Re:What's wrong with national IDs?
on
Beyond Fear
·
· Score: 5, Interesting
It's really symptomatic of something else: American's don't trust their government. Over the last century the government and laws of the USA have really gotten out of control, but the population has mostly just let it slide. I mean it's illegal to smoke marijuana, but everyone does it anyway. It's illegal in many states to be involved in a blow job, or to arrange your furniture in a certain way, or to change the needle valves in your carburetor. All these laws are pretty stupid, but nobody really cares because they are unenforceable.
In addition the people of the USA have a tradition of just being criminals. Practically anyone has a smuggler or a bootlegger or a bookie in their family tree somewhere. These things were illegal but not really dishonorable. And in the beginning days of the country, it was possible for someone to fuck up their lives in one area and simply start over further west. So we've gotten used to ignoring the laws and taking advantage of anonymity.
The situation changes if the government suddenly becomes organized and informed. If the government has a good way to track who we are and what we are doing, all those things that are illegal will suddenly matter. So the reaction is to resist tracking and information programs. Of course, this is the incorrect reaction: what we should really be doing is reigning in our government and repealling stupid laws until we feel that we can trust it again. But that answer isn't as obvious.
I'll end with a short example: last year I got on an SF MUNI streetcar at a station where the toll machines were broken. I paid my $1, but the machine didn't give me a ticket. No attendant was on duty so I just boarded the train anyway. Well, lo and behold here comes Fare Inspection Shitwit to check my ticket, which I didn't have, through no fault of my own. Inspector Shitwit gives me a ticket ($90 fine) for failure to have a ticket on the streetcar. Naturally I rebuked him profanely and threw the ticket in the trash. I don't have any intention of dealing with such rubbish. But now, six months later, there's a warrant for my arrest which will never be served by the SFPD and I will be unable to renew my driver's license, which is expired, until a year after the incident. If the government were *really* well organized I might even get arrested. I'm really afriad that in some well-organized, well-tracked future government regime, people will get in *real trouble* for not having a piece of paper that says you paid $1 to get on the bus.
There's something weird, which I'm not really too familiar with, about how the sg nodes get allocated. It isn't straightforward finding out which sg node belongs to which scsi device. So it's easier to just hand over the SCSI bus/id/lun.
Most people don't have this problem because they only have one SCSI device, so they don't need to provide device= to cdrecord.
Because a CD recorder has two fundamentally different modes of operation. In one mode, you can treat the CD recorder as just another block device, in which case you are using the block device nodes (e.g./dev/sr0) and simply telling the operating system that you want the contents of file so-and-so, which only happens to be located on a CD-ROM. In this case the kernel takes care of talking to the device and you don't have to worry about it.
In the second case, you want to speak directly to the CD recorder in its native language. That's what the SCSI generic device nodes are for. The program is telling the kernel to get out of the way, because it knows how to speak the device's protocol.
If you've read Feynman's What Do You Care What Other People Think, you might agree with me that secure software might be developed the same way that space shuttle guidance system is, while insecure software, which is by far the more common type, is written in a matter like the design of the shuttle main engine. Feynman claims that the problem with the main engine is that it was designed from the top down. They figured out how much thrust was needed and what the size should be and descended from there. So when they found out that the turbine blades were cracking on every launch, it was too late and too expensive to fix the system.
A lot of software is designed this way, too. The requirements are very roughly laid out, somebody decides on the architecture, and when the need for some supporting bit of code is discovered, that bit of code is wedged in to the existing design, because changing the whole system would be too hard. At some point the entire thing devolves into a gruesome hack.
Contrast with a better engineering method. You know you need turbine blades, so you do the basic material research on them. You figure out that you can make a blade this size out of this material which can operate for 10 hours with a 1 in 10^6 probability of failure. Now you know what kind of load you can put on the blade so you can decide what the system pressure and speed will be. You work up from there and eventually you have a rocket engine. The beauty of it is that, after you've figured out the max load you can put on the turbine blade, you never have to think about it again. You're done.
Secure software is also written this way. You know that in an SSL library, you will need to deal with ASN.1, so you start there. You make an ASN.1 library, which you analyze and test until you know it is bulletproof and all the failure modes are known. Likewise you probably need good robust MD5 and SHA-1 hash algorithms. Once you have a pretty good pile of fundamental components, you start wiring them together. It's nice that, since you designed an industrial-grade ASN.1 parser the first time around, you'll never have to revisit that code again.
Now, I have no idea if OpenSSL is written in the former or the latter style. It could be some of the most secure software in the world, and it is evidently very easy to repair, as we have seen lately. But I've certainly seen both styles of programming in the industry, and experienced the headaches that result from the top-down style.
I already have a compiler that can flag deprecated functions. This magical compiler is known as "gcc", and it has even been included on some Linux systems, recently.
-1, misinformative. An "A" record does not denote a "web address". It denotes the address of an Internet host. Read all about it in RFC 1035.
The problem this causes is: you look up the MX for example.net, and you get the answer: example.net MX mail.bogus.net. So you look up mail.bogus.net, which does not exist, and instead of getting nothing, which is the correct response, you get this craptastic server at VeriSign. See the problem?
If DoS attacking Center7 is blowing up a cafe, then SCO has been carpet bombing us for months. So yes, it would be a fitting response.
But wait, nobody's getting blown up. SCO is trying to destroy the future of software development, and the network is responding unfavorably. Boohoo for SCO.
I don't know how "innocent" these people can claim to be. Their ISP is owned by the SCO Group owner Canopy Group. Center7 is, in my opinion, a legit target.
A protection racket like Canopy can't expect other people to act within the law. It's like the mob complaining about how their victims sometimes pull knives.
Roger that. I'm the only person in my office who can print properly. My colleagues using Windows cannot print properly. My Linux machine can print double sided, in color, 1400 dpi, with awesome screening quality, to one of two different printers. The Windows machines can sometimes print, but after a few weeks they stop. Often the Windows users in my office resort to printing a postscript file and uploading it to the printer via FTP. None of them can print a PDF file larger than 1MB. How's that for easy to use?
Btw, all I had to do was install CUPS and foomatic PPD files, then add a printer using CUPS' web interface. Very easy with apt-get.
LILO is my biggest Linux annoyance. Last week I spent several hours diagnosing a LILO bug. With one SCSI drive installed in the machine, LILO could boot the system. However as soon as I turned up the other nine drives on three SCSI HBAs, LILO would stop with the error "Timestamp Mismatch". This message is undocumented, as far as I can tell, and although Google can find mailing list messages from other people in my position, it doesn't find any answers.
So after going round and round with the HBA firware, the machine firmware, and LILO, I solved the problem by chucking LILO on the rubbish pile and using GRUB. GRUB is the man. It got me out of that bind and I expect to move all my Linux servers to it whenever they next need to be restarted.
Second biggest Linux annoyance: misleading prompts in init scripts. The messages is "Give root password for maintenance, or Control-D for normal startup." WRONG! Control-D will not give you a normal startup, it will reboot the machine. This is in Debian GNU/Linux. Debian also has the annoying init issue that when I go from single user to multiuser by way of telinit, the network interfaces aren't brought up. Boo.
Third biggest nuisance: fsck on filesystems marked clean. You can get around this with tune2fs or the equivalent for other fs.
Granted, the 48-series are dominant in engineering. But why whould engineers replace the 48G with one of these 49s? The 48G does the job, and for heavy work, as you correctly point out, you use a computer anyway. So the speed of the calc is not that relevant. And the battery life on the 48 is absurd (measured in years, in some cases).
The picture of the prototype appears to have rubber spongy buttons from some of the lower-end Casio and TI calcs. Serious users will demand the Indestructobutton from previous HP models.
What's the story with people shipping SuSE Linux Enterprise Server? This is, in my experience, an extremely bad, half-baked operating system. I ordered two SMP Opteron machines, and they came with this dreck installed. The MySQL server that came with it habitually segfaulted, and the PostgreSQL was using POSIX IPC instead of spinlocks, which tended to induce greater than 100000 context switches per second, and made PostgreSQL look slower than grepping through CSV files. It was obvious that no real testing of this operating system had been performed.
The kernel was described by the developer of same as "ancient", however the software update mechanism in SuSE didn't offer anything newer. As a matter of fact, for the 6 weeks I allowed SuSE to live on the machine, the software update program didn't offer to update anything, despite a number of security updates available from upstream developers. To a user or administrator spoiled by Debian and apt-get this updater was totally unacceptable.
Anyway, I just don't understand why everyone is rushing to ship SuSE. It's the second-worst Linux I've used (ahead of Red Hat).
Fine, but when moz makes your X server behave as though it is rendering into the display across a 9600bps serial link, you'll get an inflated opinion of the brokeness.
I dunno but PNG support is extremely broken. In XFree86 4.something.something, Mozilla makes the entire display slow to a crawl whenever a PNG is on the screen. Other apps that display PNGs do not have this problem.
It's probably due to something unaccelerated in my exact setup, but whatever it is only cropped up recently and only happens with moz.
The people repairing ovens and television sets aren't being killed by 120V mains power. They are being killed by massive stored charges from capacitors discharging into them. "Total protoonic reversal," as a man once said.
What the fuck for? Thanks... for not ripping off our work? Thanks... for actually complying with copyright laws? Thanks... for not contributing your changes back to the projects bolstering your profit margins?
About the only thing Linksys deserves is being closely watched for future violations (or piracy, to use an industry term).
Slashdot Mirror
It's really symptomatic of something else: American's don't trust their government. Over the last century the government and laws of the USA have really gotten out of control, but the population has mostly just let it slide. I mean it's illegal to smoke marijuana, but everyone does it anyway. It's illegal in many states to be involved in a blow job, or to arrange your furniture in a certain way, or to change the needle valves in your carburetor. All these laws are pretty stupid, but nobody really cares because they are unenforceable.
In addition the people of the USA have a tradition of just being criminals. Practically anyone has a smuggler or a bootlegger or a bookie in their family tree somewhere. These things were illegal but not really dishonorable. And in the beginning days of the country, it was possible for someone to fuck up their lives in one area and simply start over further west. So we've gotten used to ignoring the laws and taking advantage of anonymity.
The situation changes if the government suddenly becomes organized and informed. If the government has a good way to track who we are and what we are doing, all those things that are illegal will suddenly matter. So the reaction is to resist tracking and information programs. Of course, this is the incorrect reaction: what we should really be doing is reigning in our government and repealling stupid laws until we feel that we can trust it again. But that answer isn't as obvious.
I'll end with a short example: last year I got on an SF MUNI streetcar at a station where the toll machines were broken. I paid my $1, but the machine didn't give me a ticket. No attendant was on duty so I just boarded the train anyway. Well, lo and behold here comes Fare Inspection Shitwit to check my ticket, which I didn't have, through no fault of my own. Inspector Shitwit gives me a ticket ($90 fine) for failure to have a ticket on the streetcar. Naturally I rebuked him profanely and threw the ticket in the trash. I don't have any intention of dealing with such rubbish. But now, six months later, there's a warrant for my arrest which will never be served by the SFPD and I will be unable to renew my driver's license, which is expired, until a year after the incident. If the government were *really* well organized I might even get arrested. I'm really afriad that in some well-organized, well-tracked future government regime, people will get in *real trouble* for not having a piece of paper that says you paid $1 to get on the bus.
There's something weird, which I'm not really too familiar with, about how the sg nodes get allocated. It isn't straightforward finding out which sg node belongs to which scsi device. So it's easier to just hand over the SCSI bus/id/lun. Most people don't have this problem because they only have one SCSI device, so they don't need to provide device= to cdrecord.
Because a CD recorder has two fundamentally different modes of operation. In one mode, you can treat the CD recorder as just another block device, in which case you are using the block device nodes (e.g. /dev/sr0) and simply telling the operating system that you want the contents of file so-and-so, which only happens to be located on a CD-ROM. In this case the kernel takes care of talking to the device and you don't have to worry about it.
In the second case, you want to speak directly to the CD recorder in its native language. That's what the SCSI generic device nodes are for. The program is telling the kernel to get out of the way, because it knows how to speak the device's protocol.
If you've read Feynman's What Do You Care What Other People Think, you might agree with me that secure software might be developed the same way that space shuttle guidance system is, while insecure software, which is by far the more common type, is written in a matter like the design of the shuttle main engine. Feynman claims that the problem with the main engine is that it was designed from the top down. They figured out how much thrust was needed and what the size should be and descended from there. So when they found out that the turbine blades were cracking on every launch, it was too late and too expensive to fix the system.
A lot of software is designed this way, too. The requirements are very roughly laid out, somebody decides on the architecture, and when the need for some supporting bit of code is discovered, that bit of code is wedged in to the existing design, because changing the whole system would be too hard. At some point the entire thing devolves into a gruesome hack.
Contrast with a better engineering method. You know you need turbine blades, so you do the basic material research on them. You figure out that you can make a blade this size out of this material which can operate for 10 hours with a 1 in 10^6 probability of failure. Now you know what kind of load you can put on the blade so you can decide what the system pressure and speed will be. You work up from there and eventually you have a rocket engine. The beauty of it is that, after you've figured out the max load you can put on the turbine blade, you never have to think about it again. You're done.
Secure software is also written this way. You know that in an SSL library, you will need to deal with ASN.1, so you start there. You make an ASN.1 library, which you analyze and test until you know it is bulletproof and all the failure modes are known. Likewise you probably need good robust MD5 and SHA-1 hash algorithms. Once you have a pretty good pile of fundamental components, you start wiring them together. It's nice that, since you designed an industrial-grade ASN.1 parser the first time around, you'll never have to revisit that code again.
Now, I have no idea if OpenSSL is written in the former or the latter style. It could be some of the most secure software in the world, and it is evidently very easy to repair, as we have seen lately. But I've certainly seen both styles of programming in the industry, and experienced the headaches that result from the top-down style.
Then we would have a homogeneous Linux computer installation, with worms exploiting OpenSSH buffer overruns. Duh.
The way to create informed computer users is to hand them a 6502 and the manual for same, and leave them alone with it.
No mystery here. The results on Verisign's dipshit new unservice are provided by paid-listings search engine Overture, now owned by yahoo.
Ah, that does make sense. It also allows VeriSpam to harvest misspelled email addresses ;)
The problem this causes is: you look up the MX for example.net, and you get the answer: example.net MX mail.bogus.net. So you look up mail.bogus.net, which does not exist, and instead of getting nothing, which is the correct response, you get this craptastic server at VeriSign. See the problem?
Why the fuck would anyone run a "mail rejector daemon"? Seems like not answering to port 25 would fulfill all your mail rejection needs.
You have to be completely ignorant of the meaning of QWERTY to be able to mistype it. The keys are all right there in a row!
If DoS attacking Center7 is blowing up a cafe, then SCO has been carpet bombing us for months. So yes, it would be a fitting response.
But wait, nobody's getting blown up. SCO is trying to destroy the future of software development, and the network is responding unfavorably. Boohoo for SCO.
A protection racket like Canopy can't expect other people to act within the law. It's like the mob complaining about how their victims sometimes pull knives.
RIM doesn't provide the service. It uses regular GSM GPRS service.
The whole sector gapped up Friday morning. Check out American Superconductor.
Roger that. I'm the only person in my office who can print properly. My colleagues using Windows cannot print properly. My Linux machine can print double sided, in color, 1400 dpi, with awesome screening quality, to one of two different printers. The Windows machines can sometimes print, but after a few weeks they stop. Often the Windows users in my office resort to printing a postscript file and uploading it to the printer via FTP. None of them can print a PDF file larger than 1MB. How's that for easy to use? Btw, all I had to do was install CUPS and foomatic PPD files, then add a printer using CUPS' web interface. Very easy with apt-get.
So after going round and round with the HBA firware, the machine firmware, and LILO, I solved the problem by chucking LILO on the rubbish pile and using GRUB. GRUB is the man. It got me out of that bind and I expect to move all my Linux servers to it whenever they next need to be restarted.
Second biggest Linux annoyance: misleading prompts in init scripts. The messages is "Give root password for maintenance, or Control-D for normal startup." WRONG! Control-D will not give you a normal startup, it will reboot the machine. This is in Debian GNU/Linux. Debian also has the annoying init issue that when I go from single user to multiuser by way of telinit, the network interfaces aren't brought up. Boo.
Third biggest nuisance: fsck on filesystems marked clean. You can get around this with tune2fs or the equivalent for other fs.
The picture of the prototype appears to have rubber spongy buttons from some of the lower-end Casio and TI calcs. Serious users will demand the Indestructobutton from previous HP models.
The kernel was described by the developer of same as "ancient", however the software update mechanism in SuSE didn't offer anything newer. As a matter of fact, for the 6 weeks I allowed SuSE to live on the machine, the software update program didn't offer to update anything, despite a number of security updates available from upstream developers. To a user or administrator spoiled by Debian and apt-get this updater was totally unacceptable.
Anyway, I just don't understand why everyone is rushing to ship SuSE. It's the second-worst Linux I've used (ahead of Red Hat).
Fine, but when moz makes your X server behave as though it is rendering into the display across a 9600bps serial link, you'll get an inflated opinion of the brokeness.
I dunno but PNG support is extremely broken. In XFree86 4.something.something, Mozilla makes the entire display slow to a crawl whenever a PNG is on the screen. Other apps that display PNGs do not have this problem.
It's probably due to something unaccelerated in my exact setup, but whatever it is only cropped up recently and only happens with moz.
Does camino have a future? No releases have been made since 0.7, quite some time ago. Should MacOS X users switch to Mozilla, or Firebird.
ObSafariSucks
The people repairing ovens and television sets aren't being killed by 120V mains power. They are being killed by massive stored charges from capacitors discharging into them. "Total protoonic reversal," as a man once said.
It should be possible to blow it away with enough RF power. Stick it in a microwave, for example.
What the fuck for? Thanks ... for not ripping off our work? Thanks ... for actually complying with copyright laws? Thanks ... for not contributing your changes back to the projects bolstering your profit margins?
About the only thing Linksys deserves is being closely watched for future violations (or piracy, to use an industry term).