That's not the point. If I'm calling a company, I might want to block caller ID as a default privacy option as is my right as a private citizen. The feature is needed for that reason. It should be (may already be, but with exceptions you can drive a truck through) illegal for telemarketers to block. Of course, they could just set up on a network that doesn't share this information with other network operators to avoid any responsibility.
Adam knows from reading Dave's mail that Dave is getting ready for a release of P. Dave builds the tarball, fetches the floppy with his secret key from secure storage, and signs the tarball. But in the interval Adam has replaced the tarball with a modified one. Dave signs the compromised tarball and releases it to the world.
As I pointed out, the people processes are the weak point. You can make a compromise arbitrarily hard, and you can fix things for the future if there is a compromise. All I was doing is pointing to the important points in the process. The window you describe is very small, and it can be closed if you are that paranoid. Adam can't do that if you take your computer off the network when you do the signing. If Adam has rooted one or more key machines of an important developer, he could add his trojan to the code base (CVS repository) which is a lot easier than trying to compromise the tarball before it is signed.
An approach short of taking your machine off the network is to work on a machine that doesn't take any incoming connections. This is easier than you might think. I'm behind a simple and cheap NAT box, and I don't run any services that require incoming ports to be openned. Even if I had an MS machine and used Outlook, it would only be possible to infect that machine. A sophisticated virus would be able to reach through the firewall to establish a connection, but it would only be to that machine.
The people who count know all of this, and they are careful about the important stuff. The point is to limit damage. All I am saying is that you have to be particularly careful about dealing with the root keys that are used in implementing the Certificate Authority, becuase if those are compromised, someone could forge completely authentic looking signing keys, and it would be very hard to detect and fix. Even then, you revoke the CA keys and make new ones, and this time be more careful (paranoid). If you are working with the root keys, you had better be absolutely sure that host based weaknesses are eliminated.
Even Verisign could be compromised, but it isn't likely because their business depends on people trusting that this can never happen. I've done this kind of work in a commercial setting, so I know what the issues are. That's the whole point of the question in my subject, you have to trust someone, but it doesn't have to cost you a forture (I've recently seen $400 as a price for a Verisign key).
Yeah, I found the story. Way too long, skimmed some, but also very funny. I'm up way too late just reading it.
Excellent piece of fiction if it isn't true, either way great story. Don't you want to ask the guy about the exact location and maybe send a 'team' to investigate. Nice touch about the skidmarks when they were hightailing it out of there making it look like the car left the road.
I think they would deserve honorable mention for considering doing a manned flight.
Since he didn't die, but this one is for real. I've seen the video, and why (how?) would you fake something like that.
I'm pretty sure they try to filter out the urban legends, but they do slip in. I had thought the one about strapping a JATO onto a car was true, but I understand that one was an urban legend. Or it maybe that the attribution of that story to the Darwin Awards was made up.
Aside from what someone else pointed out (that it's kind of like pouring drano in the lake), how would you do this without hurting yourself. Make a little boat and float it out there, then turn over or sink the boat? Once you got it 30-40 feet away, you could hit it with a hose to get thing started. I don't think the 'boat' would last long after that.
Anyone know how if it would burn or explode in in these conditions (i.e. dumped in a lot of water, but not confined)? Would a chunk that large split up from the primary reaction? If it holds together I would expect a bubbling (and hot) reaction, and a hydrogen flame where the bubbles are coming up.
So lets talk about the crypto side of things again. Since I'm paranoid and all that. Do you trust the project maintainer's system security? Reckon he allows anyone to log into his system? Do you trust their security and the network they come over? For that matter, reckon the CVS archive the code's stored on could be compromised? Do you see what we're up against yet? Paranoia...
It isn't that complex to do it right, but as we all know, it's the human factors that get you. I'm sure GnuPG has all the functions necessary to implement it, but you need a trusted party with rock solid proceedures to ensure the top of the chain. What do people do for a CA for their signatures?
As long as you can be certain that: 1) You have the correct public key for the signing authority, and 2) nobody but the signing authority can get access to the corresponding private key. You can do it yourself by generating a key set for your own CA to a floppy and then making signing keys for yourself and your friends from there. You only need the public key to make a certificate, so a friend can email it to you, you get out your floppy and sign with GnuPG, and send the cert back. Keeping your signing keys off-line is a good idea too (if your paranoid, but who can afford not to be with this stuff going on).
Now, the only point that can be attacked is to compromise the CA's signing certificate (This is the CA's public key, signed by itself). If you squirl away a copy of it and get a new copy from time to time to double check you should be completely safe. You could use a public CA, but the commercial ones tend to charge a lot, so it would be nice to have a cooperative CA that does it on the cheap, but still does it well (Does such a thing exist?). Since someone is obviously getting their jollies by compromising distributions on public ftp servers, I'd be a little careful about setting this up. As long as the root signing key is safe (This is the private key), you can make lots of copies of the root certificate (on differenct servers, of course) and verify them with each other periodically.
With all of this in place it should be a simple matter to script the verification of signed signatures. I know I'm not the only person who knows how to do this correctly, so perhaps this is already done. If not, it looks like an excellent project for someone wanting to do this stuff.
Oops, accidentially hit the "log out" link when I was trying to post.
Forgot this comment too. A word processor is a very big project, not a good choice unless you can get a lot of support. I'm way more interested in engineering tools anyway. How are we going to have free hardware designs if we don't have high quality free CAD tools and such. These are even more complex that word processors. It will take time, but I think as more people see the advantages of Open/Free Source as a development model, it will happen.
GPL is new since the Homebrew era. Sharing in the public domain can be dangerous, but with GPL your competitor can't take it private.
Some of us actually built our first computers from bags of 74xx chips with a soldering iron.
Re:Mozilla succeeded through persistance and visio
on
Open Source Studies
·
· Score: 2
Hey, necessity is the mother of invention. So they had to be beat up before they were willing to do it. Netscape should have been OSS all along, NCSA mozilla was.
No no, I think you're missing the point. You're already "inside" the Linux community, he's talking about the other 99.99% of the human population. The issue here is useability.
No, I think you are missing the point. Linux distributions are not quite there on the desktop yet. As a developer/admin, they are more than ready for me, and my English major wife because she has me to keep the systems running. I don't recomend it (yet) to my artist friends, even if they can't afford a Mac.
If you are willing to tinker a little bit and learn something about how systems work, then go for it, it is more than ready. BTW, if your not willing to do this, I wouldn't recomend tinkering under the hood of your Windows box either. And don't forget to back up your important files either even if you don't play with stuff.
A lot of companies are realizing (or should realize), though, that its a great deal to pay one of their employees (or contract out) to take an OSS project which is almost-right-for-them, and add the last 10% of missing functionality, etc. If they play their cards right, their one developer can leverage all the volunteer expertise out there and work with a huge part-time team backing him.
Sort of a different angle on the idea that OSS programmers go after the problems they are most interested in. When you're being paid, your employers desires will factor in, but it should be a lot easier to align your desires with an OSS project than the typical situation.
Excellent points, but I want to make an additional one about QA.
Where does QA work? Usually in industries like Aerospace, Medical, telecomm, and power generation -- industries which don't have a margin for error. They have decades old QA practices that often got instituted the hard way. They also have relatively little competition and insanely high development costs.
IMHO, these are areas of software development that could benefit most from the OSS model. At first glance it would seem to be hard to get a large enough user community to achieve critical mass, but that would miss an important fact about quality. It is a much larger concern of the user community, even in niche markets. In particular niches, the user quality requirements can drive the whole process. If they supported OSS instead of spending a fortune with a closed source vendor, then they would have the access and control to get the quality they require without spending as much money. Why? Because those costs are shared across the industry instead of being concentrated at the vendor.
MS products are buggy and insecure as hell, and I'm certain, without looking at the code, that they are complex in an intractible way that contributes little to functionality. Sure, they can get market driven features shoehorned into the product at a amazing rate, but it all leads to doom because it is unmaintainable. It also takes legions of engineers who are constantly made unhappy by the ugliness of their work.
A Linux distribution is far more complex than any MS release, and it really shows in terms of server use. As the article points out, projects like Mozilla aren't small, and can't be written by a 10-15 member core team. More modularity may help, but I think you will always have problems that are bigger than that. OSS is pretty new, and studies like this are few and far between at this point. Over time we will also learn how to manage and plan for bigger OSS projects.
It is also my position that most important OSS developers should be paid for their work. The core groups, particularly for big important project shouldn't be doing this by hacking all night in addition to their day job. The larger community is often applying the project, so making it work is just part of their job, but the core people are doing a full time job. Some jobs are compatible with doing almost full time OSS work, but we need more of this.
Taking just Mozilla, since Apache is the most successful product in its category. Mozilla is only recently past 1.0, and the paper (if anyone read it, I just finished and I see over 100 comments) was analysing it before 1.0 came out. Nobody expects OSS development to be as fast as commercial, and it doesn't have to be. OSS is going to be much more concerned with quality, stability than artificially aggressive deadlines.
Also note the fast, and in some cases parallel development of derivative products. I don't have the details, but there are a host of 'Gekko' based browsers, and the direct spin-off Phenix is proceeding very fast indeed. People are reporting it to be useable and fast at the 0.2 release.
There is one issue to worry about (from the paper). One hypothesis is that if a project doesn't achieve critical mass, it won't get enough of a user following to get the many eyes effect. I suspect that this may be weakened by a number of factors. Even if a project doesn't acheive critical mass, it may be reworked in another form because the code is still available for experimentation.
If your going to deploy a lot of systems this way, you're going to have to provide for some sort of local support. Depending on the goals, and logistics, it might be fun to do this with volunteer admins from the user community or other support staffs that are already available for other reasons (don't know enough details to say). You could even roll your own distribution to make the installation easier on the range of hardware you will see, and to lock things down somewhat, at least for the base installation.
Even if a machine gets blown out by inadvised tinkering, how hard is it to swap in another, or re-image, etc. I'm sure you'd end up with a range of skill and ability levels, but the smart ones can do all the hard stuff and make cookbook proceedures for everyone else to start from.
It shouldn't be too much to ask that it 'just works' on these systems.
Unfortunately, it is still too much to ask. You can get lucky if it likes your hardware, but as always YMMV. I've got about 20 years in development and admin, and I still find myself scratching my head sometimes when trying to get the system configured, or do some major maintanance task. Mostly it's because I'm tinkering around with the stuff I already have laying around, or trying to save a step or two or do something a bit odd.
The truth is that things aren't that much better with Windows. A friend just got a new XP box and there was no way to repartition and reload XP with the stuff the vendor supplied. Long story short, it took about a week and to visits from another friend that had more Windows related tools and such to get it up. He ended up with a different (and better) video card and a new sound card and running on Windows 2000.
Admin is hard for any OS unless you run exactly the configuration that some vendor has implemented and verified. We even went back to the store considering returning the PC and getting a Mac, but it was beyond his budget. I can't say from personal experience but Macs are probably better, but the vendor closely controls the configuration, don't they.
Being married is one step removed from the source of the problem. The two and a half foot tall human around here is the reason I temporarily moved the stereo to the basement, the VCR is on top of the TV, and there is a fence around the computer and the table the monitor it sits on. The second machine is on a computer desk isn't as interesting but she still pulls the chair up sometimes and goes for the mouse and keyboard. I could use doors on the bookcases too, but I think I'll give up and move all the low shelf books upstairs for a while.
I've always thought an elegant solution would be to have an in the wall ventilation system sort of like those built in vaccumes. The noise would be in the basement, and you'd just hook up a hose that would draw air through whatever component needed air, and exhaust it elsewhere.
Well, I only get about 10-15 a day, and that is annoying enough. Not nearly as annoying as an unwanted phone call. My wife thinks I should be nicer to the people calling since they are just the paid help, and probably don't make much. I want them all to switch careers. I hate the idea of paying the phone company to keep people from bothering me, particularly since they are alway lobbying to prevent effective opt-out lists and such. When a cell or long distance company calls me, I mentally put them off my list of possible services I consider using.
It's not really worth it yet to spend much time on it, but I still have hopes that this will be very easy at some point in the future. I'll try the first Linux distribution that integrates it all out of the box:-)
It's getting very close to the time when I want to refuse all calls and email unless the other party has a token indicating that I have given permission. Well the tech details can be different, but how often do you get a call you want from someone that could easily be listed as a friend or something. Ok, so the cell phone provider might want to call to say I forgot to make the payment, or such, but that could be part of setting up the account. It should be non-transferable too, so they can't even give it to their own telemarketers.
Reguardless of whether there is a system like this one in place, the spammers (phone and email) will be able to get your info if they want, we just need to invent the technological means of denying their ability to use it.
Also, the ENUM thing is stupid. For those I want to deal with, the single ID I want is my name, not some randomly assigned number.
Point taken about the speed, but I hardly think it could have been 150% of rated. I'm not a pilot, but don't these things cruise at about 600mph? Ok, so it might be lower at sea level... If it's only 150% of the designed impact speed, I doubt the difference would have kept the fire retardant on. Sure would have been nice if the fuel flame retardant was part of SOP for jets, though. OTOH, the program also said most of the fire was from the contents of the building, not the fuel which mostly burned up in the fireball outside the towers.
Saw that Frontline and another one last year about what was known more generally about the terror threat. The main thing is that nobody takes any real responsibility. We know hindsight is 20-20, but can't someone step up to the plate?
Truthfully, I didn't spend a lot of time reading everything at that link. The important points, though: 1) the guy was clearly a contributer, so probably not an idealogical enemy, 2) I assumed the truth about the stearing committee and that they backed him over RMS, and 3) I think RMS makes some ideological enemies over nitpicks (my weakest point).
I'm not sure I want to go to the McCarthy stuff because of the associations. It was shameful the way they walked all over the Constitution, and harmed so many good people, and so few that had the stature spoke out about it. The remnants of the Red-Scare crap are still around, and I'm certain that it is part of the motivations of some of the worst ideological enemies of RMS and Open/Free source in general. Strategically it is a lose, though, so I try to stay away from it. Free speech is a much better angle.
The "The Architectures of Control" isn't mine. Someone else posted that link under the article about the "RIAA vs James Boyle" debate this week. Definitely worth a read.
Drop me an Email if you're interested in a few more things I'd like to say, but not in public.
Do you have the numbers to back that up? Even if it was true, wouldn't an increment in solar help? Probably the big saving in that area would be to reduce the demand for air conditioning by improved design. Or is the big demand industrial?
Often the compliment of a lot of rainy and cloudy weather is plenty of wind. But you're right, sun is not a constant, there's also the lattitude factor as well.
Slashdot Mirror
That's not the point. If I'm calling a company, I might want to block caller ID as a default privacy option as is my right as a private citizen. The feature is needed for that reason. It should be (may already be, but with exceptions you can drive a truck through) illegal for telemarketers to block. Of course, they could just set up on a network that doesn't share this information with other network operators to avoid any responsibility.
As I pointed out, the people processes are the weak point. You can make a compromise arbitrarily hard, and you can fix things for the future if there is a compromise. All I was doing is pointing to the important points in the process. The window you describe is very small, and it can be closed if you are that paranoid. Adam can't do that if you take your computer off the network when you do the signing. If Adam has rooted one or more key machines of an important developer, he could add his trojan to the code base (CVS repository) which is a lot easier than trying to compromise the tarball before it is signed.
An approach short of taking your machine off the network is to work on a machine that doesn't take any incoming connections. This is easier than you might think. I'm behind a simple and cheap NAT box, and I don't run any services that require incoming ports to be openned. Even if I had an MS machine and used Outlook, it would only be possible to infect that machine. A sophisticated virus would be able to reach through the firewall to establish a connection, but it would only be to that machine.
The people who count know all of this, and they are careful about the important stuff. The point is to limit damage. All I am saying is that you have to be particularly careful about dealing with the root keys that are used in implementing the Certificate Authority, becuase if those are compromised, someone could forge completely authentic looking signing keys, and it would be very hard to detect and fix. Even then, you revoke the CA keys and make new ones, and this time be more careful (paranoid). If you are working with the root keys, you had better be absolutely sure that host based weaknesses are eliminated.
Even Verisign could be compromised, but it isn't likely because their business depends on people trusting that this can never happen. I've done this kind of work in a commercial setting, so I know what the issues are. That's the whole point of the question in my subject, you have to trust someone, but it doesn't have to cost you a forture (I've recently seen $400 as a price for a Verisign key).
Excellent piece of fiction if it isn't true, either way great story. Don't you want to ask the guy about the exact location and maybe send a 'team' to investigate. Nice touch about the skidmarks when they were hightailing it out of there making it look like the car left the road.
I think they would deserve honorable mention for considering doing a manned flight.
I'm pretty sure they try to filter out the urban legends, but they do slip in. I had thought the one about strapping a JATO onto a car was true, but I understand that one was an urban legend. Or it maybe that the attribution of that story to the Darwin Awards was made up.
Anyone know how if it would burn or explode in in these conditions (i.e. dumped in a lot of water, but not confined)? Would a chunk that large split up from the primary reaction? If it holds together I would expect a bubbling (and hot) reaction, and a hydrogen flame where the bubbles are coming up.
It isn't that complex to do it right, but as we all know, it's the human factors that get you. I'm sure GnuPG has all the functions necessary to implement it, but you need a trusted party with rock solid proceedures to ensure the top of the chain. What do people do for a CA for their signatures?
As long as you can be certain that: 1) You have the correct public key for the signing authority, and 2) nobody but the signing authority can get access to the corresponding private key. You can do it yourself by generating a key set for your own CA to a floppy and then making signing keys for yourself and your friends from there. You only need the public key to make a certificate, so a friend can email it to you, you get out your floppy and sign with GnuPG, and send the cert back. Keeping your signing keys off-line is a good idea too (if your paranoid, but who can afford not to be with this stuff going on).
Now, the only point that can be attacked is to compromise the CA's signing certificate (This is the CA's public key, signed by itself). If you squirl away a copy of it and get a new copy from time to time to double check you should be completely safe. You could use a public CA, but the commercial ones tend to charge a lot, so it would be nice to have a cooperative CA that does it on the cheap, but still does it well (Does such a thing exist?). Since someone is obviously getting their jollies by compromising distributions on public ftp servers, I'd be a little careful about setting this up. As long as the root signing key is safe (This is the private key), you can make lots of copies of the root certificate (on differenct servers, of course) and verify them with each other periodically.
With all of this in place it should be a simple matter to script the verification of signed signatures. I know I'm not the only person who knows how to do this correctly, so perhaps this is already done. If not, it looks like an excellent project for someone wanting to do this stuff.
Forgot this comment too. A word processor is a very big project, not a good choice unless you can get a lot of support. I'm way more interested in engineering tools anyway. How are we going to have free hardware designs if we don't have high quality free CAD tools and such. These are even more complex that word processors. It will take time, but I think as more people see the advantages of Open/Free Source as a development model, it will happen.
Some of us actually built our first computers from bags of 74xx chips with a soldering iron.
Hey, necessity is the mother of invention. So they had to be beat up before they were willing to do it. Netscape should have been OSS all along, NCSA mozilla was.
No, I think you are missing the point. Linux distributions are not quite there on the desktop yet. As a developer/admin, they are more than ready for me, and my English major wife because she has me to keep the systems running. I don't recomend it (yet) to my artist friends, even if they can't afford a Mac.
If you are willing to tinker a little bit and learn something about how systems work, then go for it, it is more than ready. BTW, if your not willing to do this, I wouldn't recomend tinkering under the hood of your Windows box either. And don't forget to back up your important files either even if you don't play with stuff.
Sort of a different angle on the idea that OSS programmers go after the problems they are most interested in. When you're being paid, your employers desires will factor in, but it should be a lot easier to align your desires with an OSS project than the typical situation.
Where does QA work? Usually in industries like Aerospace, Medical, telecomm, and power generation -- industries which don't have a margin for error. They have decades old QA practices that often got instituted the hard way. They also have relatively little competition and insanely high development costs.
IMHO, these are areas of software development that could benefit most from the OSS model. At first glance it would seem to be hard to get a large enough user community to achieve critical mass, but that would miss an important fact about quality. It is a much larger concern of the user community, even in niche markets. In particular niches, the user quality requirements can drive the whole process. If they supported OSS instead of spending a fortune with a closed source vendor, then they would have the access and control to get the quality they require without spending as much money. Why? Because those costs are shared across the industry instead of being concentrated at the vendor.
A Linux distribution is far more complex than any MS release, and it really shows in terms of server use. As the article points out, projects like Mozilla aren't small, and can't be written by a 10-15 member core team. More modularity may help, but I think you will always have problems that are bigger than that. OSS is pretty new, and studies like this are few and far between at this point. Over time we will also learn how to manage and plan for bigger OSS projects.
It is also my position that most important OSS developers should be paid for their work. The core groups, particularly for big important project shouldn't be doing this by hacking all night in addition to their day job. The larger community is often applying the project, so making it work is just part of their job, but the core people are doing a full time job. Some jobs are compatible with doing almost full time OSS work, but we need more of this.
I don't think this is true. There is always somebody that will find any given problem interesting. If not, it probably wasn't worth doing.
Examples to the contrary?
Also note the fast, and in some cases parallel development of derivative products. I don't have the details, but there are a host of 'Gekko' based browsers, and the direct spin-off Phenix is proceeding very fast indeed. People are reporting it to be useable and fast at the 0.2 release.
There is one issue to worry about (from the paper). One hypothesis is that if a project doesn't achieve critical mass, it won't get enough of a user following to get the many eyes effect. I suspect that this may be weakened by a number of factors. Even if a project doesn't acheive critical mass, it may be reworked in another form because the code is still available for experimentation.
Even if a machine gets blown out by inadvised tinkering, how hard is it to swap in another, or re-image, etc. I'm sure you'd end up with a range of skill and ability levels, but the smart ones can do all the hard stuff and make cookbook proceedures for everyone else to start from.
Unfortunately, it is still too much to ask. You can get lucky if it likes your hardware, but as always YMMV. I've got about 20 years in development and admin, and I still find myself scratching my head sometimes when trying to get the system configured, or do some major maintanance task. Mostly it's because I'm tinkering around with the stuff I already have laying around, or trying to save a step or two or do something a bit odd.
The truth is that things aren't that much better with Windows. A friend just got a new XP box and there was no way to repartition and reload XP with the stuff the vendor supplied. Long story short, it took about a week and to visits from another friend that had more Windows related tools and such to get it up. He ended up with a different (and better) video card and a new sound card and running on Windows 2000.
Admin is hard for any OS unless you run exactly the configuration that some vendor has implemented and verified. We even went back to the store considering returning the PC and getting a Mac, but it was beyond his budget. I can't say from personal experience but Macs are probably better, but the vendor closely controls the configuration, don't they.
I've always thought an elegant solution would be to have an in the wall ventilation system sort of like those built in vaccumes. The noise would be in the basement, and you'd just hook up a hose that would draw air through whatever component needed air, and exhaust it elsewhere.
It's not really worth it yet to spend much time on it, but I still have hopes that this will be very easy at some point in the future. I'll try the first Linux distribution that integrates it all out of the box :-)
Reguardless of whether there is a system like this one in place, the spammers (phone and email) will be able to get your info if they want, we just need to invent the technological means of denying their ability to use it.
Also, the ENUM thing is stupid. For those I want to deal with, the single ID I want is my name, not some randomly assigned number.
Saw that Frontline and another one last year about what was known more generally about the terror threat. The main thing is that nobody takes any real responsibility. We know hindsight is 20-20, but can't someone step up to the plate?
Well, I do live in "the Windy City". Not everyone knows that this never really referred to the weather.
I'm not sure I want to go to the McCarthy stuff because of the associations. It was shameful the way they walked all over the Constitution, and harmed so many good people, and so few that had the stature spoke out about it. The remnants of the Red-Scare crap are still around, and I'm certain that it is part of the motivations of some of the worst ideological enemies of RMS and Open/Free source in general. Strategically it is a lose, though, so I try to stay away from it. Free speech is a much better angle.
The "The Architectures of Control" isn't mine. Someone else posted that link under the article about the "RIAA vs James Boyle" debate this week. Definitely worth a read.
Drop me an Email if you're interested in a few more things I'd like to say, but not in public.
Do you have the numbers to back that up? Even if it was true, wouldn't an increment in solar help? Probably the big saving in that area would be to reduce the demand for air conditioning by improved design. Or is the big demand industrial?
Often the compliment of a lot of rainy and cloudy weather is plenty of wind. But you're right, sun is not a constant, there's also the lattitude factor as well.