Centralizing the generation of the fuel at a hydrogen-generating station (even if run by fossil fuels) is still far better for the environment than spreading a bunch of fuel-burners all over our highways, as is the situation we currently have.
The "central" issue is the centralization of energy. As long as it remains centralized, the big power companies of today are behind it 100% because they will maintain control. Control of energy results in serious political power.
Unfortunately, power companies have abused their political power through loopholes in the Clean Air Act. The creation of these loopholes was due to the political/economic might of the companies that the Act was designed to regulate. As a result, we have dangerous levels of air pollution affecting a huge percentage of the US population. Recent press releases from the American Lung Association and even the EPA confirm this.
A far better solution to energy production, which power companies have fought tooth and nail, is decentralized production through alternative energy, especially wind power. Wind power technology has come far enough in the past decade to provide energy at the same cost to consumers as coal-burning power companies provide.
It's time for cities and counties to re-examine their energy infrastructure. Not only can alternative sources provide energy at the same low cost, but they eliminate the power generation plants as juicy terrorist targets.
The poster's idea sounds very strange to me. How exactly would this system work? RFID tags? Cameras? Are you expecting people to walk the same straight line? Very odd. I wonder about the poster's intentions with this question. Perhaps it's just a naive question without much planning behind it. I hope so.
First, the system of backcountry permits works pretty well in the US. You've first got to make the argument that the system doesn't work well enough, or your unspecified system is cheap and nonintrusive enough, or something.
Second, there are people in this world (I daresay a higher ratio of computer types) who enjoy hiking precisely for the solitude. Quiet mind and all that. We get annoyed when a plane passes overhead. We get pissed when we come across people's trash. We are certainly going to pissed by the idea that there are electronic eyes in the woods. My bizarro-meter is pegged just by the thought.
It is already inordinately difficult for people, especially those who have jobs tied to urban areas, to get away from the madness of civilization. It takes me 1.5 hours, and I still run across random people where I go, sometimes carrying radios, sometimes guns, sometimes large, unleashed dogs. All of which ruins an otherwise peaceful experience for me.
Explain your idea in more detail, but realize that many people want to be alone and would go somewhat insane if they couldn't get at least a mile away from idiots.
I think I'll answer my own post: proper GPG mail means that Google shouldn't know its contents. Hence it wouldn't be able to choose relevant ads to display with the message.
GPG support via an applet (think Hushmail) would be better since they wouldn't have to do as much work on their end, but I don't see them caring about this as it would limit their ability to display relevant ads anyway.
I'm not seeing the mutually exclusive nature of a GPG applet and banner ads. The applet can decrypt both separately and display on the same page. Or am I missing something?
Florida readers: Please e-mail Elections Office!
on
Evoting in the News
·
· Score: 1
They haven't been banned in my state (Florida), where the presidential election is likely to be very close. That's why I'm following this issue very closely.
If you're worried about these machines being used in your county, please email the Florida Division of Elections at DivElections@dos.state.fl.us and state your concerns.
For Phone numbers and other contact info, click here.
I'm in total agreement with you. But as far as not giving the user the root password, it may not be an option for a home system. Still, there are ways to simulate a user not having the root password when they do in fact have it. Example:
* Congratulations! You've just finished installing Linux! Now, it's time to choose a root password.
* The password must at least 30 characters long.
*** Think of a favorite quote *** Write it on a post-it note. *** Replace spaces with strange symbols. *** Type the resulting quote in twice. *** Place the post-it in the back of your desk drawer or in your wallet, or somewhere else where it's safe and out of sight.
* Pull your root password out only when updating official software requires you to use it.
* Now, it's time to choose your user name and password!
I doubt people will remember a long quote and spout it whenever an email asks them to do something dumb. Yet it will be there if they're going to install or upgrade new software.
Why the hell does updating anti-virus software require a reboot?
If it were just the definition files getting updated, it would be strange. But my understanding of Windows says that whenever a new DLL gets put on the machine and it replaces an old one, the system can become unstable.
My best guess as to why this is: because Windows is not entirely modular. Processes using old DLLs cannot just restart whenever they want.
On Linux, the kernel is the only portion of the OS that cannot restart without a reboot. The other portions of the OS (device drivers, etc) are modules with a mechanism for restarting built in.
It's beautiful conceptually, and UNIX admins love it from a practical point of view.
The "running as root" argument is garbage. Any privilege escalation vulnerability in Linux history (or any other history, for that matter) is an existence proof.
I had my RH5 box hacked into a few years ago, so I know that linux isn't invulnerable, and I know the grandparent uses strong words like "only" and "all the time". But isn't it true that Linux at least makes it much easier to keep users from unintentionally harming their machines?
It's one thing to click on a VB attachment in Outlook. It's another to follow install instructions that involve first logging in as root. (as in this post; note that "sudo" isn't usually allowed by default).
Because linux follows a model where a user can't affect important OS resources easily, it is possible to isolate the OS vulnerabilities from user stupidity. This makes it easier to update the OS without affecting the user, which makes the system more stable in the long run.
And when you sudo, you enter YOUR password, not root's.
Which brings up the point that sudo requires configuration by an IT admin for a user to run it successfully. So, for most users, running the program as root requires them to login as root first. Hence the grandparent post's instructions get even more complex and tedious, and gives more time for alarm bells to go off in the user's head. All of this will allow most people to return to their senses before following through. Certainly more than clicking on a VB attachment in MS Outlook.
Keeping viruses like this from running is normally as simple as telling people "Do not login as root and run unknown commands". Maybe a future distro will display this message when someone logs in as root:
"DO NOT COMPILE AND RUN PROGRAMS AS ROOT UNLESS YOU TRUST THE SOURCE".
``We can't ignore the strength of this evidence,'' said Rambus general counsel John Danforth. ``We have a fiduciary obligation to our shareholders to do something about this.''
Well, if its a fiduciary obligation, then he must be really smart, and he must know what he's talking about. So, he's probably right. I know he doesn't mention the evidence, probably because I'm too dumb to understand it if he did.
I've learned that people who use fancy words on TV are really important, and others usually try not to get in their way. Because they're so right. It wouldn't make sense to get in the way of someone who's so right.
However, for this to work on a Linbox, there are two requirements: 1) the user must save the binary and make it executable and 2) the user must then run it. Now, once that happens, there's really not much going to go differently on a Linbox than a Winbox.
By LinBox, do you mean Lindows or Linux? Lindows lets the user run as root by default, just like Windows, but Linux generally does not.
So I didn't see the step where the running program gets root permissions, presuming you weren't talking about Lindows. Or are you saying that a user process can open ports without root-level permissions?
How pray tell can a fix be issued for this from an AV vendor?
I agree with all your points; it's unfair for me to single out Norton, BTW. Your post did remind me that there's precious little that can guarantee protection against privileged processes.
BUT the AV software is privileged and there first, at least theoretically. Many products like Norton warn about attempts to modify registry values, etc, giving the impression that they're vigilant against such attacks.
If their software does not make a good watchdog, then they should stop claiming it does, i.e. "This software works when used in conjunction with A, B, and C, but it sucks when used by itself". That would be the honest thing to do. What they say now, or at least used to say, is misleading at best.
Antivirus software can also be compromised by viruses/worms. I will never again buy Norton products after having some kind of virus on my Win2K box that disabled Norton in the background, while making it appear that the antivirus software was working.
This was a year ago. Maybe Norton has finally admitted that their product is vulnerable and has supplied fixes. At that time, there was no fix or admission of a problem.
I was following you up to this sentence. If you're talking MS, then you're talking proprietary, binary datafiles. Or am I missing something?
Is it possible to write a script that fires up Word or Excel, swaps values, and saves the results without a user being aware? A VB macro, maybe? If I'm missing something, please post.
Any thoughts? Implementations? Cool things that you would like to see done after you die?
I love thinking about this; maybe I'll spend some dream time on it.
In the hollywood movies and TV, it's always someone very trusted who puts things into motion, like a butler, a sister, a friend who knows about your secret and sinister past.
If you're running Linux, you have tools like kalarm, which can send text OR RUN COMMANDS at specified times. On login, you could timestamp an empty file with the command "touch". Every day or week or other, you could have kalarm run a script to check the stamp. If it's been a while since you've logged in, the script senda a warning e-mail about self-destruct. If, after another 2 days and 2 more warnings the file's timestamp is unchanged, self-destruct commences.
Of course, it would be cool if someone would write a script like this, call it SELF_DESTRUCT, and place it under the GPL. It's a fantastic way to piss off the greedy capitalist trolls on slashdot, and you would have many adoring fans.
KnoppixMAME is sweet. It even worked on my Toshiba Satellite 5005 laptop, which says a lot.
I did have to boot with additional parameters in "expert" mode in order to get 1600x1200 screen resolution, though. It took about 15 minutes to get the boot settings correct.
I've had a number of colleagues complain about how they want to delete large attachments from their inbox while not losing the text portion of their messages. An example scenario: when a group is revising a large document and sending revisions to each other several times a day.
Does anyone know why more mailers don't have the ability to save/remove attachments without destroying text? It seems to me you'd just search for the starting/ending MIME flags, pipe the message through a filter that doesn't echo the MIME text, and recreate a replacement message with the headers and text unchanged.
Anyone reading this know about mail manager programming?
Odd, scrolling down so far with top scores first I'm seeing almost no one agreeing with them, much less to that extent.
Probably the most common troll is "Everyone here is a Linux zealot; just look at the mods for this post!". They cry foul when they get modded as a troll.
I just thought of a kind of "SPAM assassin" approach to trolls: set my preferences to add -2 to any "Foe of a Friend" poster. If I trust my friends, I can trust that their foes are my foes.
Slashdot Mirror
Centralizing the generation of the fuel at a hydrogen-generating station (even if run by fossil fuels) is still far better for the environment than spreading a bunch of fuel-burners all over our highways, as is the situation we currently have.
The "central" issue is the centralization of energy. As long as it remains centralized, the big power companies of today are behind it 100% because they will maintain control. Control of energy results in serious political power.
Unfortunately, power companies have abused their political power through loopholes in the Clean Air Act. The creation of these loopholes was due to the political/economic might of the companies that the Act was designed to regulate. As a result, we have dangerous levels of air pollution affecting a huge percentage of the US population. Recent press releases from the American Lung Association and even the EPA confirm this.
A far better solution to energy production, which power companies have fought tooth and nail, is decentralized production through alternative energy, especially wind power. Wind power technology has come far enough in the past decade to provide energy at the same cost to consumers as coal-burning power companies provide.
It's time for cities and counties to re-examine their energy infrastructure. Not only can alternative sources provide energy at the same low cost, but they eliminate the power generation plants as juicy terrorist targets.
The outdoors generally smell a lot better than the bathroom.
The poster's idea sounds very strange to me. How exactly would this system work? RFID tags? Cameras? Are you expecting people to walk the same straight line? Very odd. I wonder about the poster's intentions with this question. Perhaps it's just a naive question without much planning behind it. I hope so.
First, the system of backcountry permits works pretty well in the US. You've first got to make the argument that the system doesn't work well enough, or your unspecified system is cheap and nonintrusive enough, or something.
Second, there are people in this world (I daresay a higher ratio of computer types) who enjoy hiking precisely for the solitude. Quiet mind and all that. We get annoyed when a plane passes overhead. We get pissed when we come across people's trash. We are certainly going to pissed by the idea that there are electronic eyes in the woods. My bizarro-meter is pegged just by the thought.
It is already inordinately difficult for people, especially those who have jobs tied to urban areas, to get away from the madness of civilization. It takes me 1.5 hours, and I still run across random people where I go, sometimes carrying radios, sometimes guns, sometimes large, unleashed dogs. All of which ruins an otherwise peaceful experience for me.
Explain your idea in more detail, but realize that many people want to be alone and would go somewhat insane if they couldn't get at least a mile away from idiots.
I think I'll answer my own post: proper GPG mail means that Google shouldn't know its contents. Hence it wouldn't be able to choose relevant ads to display with the message.
GPG support via an applet (think Hushmail) would be better since they wouldn't have to do as much work on their end, but I don't see them caring about this as it would limit their ability to display relevant ads anyway.
I'm not seeing the mutually exclusive nature of a GPG applet and banner ads. The applet can decrypt both separately and display on the same page. Or am I missing something?
"Come on, ya pansy, fight like a man!"
They haven't been banned in my state (Florida), where the presidential election is likely to be very close. That's why I'm following this issue very closely.
If you're worried about these machines being used in your county, please email the Florida Division of Elections at DivElections@dos.state.fl.us and state your concerns.
For Phone numbers and other contact info, click here.
...bringing you
FreshMaker 2004 !
Hey Mark, glad to see you're still kicking and making international news.
(Old RW Math drone)
Why the hell does updating anti-virus software require a reboot?
If it were just the definition files getting updated, it would be strange. But my understanding of Windows says that whenever a new DLL gets put on the machine and it replaces an old one, the system can become unstable.
My best guess as to why this is: because Windows is not entirely modular. Processes using old DLLs cannot just restart whenever they want.
On Linux, the kernel is the only portion of the OS that cannot restart without a reboot. The other portions of the OS (device drivers, etc) are modules with a mechanism for restarting built in.
It's beautiful conceptually, and UNIX admins love it from a practical point of view.
The "running as root" argument is garbage. Any privilege escalation vulnerability in Linux history (or any other history, for that matter) is an existence proof.
I had my RH5 box hacked into a few years ago, so I know that linux isn't invulnerable, and I know the grandparent uses strong words like "only" and "all the time". But isn't it true that Linux at least makes it much easier to keep users from unintentionally harming their machines?
It's one thing to click on a VB attachment in Outlook. It's another to follow install instructions that involve first logging in as root. (as in this post; note that "sudo" isn't usually allowed by default).
Because linux follows a model where a user can't affect important OS resources easily, it is possible to isolate the OS vulnerabilities from user stupidity. This makes it easier to update the OS without affecting the user, which makes the system more stable in the long run.
Any disagreements with what I've written?
That sounds like a lot of trouble why don't you just
emerge superhotsexy_screensaver
Am I wrong in thinking that "emerge" pulls from some official site, where virus-savvy people review code before making it available?
Or were you just making a silly joke that went over my head?
And when you sudo, you enter YOUR password, not root's.
Which brings up the point that sudo requires configuration by an IT admin for a user to run it successfully. So, for most users, running the program as root requires them to login as root first. Hence the grandparent post's instructions get even more complex and tedious, and gives more time for alarm bells to go off in the user's head. All of this will allow most people to return to their senses before following through. Certainly more than clicking on a VB attachment in MS Outlook.
Keeping viruses like this from running is normally as simple as telling people "Do not login as root and run unknown commands". Maybe a future distro will display this message when someone logs in as root:
"DO NOT COMPILE AND RUN PROGRAMS AS ROOT UNLESS YOU TRUST THE SOURCE".
``We can't ignore the strength of this evidence,'' said Rambus general counsel John Danforth. ``We have a fiduciary obligation to our shareholders to do something about this.''
Well, if its a fiduciary obligation, then he must be really smart, and he must know what he's talking about. So, he's probably right. I know he doesn't mention the evidence, probably because I'm too dumb to understand it if he did.
I've learned that people who use fancy words on TV are really important, and others usually try not to get in their way. Because they're so right. It wouldn't make sense to get in the way of someone who's so right.
However, for this to work on a Linbox, there are two requirements: 1) the user must save the binary and make it executable and 2) the user must then run it. Now, once that happens, there's really not much going to go differently on a Linbox than a Winbox.
By LinBox, do you mean Lindows or Linux? Lindows lets the user run as root by default, just like Windows, but Linux generally does not.
So I didn't see the step where the running program gets root permissions, presuming you weren't talking about Lindows. Or are you saying that a user process can open ports without root-level permissions?
Sincerely confused,
--IceAgeComing
How pray tell can a fix be issued for this from an AV vendor?
I agree with all your points; it's unfair for me to single out Norton, BTW. Your post did remind me that there's precious little that can guarantee protection against privileged processes.
BUT the AV software is privileged and there first, at least theoretically. Many products like Norton warn about attempts to modify registry values, etc, giving the impression that they're vigilant against such attacks.
If their software does not make a good watchdog, then they should stop claiming it does, i.e. "This software works when used in conjunction with A, B, and C, but it sucks when used by itself". That would be the honest thing to do. What they say now, or at least used to say, is misleading at best.
Antivirus software can also be compromised by viruses/worms. I will never again buy Norton products after having some kind of virus on my Win2K box that disabled Norton in the background, while making it appear that the antivirus software was working.
This was a year ago. Maybe Norton has finally admitted that their product is vulnerable and has supplied fixes. At that time, there was no fix or admission of a problem.
Slashdot is responsive, but even this google cache of the mirror sites isn't working for me.
Sasser, or is it just me?
Both would be pretty easy to program.
I was following you up to this sentence. If you're talking MS, then you're talking proprietary, binary datafiles. Or am I missing something?
Is it possible to write a script that fires up Word or Excel, swaps values, and saves the results without a user being aware? A VB macro, maybe? If I'm missing something, please post.
Any thoughts? Implementations? Cool things that you would like to see done after you die?
I love thinking about this; maybe I'll spend some dream time on it.
In the hollywood movies and TV, it's always someone very trusted who puts things into motion, like a butler, a sister, a friend who knows about your secret and sinister past.
If you're running Linux, you have tools like kalarm, which can send text OR RUN COMMANDS at specified times. On login, you could timestamp an empty file with the command "touch". Every day or week or other, you could have kalarm run a script to check the stamp. If it's been a while since you've logged in, the script senda a warning e-mail about self-destruct. If, after another 2 days and 2 more warnings the file's timestamp is unchanged, self-destruct commences.
Of course, it would be cool if someone would write a script like this, call it SELF_DESTRUCT, and place it under the GPL. It's a fantastic way to piss off the greedy capitalist trolls on slashdot, and you would have many adoring fans.
KnoppixMAME is sweet. It even worked on my Toshiba Satellite 5005 laptop, which says a lot.
I did have to boot with additional parameters in "expert" mode in order to get 1600x1200 screen resolution, though. It took about 15 minutes to get the boot settings correct.
I've had a number of colleagues complain about how they want to delete large attachments from their inbox while not losing the text portion of their messages. An example scenario: when a group is revising a large document and sending revisions to each other several times a day.
Does anyone know why more mailers don't have the ability to save/remove attachments without destroying text? It seems to me you'd just search for the starting/ending MIME flags, pipe the message through a filter that doesn't echo the MIME text, and recreate a replacement message with the headers and text unchanged.
Anyone reading this know about mail manager programming?
I...cannot...say his name...forbidden...
Lord...AHH...Lord....XEMU!! AHHHHHH!
"He's dead, Jim."
Odd, scrolling down so far with top scores first I'm seeing almost no one agreeing with them, much less to that extent.
Probably the most common troll is "Everyone here is a Linux zealot; just look at the mods for this post!". They cry foul when they get modded as a troll.
I just thought of a kind of "SPAM assassin" approach to trolls: set my preferences to add -2 to any "Foe of a Friend" poster. If I trust my friends, I can trust that their foes are my foes.
It is done.