My guess is that spammers did it. First, the virus sets up a backdoor, which would be very useful to spammers but contributes nothing to an attack on SCO. Second, the virus is a variant of previous viruses used to set up open relays. And third, spammers have the only clear motive - to put it in as a red herring. SCO, and most Linux fans, don't have the skill to do it. Most Linux fans would realize how stupid it would be. Spammers would have heard of the SCO v. IBM battle, but are not personally invested in it, and would think nothing of adding the DDoS payload out of curiosity.
A step backwards for reputation of the Linux and open source communities in the eyes of people who haven't followed the SCO case closely and don't know any better. It's not material harm, but I think perception is important here.
Darl will say Linux supporters must have done it, and the media will quote him, and clueless people will read it and associate whoever did it with us. So while we know it wasn't "one of us" and we don't support it (except in jest), people will read otherwise. We unfortunately don't get to choose who the public associates us with.
I know you were joking, but no, attacking sco.com does not make it a worthwhile virus. Yes, SCO deserves a lot of hardship. But any retaliation should be done in a completely legal manner. Why? SCO is trying to make open source look bad in the eyes of businesses. They've said we don't respect copyrights, they say we're anti-business. They screamed loudly about joking death threats and DDoS attacks. They're trying to make us look bad, and whatever we do should make them look bad, make them look like the aggressor they are. Doing obviously illegal things only makes us look bad and SCO look like a victim. So this is a major step backwards.
Typically you can click-n-drag the selected files to the shell's window and it will be as if you'd typed the filenames. This works at least for Windows's cmd and most Linux xterm clones.
Two things would interest me greatly. One, to hear those tapes. Two, I wonder what effect various types of lossy audio compression would have on the effect.
I think the reason software patents are bad is the same reason patenting a plot device would be bad. Both books and software already have copyright protection, and that's plenty.
The point of patents was so inventors would share how their inventions work. But with software, it's typically possible to tell how it works just by using it. Who here, when faced with a software design problem, looks at patents? Anyone? Exactly.
I've heard that before, and the upshot is, the FCC are idiots. Binary drivers are only slightly less hackable than open source ones. Hacked binary drivers that allow you to receive and broadcast on the forbidden frequencies already exist and were trivial to make.
Signed register sets is a much better solution which is both more secure and more open. Intel can design hardware that only accepts register sets that have been signed with Intel's private key. This would make it impossible (as opposed to just inconvenient) to use the forbidden frequencies, so the FCC would be happy. And it would be possible to write open-source drivers to load the signed register sets without compromising security or FCC certifiability.
My desktop has very few icons, and I never use them. On the kicker (start bar) I have shortcuts to stuff I use often - browser, email, shell, IM. For more rarely used stuff, if I can remember the name, Alt-F2, type a few letters, and choose from the drop-down menu. To me, that's much quicker than choosing from far too many icons.
Multiple desktops and tabbed browsing are nifty too. They let you seperate your apps and web pages into tasks so you don't get cluttered. One browser window for Slashdot, one desktop for email and IM, another for music, another for what I'm working on.
It'd be interesting to have a database of all the apps installed, a quick description of what they do, and how to launch them. This would let you do, say, "Alt-F2 edit" and see a list of editors, if you can't remember their often-obscure names.
I have heard of things like that, but I'm still not sure they're a good idea. For one, the implementation would probably favor a monopoly. Second, I don't think there's a good price-point. If the cost is to high, nobody would accept the chance that they could be maliciously fined. If it was too low, it might be worth it to spammers to send one spam to confirm that the address is valid. You can't just ignore all email that hasn't submitted to the system, because initially that would include almost all email.
My favorite solution is outlined here. Your ISP can add a key to its DNS entry. Then, someone checking the spamminess of a message does a DNS lookup. They can then verify that the mail originated from that domain and mark it as unspammy. If it's spam anyway, you can complain to the originating domain, with confidence that it came from there. And if there's no key associated with that domain, nothing happens. So it's opt-in and cheap (no cost, only a few cycles and bit of bandwidth).
How does Microsoft impede the improvement of software? By destroying competition.
Consider mail clients. Outlook and OE suck, for a variety of technical reasons. If people made informed decisions purely on the basis of value and cost, Microsoft's clients wouldn't be nearly as popular. But they don't - most people either use OE because it's there, or because their job requires them to (probably because of proprietary protocols). Not by its merit, but simply by bundling it with Windows, Microsoft has made Outlook Express the predominant email client.
This means that other, better email clients compete in a much smaller arena composed of technically inclined people. Joe Average User isn't represented in this arena, so there is less selective pressure forcing other clients to become user-friendly. And thus, because other clients are sometimes harder to use and require actual effort to install, the majority of users stick with the inferior software.
The same argument can be made about web browsers, word processors, and operating systems. Competition is good, and without it the quality of software doesn't improve.
Real email clients? There are tons, but almost anything is better than Outlook and OE. Outlook's fixed wordlist amazed me - once you know the hammy words, its easy to bypass. Moreover, expecting that md5summing individual words will hide them shows a real commitment to security by obscurity. (Of course, I shouldn't be talking.) Also, the HTML output is ugly, the word wrap in quoted text is abominable, and the handling of attachments has historically been so bad that attachments are no longer useful, because everyone filters them. And although many of these problems are a quick fix, it hasn't been done. (See the recent URL-hiding story.)
I personally use KMail and POPFile. I hear Thunderbird is good, and its integrated spamfilter is cool. And I'm sure Emacs would suffice. My one gripe about KMail and POPFile is that they aren't well enough integrated. If mail gets misclassified, just dragging it to the right filter ought to train the spamfilter too. A POP proxy and web interface is cool, but there ought to be a command line interface for spam filters that mail clients could automatically invoke.
Spam filters, whitelists, computation, and even micropayments, as ways to prioritize mail, each have their costs. All can result in important messages being lost. Computation and micropayments both make it harder to communicate, which I don't think is a good idea. I think the best long-term solution is to make it impossible to hide where mail is coming from. Then, legislation against spam will be effective, and in countries without such legislation, overseas bandwidth providers can pressure ISPs to drop their spammers. Combined with better security to stop zombies and filters to catch thre rest, spam can be eradicated.
I haven't gotten mod points in over a year (though I can still metamod). So I was going to make another account, but they only allow one per email. I set it to mailinator because I expeced I'd have to confirm the new address. And my sig's link is broken too. Please forgive my stupidity.
I'm usually a fan of spam filters. But the key is that they must be trainable - a far cry from Outlook 2003's filter, which relies on a fixed spamminess table. For those of use with real mail clients, spam filtering is already here.
And I don't think micropayments will stop spam - wouldn't the spammers just use servers that didn't require that? And would email be as useful if you could only get mail from someone who bought into a particular micropayment system?
cODE is dIFfiCUlT eNOugH tO rEAd wIThouT coMPLIcatINg tHiNGs fURthEr.
I assume you're arguing for case-insensitivity. But you're reading a mixed-case paragraph right now. i'd rather read that than this.
Mixed case allows you to add context clues about an identifier, like Hungarian notation, only more subtle. Frankly, I much prefer DEFINE, Class, and instance over d_Define (or D_DEFINE, or d_define, depending on the author and IDE), CClass (or cClass, or c_Class), and i_instance (...).
Interesting. So even the government is relying on security through obscurity. *cough* constellation of blue circles *cough*
I did infer that from grandparent, but its interesting to know (thirdhand) that the binary comes from the government. I wonder if they would provide Linux object files if asked. Frankly, I'd prefer it to be in firmware - it would be more effective, and somewhat more obscure. And it wouldn't interfere in the politics of whether a company writes open drivers.
Furthermore, once software starts including restrictions, especially as a result of government influence, then any software that doesn't or can't include the restrictions will look like counterfeiter's tools. This means whichever system is most closed will be favored.
For example, Microsoft's future Palladium-enabled PictureIt could be virtually hack-proof compared to Photoshop, which is distributed in hacker-friendly binary form. Microsoft could then say, "Only counterfeiters use software that can be so easily hacked, when a plusuncrime solution exists."
If they didn't DRM it, they could be found liable whn a counterfitter uses their programs to counterfit money.
As cynical as I am, I don't think the courts would stand for this. Sure, they could be sued, but I don't think they'd be found liable. If the mere imagined threat of such a baseless lawsuit causes them to act stupidly, then (a) they have no balls, and (b) the legal system is broken. (Both are true, unfortunately.)
Photocopiers are an interesting case - when they first came out, there was a big legal battle, and the Supreme Court ruled to the effect that they weren't liable for the copyright infringement that their machines facilitated. Likewise for tape recorders, VCRs, and MP3 players. I don't see why this lack of liability wouldn't carry over from copyright to anti-counterfeiting laws. It's not like Photoshop doesn't have siginficant non-counterfeiting use.
Here is a list of HP printers which appear to have this anti-copy technology
embedded in their Windows printer drivers:
This could have a negative effect on open source drivers. Look at it from the perspective of a paranoid legal department: "We want to limit our liability by putting this technology in our printers. It would be easy to remove the technology from open source drivers. Therefore, no open source drivers." They might also think, "The technology is proprietary, so we can't make open source drivers.
They would be forgetting that they aren't (or shouldn't be) liable for the use of their printers, that it's also possible to remove the technology from binary drivers, that it would be possible to put it in a binary library, and that the whole thing is stupid anyway. But these are exactly the types of factors legal departments always overlook, so I think it will be a bad thing for open drivers.
The cost in terms of usability of munging adresses is too high. There are better ways to fight spam.
For me at the moment, Bayesian filters, a technical solution, works best. Yes, it still wastes bandwidth. But if my ISP ran good filters for me (POPFile is adapting itself for this usage), my bandwidth at least could be saved. And the filters do work well.
Technical solutions are a stopgap measure, but the next step is legal and architectural. Make spamming illegal. This would only affect countries that care and spammers who get caught, but the next step will help. Make it harder to hide where you're coming from. This gives even ISPs in lawless countries motivation to stop sending spam, because if their upstream knows its them, they can threaten to disconnect them.
Munging is probably the worst solution, similar to getting an unlisted number. It's even shorter-term than filters, but it sacrifices the medium in the process. It's a bit like not answering the phone during mealtime - yes, it works, but it interferes too much with legitimate communication. If that's your choice, fine, but I think its ill-advised.
The public missed the deadline for doing the patent examiners' job, so another stupid patent will probably be granted. But why is there a deadline in the first place?
Complaints ought to be listened to both before and after the patent is granted. If obvious (OO.org) examples (*.sx?) of prior art are found, the patent office ought to revoke the patent, even if it's already been granted. If the company (patent owners are always companies, hmm...) doesn't like it, they should have to sue.
Slashdot Mirror
What is your fascination with my forbidden closet of mystery?
My guess is that spammers did it. First, the virus sets up a backdoor, which would be very useful to spammers but contributes nothing to an attack on SCO. Second, the virus is a variant of previous viruses used to set up open relays. And third, spammers have the only clear motive - to put it in as a red herring. SCO, and most Linux fans, don't have the skill to do it. Most Linux fans would realize how stupid it would be. Spammers would have heard of the SCO v. IBM battle, but are not personally invested in it, and would think nothing of adding the DDoS payload out of curiosity.
Darl will say Linux supporters must have done it, and the media will quote him, and clueless people will read it and associate whoever did it with us. So while we know it wasn't "one of us" and we don't support it (except in jest), people will read otherwise. We unfortunately don't get to choose who the public associates us with.
Actually, no, he's real.
I know you were joking, but no, attacking sco.com does not make it a worthwhile virus. Yes, SCO deserves a lot of hardship. But any retaliation should be done in a completely legal manner. Why? SCO is trying to make open source look bad in the eyes of businesses. They've said we don't respect copyrights, they say we're anti-business. They screamed loudly about joking death threats and DDoS attacks. They're trying to make us look bad, and whatever we do should make them look bad, make them look like the aggressor they are. Doing obviously illegal things only makes us look bad and SCO look like a victim. So this is a major step backwards.
Typically you can click-n-drag the selected files to the shell's window and it will be as if you'd typed the filenames. This works at least for Windows's cmd and most Linux xterm clones.
Two things would interest me greatly. One, to hear those tapes. Two, I wonder what effect various types of lossy audio compression would have on the effect.
The point of patents was so inventors would share how their inventions work. But with software, it's typically possible to tell how it works just by using it. Who here, when faced with a software design problem, looks at patents? Anyone? Exactly.
Signed register sets is a much better solution which is both more secure and more open. Intel can design hardware that only accepts register sets that have been signed with Intel's private key. This would make it impossible (as opposed to just inconvenient) to use the forbidden frequencies, so the FCC would be happy. And it would be possible to write open-source drivers to load the signed register sets without compromising security or FCC certifiability.
Multiple desktops and tabbed browsing are nifty too. They let you seperate your apps and web pages into tasks so you don't get cluttered. One browser window for Slashdot, one desktop for email and IM, another for music, another for what I'm working on.
It'd be interesting to have a database of all the apps installed, a quick description of what they do, and how to launch them. This would let you do, say, "Alt-F2 edit" and see a list of editors, if you can't remember their often-obscure names.
Go here and set the Karma Bonus modifier to zero if you don't like it.
If you don't get it on cable, you can watch NASA TV here.
My favorite solution is outlined here. Your ISP can add a key to its DNS entry. Then, someone checking the spamminess of a message does a DNS lookup. They can then verify that the mail originated from that domain and mark it as unspammy. If it's spam anyway, you can complain to the originating domain, with confidence that it came from there. And if there's no key associated with that domain, nothing happens. So it's opt-in and cheap (no cost, only a few cycles and bit of bandwidth).
Yeah, and I do. And I still get none. And yes, the "willing to moderate" checkbox is checked.
Consider mail clients. Outlook and OE suck, for a variety of technical reasons. If people made informed decisions purely on the basis of value and cost, Microsoft's clients wouldn't be nearly as popular. But they don't - most people either use OE because it's there, or because their job requires them to (probably because of proprietary protocols). Not by its merit, but simply by bundling it with Windows, Microsoft has made Outlook Express the predominant email client.
This means that other, better email clients compete in a much smaller arena composed of technically inclined people. Joe Average User isn't represented in this arena, so there is less selective pressure forcing other clients to become user-friendly. And thus, because other clients are sometimes harder to use and require actual effort to install, the majority of users stick with the inferior software.
The same argument can be made about web browsers, word processors, and operating systems. Competition is good, and without it the quality of software doesn't improve.
I personally use KMail and POPFile. I hear Thunderbird is good, and its integrated spamfilter is cool. And I'm sure Emacs would suffice. My one gripe about KMail and POPFile is that they aren't well enough integrated. If mail gets misclassified, just dragging it to the right filter ought to train the spamfilter too. A POP proxy and web interface is cool, but there ought to be a command line interface for spam filters that mail clients could automatically invoke.
Spam filters, whitelists, computation, and even micropayments, as ways to prioritize mail, each have their costs. All can result in important messages being lost. Computation and micropayments both make it harder to communicate, which I don't think is a good idea. I think the best long-term solution is to make it impossible to hide where mail is coming from. Then, legislation against spam will be effective, and in countries without such legislation, overseas bandwidth providers can pressure ISPs to drop their spammers. Combined with better security to stop zombies and filters to catch thre rest, spam can be eradicated.
I haven't gotten mod points in over a year (though I can still metamod). So I was going to make another account, but they only allow one per email. I set it to mailinator because I expeced I'd have to confirm the new address. And my sig's link is broken too. Please forgive my stupidity.
And I don't think micropayments will stop spam - wouldn't the spammers just use servers that didn't require that? And would email be as useful if you could only get mail from someone who bought into a particular micropayment system?
I assume you're arguing for case-insensitivity. But you're reading a mixed-case paragraph right now. i'd rather read that than this.
Mixed case allows you to add context clues about an identifier, like Hungarian notation, only more subtle. Frankly, I much prefer DEFINE, Class, and instance over d_Define (or D_DEFINE, or d_define, depending on the author and IDE), CClass (or cClass, or c_Class), and i_instance (...).
I did infer that from grandparent, but its interesting to know (thirdhand) that the binary comes from the government. I wonder if they would provide Linux object files if asked. Frankly, I'd prefer it to be in firmware - it would be more effective, and somewhat more obscure. And it wouldn't interfere in the politics of whether a company writes open drivers.
For example, Microsoft's future Palladium-enabled PictureIt could be virtually hack-proof compared to Photoshop, which is distributed in hacker-friendly binary form. Microsoft could then say, "Only counterfeiters use software that can be so easily hacked, when a plusuncrime solution exists."
As cynical as I am, I don't think the courts would stand for this. Sure, they could be sued, but I don't think they'd be found liable. If the mere imagined threat of such a baseless lawsuit causes them to act stupidly, then (a) they have no balls, and (b) the legal system is broken. (Both are true, unfortunately.)
Photocopiers are an interesting case - when they first came out, there was a big legal battle, and the Supreme Court ruled to the effect that they weren't liable for the copyright infringement that their machines facilitated. Likewise for tape recorders, VCRs, and MP3 players. I don't see why this lack of liability wouldn't carry over from copyright to anti-counterfeiting laws. It's not like Photoshop doesn't have siginficant non-counterfeiting use.
Here is a list of HP printers which appear to have this anti-copy technology embedded in their Windows printer drivers: This could have a negative effect on open source drivers. Look at it from the perspective of a paranoid legal department: "We want to limit our liability by putting this technology in our printers. It would be easy to remove the technology from open source drivers. Therefore, no open source drivers." They might also think, "The technology is proprietary, so we can't make open source drivers.
They would be forgetting that they aren't (or shouldn't be) liable for the use of their printers, that it's also possible to remove the technology from binary drivers, that it would be possible to put it in a binary library, and that the whole thing is stupid anyway. But these are exactly the types of factors legal departments always overlook, so I think it will be a bad thing for open drivers.
For me at the moment, Bayesian filters, a technical solution, works best. Yes, it still wastes bandwidth. But if my ISP ran good filters for me (POPFile is adapting itself for this usage), my bandwidth at least could be saved. And the filters do work well.
Technical solutions are a stopgap measure, but the next step is legal and architectural. Make spamming illegal. This would only affect countries that care and spammers who get caught, but the next step will help. Make it harder to hide where you're coming from. This gives even ISPs in lawless countries motivation to stop sending spam, because if their upstream knows its them, they can threaten to disconnect them.
Munging is probably the worst solution, similar to getting an unlisted number. It's even shorter-term than filters, but it sacrifices the medium in the process. It's a bit like not answering the phone during mealtime - yes, it works, but it interferes too much with legitimate communication. If that's your choice, fine, but I think its ill-advised.
Complaints ought to be listened to both before and after the patent is granted. If obvious (OO.org) examples (*.sx?) of prior art are found, the patent office ought to revoke the patent, even if it's already been granted. If the company (patent owners are always companies, hmm...) doesn't like it, they should have to sue.