Clipboard-anything is always a Bad Idea(TM). It's fairly trivial (read "ActiveX, among other methods), to read the contents of the Windows clipboard.
Probably about as trivial as writing a keyboard event handler I'd imagine. The point is that at least it isn't displayed in plaintext at any point unless you manually choose to edit the password. Plus you don't have to worry about command line histories (eg:.bash_history for *nix), someone sharing the system scanning `ps -aux` for command-line parameters, etc. I think the clipboard is the lesser of two evils.
But that will display your password in plaintext. Password Safe program allows you to enter your master password, choose the appropriate login, it shows you your username and you double-click on the entry to have it copied to the clipboard. Paste into your browser's (or other app's) password field, and nobody (not even you!) can see what it is by looking at the screen.
There are some logins even I don't remember the password to, such as my eBay and PayPal accounts. All I need to remember is the one master password and then make sure I don't lose the password file!:)
Re:I'll buy that piece of paper with some chocolat
on
Write Down Your Passwords
·
· Score: 4, Interesting
Of course, there's Scheier's Password Safe, which is now a SourceForge project. See: http://www.schneier.com/passsafe.html. Works for me... I carry the encrypted file around on USB flash and who cares if I lose it... barring quantum computers, nobody's going to be breaking it within my lifetime.
When you consider that things like hibernation are simply a kludge for not being able to retain the system state when powered off, non-volatile memory would make total sense to have as your main system memory. If it's fast and cheap enough then you wouldn't really care much if the power went out in the middle of working on an important document -- just wait until you get power again, turn it on, and you're back at the same system state.
Well, if you had 12 hogsheads of ink and wrote out the Library of Congress in a single line so that you just used up all the ink, this drive would be able to store 493 rods worth of data. I hope that clears it up.
This story reminds me of every time blocking of online ads get mentioned -- there's always a chorus of people who chime in and say that blocking ads is fine because it's not up to them to support an outdated business model. Anyhoo, it's a bit tangential but this seems to fall in the same realm -- new, web-based method replaces outdated publishing model.
So you could overlay a map such as to identify the Chinese Embassy or Sudanese pharmaceutical factories? Sounds like something the US military could get ready for use in Iran!
The Whitehouse had such a user-contributed map of Iraq years ago. However, somebody trolled it and placed a bunch of phony WMD icons on it.
If Microsoft is making more profit from its business practices than $5M a day, they've shown before that they'll happily pay the fine rather than change practices. Is domination of the European market worth $1.8 billion a year in fines?
Don't bitch about cheap fucks when the very license of the software encourages mass raping on a financial and IP scale.
What you don't seem to realize is that if the license says "hey, take this and do whatever you want" then it's not raping -- it's encouraged. Just because you think they should behave in a certain way doesn't mean they're obligated to, nor do the developers expect them to. Otherwise, the developers would have released the code under a different license. Now go read the GPL three times and say five hail Stallmans.
They could have taken the lead on this and no one would have complained about spending 2 or 3 bucks to download and watch a movie, but the corporations were too busy trying to suppress what they themselves should have been developing. If the various *AA entities had spent half as much developing technology as they've spent suppressing it, none of this would be an issue right now.
That's all well and good but what you haven't mentioned is the fact that it's *their* product, and they can do with it as they will and they have chosen not to release their movies over the internet. You're trying to justify the illegal behavior by blaming it on the victim. And while I think you're right -- the movie industry has missed out on a new distribution model -- I also recognize they have the right to market and distribute their product as they see fit, even if some of their customers don't like it.
Plus, it's not BitTorrent's fault that the movie was released. The fault of the release is due to TCP/IP itself! I think we should lobby the government to ban the TCP/IP protocol, which makes all copyright infringement possible.
Gee, let's see... I can either believe that NASA doesn't know the difference, or that "dj245" is an idiot. Tough call!
Given that one of the Mars probes crashed because NASA mixed up metric units with a set of units derived from the ancient British empire, I think your tough call may not be so tough anymore.
I fail to see the reason why any company would respond to the BSA, but I don't dispute the fact that they do. I'm not sure what's worse, giving up your fourth amendment rights or bowing to a industry "organization." The BSA exists to make examples out of people. An easy way to do this is by doing a "self-audit" and then admitting defeat. Make them work for it, regardless of the base of the accusations.
I wondered the same thing for a while, but then the answer became clear -- if the BSA has solid evidence that your company is using unlicensed software, they will make you a deal which would go something like this:
"Let us do an audit to our satisfaction and if we find you're deficient, you agree to fully license every piece of software you have plus pay a little bit extra as penance. You don't have to allow us to do this audit -- it's completely volunatary. However, if you don't do this we'll take you to court and we have good evidence that you are using unlicensed software. Your company will not only then have to fully license all the software, but you will have to pay the maximum civil damages we can get to us (as representatives of the software manufacturers), cover both our and your legal fees, and go through the public humiliation that a losing court case, which shows that your company is a den of thieves and pirates, will produce."
Unless a company is 100% certain that it's legit for software and hates caving in no matter what, it's going to always opt for the lesser of two evils and deal with an audit.
Clipboard-anything is always a Bad Idea(TM). It's fairly trivial (read "ActiveX, among other methods), to read the contents of the Windows clipboard.
.bash_history for *nix), someone sharing the system scanning `ps -aux` for command-line parameters, etc. I think the clipboard is the lesser of two evils.
Probably about as trivial as writing a keyboard event handler I'd imagine. The point is that at least it isn't displayed in plaintext at any point unless you manually choose to edit the password. Plus you don't have to worry about command line histories (eg:
But that will display your password in plaintext. Password Safe program allows you to enter your master password, choose the appropriate login, it shows you your username and you double-click on the entry to have it copied to the clipboard. Paste into your browser's (or other app's) password field, and nobody (not even you!) can see what it is by looking at the screen.
:)
There are some logins even I don't remember the password to, such as my eBay and PayPal accounts. All I need to remember is the one master password and then make sure I don't lose the password file!
No kidding: http://www.theregister.co.uk/2005/04/04/fingerprin t_merc_chop/!!
Of course, there's Scheier's Password Safe, which is now a SourceForge project. See: http://www.schneier.com/passsafe.html. Works for me... I carry the encrypted file around on USB flash and who cares if I lose it... barring quantum computers, nobody's going to be breaking it within my lifetime.
Lose power, and when you boot up next, you've lost at most a few seconds of work.
You might be interested in this article -- very interesting story about an operating system which did just that.
Damn, which people would pay attention to details.
:)
Yeah, "which people" indeed.
When you consider that things like hibernation are simply a kludge for not being able to retain the system state when powered off, non-volatile memory would make total sense to have as your main system memory. If it's fast and cheap enough then you wouldn't really care much if the power went out in the middle of working on an important document -- just wait until you get power again, turn it on, and you're back at the same system state.
Well, if you had 12 hogsheads of ink and wrote out the Library of Congress in a single line so that you just used up all the ink, this drive would be able to store 493 rods worth of data. I hope that clears it up.
This story reminds me of every time blocking of online ads get mentioned -- there's always a chorus of people who chime in and say that blocking ads is fine because it's not up to them to support an outdated business model. Anyhoo, it's a bit tangential but this seems to fall in the same realm -- new, web-based method replaces outdated publishing model.
Or do you expect these people to donate money to something they're working on for free?
:-p
Seems to work fine for open source projects.
So you could overlay a map such as to identify the Chinese Embassy or Sudanese pharmaceutical factories? Sounds like something the US military could get ready for use in Iran!
The Whitehouse had such a user-contributed map of Iraq years ago. However, somebody trolled it and placed a bunch of phony WMD icons on it.
Sorry, all her friends ae busy at a sleepover right now.
Perhaps you should read my journal. Hopefully you [don't?] die before you're able to post a reply.
If Microsoft is making more profit from its business practices than $5M a day, they've shown before that they'll happily pay the fine rather than change practices. Is domination of the European market worth $1.8 billion a year in fines?
Check out my journal... or just remove all spaces from my sig and see if it makes sense then.
No, no... the revealed text on the first page so far consists of:
"F1RSTUS P0STU5"
Don't bitch about cheap fucks when the very license of the software encourages mass raping on a financial and IP scale.
What you don't seem to realize is that if the license says "hey, take this and do whatever you want" then it's not raping -- it's encouraged. Just because you think they should behave in a certain way doesn't mean they're obligated to, nor do the developers expect them to. Otherwise, the developers would have released the code under a different license. Now go read the GPL three times and say five hail Stallmans.
They could have taken the lead on this and no one would have complained about spending 2 or 3 bucks to download and watch a movie, but the corporations were too busy trying to suppress what they themselves should have been developing. If the various *AA entities had spent half as much developing technology as they've spent suppressing it, none of this would be an issue right now.
That's all well and good but what you haven't mentioned is the fact that it's *their* product, and they can do with it as they will and they have chosen not to release their movies over the internet. You're trying to justify the illegal behavior by blaming it on the victim. And while I think you're right -- the movie industry has missed out on a new distribution model -- I also recognize they have the right to market and distribute their product as they see fit, even if some of their customers don't like it.
Plus, it's not BitTorrent's fault that the movie was released. The fault of the release is due to TCP/IP itself! I think we should lobby the government to ban the TCP/IP protocol, which makes all copyright infringement possible.
Gee, let's see... I can either believe that NASA doesn't know the difference, or that "dj245" is an idiot. Tough call!
Given that one of the Mars probes crashed because NASA mixed up metric units with a set of units derived from the ancient British empire, I think your tough call may not be so tough anymore.
If you insist on using a clichè, please use it correctly.
And if you insist on using fancy accents, please use the correct one. It's cliché.
... or the physical similarities between Stallman and Castro. :)
Or you could work on 20,000 projects which are offering $50 bounties and cash in just the same.
I fail to see the reason why any company would respond to the BSA, but I don't dispute the fact that they do. I'm not sure what's worse, giving up your fourth amendment rights or bowing to a industry "organization." The BSA exists to make examples out of people. An easy way to do this is by doing a "self-audit" and then admitting defeat. Make them work for it, regardless of the base of the accusations.
I wondered the same thing for a while, but then the answer became clear -- if the BSA has solid evidence that your company is using unlicensed software, they will make you a deal which would go something like this:
"Let us do an audit to our satisfaction and if we find you're deficient, you agree to fully license every piece of software you have plus pay a little bit extra as penance. You don't have to allow us to do this audit -- it's completely volunatary. However, if you don't do this we'll take you to court and we have good evidence that you are using unlicensed software. Your company will not only then have to fully license all the software, but you will have to pay the maximum civil damages we can get to us (as representatives of the software manufacturers), cover both our and your legal fees, and go through the public humiliation that a losing court case, which shows that your company is a den of thieves and pirates, will produce."
Unless a company is 100% certain that it's legit for software and hates caving in no matter what, it's going to always opt for the lesser of two evils and deal with an audit.
Supposedly, this market-based filter performs better than a perfect technology-based solution.
So it performs better than perfect? How does that work?