Taken as a whole,/. isn't that bad. Sure, if it's your only news source, you need help, and yes, Jon Katz tends to rant about minutae sometimes, but I'll take Slashdot over my local Fox affiliate any day of the week. I'll trust RobLimo to keep people in line editorially far more than I do the WSJ to keep Kara Swisher from exercising conflicts of interest. Stories casting OSS/Linux in a negative light are run along side everything else.
Are we really surprised? The media loves to play to the man in the street's fear that the net can easily be taken down. No one ever brings up that the core protocols of the net are built to route around problems. From the Michaelangelo virus to Y2K, they glom on to every story and predict the imminent death of the web. We of the techies know better. We know that it would take nothing short of a massive world-wide failure of the power grid and oil delivery infrastructure to truly take the net offline.
By that, if I post in a/. article that someone told me RobLimo likes goatse.cx, am I protected, or need I be a "real" journalist? What if I am a real journalist, and I report that "an anonymous source" told me that RobLimo visits goatse.cx every day? In order to constitute libel, would I need to report that the anonymous source told me RobLimo visits goatse.cx, and that I'm sure he likes it?
The mind reels from the possibilities for mischief and mayhem.
Actually, it's even worse than that. If the state of Georgia can go after a tech for installing distributed.net, threatening six figure fines and 30 years in prison, what's stopping us from doing the same when programs we know nothing about and are totally unrelated to what we think we're installing are installed?
I wonder what would happen if you went to the FBI and filed a complaint about it..
I haven't looked lately, but it allows you to sign up for an ID to play with various compaq systems in different OS configurations. AFAIK, it's shell access only, no X or anything nifty like that. I believe they've also got some clusters of different hardware as well.
Ya know, it's crap like this that makes MS and their "viral code" provisions look (in the eyes of the uninformed) justified. OSS has bigger fish to fry than themselves. If they want credibility in the business world, this squabbling over GPL violations needs to end pronto.
This case is tame compared to John Moore's
on
The Immortal Cell
·
· Score: 4
A leukemia patient, John Moore, endured over a dozen "treatment" sessions with his physician, David Golde. These sessions consisted of the removal of his cellular material. Turns out the University of California had worked out a deal with his physician to pay at least 1/3 of a million dollars and rights to 75k shares of stock, in exchange for exclusive access to his research. Dr. Golde even started paying for Moore's travel and accomodations. At this point, Moore became suspicious, and asked about the commerical potential of his cells. After vague answers, he withdrew consent for his cells to be used in research, causing Golde to flip out.
Remember kids, this isn't the first time Toricelli has sponsored crappy net.regulation. You know that spam disclaimer that says "THIS IS NOT SPAM ACCORDING TO S.1615"? That was his doing, though thankfully, that one died in committee. Of course, getting tough on those hax0r kids couldn't be a ploy to shift attention away from investigations for ethics violations, could it? Naah. All politicians are forthright and complete in what they say about their actions (Gary Condit, for example).
I was at VBITS in 2000 when Steve Ballmer was demonstrating Visual Studio 7 (now VS.NET). While demonstrating how easy it was to build a Web Form, VS crashed. The engineer then came in and fixed it, making the demo eventually work.
No no no... You got it all wrong. You're supposed to install Carnivore on distributed.net. At least then, the FBI could get keystrokes and traffic, and only need one search warrant to retrieve the information.
This kind of crap is nothing new. The only thing new about it is how egregious governments are becoming about it. Now, they no longer need to lie and say it's to build a road, or expand a school. Now, they'll just come out and say it's so we can hand it over to a developer to build a shopping center.
There are so many choices! How can you be asked to choose? Can't forget about networking. My Arcnet for Dummies book has been utterly invaluable to me lately. And databases too.. Alpha Four, Advanced Revelation. Of course, applications as well. Symphony is my favorite spreadsheet, and nothing tops Ami Pro for word processing.
This won't happen.. An argument MIGHT be able to be made if the RIAA/member organizations weren't making efforts, but given the services out there that allow downloaded music for a buck or more per song, compulsory licensing won't happen. Even if it did, the likelihood of it being on terms palatable to the average Napster user is about zilch. Combined with the fact that some of the recording industry is working with Napster already, it's not going to happen.
Well, not nearly that painlessly. Right now C# for Windows will be the only language with a standard library supporting Passport (as far as I know anyway).
This link says that Passport 1.1 is supported by everything from solaris/netscape to free bsd, linux, hpux, and aix running apache.
While I'm sure that once passport.NET comes out, windows languages will have libraries for accessing it, because it's just xml over http, implementation on any other platform should be a relatively trivial matter. Shake yourself of any mistaken belief that MS must provide a library for every language that any developer cares to code in. Their only responsibility is to provide the interfaces to the service. Anything else is only a convenience to those implementing it.
We need an open successor to Passport immediately. It's inevitable anyway.
Don't bet on it. Sure, there will be competing efforts, but they'll need to provide a compelling model for developers (and the business masters they serve). Realize that Passport will be the lynchpin holding together all of the Hailstorm services. If all a competing service has to offer is SSO/Authentication, it will fail. More than likely, DOTGNU services will have to support both their own auth and Passport auth, assuming they want to have the maximum market reach possible. For DOTGNU services to support only their own auth is as stubborn and stupid as MS supporting only Passport, except that MS has valid reasonse (I'm not approaching whether they're good or not, just that they're valid business-wise) for only supporting Passport.
If there is a superior Passport alternative that can be used with C# and Java and Python, then why train your staff all over again?
That's the entire point to how Hailstorm aka.NET Services is put together. It uses XML over HTTP to shuffle data around. Neither Passport nor any other Hailstorm service is built in such a way that it locks any development environment out of the game. If you can stuff packet stuff TCP 80 and read the responses, you're in.
Regarding an X plugin for IE, I'd LOVE to see that. Admittedly, it's been a while since I looked, but I have yet to see a good X client for Windows.
Now, the reality of the situation, using X servers for running everything, well, that's something of a pipe dream. People have grown too accustomed to having the full power of a system at their beck and call in distributed computing. Push everything back to the server, you get all the headaches and bottlenecks that come with mainframe based computing with none of the benefits.
I too share your questions, but for completely different reasons. I wonder why Ximian is doing this, when work may have already begun on the Linux.NET port. Consider the investment that MS made in Corel. I had thought MS made an announcement several months back about Corel and.NET.
There may be a lot to.NET, but given that it's a nascent collection of tools, and that it has no foothold in the consumer market
As a MS developer, I've been working with.NET for six months now. Even in beta 2, it blows the doors off of the current development environment. Developers call the shots. Not admins, not hardware folks, not network people. Developers will flock to this like Linux guys to beer, and that's what will drive its adoption.
You're quite right about one thing in your comment. That Skylarov is relatively unapproachable, as far as the populace is concerned. First, he's Russian. Second, nearly every news report labels him a "hacker".
We're not going to find the perfect similar case between DMCA and the civil rights movement. It's not as if 80% of the population is comfortable in their right to break any encryption they can get this mitts on, while the rest are locked up for life for even thinking about it. For that reason, we need to cling to anything we can get to fight it.
Right now, Felton is the closest thing to it. Researcher and professor at Princeton, he's a lot more understandable to the common man. At least, far more so than a "Russian hacker." Sure, we can all (well, most) empathize with Skylarov and his motivations. It's totally cool to watch code you wrote do something that someone says you shouldn't be able to easily do. Most people will never get nor understand that feeling.
We already have one. Edward Felton and the suppression of his presentation on breaking SDMI that was squashed by the RIAA waving the DMCA about. It's all going to depend upon whether or not the EFF can convince a judge that simply sending him a copy of the law could be construed as a threat. Since they never actually went to court or LEO's, it may not be the ideal case to have the DMCA struck down. Given what Adobe did to Skylarov however, a reasonably strong case could be made about Felton and the RIAA.
RSA is in the encryption biz. They're funding (on the cheap, might I add) research into cryptography. This is like saying that Publishers Clearing House should be funding medical research instead of giving away money (and furthering their business).
Let's say, for sake of argument, that someone comes up with a new algorithm for finding the primes that generate a key, and six weeks from now, they manage to clean up and take every prize offered. For a total outlay of $635,000, we find out that encryption based on primes is vulnerable to cracking. I think anyone would be hard-pressed to find medical research that benefits from that same amount of money to the same degree that cryptography would from the revelation that the factors from a large key can be easily obtained.
Does anyone know where to go to find out if Adobe really does pay taxes?
10k and 10q forms are filed with the SEC annually/quarterly. According to their filings, over the past quarters, they've paid the following (in millions) for income tax:
2Q01 1Q01 4Q00 3Q00 2Q00 30.2 34.4 43.6 42.2 35.4
This is just a quick perusal, and undoubtedly covers local and state, in addition to federal taxes.
That's what security is all about. If someone's determined, they will get you. Even if it means taking a bulldozer to your datacenter and hauling the goodies off in a pickup truck. From the flimsiest of doors to the most impregnable security infrastructure, you build it hoping that no one looks for you, that if someone does you can find them first, and that most people, upon finding you, give up and go find playground.
Slashdot Mirror
Taken as a whole, /. isn't that bad. Sure, if it's your only news source, you need help, and yes, Jon Katz tends to rant about minutae sometimes, but I'll take Slashdot over my local Fox affiliate any day of the week. I'll trust RobLimo to keep people in line editorially far more than I do the WSJ to keep Kara Swisher from exercising conflicts of interest. Stories casting OSS/Linux in a negative light are run along side everything else.
Are we really surprised? The media loves to play to the man in the street's fear that the net can easily be taken down. No one ever brings up that the core protocols of the net are built to route around problems. From the Michaelangelo virus to Y2K, they glom on to every story and predict the imminent death of the web. We of the techies know better. We know that it would take nothing short of a massive world-wide failure of the power grid and oil delivery infrastructure to truly take the net offline.
Where does it end?
/. article that someone told me RobLimo likes goatse.cx, am I protected, or need I be a "real" journalist? What if I am a real journalist, and I report that "an anonymous source" told me that RobLimo visits goatse.cx every day? In order to constitute libel, would I need to report that the anonymous source told me RobLimo visits goatse.cx, and that I'm sure he likes it?
By that, if I post in a
The mind reels from the possibilities for mischief and mayhem.
Actually, it's even worse than that. If the state of Georgia can go after a tech for installing distributed.net, threatening six figure fines and 30 years in prison, what's stopping us from doing the same when programs we know nothing about and are totally unrelated to what we think we're installing are installed?
I wonder what would happen if you went to the FBI and filed a complaint about it..
I haven't looked lately, but it allows you to sign up for an ID to play with various compaq systems in different OS configurations. AFAIK, it's shell access only, no X or anything nifty like that. I believe they've also got some clusters of different hardware as well.
I wonder what it takes to slashdot an iPaq, even if it is running Linux instead of CE...
Ya know, it's crap like this that makes MS and their "viral code" provisions look (in the eyes of the uninformed) justified. OSS has bigger fish to fry than themselves. If they want credibility in the business world, this squabbling over GPL violations needs to end pronto.
A leukemia patient, John Moore, endured over a dozen "treatment" sessions with his physician, David Golde. These sessions consisted of the removal of his cellular material. Turns out the University of California had worked out a deal with his physician to pay at least 1/3 of a million dollars and rights to 75k shares of stock, in exchange for exclusive access to his research. Dr. Golde even started paying for Moore's travel and accomodations. At this point, Moore became suspicious, and asked about the commerical potential of his cells. After vague answers, he withdrew consent for his cells to be used in research, causing Golde to flip out.
Full details are here.
Remember kids, this isn't the first time Toricelli has sponsored crappy net.regulation. You know that spam disclaimer that says "THIS IS NOT SPAM ACCORDING TO S.1615"? That was his doing, though thankfully, that one died in committee. Of course, getting tough on those hax0r kids couldn't be a ploy to shift attention away from investigations for ethics violations, could it? Naah. All politicians are forthright and complete in what they say about their actions (Gary Condit, for example).
I was at VBITS in 2000 when Steve Ballmer was demonstrating Visual Studio 7 (now VS.NET). While demonstrating how easy it was to build a Web Form, VS crashed. The engineer then came in and fixed it, making the demo eventually work.
I thought you already knew that's where the tax refund was coming from... Guess not everyone's in the know on it.
Too bad this didn't make the cut for the front page. It's exactly this kind of shit that makes massive databases so problematic.
FYI, this was a two part series. Part two can be found here.
No no no... You got it all wrong. You're supposed to install Carnivore on distributed.net. At least then, the FBI could get keystrokes and traffic, and only need one search warrant to retrieve the information.
Could you please post some links to information about these two cases? Thanks!
Here, or here, or just search on google.
This kind of crap is nothing new. The only thing new about it is how egregious governments are becoming about it. Now, they no longer need to lie and say it's to build a road, or expand a school. Now, they'll just come out and say it's so we can hand it over to a developer to build a shopping center.
There are so many choices! How can you be asked to choose? Can't forget about networking. My Arcnet for Dummies book has been utterly invaluable to me lately. And databases too.. Alpha Four, Advanced Revelation. Of course, applications as well. Symphony is my favorite spreadsheet, and nothing tops Ami Pro for word processing.
This won't happen.. An argument MIGHT be able to be made if the RIAA/member organizations weren't making efforts, but given the services out there that allow downloaded music for a buck or more per song, compulsory licensing won't happen. Even if it did, the likelihood of it being on terms palatable to the average Napster user is about zilch. Combined with the fact that some of the recording industry is working with Napster already, it's not going to happen.
Well, not nearly that painlessly. Right now C# for Windows will be the only language with a standard library supporting Passport (as far as I know anyway).
This link says that Passport 1.1 is supported by everything from solaris/netscape to free bsd, linux, hpux, and aix running apache.
While I'm sure that once passport.NET comes out, windows languages will have libraries for accessing it, because it's just xml over http, implementation on any other platform should be a relatively trivial matter. Shake yourself of any mistaken belief that MS must provide a library for every language that any developer cares to code in. Their only responsibility is to provide the interfaces to the service. Anything else is only a convenience to those implementing it.
We need an open successor to Passport immediately. It's inevitable anyway.
Don't bet on it. Sure, there will be competing efforts, but they'll need to provide a compelling model for developers (and the business masters they serve). Realize that Passport will be the lynchpin holding together all of the Hailstorm services. If all a competing service has to offer is SSO/Authentication, it will fail. More than likely, DOTGNU services will have to support both their own auth and Passport auth, assuming they want to have the maximum market reach possible. For DOTGNU services to support only their own auth is as stubborn and stupid as MS supporting only Passport, except that MS has valid reasonse (I'm not approaching whether they're good or not, just that they're valid business-wise) for only supporting Passport.
And how does congress fit into all this?
Two words: Gary Condit.
If there is a superior Passport alternative that can be used with C# and Java and Python, then why train your staff all over again?
.NET Services is put together. It uses XML over HTTP to shuffle data around. Neither Passport nor any other Hailstorm service is built in such a way that it locks any development environment out of the game. If you can stuff packet stuff TCP 80 and read the responses, you're in.
That's the entire point to how Hailstorm aka
Regarding an X plugin for IE, I'd LOVE to see that. Admittedly, it's been a while since I looked, but I have yet to see a good X client for Windows.
Now, the reality of the situation, using X servers for running everything, well, that's something of a pipe dream. People have grown too accustomed to having the full power of a system at their beck and call in distributed computing. Push everything back to the server, you get all the headaches and bottlenecks that come with mainframe based computing with none of the benefits.
I too share your questions, but for completely different reasons. I wonder why Ximian is doing this, when work may have already begun on the Linux .NET port. Consider the investment that MS made in Corel. I had thought MS made an announcement several months back about Corel and .NET.
.NET, but given that it's a nascent collection of tools, and that it has no foothold in the consumer market
.NET for six months now. Even in beta 2, it blows the doors off of the current development environment. Developers call the shots. Not admins, not hardware folks, not network people. Developers will flock to this like Linux guys to beer, and that's what will drive its adoption.
There may be a lot to
As a MS developer, I've been working with
You're quite right about one thing in your comment. That Skylarov is relatively unapproachable, as far as the populace is concerned. First, he's Russian. Second, nearly every news report labels him a "hacker".
We're not going to find the perfect similar case between DMCA and the civil rights movement. It's not as if 80% of the population is comfortable in their right to break any encryption they can get this mitts on, while the rest are locked up for life for even thinking about it. For that reason, we need to cling to anything we can get to fight it.
Right now, Felton is the closest thing to it. Researcher and professor at Princeton, he's a lot more understandable to the common man. At least, far more so than a "Russian hacker." Sure, we can all (well, most) empathize with Skylarov and his motivations. It's totally cool to watch code you wrote do something that someone says you shouldn't be able to easily do. Most people will never get nor understand that feeling.
The anti-DMCA movement could use a Rosa Parks!
We already have one. Edward Felton and the suppression of his presentation on breaking SDMI that was squashed by the RIAA waving the DMCA about. It's all going to depend upon whether or not the EFF can convince a judge that simply sending him a copy of the law could be construed as a threat. Since they never actually went to court or LEO's, it may not be the ideal case to have the DMCA struck down. Given what Adobe did to Skylarov however, a reasonably strong case could be made about Felton and the RIAA.
RSA is in the encryption biz. They're funding (on the cheap, might I add) research into cryptography. This is like saying that Publishers Clearing House should be funding medical research instead of giving away money (and furthering their business).
Let's say, for sake of argument, that someone comes up with a new algorithm for finding the primes that generate a key, and six weeks from now, they manage to clean up and take every prize offered. For a total outlay of $635,000, we find out that encryption based on primes is vulnerable to cracking. I think anyone would be hard-pressed to find medical research that benefits from that same amount of money to the same degree that cryptography would from the revelation that the factors from a large key can be easily obtained.
Does anyone know where to go to find out if Adobe really does pay taxes?
10k and 10q forms are filed with the SEC annually/quarterly. According to their filings, over the past quarters, they've paid the following (in millions) for income tax:
2Q01 1Q01 4Q00 3Q00 2Q00
30.2 34.4 43.6 42.2 35.4
This is just a quick perusal, and undoubtedly covers local and state, in addition to federal taxes.
That's what security is all about. If someone's determined, they will get you. Even if it means taking a bulldozer to your datacenter and hauling the goodies off in a pickup truck. From the flimsiest of doors to the most impregnable security infrastructure, you build it hoping that no one looks for you, that if someone does you can find them first, and that most people, upon finding you, give up and go find playground.