You guys have all seen those cop movies where they sneak into the bad guy's house and tap his phone. Well, if a bad guy is using voIP, you can hardly do that. (Well you can, because voIP's standard is not encrypted, although some like skype claim to)
It may not be a phonetap as such, but of course you can obtain phone traffic in the home!
It's not like the mouth to microphone connection is encrypted and invulnerable to bugging. Or the microphone to sound card link, if you're using a PC.
Physical access to the home allows all sorts of sneaky tapping. And if the mic is in the ocmputer, and uses the internet connection to phone home, you can't even detect it by a radio sweep.
If "they" get into a house (and they usually can), you can assume that it's not secure any more.
Back in March, in the week that Microsoft successfully lobbied the EU Council of Ministers to oppose the EU Parliament's version of the directive, and import the US software-patent regime to Europe, guess what else they did.
A mere four days after trying to foist software patents on Europe, they announced that the US system needed to be reformed.
Of course what they had in mind is not necessarily what the rest of us want - though they are aware of some of the problems. They suggested:
lowering the quantity and increasing the quality of tech patents
minimizing litigation
"harmonizing" international patent treaties - to recognise their patents, perhaps
and making it easier for smaller inventors to file patents more easily
But it's interesting that Bill Gates recognised publicly that if the current patent regime had been in place when Microsoft was young, they never would have made it!
> "If an opportunity arises to discuss amendments to the directive, it is worth considering that there may be an advantage in changing the definition of technical contribution," said Probert.
> Translates to: don't hold your breath!
This possibility was raised at the workshop I attended - but when I asked how this might happen, the answer was that the post-election government could conceivably decide that the definition of "technical contribution" needed to change, and support amendments to that effect in the European Parliament.
These changes would still need a lot of votes, but with enough governmental support this could be easier to achieve.
Therefore it might be helpful to raise the issue with the DTI as well as with your MEPs.
I have nothing but amused contempt for people who do not value their own work enough to state a price. And I give them exactly what they ask for--nothing.
So is ALL philanthropy deserving of your amused contempt? Or is it just when the kind people assume the existence of other generous people that they deserve your scorn?
The donations model may not be all that effective in revenue terms (though it works for wikipedia), but it's certainly a good way of allowing those who can't afford the price to use the goods. And it's a much better way than making money by participating in undermining the search engines on which most of us depend for much of the usability of the web!
It's not about guts, so much as priorities. You are able to live with yours - but your scorn for generosity seems a bit sad, somehow.
fewer, safer extensions
on
Firefox Hacks
·
· Score: 1
That's not necessarily a good thing. One reason why there are fewer extensions on the default site is that a rudimentary level of checking can be (and hopefully is) applied to the officially hosted ones.
Unknown extensions are pretty much as dangerous as Active-X controls run in trusted mode!
You probably could accept patches if EITHER you have the copyright assigned to you (so you can then re-license them as you require), OR if the patch incorporation process includes getting a licence from the patch author that allows you to redistribute the patch under your proprietary licence as well as GPL, or to relicense the patch at your discretion.
not a lawyer, blah blah blah... (legal advice wants to be paid for?)
The "saved" section is much better news than the saving of one "species" of gizmo. That court case set a precedent that saved a whole family (or maybe even genus or phylum?) of gizmos.
For example when the court ruled that "Species: Sony Betamax" was protected because of substantial non-infringing use, that protected all video recorders (even those funny VHS ones) - and maybe a wider range of devices too.
WITH YET ANOTHER COUNCIL DELAY, JURI IS STILL OUT ON SOFTWARE PATENTS
Poland requests another delay of the adoption of the EU Council's common position on a software patent directive -- JURI (legal affairs committee of the European Parliament) may ask for restart of entire legislative process next week
Brussels (24 January 2005). At the request of Poland, the EU Council once again postponed the adoption of a so-called common position on a software patent directive, which had been planned for today. That new delay opens a window of opportunity for JURI, the legal affairs committee of the European Parliament, to restart the hotly contested legislative process. JURI will meet in Brussels on Wednesday and Thursday of next week (February 2nd and 3rd), and will decide on requesting a restart of the entire legislative process. According to anti-software-patent campaigners, there is a good chance that a majority of JURI members will vote for a restart, and support is said to be broadening.
Florian Müller, campaign manager of NoSoftwarePatents.com, calls on supporters to contact their MEPs and "launch an all-out offensive for the restart because it is by far and away the best chance to prevent the legalization of software patents in the EU. In fact, it may be our only realistic chance. This is the moment of truth."...
Of course the accountability isn't REAL... but it's perceived as important by those who make the decisions -- so, as far as the decision is concerned, it might as well be real.
Of course, if something unfortunate does happen further down the road, this sort of accountability is unlikely to shield anyone - as you point out.
Though the risk of damage to their reputation should encourage some action by Cisco - for whom security is more important than it is for some other O/S companies...
XORP isn't the same as Cisco... XORP is software (or will be), Cisco provides quite a few extras that matter in the enterprise market
hardware
that is reliable
hot-pluggable
redundant (spare powersupplies, etc)
and routing software (that's where XORP fits), and
warranty
support
documentation and support materials
training
certification / qualifications
network design / professional services consultancy
brand recognition
big reference sites, and a proven track record
marketing assistance (powered by... kind of stuff)
accountability
Some of these areas are a real opportunity for third parties, once XORP gets to be a solid product, but the image, brand, reputation, etc will be hard to overcome in the short to medium term. In the longer term, the Linux model shows it is possible (though it's hardly inevitable - it's not the only open router free cisco type project, after all).
Still, the marketing side matters less in a tech-savvy small/medium enterprise, or in a consultancy operation. It might get a start there, or in a more cost-sensitive environment.
And open source can even be argued to confer security advantages. It could get interesting...
when I've attempted to contact the ISP's about these owned machines and having them approach their customers, they do nothing.
Some ISPs do. A friend of mine found one day when he tried to connect that all he could get was a site that told him "download this tool and clean out the worm that's making your PC spew out more infection, or we won't let you back on the net". That was NTL (in the UK) but I believe some other ISPs do that sort of thing too. And good for them!
He downloaded and ran it. That problem was solved. Shame he didn't realise that there were other viruses in there too (or wasn't told that there might well me). Still, it's more than many ISPs do...
How can it possibly be wrong (or even questionable) to look at a site when its owners have sent millions of emails saying essentially "look at me" - sometimes even sending multiple copies of their email to the same person?
And if the site is a scam, or trying to rip people off, then surely it's your civic duty to hinder their attempts to harm other people.
If projection tech needs to catch up so we can use this in a TV or laptop, it'll have to catch up even more to allow it to be used in glasses. But a bigger problem is that the light exits the wedge vertically (or horizontally, if the wedge is sideways), so the diffusing coating they use to make it visible in front or behind would affect transparency.
Your understanding of unions is "a bit biased". It's like a caricature of unions in pre-thatcher Britain. Maybe it IS like that in the US - I wouldn't know. Out here there are good unions and bad ones. Good ones work with the company, in enlightened self interest. Just like good management works with their staff, in enlightened self-interest, in fact.
The Union's job is essentially to stop management from putting a [possibly illusory] chance of short term profit ahead of the longer term interest of the employees (and the company as a whole).
Don't unions collectively bargain for pay rates? Doesn't that ensure that every employee at a position category will receive the same pay no matter how well/poorly they perform?
Yes and no, respectively.
A union may ask for any deal that is in the interests of the membership as a whole - and many unions happily work with systems that reward performance. They may demand that the systems be fair (and avoid victimisation), or that the overall increases be good, or that no employee be too badly disadvantaged. But that's quite compatible with rewarding excellence.
Unions protect the employees by making employee termination much more difficult to the employer. While the advantages are probably pretty obvious, this puts additional burden on the employer to build a case against an employee for termination if the employee truly deserves termination?
Good unions won't have a problem with fair termination of bad employees. On the other hand, they may assist all their members with any appeals or due process there may be. At the end of the day, a fair process is in everyone's interest (unless you're the bad employee).
Unions typically prohibit companies from hiring non-union employees...
In the UK that's called a "Closed Shop" and it's illegal - one of the more enlightened reforms of the Thatcher era. Unions cope just fine. A good union (especially if the employer's management is moderate to poor) will be able to attract members on its merits.
Unions see overtime as potential for another worker rather than an opportunity for current union members to pick up additional income.
Quite the reverse in some cases - I know of unions that guard their members' overtime a little too zealously.
I guess if I were an underachiever, I'd probably welcome a union.
I think you miss the value of a union - at its best it provides balance, and promotes enlightened self interest and good management. Industrial relations are not supposed to be a zero-sum game!
Personally, I didn't used to be a member of our union - but I joined because I thought it was doing a pretty good job.
I don't see anything special. Lots of people work this way in countries other than USA just to feed their families... Only skilled workers like me and state employees work 8 hours 5 days a week.
Lots of people don't. In countries with civilised employment legislation (places like Europe, for instance), most companies can operate successfully without such slavery. It would be illegal, in fact.
We also get decent holidays (30 days a year isn't unknown - plus public holidays, of course...:-)
And both the economy and the employees survive. It can be done!
There seems to be a lot of staggering naivity about the capabilities of nations poorer than the USA.
Sanctions may make it harder for the man in the street to buy computing equipment, but they cannot stop a determined state form getting what is so widely available in the rest of the world. So if North Korea wants hacking hardware, they can get it.
It doesn't really matter how poor the average person is, or how little food or power or money most groups have - if something is important to a dictatorship (like their own personal comfort, or security) it can be generously resourced. Think Saddam's palaces. So they can afford to train to hack.
Don't underestimate educational possibilities. Quality of education has very little to do with GNP - look at the dire state of public schools in the US. Training of the elite can be very effective in less rich countries - the most important thing is usually motivation. Actually, the US system also shows that resources CAN be concentrated to produce pockets of excellence! So if NK wants effective training, it's hardly impossible.
So they could train and resoure a significant number of hackers, if they wanted. The casual complacency of some here reminds me of the attitude of the WWII British in Singapore - just before the Japanese Army cycled round the back of the fortifications and invaded.
On the other hand, North Korea may not have done any of that. Or they may have tried, and been ineffective (though you don't have to be THAT good, to crack lots of systems). It's prudent to take precautions, but daft to panic.
As with any security question, consider what is the problem, whether the solution fixes it, what are the disadvantages of the solution, and whether the tradeoff is worth it. Most sensible precautions are already known - to sensible users and not a few slashdotters;-)
And it's also worth looking at where the story came from, and when. Just because it's a South Korean defence agency doesn't make it untrue (they are in a better position to understand local threats than many outsiders). And the North is ratcheting up tension, by refusing talks. But beware of spin - both from those releasing the stoy, and those who want a pretext for new "security" measures...
No it isn't, it's illegal to watch the BBC without paying for it. If all you use your television for is console games or other channels, don't tune your television in to receive BBC channels and you will be fine.
The actual rule is that if you operate equipment that is capable of receiving broadcast TV signals you need a licence (UK spelling:-) ), or you have to license it. Even if you only watch commercial TV, or you never turn it on, or you only watch videos or play games (honest, guv).
There are minor exceptions for small, battery-only devices in caravans, and the like, and people have escaped where they could show that they could not receive broadcasts (like there was no aerial for their TV/Video, and neither were tuned in to TV channels), but it's not easy.
And the rules on multiple-occupancy are complex, and the way the BBC seeks to apply them seems to evolve. But the basic idea is that you need a licence if there are any tellies in a house.
It's enforced by automatic reminders, detector vans, £1000 fines (Grand if you have a licence, a grand if you don't), and TV sellers notifying the authorities when they sell a telly.
In my opinion it's great value, though. Even if it is being dumbed down, and the free internet-accessible archive seems to have stalled somewhere...
But developing a codec is sensible if it keeps the costs of streaming down - and especially if it's easier to implement on Open Source O/Ss. Hopefully some penny-driven accounting type at the Beeb won't feel the need to charge huge licence fees or impose Open-Source-incompatible licence terms.
Slashdot Mirror
Aaargh!
On one hand, it's a gadget, so I have to get one.
On the other, it's a handbag, and I'll not be seen dead with one.
What's a geek to do?
It's not like the mouth to microphone connection is encrypted and invulnerable to bugging. Or the microphone to sound card link, if you're using a PC.
Physical access to the home allows all sorts of sneaky tapping. And if the mic is in the ocmputer, and uses the internet connection to phone home, you can't even detect it by a radio sweep.
If "they" get into a house (and they usually can), you can assume that it's not secure any more.
Back in March, in the week that Microsoft successfully lobbied the EU Council of Ministers to oppose the EU Parliament's version of the directive, and import the US software-patent regime to Europe, guess what else they did.
A mere four days after trying to foist software patents on Europe, they announced that the US system needed to be reformed. Of course what they had in mind is not necessarily what the rest of us want - though they are aware of some of the problems. They suggested:
But it's interesting that Bill Gates recognised publicly that if the current patent regime had been in place when Microsoft was young, they never would have made it!
> "If an opportunity arises to discuss amendments to the directive, it is worth considering that there may be an advantage in changing the definition of technical contribution," said Probert.
> Translates to: don't hold your breath!
This possibility was raised at the workshop I attended - but when I asked how this might happen, the answer was that the post-election government could conceivably decide that the definition of "technical contribution" needed to change, and support amendments to that effect in the European Parliament.
These changes would still need a lot of votes, but with enough governmental support this could be easier to achieve.
Therefore it might be helpful to raise the issue with the DTI as well as with your MEPs.
The donations model may not be all that effective in revenue terms (though it works for wikipedia), but it's certainly a good way of allowing those who can't afford the price to use the goods. And it's a much better way than making money by participating in undermining the search engines on which most of us depend for much of the usability of the web!
It's not about guts, so much as priorities. You are able to live with yours - but your scorn for generosity seems a bit sad, somehow.
Unknown extensions are pretty much as dangerous as Active-X controls run in trusted mode!
To be fair, Open Source projects aren't universally known for being paragons of interface elegance.
On the other hand, at least you can fix the interface of an Open Source project - unlike a closed one.
Skinnable BIOS, anyone ;-)
not a lawyer, blah blah blah... (legal advice wants to be paid for?)
For example when the court ruled that "Species: Sony Betamax" was protected because of substantial non-infringing use, that protected all video recorders (even those funny VHS ones) - and maybe a wider range of devices too.
You need a marketing person to tell you why a slow, cool processor is unreasonable!
WITH YET ANOTHER COUNCIL DELAY, JURI IS STILL OUT ON SOFTWARE PATENTS
Poland requests another delay of the adoption of the EU Council's common position on a software patent directive -- JURI (legal affairs committee of the European Parliament) may ask for restart of entire legislative process next week
Brussels (24 January 2005). At the request of Poland, the EU Council once again postponed the adoption of a so-called common position on a software patent directive, which had been planned for today. That new delay opens a window of opportunity for JURI, the legal affairs committee of the European Parliament, to restart the hotly contested legislative process. JURI will meet in Brussels on Wednesday and Thursday of next week (February 2nd and 3rd), and will decide on requesting a restart of the entire legislative process. According to anti-software-patent campaigners, there is a good chance that a majority of JURI members will vote for a restart, and support is said to be broadening.
Florian Müller, campaign manager of NoSoftwarePatents.com, calls on supporters to contact their MEPs and "launch an all-out offensive for the restart because it is by far and away the best chance to prevent the legalization of software patents in the EU. In fact, it may be our only realistic chance. This is the moment of truth." ...
What are their names and contact details?
Of course, if something unfortunate does happen further down the road, this sort of accountability is unlikely to shield anyone - as you point out.
Though the risk of damage to their reputation should encourage some action by Cisco - for whom security is more important than it is for some other O/S companies...
- hardware
- that is reliable
- hot-pluggable
- redundant (spare powersupplies, etc)
- and routing software (that's where XORP fits), and
- warranty
- support
- documentation and support materials
- training
- certification / qualifications
- network design / professional services consultancy
- brand recognition
- big reference sites, and a proven track record
- marketing assistance (powered by... kind of stuff)
- accountability
Some of these areas are a real opportunity for third parties, once XORP gets to be a solid product, but the image, brand, reputation, etc will be hard to overcome in the short to medium term. In the longer term, the Linux model shows it is possible (though it's hardly inevitable - it's not the only open router free cisco type project, after all).Still, the marketing side matters less in a tech-savvy small/medium enterprise, or in a consultancy operation. It might get a start there, or in a more cost-sensitive environment.
And open source can even be argued to confer security advantages. It could get interesting...
He downloaded and ran it. That problem was solved. Shame he didn't realise that there were other viruses in there too (or wasn't told that there might well me). Still, it's more than many ISPs do...
Also, this might help combat the "Debian [stable] never includes new stuff" meme. Another good thing.
And if the site is a scam, or trying to rip people off, then surely it's your civic duty to hinder their attempts to harm other people.
If projection tech needs to catch up so we can use this in a TV or laptop, it'll have to catch up even more to allow it to be used in glasses. But a bigger problem is that the light exits the wedge vertically (or horizontally, if the wedge is sideways), so the diffusing coating they use to make it visible in front or behind would affect transparency.
The Union's job is essentially to stop management from putting a [possibly illusory] chance of short term profit ahead of the longer term interest of the employees (and the company as a whole).
Yes and no, respectively.A union may ask for any deal that is in the interests of the membership as a whole - and many unions happily work with systems that reward performance. They may demand that the systems be fair (and avoid victimisation), or that the overall increases be good, or that no employee be too badly disadvantaged. But that's quite compatible with rewarding excellence.
Good unions won't have a problem with fair termination of bad employees. On the other hand, they may assist all their members with any appeals or due process there may be. At the end of the day, a fair process is in everyone's interest (unless you're the bad employee). In the UK that's called a "Closed Shop" and it's illegal - one of the more enlightened reforms of the Thatcher era. Unions cope just fine. A good union (especially if the employer's management is moderate to poor) will be able to attract members on its merits. Quite the reverse in some cases - I know of unions that guard their members' overtime a little too zealously. I think you miss the value of a union - at its best it provides balance, and promotes enlightened self interest and good management. Industrial relations are not supposed to be a zero-sum game!Personally, I didn't used to be a member of our union - but I joined because I thought it was doing a pretty good job.
We also get decent holidays (30 days a year isn't unknown - plus public holidays, of course... :-)
And both the economy and the employees survive. It can be done!
or, more seriously, if you attach enough worms or viruses... which is kind of the point.
Sanctions may make it harder for the man in the street to buy computing equipment, but they cannot stop a determined state form getting what is so widely available in the rest of the world. So if North Korea wants hacking hardware, they can get it.
It doesn't really matter how poor the average person is, or how little food or power or money most groups have - if something is important to a dictatorship (like their own personal comfort, or security) it can be generously resourced. Think Saddam's palaces. So they can afford to train to hack.
Don't underestimate educational possibilities. Quality of education has very little to do with GNP - look at the dire state of public schools in the US. Training of the elite can be very effective in less rich countries - the most important thing is usually motivation. Actually, the US system also shows that resources CAN be concentrated to produce pockets of excellence! So if NK wants effective training, it's hardly impossible.
So they could train and resoure a significant number of hackers, if they wanted. The casual complacency of some here reminds me of the attitude of the WWII British in Singapore - just before the Japanese Army cycled round the back of the fortifications and invaded.
On the other hand, North Korea may not have done any of that. Or they may have tried, and been ineffective (though you don't have to be THAT good, to crack lots of systems). It's prudent to take precautions, but daft to panic.
As with any security question, consider what is the problem, whether the solution fixes it, what are the disadvantages of the solution, and whether the tradeoff is worth it. Most sensible precautions are already known - to sensible users and not a few slashdotters ;-)
And it's also worth looking at where the story came from, and when. Just because it's a South Korean defence agency doesn't make it untrue (they are in a better position to understand local threats than many outsiders). And the North is ratcheting up tension, by refusing talks. But beware of spin - both from those releasing the stoy, and those who want a pretext for new "security" measures...
There are minor exceptions for small, battery-only devices in caravans, and the like, and people have escaped where they could show that they could not receive broadcasts (like there was no aerial for their TV/Video, and neither were tuned in to TV channels), but it's not easy.
And the rules on multiple-occupancy are complex, and the way the BBC seeks to apply them seems to evolve. But the basic idea is that you need a licence if there are any tellies in a house.
It's enforced by automatic reminders, detector vans, £1000 fines (Grand if you have a licence, a grand if you don't), and TV sellers notifying the authorities when they sell a telly.
In my opinion it's great value, though. Even if it is being dumbed down, and the free internet-accessible archive seems to have stalled somewhere...
But developing a codec is sensible if it keeps the costs of streaming down - and especially if it's easier to implement on Open Source O/Ss. Hopefully some penny-driven accounting type at the Beeb won't feel the need to charge huge licence fees or impose Open-Source-incompatible licence terms.