The "fear" of mine about privacy and security is valid,
No it's not. Privacy and security is orthogonal to NAT'ing. By far the biggest hole on your network is all the software you're running on your computers (probably much of it un-audited and capable of sniffing your "private" network) that can happily "phone home" (using http if nothing else) and that has nothing to do with NAT.
You've confused addressing with security. Just because Fort Knox has a well known address doesn't mean it's any less secure and all the craptastic workarounds to make hosts behind a NAT addressable do not substitute for real, actual, systematic addressing.
I think you need to think about what "addressing" actually is. A workaround to get through a NAT is just another, albeit messy, form of addressing that is just as easy/hard to use for regular software as it is for malware. And making addressing hard for regular software just to make it hard for malware is not thinking it through.
There are a host of applications where being able to easily and systematically address hosts in a "private" network would be a good thing.
---
Don't be a programmer-bureaucrat; someone who substitutes marketing buzzwords and software bloat for verifiable improvements.
Can you PLEASE write the same two paragraphs in every music/RIAA/etc related thread? Because it seems a lot of people don't know this.
Oh, RIAA/MPAA astroturfers know this; they're just pretending they don't know it.
Whenever you see a lot of repetition and redundancy you can be reasonably sure some marketing parasite is involved. Like all mass market advertising they're trying to drown out legitimate view points with content-free noise.
---
Marketing talk is not just cheap, it has negative value. Free speech can be compromised just as much by too much noise as too little signal.
... needs some fresh people who come from the designer side...
Problem is, judging by the vast majority of modern industrial "design", most interface designers aren't much in touch with reality either. Gimp isn't wonderful but it's still pretty good compared to many other products out there.
When you get statistics like 80%+ of people not being able to program VCR's (which were created by large teams and with huge investment) you can be sure most "designers" are just scam artists.
Design isn't actually very hard (meaning most people and not just "designers" are able to do it) but it does require a person to think of their target audience and actually do it. Too many people equate stream-of-consciousness with real, thoughtful design.
Another example is the modern computer desktop. What idiot thought it was a good idea for icons to all act differently depending on whether they are in the bottom-right, bottom-middle, bottom-left, top-right or center of the desktop? Highlight, single-click, double-click, right-click, drag, select, you name it, it's all different. It's just a mess for the average computer user.
---
Don't be a programmer-bureaucrat; someone who substitutes marketing buzzwords and software bloat for verifiable improvements.
Unfortunately, OpenGL in it's current state is far from ideal.
There's always room for improvement.
It's the ease of use of D3D when compared to OpenGL that makes developers targetting the Windows platform use D3D.
They could be targeting all platforms with little extra effort. It's only M$ that doesn't want that to happen.
Not to mention the maths library.
Hello? I feel like I'm talking to a marketing zealot here. Read my post. What part of "Look at all the posts that repetitively try to imply OpenGL isn't complemented by many other libraries." do you not understand? There are any number of free math and matrix libraries available. Sorry for the harsh tone but I get heartily sick of developers who treat software labels as software. Because the software blob labeled "OpenGL" doesn't correspond 1:1 with the software blob labelled "D3D" does not mean that there aren't other software blobs available under other names that will fill at least some of the software gaps. Despite what labels marketing 'droids attach to what software blobs. Oh, and BTW "integrated software" is marketing speak for "we own all the pieces ie. we own you." Open interface standards are far preferable to "integration" in a free market.
The debugging tools (Pix). The samples. The documentation.
Equivalents all available for OpenGL as well.
DX9/10 is not critical for *keeping* developers on windows.
It's certainly important. It is probably the only major M$ software library that doesn't have some direct equivalent on other platforms. If programmers were no longer tied to DX9/10 it would be much easier to target portability for a large application class.
The sheer number of windows users does that well enough already.
Games developers are already targeting multiple platforms including M$, Sony, Nintendo, Nokia etc. They would jump at true portability if they could. That's why M$ very carefully promotes the perception that portability is difficult. Hence all the astroturf. Portability doesn't have to be difficult but if they can create a self-fulfilling prophesy they will go for it. Unfortunately far too many developers believe them uncritically.
Your comment about the device driver bugs is makes sense though my understanding is that's a mainly a problem with the driver developers, not OpenGL.
---
Where interoperability information is protected as a trade secret, there
may be a lot of truth in the saying that the information is valuable because
it is secret, rather than being secret because it is valuable --
Neelie Kroes
The idea of "targeting" is that an ad matches e.g. 2 people in a 1000 instead of 1 person in a 1000. A 100% improvement that means the ad is still a complete waste/theft of time for 99.8% of the population instead of 99.9%.
Mass market advertising is based on the premise that it's okay to steal lots of people's time to make one sale. The only difference between spam and mass market advertising is degree.
---
Advertising pays for nothing. Who do you think pays marketer's salaries? You do via higher cost products.
Yes. DX9/10 is absolutely critical to M$ keeping many developers locked to M$Windows. You think they won't be trying to convince uncommitted and new developers that OpenGL is no good with lots of FUD and propaganda?
This release of a new OpenGL version is going to lead to a "marketing" onslaught - it's worth it for an unethical company like M$ to spend hundreds of thousands of dollars for this alone. Just look at how much they spent on OOXML.
Look at all the baffle-them-with-bullshit anonymous and other posters here mysteriously mod'ed up to +4 and +5, in many cases probably by sock puppets. Look at all the posts that repetitively try to imply OpenGL isn't complemented by many other libraries.
M$ has a long history of astroturfing, slashdot included and some marketing scum even like to fraudulently pretend that anonymous posting on behalf of companies is ethical.
OpenGL is perfectly adequate for the vast majority of graphics applications out there, including games, (e.g. Spore). There are already widespread complaints about game designers sacrificing gameplay for graphics. To worry about graphics minutiae now is suspect at best.
instead of being stupid and just raving against the pirates.
Oh no, he's a fanatic alright. His slashdot alias is cliffski and he has a long history of content-free raving.
---
Creating simple artificial scarcity with copyright and patents on things that can be copied billions of times at minimal cost is a fundamentally stupid economic idea.
The result is a list of 60 person questions (hometown, number of brothers, country of birth, etc) that is drawn from randomly to ensure the person ordering the drugs is the one who is logged in and authorized.
I detest personal security questions like this. This authenticates them to your system. Fine. Now, how does your system authenticate to them? Do they have a list of personal facts about you they can ask the system to verify?
How do they know they aren't communicating with a phisher/middleman collecting their personal information?
Too many security people only authenticate in one direction when they should be authenticating in both directions. I'm damn sick of banks that do this. This form of one-sided security probably means the security person is out of their depth and not to be trusted. And no, https on a computer that you do not control is not authenticating to you.
Real world shops authenticate to the shopper by having real, physical shops that a thief has a hard time emulating, though it's been done with bank machines and night safes. Not true for a website or GUI (or phone number) despite the ridiculous sums of money some idiotic companies spend on them.
---
DRM; you don't control it means you don't own it. It reduces the value and that means the vendor gets less for it.
I don't think I'm being naive. I think you are giving way too much credit to the "spooks".
Their resources are in the multi-billion dollar range and the cost benefit on this "bugging" is massive. They're willing to spend trillions on the Iraq war, you think they're not going to throw a few million towards getting access to most every network connected desktop PC on earth?
Even if you are just talking about Windows (the GP also mentioned Linux)
I emphasize M$Windows because this is easier with closed source and M$Windows is the dominant desktop OS. Compromising Linux is possible but probably not worth their time until it gets a larger market share.
you'd need to assume that everybody with access to the relevant parts of the Windows source would keep it a secret.
Not at all. Test builds of OS' like M$Windows are instrumented to the hilt. At a minimum all it requires is one senior manager to give the okay and one technically competent person to include the correct, possibly lightly modified object in the final release build. Wouldn't even need that actually, just make it an update. Have you ever worked on a large project in a company like M$? I have and the left hand very definitely doesn't know what the right hand is doing. Dead easy for the right person to put unofficial things into the final build or an update as long as it doesn't compromise functionality other developers are responsible for.
You'd also need to assume that all of the other Governments on Earth (some whom get access to the Windows source code under various agreements) are either too incompetent to find it or could also be trusted it to keep it secret. Ditto for the business partners of Microsoft that also get access to it. Seems a bit far-fetched to me.
Not at all. What I'm talking about wouldn't even be in the standard windows source. Apparently the source they release isn't compileable anyway though I'm not very familiar with that. This doesn't require any deep modification of Windows, just an app that does the checks I've talked about.
And just how are they going to get access to every single mirror that offers Wireshark binaries?
Don't need it. You're looking for perfection, what's needed is a statistical majority. It takes one manager at Ubuntu+RedHat+SuSe+Mandriva to be given the hard word by the US government to use approved US wireshark binaries (the ones that are used by all the mirrors) and one technically competent person at each of those companies to do a substitution at the top level distribution site. Signed and everything. That user binary would be lost/overwritten if somebody decided to compile their own wireshark however the vast majority of major distribution users never do this - they trust the signature of the primary distributer.
I don't think this is a likely scenario because of the danger of whistleblowers and the payoff for "masking" wireshark is small. All I'm saying is that it's possible.
How are they going to get the developers to go along with leaving those pwn'ed versions online for download or are they also going to root-kit every single mirror site? You are talking about the United States Government here -- the same Government that couldn't even connect the dots when a bunch of jihadists were learning to fly jumbo jets but not how to land them.
Different situation. The NSA in particular employs some very competent software people.
The same issues (access to the major mirror sites and either root-kitting them or getting the people behind them to go along with it) would also seem to apply to Linux distros -- which the GP seemed to think are also vulnerable.
No need to access the mirror sites at all. They're just copying the signed binaries provided by the company. In general they don't recompile.
One thing I've wondered about is why all the major OS' are so aggressive about indexing hard disks
Yes, because nobody would have noticed the unaccounted for network traffic by now and made any effort to discover what it was.......
You're being naive. Just bury data in the back channel of any high volume network app. Like update. Steganography in other words. It's not as if anybody outside M$ knows WTF M$ update is doing anyway.
For most PC's all they'd need is a single bit flagging whether the PC has targeted keywords or files. If that bit is set the update could immediately download a more sophisticated spy package. This would only occur on a small fraction of PC's (in particular restricted to particular countries) so local security people would be unlikely to see it. Not impossible though so the US spooks would tread carefully and maybe make it look like a virus infection.
Unless you think they also have backdoors in Wireshark and tcpdump. That'd be a neat trick with peer reviewed open source software.
No need, though I wouldn't put it past the US spooks to make packets with an approved flag bit invisible to wireshark binaries et. al. Just like it's illegal to listen to certain radio bands.
One thing I've wondered about is why all the major OS' are so aggressive about indexing hard disks. It's pretty useless for most users (rare searching works just fine without frequent indexing), perpetually slows down hard disks for everybody, has a significant impact on laptop battery life and is difficult for most users to disable but it'd be very handy for US spooks looking for keywords.
---
"Advertising supported" just means you're paying twice over, once in time to watch/avoid the ad and twice in the increased price of the product to pay for the ad.
I think the real question is what kind of legal cases this information can be used in (so far, it appears, none), and which cryptographic protocols have been compromised.
The cryptographic protocols being used are pretty much irrelevant if they can sniff your passwords.
The US government almost certainly has a back door to every network connected Windows PC on earth. And may be the major US based Linux binary distributions. That's what Windows (and Linux) update is for.
Given the current US government's public track record, and not even seeing their private one, do you really think they're not doing this? The cost/benefit ratio is just too great to ignore.
US spooks probably have standard packages to download whenever they feel the need to look at somebody. M$ etc. are just being "good" "corporate citizens". And even if they refused to cooperate all the government has to do is slap some form of secret security letter on them.
If you are a public or private entity competing in any way with US interests you are foolish to be using any form of packaged US software without air gap isolating it.
---
DRM - Have you got big-corp-of-your-choice's permission to go to the toilet today?
In fairness, it probably should. Otherwise I could see it being encouragement for some people to try and make the copyright holder dead in order to better evade it.
Nonsense. Should we do away with inheritance laws because that "gives an incentive to the children to knock off their parents"?
It can be quite reasonably argued that copyright should end at the author's death, in fact before if the original purpose of copyright were ever to be fulfilled.
And that could/should apply even if the copyright is assigned to or created by a corporation. A corporation is just a collection of people and a corporation could/should lose the copyright as the individual authors/employees/share holders die.
Corporations are just a construct should have no rights at all other than those directly reflecting the individuals participating.
---
It's wrong that an intellectual property creator should not be rewarded for their work. It's equally wrong that an IP creator should be rewarded too many times for the one piece of work, for exactly the same reasons. Reform IP law and stop the M$/RIAA abuse.
Re:It's summer, and the RIAA/MPAA is trolling
on
UK P2P Fight Brewing
·
· Score: 1
have i gotten the more obvious ones sorted?
No, you missed the most obvious one:
Copyright fanatic repeating the same old content-free industry propaganda is mysteriously modded up to +5, probably by sock puppets.
Free clue: Excessive enforcement of badly broken copyright law is an attack on civil liberties. Even if you are too much of a zealot to acknowledge that.
Learning the "patent speak" isn't terribly hard. You don't have to be a lawyer, but it helps to at least know how to read a legal act, understand precedent, and understand what the different parts of a patent mean.
In other words you are claiming every single significant act of technology invention on earth requires some person with legal training to be attached.
Not hard to understand why you people are called parasites. You people are incredible.
---
The patent mafia: When all they've got is a hammer, everything looks like a nail.
have no recourse when their inventions are blatantly stolen by Big Business
You're handwaving.
Patents are just a generic tool, a tool that can be used by both small players and big business, mainly in proportion to their financial power. Patents in no way change the balance of power, except by adding huge overheads to everyone in society.
For every small entrepreneur helped there are any number of industry monopolies and cartels locking out new players. It is disingenuous to claim that patents protect the little guy from big business. On average they do not, and to claim otherwise is dishonest.
Particularly when you consider how broken patents are on everything from simultaneous invention to inventions whose time has come, from crazy time limits to government bureaucracies acting as gatekeepers on all of technology, from guilty till proven innocent to even what an invention or new idea is.
---
Creating simple artificial scarcity with copyright and patents on things that can be copied billions of times at minimal cost is a fundamentally stupid economic idea.
Slashdotters, otherwise generally intelligent, have a subset who are unable to see this for what it is and believe that copyright should not be respected.
Actually you're a typical copyright fanatic who tries to ignore the fact that copyright-law-as-it-is-currently-implemented is just that, a law, and not some natural right and that there are an infinite number of possible alternatives. Viacom et.al. may have bought and are using some "legal rights" but that says nothing about natural, moral, ethical or even artistic rights as your post tries to imply.
Most people these days are ignoring current copyright law because it does not reflect reality, no matter how hard industry propaganda tries to pretend otherwise.
---
It's not piracy, it's sharing. Didn't your parents teach you to share?
Perhaps it should have read "the law is more frequently deciding in favor of rights holders."
Perhaps it should have read "the law is more frequently deciding in favor of rights claimers."
As usual copyright fanatics engage in circular reasoning. By definition, ownership (holder) is the right to control.
Problem is, many people don't agree with that self-serving definition of ownership. Many citizens, in fact judging by the amount of piracy going on the vast majority of citizens, think that current copyright law is badly broken.
Despite the incessant, content-free propaganda from entrenched industry tools trying to preserve their privileged position.
The laws and the legal system *should* lean toward the side of rights owners, as long as it doesn't go so far as to trample on the rights of the people.
As is usual with copyright fanatics your reasoning is circular. Ownership by definition is the right to control and various laws try to force that control.
Guess what? A lot of people do not agree with the definition of ownership that many fraudulent industry astroturfers push.
As just one example many people think that sharing of media is entirely appropriate and right. Maybe the law should be protecting that right, and not those who've parasitized the rest of society for generations with payola and the like.
It's the prohibition all over again. Please start using your brain and recognize that copyright-as-it-is-currently-implemented, because it is a creation of the mind, is only one of a huge number of possibilities. Industries and middlemen trying to preserve their privileged position at the expense of the wider society need to go.
---
It's wrong that an intellectual property creator should not be rewarded for their work. It's equally wrong that an IP creator should be rewarded too many times for the one piece of work, for exactly the same reasons. Reform IP law and stop the M$/RIAA abuse.
they can create tags, add comments, create and manage lists, add ratings or reviews, view personal history, suggestions, search these items, add friends and send and receive recommendations.
Until the user realizes they've been suckered into working for the website owners. Then they become much more selective about what they contribute. The only ones left are the young, the naive and the marketing parasites all of whom tend to take away value rather than add value.
No social revolution. Just a new way to take advantage of the naive until they learn better.
Like.com, "Web 2.0" is largely a hype bubble. While there is some value in "Web 2.0" it is vastly overrated as a social tool and businesses that want to take advantage of the very socially aware younger generation are in for a rude awakening as the rapidly self-educating young move to websites that really do have value rather than web sites that fake it with "Web 2.0" superficialities while trying to extract maximal value at the expense of their userbase.
Interesting point but advertisement isn't just about click-throughs, it's mostly about brand-awareness leading to sales at a later point.
Your numbers are nonsense. Advertising is not free of cost despite what marketing parasites would have you believe. Every single ad reduces the value of the game to the consumer. Meaning the vendor has to charge less for it. Not to mention accepting a hit on their own "brand". Where was that so-called "value" you were talking about?
Marketers love to fraudulently claim or imply that advertising generates value out of thin air. The reality is that the majority of modern mass market advertising is just a way for the marketing "industry" to parasitise the the rest of society. Consumers are saturated with advertising and by definition that means that when one ad "wins" then another must "lose". Adding more advertising to the mix doesn't change that equation, it just means the whole of society pays more in time, attention and money for nothing in return. i.e. we lose.
---
Free speech is compromised by too much noise as well as too little message. Most advertising is content free noise.
They can seamlessly, easily and completely replace folders.
You are engaged in fuzzy thinking. Unfortunately, like a lot of programmers, you seem to think a new word gives a new meaning.
Labels are the functional equivalent of folders plus symbolic links.
Except folders and symbolic links are fully supported by the OS and don't add a whole other layer of bureaucratic sludge that has to be maintained in parallel with the file system. I had this problem today with a copy of an Evolution installation insisting I had to add new accounts even though the account details were already sitting in the file system in the appropriate place. I also get heartily sick of all the different file scanners and indexers that idiotic programmers insist on running to update "metadata" (which is really just data with a funny name) on my laptop, compromising battery life and disk throughput for very little in return.
---
Don't be a programmer-bureaucrat; someone who substitutes marketing buzzwords and software bloat for verifiable improvements.
The better the tools law enforcement has, the better for all of us.
Except when law enforcement and assorted bureaucrats and incompetents are the bad guys. Your automatic assumption that law enforcement are the good guys is telling. Do you think the percentage of bad guys in law enforcement is larger or smaller than the general population?
I get annoyed with people advocating large databases accessed by large groups of people. Any large group of people will have good and bad in it. How do you deal with that? It's not as simple as you think.
And what makes you think a database of millions of people and accessed by tens of thousands isn't going to compromised by organized crime approximately 30 seconds after it goes live? How will it affect witness protection programs? How will it affect the innocents who have erroneous data on their name? How will it affect innocents who have bad data deliberately put on their name?
We could make law enforcement's job much easier but putting everybody's biometrics into a big database at birth and requiring everybody to have an operation putitng a GPS radio into them. Why don't we do that? It's a question of balance. Unfortunately, law enforcement's and politicians' idea of balance seems to be somewhat different from the general population's.
---
DRM - Have you got big-corp-of-your-choice's permission to go to the toilet today?
Slashdot Mirror
Remember when MSFT was the one promoting openness, as compared to the evil Apple and IBM empires?
Historical revisionism. M$ never promoted openness. Right from the start they promoted closedness and lock-in.
---
Beware deceptive astroturfers.
The "fear" of mine about privacy and security is valid,
No it's not. Privacy and security is orthogonal to NAT'ing. By far the biggest hole on your network is all the software you're running on your computers (probably much of it un-audited and capable of sniffing your "private" network) that can happily "phone home" (using http if nothing else) and that has nothing to do with NAT.
You've confused addressing with security. Just because Fort Knox has a well known address doesn't mean it's any less secure and all the craptastic workarounds to make hosts behind a NAT addressable do not substitute for real, actual, systematic addressing.
I think you need to think about what "addressing" actually is. A workaround to get through a NAT is just another, albeit messy, form of addressing that is just as easy/hard to use for regular software as it is for malware. And making addressing hard for regular software just to make it hard for malware is not thinking it through.
There are a host of applications where being able to easily and systematically address hosts in a "private" network would be a good thing.
---
Don't be a programmer-bureaucrat; someone who substitutes marketing buzzwords and software bloat for verifiable improvements.
Can you PLEASE write the same two paragraphs in every music/RIAA/etc related thread? Because it seems a lot of people don't know this.
Oh, RIAA/MPAA astroturfers know this; they're just pretending they don't know it.
Whenever you see a lot of repetition and redundancy you can be reasonably sure some marketing parasite is involved. Like all mass market advertising they're trying to drown out legitimate view points with content-free noise.
---
Marketing talk is not just cheap, it has negative value. Free speech can be compromised just as much by too much noise as too little signal.
Problem is, judging by the vast majority of modern industrial "design", most interface designers aren't much in touch with reality either. Gimp isn't wonderful but it's still pretty good compared to many other products out there.
When you get statistics like 80%+ of people not being able to program VCR's (which were created by large teams and with huge investment) you can be sure most "designers" are just scam artists.
Design isn't actually very hard (meaning most people and not just "designers" are able to do it) but it does require a person to think of their target audience and actually do it. Too many people equate stream-of-consciousness with real, thoughtful design.
Another example is the modern computer desktop. What idiot thought it was a good idea for icons to all act differently depending on whether they are in the bottom-right, bottom-middle, bottom-left, top-right or center of the desktop? Highlight, single-click, double-click, right-click, drag, select, you name it, it's all different. It's just a mess for the average computer user.
---
Don't be a programmer-bureaucrat; someone who substitutes marketing buzzwords and software bloat for verifiable improvements.
Unfortunately, OpenGL in it's current state is far from ideal.
There's always room for improvement.
It's the ease of use of D3D when compared to OpenGL that makes developers targetting the Windows platform use D3D.
They could be targeting all platforms with little extra effort. It's only M$ that doesn't want that to happen.
Not to mention the maths library.
Hello? I feel like I'm talking to a marketing zealot here. Read my post. What part of "Look at all the posts that repetitively try to imply OpenGL isn't complemented by many other libraries." do you not understand? There are any number of free math and matrix libraries available. Sorry for the harsh tone but I get heartily sick of developers who treat software labels as software. Because the software blob labeled "OpenGL" doesn't correspond 1:1 with the software blob labelled "D3D" does not mean that there aren't other software blobs available under other names that will fill at least some of the software gaps. Despite what labels marketing 'droids attach to what software blobs. Oh, and BTW "integrated software" is marketing speak for "we own all the pieces ie. we own you." Open interface standards are far preferable to "integration" in a free market.
The debugging tools (Pix). The samples. The documentation.
Equivalents all available for OpenGL as well.
DX9/10 is not critical for *keeping* developers on windows.
It's certainly important. It is probably the only major M$ software library that doesn't have some direct equivalent on other platforms. If programmers were no longer tied to DX9/10 it would be much easier to target portability for a large application class.
The sheer number of windows users does that well enough already.
Games developers are already targeting multiple platforms including M$, Sony, Nintendo, Nokia etc. They would jump at true portability if they could. That's why M$ very carefully promotes the perception that portability is difficult. Hence all the astroturf. Portability doesn't have to be difficult but if they can create a self-fulfilling prophesy they will go for it. Unfortunately far too many developers believe them uncritically.
Your comment about the device driver bugs is makes sense though my understanding is that's a mainly a problem with the driver developers, not OpenGL.
---
Where interoperability information is protected as a trade secret, there may be a lot of truth in the saying that the information is valuable because it is secret, rather than being secret because it is valuable -- Neelie Kroes
"targeted"? Don't make me laugh.
The idea of "targeting" is that an ad matches e.g. 2 people in a 1000 instead of 1 person in a 1000. A 100% improvement that means the ad is still a complete waste/theft of time for 99.8% of the population instead of 99.9%.
Mass market advertising is based on the premise that it's okay to steal lots of people's time to make one sale. The only difference between spam and mass market advertising is degree.
---
Advertising pays for nothing. Who do you think pays marketer's salaries? You do via higher cost products.
The LHC and CERN have a music club e.g. The Les Horribles Cernettes, going back to 1992, sing "collider"
Yes. DX9/10 is absolutely critical to M$ keeping many developers locked to M$Windows. You think they won't be trying to convince uncommitted and new developers that OpenGL is no good with lots of FUD and propaganda?
This release of a new OpenGL version is going to lead to a "marketing" onslaught - it's worth it for an unethical company like M$ to spend hundreds of thousands of dollars for this alone. Just look at how much they spent on OOXML.
Look at all the baffle-them-with-bullshit anonymous and other posters here mysteriously mod'ed up to +4 and +5, in many cases probably by sock puppets. Look at all the posts that repetitively try to imply OpenGL isn't complemented by many other libraries.
M$ has a long history of astroturfing, slashdot included and some marketing scum even like to fraudulently pretend that anonymous posting on behalf of companies is ethical.
OpenGL is perfectly adequate for the vast majority of graphics applications out there, including games, (e.g. Spore). There are already widespread complaints about game designers sacrificing gameplay for graphics. To worry about graphics minutiae now is suspect at best.
---
Beware deceptive astroturfers.
instead of being stupid and just raving against the pirates.
Oh no, he's a fanatic alright. His slashdot alias is cliffski and he has a long history of content-free raving.
---
Creating simple artificial scarcity with copyright and patents on things that can be copied billions of times at minimal cost is a fundamentally stupid economic idea.
Problem exists between keyboard and chair, and the article does not address that aspect nor give any good workaround.
No, PEBKAC is a cop out by crappy programmers who don't design their programs for their target market, real world people.
---
Don't be a programmer-bureaucrat; someone who substitutes marketing buzzwords and software bloat for verifiable improvements.
The result is a list of 60 person questions (hometown, number of brothers, country of birth, etc) that is drawn from randomly to ensure the person ordering the drugs is the one who is logged in and authorized.
I detest personal security questions like this. This authenticates them to your system. Fine. Now, how does your system authenticate to them? Do they have a list of personal facts about you they can ask the system to verify?
How do they know they aren't communicating with a phisher/middleman collecting their personal information?
Too many security people only authenticate in one direction when they should be authenticating in both directions. I'm damn sick of banks that do this. This form of one-sided security probably means the security person is out of their depth and not to be trusted. And no, https on a computer that you do not control is not authenticating to you.
Real world shops authenticate to the shopper by having real, physical shops that a thief has a hard time emulating, though it's been done with bank machines and night safes. Not true for a website or GUI (or phone number) despite the ridiculous sums of money some idiotic companies spend on them.
---
DRM; you don't control it means you don't own it. It reduces the value and that means the vendor gets less for it.
I don't think I'm being naive. I think you are giving way too much credit to the "spooks".
Their resources are in the multi-billion dollar range and the cost benefit on this "bugging" is massive. They're willing to spend trillions on the Iraq war, you think they're not going to throw a few million towards getting access to most every network connected desktop PC on earth?
Even if you are just talking about Windows (the GP also mentioned Linux)
I emphasize M$Windows because this is easier with closed source and M$Windows is the dominant desktop OS. Compromising Linux is possible but probably not worth their time until it gets a larger market share.
you'd need to assume that everybody with access to the relevant parts of the Windows source would keep it a secret.
Not at all. Test builds of OS' like M$Windows are instrumented to the hilt. At a minimum all it requires is one senior manager to give the okay and one technically competent person to include the correct, possibly lightly modified object in the final release build. Wouldn't even need that actually, just make it an update. Have you ever worked on a large project in a company like M$? I have and the left hand very definitely doesn't know what the right hand is doing. Dead easy for the right person to put unofficial things into the final build or an update as long as it doesn't compromise functionality other developers are responsible for.
You'd also need to assume that all of the other Governments on Earth (some whom get access to the Windows source code under various agreements) are either too incompetent to find it or could also be trusted it to keep it secret. Ditto for the business partners of Microsoft that also get access to it. Seems a bit far-fetched to me.
Not at all. What I'm talking about wouldn't even be in the standard windows source. Apparently the source they release isn't compileable anyway though I'm not very familiar with that. This doesn't require any deep modification of Windows, just an app that does the checks I've talked about.
And just how are they going to get access to every single mirror that offers Wireshark binaries?
Don't need it. You're looking for perfection, what's needed is a statistical majority. It takes one manager at Ubuntu+RedHat+SuSe+Mandriva to be given the hard word by the US government to use approved US wireshark binaries (the ones that are used by all the mirrors) and one technically competent person at each of those companies to do a substitution at the top level distribution site. Signed and everything. That user binary would be lost/overwritten if somebody decided to compile their own wireshark however the vast majority of major distribution users never do this - they trust the signature of the primary distributer.
I don't think this is a likely scenario because of the danger of whistleblowers and the payoff for "masking" wireshark is small. All I'm saying is that it's possible.
How are they going to get the developers to go along with leaving those pwn'ed versions online for download or are they also going to root-kit every single mirror site? You are talking about the United States Government here -- the same Government that couldn't even connect the dots when a bunch of jihadists were learning to fly jumbo jets but not how to land them.
Different situation. The NSA in particular employs some very competent software people.
The same issues (access to the major mirror sites and either root-kitting them or getting the people behind them to go along with it) would also seem to apply to Linux distros -- which the GP seemed to think are also vulnerable.
No need to access the mirror sites at all. They're just copying the signed binaries provided by the company. In general they don't recompile.
One thing I've wondered about is why all the major OS' are so aggressive about indexing hard disks
One thing I've often wondered is why Windows
Yes, because nobody would have noticed the unaccounted for network traffic by now and made any effort to discover what it was.......
You're being naive. Just bury data in the back channel of any high volume network app. Like update. Steganography in other words. It's not as if anybody outside M$ knows WTF M$ update is doing anyway.
For most PC's all they'd need is a single bit flagging whether the PC has targeted keywords or files. If that bit is set the update could immediately download a more sophisticated spy package. This would only occur on a small fraction of PC's (in particular restricted to particular countries) so local security people would be unlikely to see it. Not impossible though so the US spooks would tread carefully and maybe make it look like a virus infection.
Unless you think they also have backdoors in Wireshark and tcpdump. That'd be a neat trick with peer reviewed open source software.
No need, though I wouldn't put it past the US spooks to make packets with an approved flag bit invisible to wireshark binaries et. al. Just like it's illegal to listen to certain radio bands.
One thing I've wondered about is why all the major OS' are so aggressive about indexing hard disks. It's pretty useless for most users (rare searching works just fine without frequent indexing), perpetually slows down hard disks for everybody, has a significant impact on laptop battery life and is difficult for most users to disable but it'd be very handy for US spooks looking for keywords.
---
"Advertising supported" just means you're paying twice over, once in time to watch/avoid the ad and twice in the increased price of the product to pay for the ad.
I think the real question is what kind of legal cases this information can be used in (so far, it appears, none), and which cryptographic protocols have been compromised.
The cryptographic protocols being used are pretty much irrelevant if they can sniff your passwords.
The US government almost certainly has a back door to every network connected Windows PC on earth. And may be the major US based Linux binary distributions. That's what Windows (and Linux) update is for.
Given the current US government's public track record, and not even seeing their private one, do you really think they're not doing this? The cost/benefit ratio is just too great to ignore.
US spooks probably have standard packages to download whenever they feel the need to look at somebody. M$ etc. are just being "good" "corporate citizens". And even if they refused to cooperate all the government has to do is slap some form of secret security letter on them.
If you are a public or private entity competing in any way with US interests you are foolish to be using any form of packaged US software without air gap isolating it.
---
DRM - Have you got big-corp-of-your-choice's permission to go to the toilet today?
In fairness, it probably should. Otherwise I could see it being encouragement for some people to try and make the copyright holder dead in order to better evade it.
Nonsense. Should we do away with inheritance laws because that "gives an incentive to the children to knock off their parents"?
It can be quite reasonably argued that copyright should end at the author's death, in fact before if the original purpose of copyright were ever to be fulfilled.
And that could/should apply even if the copyright is assigned to or created by a corporation. A corporation is just a collection of people and a corporation could/should lose the copyright as the individual authors/employees/share holders die.
Corporations are just a construct should have no rights at all other than those directly reflecting the individuals participating.
---
It's wrong that an intellectual property creator should not be rewarded for their work.
It's equally wrong that an IP creator should be rewarded too many times for the one piece of work, for exactly the same reasons.
Reform IP law and stop the M$/RIAA abuse.
have i gotten the more obvious ones sorted?
No, you missed the most obvious one:
Free clue: Excessive enforcement of badly broken copyright law is an attack on civil liberties. Even if you are too much of a zealot to acknowledge that.
---
Paid marketers are the worst zealots.
Learning the "patent speak" isn't terribly hard. You don't have to be a lawyer, but it helps to at least know how to read a legal act, understand precedent, and understand what the different parts of a patent mean.
In other words you are claiming every single significant act of technology invention on earth requires some person with legal training to be attached.
Not hard to understand why you people are called parasites. You people are incredible.
---
The patent mafia: When all they've got is a hammer, everything looks like a nail.
have no recourse when their inventions are blatantly stolen by Big Business
You're handwaving.
Patents are just a generic tool, a tool that can be used by both small players and big business, mainly in proportion to their financial power. Patents in no way change the balance of power, except by adding huge overheads to everyone in society.
For every small entrepreneur helped there are any number of industry monopolies and cartels locking out new players. It is disingenuous to claim that patents protect the little guy from big business. On average they do not, and to claim otherwise is dishonest.
Particularly when you consider how broken patents are on everything from simultaneous invention to inventions whose time has come, from crazy time limits to government bureaucracies acting as gatekeepers on all of technology, from guilty till proven innocent to even what an invention or new idea is.
---
Creating simple artificial scarcity with copyright and patents on things that can be copied billions of times at minimal cost is a fundamentally stupid economic idea.
Slashdotters, otherwise generally intelligent, have a subset who are unable to see this for what it is and believe that copyright should not be respected.
Actually you're a typical copyright fanatic who tries to ignore the fact that copyright-law-as-it-is-currently-implemented is just that, a law, and not some natural right and that there are an infinite number of possible alternatives. Viacom et.al. may have bought and are using some "legal rights" but that says nothing about natural, moral, ethical or even artistic rights as your post tries to imply.
Most people these days are ignoring current copyright law because it does not reflect reality, no matter how hard industry propaganda tries to pretend otherwise.
---
It's not piracy, it's sharing. Didn't your parents teach you to share?
Perhaps it should have read "the law is more frequently deciding in favor of rights holders."
Perhaps it should have read "the law is more frequently deciding in favor of rights claimers."
As usual copyright fanatics engage in circular reasoning. By definition, ownership (holder) is the right to control.
Problem is, many people don't agree with that self-serving definition of ownership. Many citizens, in fact judging by the amount of piracy going on the vast majority of citizens, think that current copyright law is badly broken.
Despite the incessant, content-free propaganda from entrenched industry tools trying to preserve their privileged position.
---
Paid marketers are the worst zealots.
The laws and the legal system *should* lean toward the side of rights owners, as long as it doesn't go so far as to trample on the rights of the people.
As is usual with copyright fanatics your reasoning is circular. Ownership by definition is the right to control and various laws try to force that control.
Guess what? A lot of people do not agree with the definition of ownership that many fraudulent industry astroturfers push.
As just one example many people think that sharing of media is entirely appropriate and right. Maybe the law should be protecting that right, and not those who've parasitized the rest of society for generations with payola and the like.
It's the prohibition all over again. Please start using your brain and recognize that copyright-as-it-is-currently-implemented, because it is a creation of the mind, is only one of a huge number of possibilities. Industries and middlemen trying to preserve their privileged position at the expense of the wider society need to go.
---
It's wrong that an intellectual property creator should not be rewarded for their work.
It's equally wrong that an IP creator should be rewarded too many times for the one piece of work, for exactly the same reasons.
Reform IP law and stop the M$/RIAA abuse.
they can create tags, add comments, create and manage lists, add ratings or reviews, view personal history, suggestions, search these items, add friends and send and receive recommendations.
Until the user realizes they've been suckered into working for the website owners. Then they become much more selective about what they contribute. The only ones left are the young, the naive and the marketing parasites all of whom tend to take away value rather than add value.
No social revolution. Just a new way to take advantage of the naive until they learn better.
Like .com, "Web 2.0" is largely a hype bubble. While there is some value in "Web 2.0" it is vastly overrated as a social tool and businesses that want to take advantage of the very socially aware younger generation are in for a rude awakening as the rapidly self-educating young move to websites that really do have value rather than web sites that fake it with "Web 2.0" superficialities while trying to extract maximal value at the expense of their userbase.
---
Monopolies = Industrial feudalism
Interesting point but advertisement isn't just about click-throughs, it's mostly about brand-awareness leading to sales at a later point.
Your numbers are nonsense. Advertising is not free of cost despite what marketing parasites would have you believe. Every single ad reduces the value of the game to the consumer. Meaning the vendor has to charge less for it. Not to mention accepting a hit on their own "brand". Where was that so-called "value" you were talking about?
Marketers love to fraudulently claim or imply that advertising generates value out of thin air. The reality is that the majority of modern mass market advertising is just a way for the marketing "industry" to parasitise the the rest of society. Consumers are saturated with advertising and by definition that means that when one ad "wins" then another must "lose". Adding more advertising to the mix doesn't change that equation, it just means the whole of society pays more in time, attention and money for nothing in return. i.e. we lose.
---
Free speech is compromised by too much noise as well as too little message. Most advertising is content free noise.
They can seamlessly, easily and completely replace folders.
You are engaged in fuzzy thinking. Unfortunately, like a lot of programmers, you seem to think a new word gives a new meaning.
Labels are the functional equivalent of folders plus symbolic links.
Except folders and symbolic links are fully supported by the OS and don't add a whole other layer of bureaucratic sludge that has to be maintained in parallel with the file system. I had this problem today with a copy of an Evolution installation insisting I had to add new accounts even though the account details were already sitting in the file system in the appropriate place. I also get heartily sick of all the different file scanners and indexers that idiotic programmers insist on running to update "metadata" (which is really just data with a funny name) on my laptop, compromising battery life and disk throughput for very little in return.
---
Don't be a programmer-bureaucrat; someone who substitutes marketing buzzwords and software bloat for verifiable improvements.
The better the tools law enforcement has, the better for all of us.
Except when law enforcement and assorted bureaucrats and incompetents are the bad guys. Your automatic assumption that law enforcement are the good guys is telling. Do you think the percentage of bad guys in law enforcement is larger or smaller than the general population?
I get annoyed with people advocating large databases accessed by large groups of people. Any large group of people will have good and bad in it. How do you deal with that? It's not as simple as you think.
And what makes you think a database of millions of people and accessed by tens of thousands isn't going to compromised by organized crime approximately 30 seconds after it goes live? How will it affect witness protection programs? How will it affect the innocents who have erroneous data on their name? How will it affect innocents who have bad data deliberately put on their name?
We could make law enforcement's job much easier but putting everybody's biometrics into a big database at birth and requiring everybody to have an operation putitng a GPS radio into them. Why don't we do that? It's a question of balance. Unfortunately, law enforcement's and politicians' idea of balance seems to be somewhat different from the general population's.
---
DRM - Have you got big-corp-of-your-choice's permission to go to the toilet today?