key copies anywhere. We used split keys stored on crypto-cards, password protected and stored in a subdivided safe. Two people were needed to do anything so you would have to have a conspiricy to break the system. If we were evacuated, the fire department would have to use their axes to get into the computer room, and we would immediately cancel any certificates that could logically be compromised. I'm sure that Verisign has proceedures just as rigorous.
Even the FBI could not get our keys. We were doing this before the export of strong encryption was allowed, but we got around that because all messages went through our hub where they were encrypted under keys we controlled (as outlined above). The BSA export license specified what we were responsible for if presented with a warrent. All we were responsible for was unwrapping the strong crypto outer wrapper, and giving back the unwrapped message. This would be done in a Tempest room with no network connections of any kind, and when completed the keys went back in the safe. I don't think we would have been required to let the government person in the room for the process, just give them the unwrapped message.
Would anyone admit if the process was compromised? There would be a lot of pressure not to, but it would likely leak out. Lots of people at the company would know and might leak it, particularly if they were fired or badly treated.
Like the subject says, it all comes down to who do you trust, and well run companies that treat their people well will be the most trustworthy. Networks of dedicated volunteers are even more trustworthy, if not quite as reliable. The transparency of the process is critical to establishing the networks of trust in this case. It is exactly the opposite of security through obscurity, and that's what makes it the most robust in the long run.
The system described in the article sure sounds cool, but they don't provide enough details to tell you how it would perform technically. A picture or graphic would have been nice too. It also seems like a design concept by someone who doesn't really understand practical problems. This is furniture, not a practical well engineered system. If you've got a few grand to dump into a desk, but then you can't take it anywhere. What do you do at home, or on the road?
There are a host of real problems with current power adapters and such. First, wall warts are really pretty bad power supplies. Most are very simple and very inefficient, so even if you had to get intermediate voltages by regulating down DC to DC in some cases, it wouldn't be much worse. They are hot even when nothing is plugged in, that can't be efficient.
My idea is that you could have a well designed switching supply that could take in a range of AC or DC voltages (say 12-270), and put out what you need. The smart portion could be a pretty standard chip that could be used in a wide variety of supply capacities and voltage sets. I'm thinking about alternative power situations too, peddle power, solar cells, fuel cells, wall power around the world.
You just plug it into whatever you got and it senses it and configures itself to whatever is there. Integrating a storage device might be nice too, and the controller would properly take care of battery maintanance as well so you get the longest possible battery life for the technology. It might be complex to design, but it wouldn't need a very powerful processor so the controller chip could be cheap once it is designed.
I had to see if I could find something more recent from him after getting this info. I'll have to read some more, but this seemed pretty recent. An interview video. I didn't want to download RealPlayer just to view this, but there were some interesting tidbits here. For instance he has a new book coming out in December.
Thanks for the correction, but I can't decide if I like the correct one better. Hmmmm. I clipped the quote as you had it straight into google and got lots of hits.
I haven't heard much of or about him in years. I guess he's retired. You would think he'd be still making some noise if he isn't dead. I would be very interested in his take on 9/11, but maybe he's just too 'over the edge' for current times.
I don't think this is really a troll, although it drifts off-topic pretty quickly. The 'pay as you go' system would be defendable if there wasn't such a huge inter-genrational transfer happening. I think it was a recent NPR piece that talked about the current generation of retirees spending instead of giving it to their children. The WWII generation saved and gave it to their children (boomers, mostly), and most of the boomers aren't giving much to their kids and grandkids. That, coupled with the recent tax cut is a huge inter-generational transfer. Taken together with all the wasteful stuff that consumes non-renewable resources and trashes the environment, it is shameful, and somebody is going to have to pay.
We have to cut the crap about who is doing what to whom and start really being responsible. I won't be able to face my kids if we don't because there won't be much left for them. And they won't be whining about the stuff in the article, they will be facing environmental devistation.
Looks like there's a lot of agreement on/. about all the whining. I don't think all, or even most Xers (to use the stupid label) are lazy whiners. The people quoted for the article probably aren't that either, probably a boomer journalist trying to make everything a label or advertisement catch phrase.
The subject is just my meta-comment about the idea that slashdotters are of one mind on most things. In this case, personal responsibility is the "groupthink" that is going on. Actually, I'm pretty impressed by it.
The truth is a bit more complicated
on
Generation Wrecked
·
· Score: 5, Insightful
The whole generation naming thing is a crock anyway. Technically, I'm a boomer, but being born in 1960, I was too young to really experience the 60s that are the subject of most boomer nostalga. My wife is two years older, and my sisters range from a year older to five younger, all technically before the range stated in the article. My wife's brothers are much older, so she had more contact with all of that than I, but we have long been aware of being in-between.
I can relate because I'm financially in about the same boat. Little retirement funds, house but little equity (yet), and little confidence that those greedy boomers will leave anything for the rest of us. Don't get me started about our recent tax cuts (not to be US centric, or anything). I'm not whining (or a 'winger' to quote our friend from down under), but I am hopping mad about all the greed.
Fortunately, I have about 20 years experience in the right technologies, and my earning potential is excellent even if it isn't as good recently. I'm well aware that the squeeze is a lot tighter for some, but it is also clear that the outlook is bleakest if you follow the conventional wisdom. Find a way to express your creativity and take care of yourself. Reduce your needs while you take the road less travelled. I'm constantly seeing people who did this, and have been richly rewarded. Not always in money, but they have what they need.
If things keep going the way they have, I'll still be working at 70 to pay the bills and I won't be able to afford to retire, but that's fine with me as long as I can still do it, and I am doing something that interests me. I'm not that worried.
A guy I worked with who is a bit older was trying to convince me that we are in for a long term downturn when the boomers start to retire in large numbers during the next 10-20 years. The argument is that there is a big loss of experience, and there just aren't enough coming up behind to take up the slack. I say hogwash, let them go. Sure, you are going to lose some very talented people, but I think the generations that are coming on are a lot more clueful about the important shifts that technology and the new social networks made possible. If Gates retired now, we would all be a lot better off, and that goes for most of the leadership of large corperations.
He may have a point about the other end of the size scale, and I think there will be tremendous opportinity in small to mid-sized businesses. IMHO, the way out is to start now to empower people working in these organization to use their vision to keep up with all the shifts. The best business people will do this no matter what generation they come from, and the ones that don't will mostly fail and be replaced by new businesses with vision long before they get a chance to retire.
My claim is that the dotcom bust isn't what it first appears, a conventional bubble (although, it was that too). You have to look more closely at the survivors, and you have to be careful about what conclusions you draw. Sure, Gates and company are still making a fortune, but it is on a dead business model. IBM was making a fortune still when I was in school on the same dead business model and it didn't save them. If I'd learned Cobol (actually, I did, but I knew not to go that way) I'd have had a good year or two leading up to Y2K and I'd be desperately trying to catch up now.
It is an open future, and those that understand the importance of creativity and its relationship to freedom are going to shape it.
I've always liked this phrase, and I think it applies here: "When the going gets strange, the wierd turn pro". I think I've just found something to put in my sig.
Of course, this is the right solution, and it is probably universal for UNIX vendors (Sun, HP, IBM,...), but when your running on PC hardware there are extra considerations.
Linux gives you a choice about how to keep the hardware clock (Local or UTC), and the system clock is UTC with an offset setting for local time. If you're single boot with Linux, a UTC hardware clock is probably best, but if you ever want to boot into Windows, your going to have to adjust somehow.
Having the hardware clock in local time creates a problem when the time change happens, but you don't see it until you reboot. Someone incorrectly said you need to update from the hardware clock, but it is just the opposite, you have to update the hardware clock from the system clock after the time change. Since the system knows both when the change happens and whether the hardware clock is in local or UTC, it could take care of this little detail. It would be a nice touch for the distribution makers to handle this is some way. This is one of those things that doesn't really live in a single program/module but relates to interactions, so the distribution maker probably should own it.
Of course, it would be nice if the hardware clock knew what the current offset is, then the issue would be easily and correctly solved.
BTW, I've always wondered about how the transition day is calculated. I've never been able to find a simple description of it. Most (all?) systems seem to know when it is, and it allways seems to be correct (for US timezones excluding Indiana), but I can't see how it could be 'calculated' from a simple rule that doesn't need to be updated from time to time. The TZ variable indicates whether the zone has DST and what the offset change is, but it doesn't have any information about when the change is. Is it just a 'last Sunday in October/April' or something like that hard coded in the library?
Secure network topology
on
Wartrapping?
·
· Score: 5, Interesting
Good points. I'm not up on the details of WEP, but I think I understand what you are getting at. For wired corporate (and other) networks, the basic paradigm is to physically secure the facility and make the gateway points secure with firewalls and such. With wireless, you don't have physical security anymore becuase you don't know exactly where the node is.
This also relates to discussions about cooperative wireless mesh networks. If you want people to volunteer to share their wireless node with neighbors, you have to provide a box that enables it to be done safely. If the design isn't rock solid and foolproof, all it takes is a little FUD to damage the necessary trust that makes people feel ok volunteering.
The idea of placing an access point outside the wired network is probably the correct solution given the claimed weaknesses in WEP, and it might save you from replacing all those cards immediately. If I was proposing adding wireless access to a corporate or educational campus, I would propose this exclusively. No access points inside the gateways, and access the internal network resources as if you were coming in from outside. If you use a VPN solution for telecommuters, the same would work for wireless access. Now you have end2end security on your external people, and whatever your policy is about sharing out some bandwidth for free, it's more like giving a free drop to a nonprofit down the hall. You'd just hook them up to your external router with no internal access.
There was also a small comment in the interview with Vint where he says that he wishes they had designed in access controls for each node from the start. This would probably be a big help here as well as with problems related to IP spoofing and such. Perhaps IPv6 would be an opportunity to get this in, but if it isn't in the spec yet (anyone know?), it's probably too late.
> You could always get a second one;-)
Wife, or TiVo?
One wife is plenty complicated for me. I could never fathom these guys you here about with a wife in two or more cities. It can't be a very happy life.
Actually, the blinds example isn't that bad, but his advise was way off. Just because someone leaves the blinds open doesn't give you a right to look in. If your walking down the street, and look into a house, there's nothing wrong, but the open blinds don't allow you to walk up the the window and watch until you see something 'interesting' your breaking the law.
She's still at the eating an throwing them stage, and she has plenty of board books which she spreads around the room as soon as I try to stack them up on a shelf. Probably nothing collectable, but there are hundreds of books in our living room. We like them though, and would like to have them around when she can read.
She's also very interested in the computer, but her idea of using the mouse is to pound it on the keyboard or floor. If I leave them "unprotected" for even a second, she's there pounding on it. The keyboard is holding up well (have to stick a key back on now and then. The mouse is working, but there is some broken bit rattling inside. Optical mice are great though, no amount of cruft or slime seems to effect them.
So, did you create that clever login name just for this reply?
You're wrong. The TIVO uses a hardware mpeg encoding and decoder chip. It is only capable of encoding one show at a time.
There is no reason that the additional tuner card could not have additional resources to do the encoding before putting it into memory. Every problem has a solution.
Also hackers have hacked this box to include stuff. They created a NIC for it. (Just installed mine last week) They also made a web interface for it. Series 2 has a PCI bus so adding stuff is even easier. (Hell it has USB)
I am aware of some of the hacking that has been done. People hack Xboxes too, but that doesn't mean the vendor isn't actively discouraging it, or even using countermeasures to try to prevent it. It's a closed box, plain and simple, and if it wasn't there would be a lot more third party add ons and such.
I'm not aware of any software hacking (I'd be interested if it is done), and I know that the actual PVR app is closed source. There isn't anything wrong with that per se, but how do you get the source to the GPL parts? It must be available, or surely someone would have made a stink by now, but just how much does that make possible?
I already posted a comment the the effect that an 'open' TiVo box would be able to get a second tuner, but I just had another thought. Isn't that why we want the source to be available for tweaking? Add that little feature so that you can control the priorities according to your requirements. That's right, now you need the root password to pass over my show. Of course my wife knows the root password, so I'd have to make changing these things obscure, and that still wouldn't work because she would just tell me to fix it. The "can't be done easily" defense doesn't even work well when it's true, but at least I'd have a chance to argue for my shows. Then there's the play dumb approach....
You'd be able to add a second (or third) tuner channel and record several shows at the same time.
They used an Open Source OS, but they have done everything to make this invisible and unimportant. The hackers would love to be able to hack this box to add things like this, or a NIC, Ogg jukebox/server and all sorts of other nifty things. If they make great hardware for these applications, they won't lose to competitors, but it needs to be priced pretty aggressively.
In a lot of ways it is too late to switch to this model because they have already sunk a fortune into a losing business model, but it might also save their company if they do it right. Their name recognition is probably way above RedHat in the general population. That's worth a lot even if you give the software to competitors (with GPL). DirectTV would probably still pay them just to use the name in the right situation. I might even get DirectTV service if they did this. I already use their DSL service (started as a Telocity customer, and still use an antenna for TV).
While I agree with this in general, I think it is important to look at this very closely. Most of the negative aspects are directly related to supression, but I also think it is important to draw the line, if only personally, about what is acceptable and unacceptable.
Maybe the best way to put this is that I fully support it from the free speech angle while personally condemning a lot of what is done with this freedom.
Also, in the current climate and state of privacy, I stay away from it completely (on the Internet). What I would like to see is the society as a whole to be a lot more open about sexuality to the point where it wouldn't really be a big deal. The current climate is that extreme violence is way more acceptable than even a little normal sexuality. Which do you want to expose your children to?
I've been quite alarmed lately that a totally new type of SPAM has been landing in my mailbox. Not just SPAM to go to some URL to get whatever form of deviant sex they are pushing, but actual images in the email. This is just not defensable because nobody should be subjected to this without their permission. I know they have all sorts of schemes to avoid being caught, but it seems to me that this and SPAM in general is so blatant that it shouldn't be hard to do something about it. Somebody must be getting paid off.
I definitely agree with the idea that open sexuality is a direct challenge to those who want to supress the rights of women, but I think degrading images of sex are more part of that mindset than any move toward openness. Those who perpitrate this view blame the woman for seducing them, and will even kill their own sister if she is raped. I wish they would quietly kill themselves instead of killing others in their hatred. The shame is all on them, whatever they may claim.
It's interesting how different people react to a story like this. Some have to find or at least suggest what it is, others assume it must be something way out of the ordinary. Always more of a map of your own mind than anything 'out there'.
You have to keep an open mind, or you are going to miss important phenomena. The brain/mind always tries to put perceptions into a category, and it is even hard to make accurate observations when you don't know what to expect, but expectation shape the observation. Just one of those strange loops that can't be eliminated completely.
Read the article. A lot of us aren't too happy that the phone company wants to sell you something to protect yourself from an abusive practice that they are aiding and abetting.
I like the automated response with a way to punch through. If they ignore your request not to be bothered and punch through you have a much better legal case. I guess you would have to keep them on the line and gather all their vitals so you know who to sue.
Wouldn't it be nice if you could subscribe to a legal service to handle all the bother? Instead of gathering the data yourself, say "hold on, I'm really interested in this", and punch a button to forward them to the service who takes if from there. They can have most of the money recovered if they can really hurt these bastards.
Slashdot Mirror
Well, they probably wouldn't be identified as Marines, but everyone would know why it happened. Allowances for slight exaggeration excepted.
This is not alarmist, there are real issues being raised. Even he would admit that some of it is rhetoric, but this doesn't diminish the points.
In a word, yes. That's really the whole point of the argument. DRM is a trojan for the entire industry (if it succeeds). I don't really see how it can win since it is only a gift for a very small segment of the market. MS and to a lesser degree Intel are the big gorillas here. Only MS has the monopoly power to make it widely deployed, but they have a harder time pushing it in Congress because they are already seen as a monopolist bully by many. The [RM]IAA are the ones doing all the lobbying, and trying to make everyone think they are harmed by all those nasty pirates. MS is only too happy to supply the technical means to implement it. It's one of those conspiricies that can't be attacked because the collaboration is silent.
The part about ABC and XYZ word processor (or insert any content editing program) is very persuasive and will be the first place we will see this pushed beyond sensible limits. Many people will still say "shut up and use MSWord". Once it gets to this point it may already be too late.
My hope is that by raising awareness through intellegent articles like this one, more people will see the extent of the risks. The fact is that the kind of pervasive DRM that is being pushed is incompatible with many applications, and as the engineers designing these systems begin to understand the issues, they will apply "due diligence" as described in the article.
If the extreme DRM approach wins in the marketplace, we will all suffer from the kind of thing described in the article, and more. At the very least, it will increase the cost of developing and deploying the kind of critical systems described because they will lose access to a lot of commodity technologies because of these concerns. What will emerge is two technology worlds one with and one without locked in DRM controls.
IMHO, the DRM side will lose because of all the unintended consequences of their badly implemented technology. It's a monopolist's approach, and the real strength of PC hardware is the competitive markets for all the component technologies. The worry is that we will all be happily resting in the warm water before we realize it is too late.
What's wrong with encoding a session identifier in the URL? You don't have to put it in a query string if you don't want to. The entire URL is available for coding state.
Cookies are evil and software architects need to get that through their heads. Unfortunately, many projects are staffed only with developers and application programmers incapable of a deep analysis of anything.
Yes, it is. You seem to be talking about perfect security, which is probably never possible because of the nature of negative proofs. My claim is that you can get as high a level as you need/want if you pay attention to the right details. I'm not going to deal with all of your points because you don't really seem to be concerned with real problems, just poking holes without any reference to the actual situation at hand.
The only issue here is to be able to make sure that you can rely on the digital signatures used in releasing and distributing the code. Yes, there are other places to compromise the system, but those are much less likely. They are still analysing what happened in this case, but the code base was never compromised, just the download site. This would have been immediately detected if everyone checked their downloaded tarballs against the signatures.
Given the existence of this attack, it is necessary to go a bit further to clean up some problems, and the key is to make a minumal robust process easy so there is no reason not to do it. That is exactly the problem I was addressing, so a lot of this is completely irrelevant. If signatures are verified back to a trusted CA an attack of this type would be next to impossible.
Because the CA is the key point, I will address a couple of your points related to that. No, if they design the process correctly, there are no complete key copies anywhere. We used split keys stored on crypto-cards, password protected and stored in a subdivided safe. Two people were needed to do anything so you would have to have a conspiricy to break the system. If we were evacuated, the fire department would have to use their axes to get into the computer room, and we would immediately cancel any certificates that could logically be compromised. I'm sure that Verisign has proceedures just as rigorous.
Even the FBI could not get our keys. We were doing this before the export of strong encryption was allowed, but we got around that because all messages went through our hub where they were encrypted under keys we controlled (as outlined above). The BSA export license specified what we were responsible for if presented with a warrent. All we were responsible for was unwrapping the strong crypto outer wrapper, and giving back the unwrapped message. This would be done in a Tempest room with no network connections of any kind, and when completed the keys went back in the safe. I don't think we would have been required to let the government person in the room for the process, just give them the unwrapped message.
Would anyone admit if the process was compromised? There would be a lot of pressure not to, but it would likely leak out. Lots of people at the company would know and might leak it, particularly if they were fired or badly treated.
Like the subject says, it all comes down to who do you trust, and well run companies that treat their people well will be the most trustworthy. Networks of dedicated volunteers are even more trustworthy, if not quite as reliable. The transparency of the process is critical to establishing the networks of trust in this case. It is exactly the opposite of security through obscurity, and that's what makes it the most robust in the long run.
There are a host of real problems with current power adapters and such. First, wall warts are really pretty bad power supplies. Most are very simple and very inefficient, so even if you had to get intermediate voltages by regulating down DC to DC in some cases, it wouldn't be much worse. They are hot even when nothing is plugged in, that can't be efficient.
My idea is that you could have a well designed switching supply that could take in a range of AC or DC voltages (say 12-270), and put out what you need. The smart portion could be a pretty standard chip that could be used in a wide variety of supply capacities and voltage sets. I'm thinking about alternative power situations too, peddle power, solar cells, fuel cells, wall power around the world.
You just plug it into whatever you got and it senses it and configures itself to whatever is there. Integrating a storage device might be nice too, and the controller would properly take care of battery maintanance as well so you get the longest possible battery life for the technology. It might be complex to design, but it wouldn't need a very powerful processor so the controller chip could be cheap once it is designed.
I had to see if I could find something more recent from him after getting this info. I'll have to read some more, but this seemed pretty recent. An interview video. I didn't want to download RealPlayer just to view this, but there were some interesting tidbits here. For instance he has a new book coming out in December.
I haven't heard much of or about him in years. I guess he's retired. You would think he'd be still making some noise if he isn't dead. I would be very interested in his take on 9/11, but maybe he's just too 'over the edge' for current times.
We have to cut the crap about who is doing what to whom and start really being responsible. I won't be able to face my kids if we don't because there won't be much left for them. And they won't be whining about the stuff in the article, they will be facing environmental devistation.
The subject is just my meta-comment about the idea that slashdotters are of one mind on most things. In this case, personal responsibility is the "groupthink" that is going on. Actually, I'm pretty impressed by it.
I can relate because I'm financially in about the same boat. Little retirement funds, house but little equity (yet), and little confidence that those greedy boomers will leave anything for the rest of us. Don't get me started about our recent tax cuts (not to be US centric, or anything). I'm not whining (or a 'winger' to quote our friend from down under), but I am hopping mad about all the greed.
Fortunately, I have about 20 years experience in the right technologies, and my earning potential is excellent even if it isn't as good recently. I'm well aware that the squeeze is a lot tighter for some, but it is also clear that the outlook is bleakest if you follow the conventional wisdom. Find a way to express your creativity and take care of yourself. Reduce your needs while you take the road less travelled. I'm constantly seeing people who did this, and have been richly rewarded. Not always in money, but they have what they need.
If things keep going the way they have, I'll still be working at 70 to pay the bills and I won't be able to afford to retire, but that's fine with me as long as I can still do it, and I am doing something that interests me. I'm not that worried.
A guy I worked with who is a bit older was trying to convince me that we are in for a long term downturn when the boomers start to retire in large numbers during the next 10-20 years. The argument is that there is a big loss of experience, and there just aren't enough coming up behind to take up the slack. I say hogwash, let them go. Sure, you are going to lose some very talented people, but I think the generations that are coming on are a lot more clueful about the important shifts that technology and the new social networks made possible. If Gates retired now, we would all be a lot better off, and that goes for most of the leadership of large corperations.
He may have a point about the other end of the size scale, and I think there will be tremendous opportinity in small to mid-sized businesses. IMHO, the way out is to start now to empower people working in these organization to use their vision to keep up with all the shifts. The best business people will do this no matter what generation they come from, and the ones that don't will mostly fail and be replaced by new businesses with vision long before they get a chance to retire.
My claim is that the dotcom bust isn't what it first appears, a conventional bubble (although, it was that too). You have to look more closely at the survivors, and you have to be careful about what conclusions you draw. Sure, Gates and company are still making a fortune, but it is on a dead business model. IBM was making a fortune still when I was in school on the same dead business model and it didn't save them. If I'd learned Cobol (actually, I did, but I knew not to go that way) I'd have had a good year or two leading up to Y2K and I'd be desperately trying to catch up now.
It is an open future, and those that understand the importance of creativity and its relationship to freedom are going to shape it.
I've always liked this phrase, and I think it applies here: "When the going gets strange, the wierd turn pro". I think I've just found something to put in my sig.
Linux gives you a choice about how to keep the hardware clock (Local or UTC), and the system clock is UTC with an offset setting for local time. If you're single boot with Linux, a UTC hardware clock is probably best, but if you ever want to boot into Windows, your going to have to adjust somehow.
Having the hardware clock in local time creates a problem when the time change happens, but you don't see it until you reboot. Someone incorrectly said you need to update from the hardware clock, but it is just the opposite, you have to update the hardware clock from the system clock after the time change. Since the system knows both when the change happens and whether the hardware clock is in local or UTC, it could take care of this little detail. It would be a nice touch for the distribution makers to handle this is some way. This is one of those things that doesn't really live in a single program/module but relates to interactions, so the distribution maker probably should own it. Of course, it would be nice if the hardware clock knew what the current offset is, then the issue would be easily and correctly solved.
BTW, I've always wondered about how the transition day is calculated. I've never been able to find a simple description of it. Most (all?) systems seem to know when it is, and it allways seems to be correct (for US timezones excluding Indiana), but I can't see how it could be 'calculated' from a simple rule that doesn't need to be updated from time to time. The TZ variable indicates whether the zone has DST and what the offset change is, but it doesn't have any information about when the change is. Is it just a 'last Sunday in October/April' or something like that hard coded in the library?
This also relates to discussions about cooperative wireless mesh networks. If you want people to volunteer to share their wireless node with neighbors, you have to provide a box that enables it to be done safely. If the design isn't rock solid and foolproof, all it takes is a little FUD to damage the necessary trust that makes people feel ok volunteering.
The idea of placing an access point outside the wired network is probably the correct solution given the claimed weaknesses in WEP, and it might save you from replacing all those cards immediately. If I was proposing adding wireless access to a corporate or educational campus, I would propose this exclusively. No access points inside the gateways, and access the internal network resources as if you were coming in from outside. If you use a VPN solution for telecommuters, the same would work for wireless access. Now you have end2end security on your external people, and whatever your policy is about sharing out some bandwidth for free, it's more like giving a free drop to a nonprofit down the hall. You'd just hook them up to your external router with no internal access.
There was also a small comment in the interview with Vint where he says that he wishes they had designed in access controls for each node from the start. This would probably be a big help here as well as with problems related to IP spoofing and such. Perhaps IPv6 would be an opportunity to get this in, but if it isn't in the spec yet (anyone know?), it's probably too late.
One wife is plenty complicated for me. I could never fathom these guys you here about with a wife in two or more cities. It can't be a very happy life.
Actually, the blinds example isn't that bad, but his advise was way off. Just because someone leaves the blinds open doesn't give you a right to look in. If your walking down the street, and look into a house, there's nothing wrong, but the open blinds don't allow you to walk up the the window and watch until you see something 'interesting' your breaking the law.
She's also very interested in the computer, but her idea of using the mouse is to pound it on the keyboard or floor. If I leave them "unprotected" for even a second, she's there pounding on it. The keyboard is holding up well (have to stick a key back on now and then. The mouse is working, but there is some broken bit rattling inside. Optical mice are great though, no amount of cruft or slime seems to effect them.
You're wrong. The TIVO uses a hardware mpeg encoding and decoder chip. It is only capable of encoding one show at a time.
There is no reason that the additional tuner card could not have additional resources to do the encoding before putting it into memory. Every problem has a solution.
Also hackers have hacked this box to include stuff. They created a NIC for it. (Just installed mine last week) They also made a web interface for it. Series 2 has a PCI bus so adding stuff is even easier. (Hell it has USB)
I am aware of some of the hacking that has been done. People hack Xboxes too, but that doesn't mean the vendor isn't actively discouraging it, or even using countermeasures to try to prevent it. It's a closed box, plain and simple, and if it wasn't there would be a lot more third party add ons and such.
I'm not aware of any software hacking (I'd be interested if it is done), and I know that the actual PVR app is closed source. There isn't anything wrong with that per se, but how do you get the source to the GPL parts? It must be available, or surely someone would have made a stink by now, but just how much does that make possible?
I already posted a comment the the effect that an 'open' TiVo box would be able to get a second tuner, but I just had another thought. Isn't that why we want the source to be available for tweaking? Add that little feature so that you can control the priorities according to your requirements. That's right, now you need the root password to pass over my show. Of course my wife knows the root password, so I'd have to make changing these things obscure, and that still wouldn't work because she would just tell me to fix it. The "can't be done easily" defense doesn't even work well when it's true, but at least I'd have a chance to argue for my shows. Then there's the play dumb approach. ...
They used an Open Source OS, but they have done everything to make this invisible and unimportant. The hackers would love to be able to hack this box to add things like this, or a NIC, Ogg jukebox/server and all sorts of other nifty things. If they make great hardware for these applications, they won't lose to competitors, but it needs to be priced pretty aggressively.
In a lot of ways it is too late to switch to this model because they have already sunk a fortune into a losing business model, but it might also save their company if they do it right. Their name recognition is probably way above RedHat in the general population. That's worth a lot even if you give the software to competitors (with GPL). DirectTV would probably still pay them just to use the name in the right situation. I might even get DirectTV service if they did this. I already use their DSL service (started as a Telocity customer, and still use an antenna for TV).
Maybe the best way to put this is that I fully support it from the free speech angle while personally condemning a lot of what is done with this freedom.
Also, in the current climate and state of privacy, I stay away from it completely (on the Internet). What I would like to see is the society as a whole to be a lot more open about sexuality to the point where it wouldn't really be a big deal. The current climate is that extreme violence is way more acceptable than even a little normal sexuality. Which do you want to expose your children to?
I've been quite alarmed lately that a totally new type of SPAM has been landing in my mailbox. Not just SPAM to go to some URL to get whatever form of deviant sex they are pushing, but actual images in the email. This is just not defensable because nobody should be subjected to this without their permission. I know they have all sorts of schemes to avoid being caught, but it seems to me that this and SPAM in general is so blatant that it shouldn't be hard to do something about it. Somebody must be getting paid off.
I definitely agree with the idea that open sexuality is a direct challenge to those who want to supress the rights of women, but I think degrading images of sex are more part of that mindset than any move toward openness. Those who perpitrate this view blame the woman for seducing them, and will even kill their own sister if she is raped. I wish they would quietly kill themselves instead of killing others in their hatred. The shame is all on them, whatever they may claim.
You have to keep an open mind, or you are going to miss important phenomena. The brain/mind always tries to put perceptions into a category, and it is even hard to make accurate observations when you don't know what to expect, but expectation shape the observation. Just one of those strange loops that can't be eliminated completely.
Nobody thinks there is any point to a standard metric of 'beauty' or 'virtue', oh wait maybe they do ...
I'd ask for my money back. If they can't fix this problem, I'd say their system in non-functional.
I like the automated response with a way to punch through. If they ignore your request not to be bothered and punch through you have a much better legal case. I guess you would have to keep them on the line and gather all their vitals so you know who to sue.
Wouldn't it be nice if you could subscribe to a legal service to handle all the bother? Instead of gathering the data yourself, say "hold on, I'm really interested in this", and punch a button to forward them to the service who takes if from there. They can have most of the money recovered if they can really hurt these bastards.