Sure, if the keys are in the hands of somebody else.
But DRM could allow you to sign your own kernel - ideal for use in the school setting where you don't want non-trusted applications running.
All I'm trying to say is that DRM can be abused and misused by big companies. But it can also be usefully employed by Linux users too.
If I could lock down public terminals in a classroom with DRM I'd be happy. I could sign all the binaries, and cause the machine to not boot with an untrusted kernel.
DRM isn't an OS thing though, it can be good or bad in any environment.
Want to setup a secure server? Use DRM to make sure that only a signed kernel will run and make sure that kernel will only load binaries which are signed in turn.
See there's a good use for DRM, avoiding untrusted code running on your Debian machine.
DRM isn't a cut and dried thing, no matter what the propoganda on either side say.
This just reminds me of the Battle Room from Ender's Game.
I'd love to see a decent strategy game based on this, commanding teams of twelve boys and maybe directing specific action if you liked.
I imagine it could work like some of the modern football sims - where you mostly direct overall play, but you can focus and direct a specific player if you wish. (Probably at the cost of letting your grand overall strategy fall apart due to poor AI).
With the advent of the Ender's Game movie we'll probably see at least one game attempting it. I hope it's good!
I can think of other things too, although I do admit that things like Skype have successfully shown that NAT-punching works simply and fairly reliably.
I definitely agree on the benefits of chargine more for something, up to the point the market will sustain.
I used to feel guilty for asking for money for setting up servers, etc, as favours for friends.
But I noticed that when I started advertising commercially I got a lot more customers when I said "I'll install Linux and give you a proxy server / filtering NATing gateway for $500" than when I did the same for "$100".
It makes no sense to me, in both cases I'd take a machine (supplied) install Squid + Debian on it, and offer support afterwards.
But for some small businesses they have this belief that if something is expensive it's better. So nowadays I charge small businesses more than I believe I'm worth - and give charities and friends the same work for free.
I run a website which has articles on it, each article has one google advert on it.
But relative to my article bandwidth the RDF feeds I host (which only contain the 'intro' to an article and a link to the full thing) consume something like 66% of my bandwith.
When you have a lot of users each checking the feed through livebookmarks, KNewsticker, etc, that adds up quickly.
Especially when they poll the feeds at regular, but essentially random, intervals.
I know/. has a bit on their feed page saying clients will be banned if they poll too agressively, but sadly I've not got code to handle that yet.
It is tempting to try to offset the cost of that bandwidth by using feed adverts - but I think the drawbacks outweight the benefits for now.
Of course when the machine is in such a mess that it decides to blue-screen you're probably not going to trust it to write a file.
After all it might have crashed because it encountered a strange filesystem error - and writing to it could trash your whole disk.
There have been similar suggestions for the Linux Kernel; write information somewhere when the kernel panics, but they are usually shot down for the same reason.
When a machine is in the 'panic' state writing to the local disks, or sending stuff across the network isn't usually feasible. (True some people have done it but its a hard problem - because you can't actually rely upon the kernel to do anything correctly when it's mid-panic).
At one point you used 'for for' when you probably only meant to use one for!
Still I'll look forward to checking this book out, in the past I've done a lot of Emacs Lisp hacking but very little stand-alone lisp work, and now seems like as good a time as any to get more involved.
Once I got to grips with the way lisp programming worked it felt very natural and very powerful.
A lot of modules are able to be built outside the kernel tree nowadays, they will require the 'kernel-headers' installed which match the running kernel, but not the full source.
Slashdot Mirror
I wrote some articles on practising upgrades with Qemu.
I find that Qemu is nicer to use than UML, and available in Sarge too!
One of the big advantages for me, over other distributions, is that Debian just works. Upgrades are almost always completely painless.
Funnily enough I've started seeing spam which is PGP signed - or at least has the footer 'begin signature', and some convincing looking digits.
I wonder if this is designed for those people, like me, that automatically whitelist mail which is GPG/PGP signed?
Sure, if the keys are in the hands of somebody else.
But DRM could allow you to sign your own kernel - ideal for use in the school setting where you don't want non-trusted applications running.
All I'm trying to say is that DRM can be abused and misused by big companies. But it can also be usefully employed by Linux users too.
If I could lock down public terminals in a classroom with DRM I'd be happy. I could sign all the binaries, and cause the machine to not boot with an untrusted kernel.
DRM isn't an OS thing though, it can be good or bad in any environment.
Want to setup a secure server? Use DRM to make sure that only a signed kernel will run and make sure that kernel will only load binaries which are signed in turn.
See there's a good use for DRM, avoiding untrusted code running on your Debian machine.
DRM isn't a cut and dried thing, no matter what the propoganda on either side say.
This just reminds me of the Battle Room from Ender's Game.
I'd love to see a decent strategy game based on this, commanding teams of twelve boys and maybe directing specific action if you liked.
I imagine it could work like some of the modern football sims - where you mostly direct overall play, but you can focus and direct a specific player if you wish. (Probably at the cost of letting your grand overall strategy fall apart due to poor AI).
With the advent of the Ender's Game movie we'll probably see at least one game attempting it. I hope it's good!
Sadly not - here's just one brief list of things that NAT break
I can think of other things too, although I do admit that things like Skype have successfully shown that NAT-punching works simply and fairly reliably.
Exactly like /. polls ...!
Or better yet have an entirely virtual environment - and install a distribution in an isolated manner using Qemu.
It's a great way of testing upgrading from Woody -> Sarge, or other things.
I definitely agree on the benefits of chargine more for something, up to the point the market will sustain.
I used to feel guilty for asking for money for setting up servers, etc, as favours for friends.
But I noticed that when I started advertising commercially I got a lot more customers when I said "I'll install Linux and give you a proxy server / filtering NATing gateway for $500" than when I did the same for "$100".
It makes no sense to me, in both cases I'd take a machine (supplied) install Squid + Debian on it, and offer support afterwards.
But for some small businesses they have this belief that if something is expensive it's better. So nowadays I charge small businesses more than I believe I'm worth - and give charities and friends the same work for free.
Funny ole world ..
I'm not going to do it but ..
I run a website which has articles on it, each article has one google advert on it.
But relative to my article bandwidth the RDF feeds I host (which only contain the 'intro' to an article and a link to the full thing) consume something like 66% of my bandwith.
When you have a lot of users each checking the feed through livebookmarks, KNewsticker, etc, that adds up quickly.
Especially when they poll the feeds at regular, but essentially random, intervals.
I know /. has a bit on their feed page saying clients will be banned if they poll too agressively, but sadly I've not got code to handle that yet.
It is tempting to try to offset the cost of that bandwidth by using feed adverts - but I think the drawbacks outweight the benefits for now.
You can also speed up dynamic websites with caching - with the memcached software.
Slashdot, Livejournal, and other sites use that tool.
I've just started watching Mythbusters on late night tv over here in the UK.
That show rocks!
All the building and stress of 'Scrapheap Challenge' with the added benefits of stuff being blown up!
Reading HTML Email with Mutt.
Using that technique I've never had a problem ..
I guess it just goes to show that traffic varies for particular sites.
I run a site focussing on Debian Administration - 20,300 hits this month.
Stats are :
(Other hits from RSS readers, Opera etc aren't more than a single percent or two each).
So that puts the visitors at Mozilla, Konqueror, then IE.
Of course when the machine is in such a mess that it decides to blue-screen you're probably not going to trust it to write a file.
After all it might have crashed because it encountered a strange filesystem error - and writing to it could trash your whole disk.
There have been similar suggestions for the Linux Kernel; write information somewhere when the kernel panics, but they are usually shot down for the same reason.
When a machine is in the 'panic' state writing to the local disks, or sending stuff across the network isn't usually feasible. (True some people have done it but its a hard problem - because you can't actually rely upon the kernel to do anything correctly when it's mid-panic).
shfs rocks!
I wrote an introduction to using shfs for Debian users which might be useful for people who've never used it before.
People tend to go looking for them.
If you're a penetration tester, or work for a security firm, then publishing flaws is how you get "noticed", and how you attract new customers.
Not many people do it for purely altruistic motives - but I guess that doesn't matter if the flaw is found and fixed.
Sure you can use testing, but you lose security support. For a home user that might be acceptible, but for a server installation that's not an option.
The only time I've used distributed computing for legitimate purposes was using distcc for compiling across multiple machines.
This only works if you're a software shop though ..
Well just look at other famous figures who've lost their rings for precedent.
Sauron lost his ring for a whole age, so in comparison this was quite a quick job!
At one point you used 'for for' when you probably only meant to use one for!
Still I'll look forward to checking this book out, in the past I've done a lot of Emacs Lisp hacking but very little stand-alone lisp work, and now seems like as good a time as any to get more involved.
Once I got to grips with the way lisp programming worked it felt very natural and very powerful.
Yes you can do it, and if it doesn't work for you mail me (I'm the author).
A lot of modules are able to be built outside the kernel tree nowadays, they will require the 'kernel-headers' installed which match the running kernel, but not the full source.
For example, mounting remote filesystems with ssh-fs shows how you can build this module easily on a Debian system.
Whilst the packages are different on other Linux distributions, the steps should be similar.
Neat tipe.
You can also avoid logging large Apache requests, which covers things like SEARCH overflow attempts.
Definitely use this too, after all your child could be a computer hacker.