I really didn't like Win 95, as the requirements where terrible for what I thought was only the application that was meant to launch other applications...
I remember "playing" the Microsoft demonstration game for Win95 - Hover. And I was suitably unimpressed and thought anyone who developed games under windows must be a complete loony coz whilest my machine ran Doom at a nice playable speed, Hover ran at a stonking 1 frame per second.:)
Ahh, who here remembers the huge mistake that was ISA PnP - the massive technological leap from spending 2 seconds popping a jumper in place to select the IRQ to letting the software set the IRQ to one that was already in use and there being nothing you could do about it...:)
If Microsoft had not felt a real threat from OS/2 which at the time was starting to show some signs of life, if not on its own merits but its ability to run Windows apps more stably
Nono, Microsoft don't need competition in order to innovate and stay on the forefront of technology - I mean, just look at the huge amount of development that went into IE in the few years before FireFox appeared.:)
Re:...the same features we delivered seven years a
on
Windows 95 Turns 10
·
· Score: 2, Interesting
I can never understand how Linux zealots are so enamoured with cryptic command-line tools.
Because once you're used to them they're _really_ fast to do stuff with, and they usually come with good, concise man pages explaining how to use them (much better then your usual Windows online help).
Man pages are pretty-much opaque, and require a Man page themselves to understand.
Uh, I dunno what man pages you've been reading but most of the ones I've ever read are very concise and tell you what you need to know assuming you have the slightest clue what the tool you're looking at the man for _does_.
GUI materials are self-documenting - you can see what you can do with them just by looking at them.
Mmm.. yes.. right... Having used Unix exclusively for about 5 years I have been pushed back to using windows as a workstation (but thankfully not for my actual work - that gets done through an ssh and X session into boxes running a proper OS) and I can tell you that most of the GUIs are written by people who clearly think they're self documenting... and they're wrong (unless you count opening every single menu and dialogue box to find an option that they've stuck in some non-obvious place as "self documenting").
Going from being purely commandline based to having to use a GUI for stuff I can tell you that using a GUI feels sooooo slow - I was 5 times as productive doing stuff at the commandline as doing stuff in a GUI with all that pointing and clicking.
But meanwhile most Unix nuts are still convinced that Bash is the be-all and end-all, despite having utterly bizarre gotchas.
No, I certainly don't consider Bash to be the be-all and end-all of scripting - there are far better languages about. But for hacking up a quick script to do something relatively simple, it's very fast to develop in and you can pretty much guarantee it's going to be on almost all systems. I think the thing I find most powerful in bash is the ability to knock up quick scripts to do things on the commandline - the number of times I need to do an operation to a number of files and hack up a quick for-loop at the prompt. Also, pipes have got to be one of the most useful inventions for doing some reasonably complex stuff in a hurry.
Learning to do a new task in a pure-text environment is like trying to learn how to spell a word with a dictionary - you can't look it up until you know how to spell it.
Yes - there you're right. If you've never before done anything like what you're currently trying to do then there is some effort involved. However, if you're used to the environment then a lot of concepts are transferrable - you can see similarities between tasks and reuse the knowledge you gained the last time. And more to the point, once you _know_ how to do something then it's just so much faster to do it at the CLI than in a GUI. Maybe a CLI isn't for everyone but for me I couldn't use an OS which didn't have a powerful CLI - even in Windows I fire up Bash very frequently to do stuff because it's just easier and faster.
Meanwhile, a nice GUI lets you figure it all out just from checking out the widgets.
Again, I agree - a GUI lets you figure it out by opening every menu and dialogue box and probably reading the help on obscure widgets... as opposed to a 2 minute flick through a man page to find what you're after - I'll take the man page every time since I just don't have the time and patience to click through a GUI.
All I know is that the win2k "find" screen makes 10x more sense than the grep command.
Yes, and it's about a billion times less useful. Turns out that if you remove almost all the useful features in a program it's easier for people to understand... and almost completely useless to everyone too.
If the business can save money by dumping Windows in favor of Linux then the fact that their employees don't know how to use Linux shouldn't (necessarilly) be a huge consideration - weigh up cost savings against retraining and rehiring.
No need for an encyclopedia to explain the concept.
The term "viral" immediately gives the impression that it's bad. However, I think in this context it's good - the "marketting" is well targetted, so doesn't annoy people who aren't interested, and is interesting to those targetted (if it wasn't, it wouldn't work).
I am a fairly computer literate person, and every time I mess around with Linux there is some stumbling block that prevents me from doing what I am trying to do and I then have to spend hours googling or in chat rooms trying to figure out what the hell I need to do.
I am a fairly computer literate person, and every time I mess around with Windows there is some stumbling block that prevents me from doing what I am trying to do and then I have to spend hours googling trying to figure out what the hell I need to do only to discover it isn't possible (it would be under Linux) or at least would cost me a lot of money to do (free under Linux).
Yes, I agree that some stuff it difficult to do (but please, show me an OS where there _isn't_ something that's difficult somewhere). But in my experience most "stumbling blocks" I hit with Windows are either impossible to resolve (because of the closed nature of the system) or would cost a lot of money to get a licence to do it (despite the fact I probably already _have_ the software itself, just not a licence). Comparitively, most stumbling blocks under Linux are possible to resolve and usually don't cost vast amounts of money so long as you know what you're doing (obviously if you don't have a clue and have to contract someone to do it for you then it's gonna cost you).
And especially in the professional world, time is money.
In the professional world you could replace the people who don't know what they're doing with people who do...
It's about loosing your trademark if you don't defend it. Linus holds the trademark "Linux", so it's up to him to take actions to protect that trademark.
I don't know who has been sent demands, but IMHO using "Linux" on a product that's running Linux is fair use - the only thing you can legitimise as "defending" the trademark, IMHO, is if someone is using it on a product in a context that's not associated with Linux.
I.e. if I sell you a Linux distribution it should be fine for me to tell you it's Linux. If I sell you BSD and tell you it's Linux I should expect trouble.
Similarly, if I sell you a network card and say "works with Linux" then that also would seem fair (so long as that's true) even though it isn't _running_ Linux itself.
I guess what I am trying to say is security is not absolute, but a relative measure. There is no checklist that you can tick away and say OK I am now secure.
Absolutely - security is always a balancing act between security and usability. On one end of the scale we have the most secure setup - you have everything unplugged and turned off all the time. Obviously whilest that's completely secure from remote attack it's also completely unusable. On the other end of the scale is no security and everything's really easy to use.
A check list of _possible_ security measures and their repercussions would probably be a good thing to make someone look through when they're installing a wireless network though.
For example:
1. (ignoring it's security weaknesses for a moment) WEP is remarkably easy to set up and has very few usability problems so that's quite high on the list. The only usability problems I can think of is the effort of typing your passphrase into new machines when you connect them to the AP.
2. MAC filtering is slightly more complex to set up since you have to extract the MAC from a new machine and then configure the AP to allow it. If you have a reasonably static network setup then that might be the option for you, but if new machines are coming and going all the time then probably not.
These are the sort of thins which people who are setting up a network really need to think through. It's really not that different from securing your house:
1. Do we want a lock on the door? It has the disadvantage that if you lose your keys then you're screwed.
2. Do we want bars on the windows? It increases security but also increases the risk of you not being able to escape a fire.
etc.
At the moment, a large proportion of people are handed an access point that's pre-configured to be fully open and they are never made to think of the security questions - it's like going out and buying a front door for your house, getting it fitted and noone mentioning that it doesn't have a lock on it as standard.
I was thinking of more, how can I phrase a flyer to put in people's mailboxen
I think (part of) my suggestion still stands - if you can identify the model then step-by-step instructions would be good (there aren't that many different models out there so you're not dealing with a massive set of different instructions).
Obviously be polite and clearly explain (in terms your grandmother could understand) what the problem is and why they need to fix it.
I think using it to advertise your services would be seen as bad form unless you plan on helping people secure their networks for free (and even then there would be a big "what's the catch?" aspect to it from the recipient's perspective). Having said that, some people will genuinely need help so maybe it'd be ok to provide a list of 5 - 10 small businesses who would secure a small network for a reasonable fee - make sure the people you recommend are actually capable of doing the job of course.
I'm not really comfortable sending stuff to people's computers, because, although the threshold of legal/illegal use of someone's WiFi is fuzzy, I would consider that past it, or at least quite suspicious.
As I said, I'm not sure how most people would see that - if I got home and found such a printout on an 802.11 connected printer then I would be fairly ok with it, but then I'm technical and know how to check that noone's compromised my machines. Certainly, just pushing a page of data at a printer is quite harmless compared to other things that _could_ be done over an unsecured network (reading/trashing improtant data, etc). It'd probably really wind a few people up though.
If noone had educated you to lock your door, how would you know to do it? Or would it be ok to live in ignorance until someone actually wandered into your home and stole all your stuff?
And in any case, I think you can take the current state of the Internet (with the millions of rootkitted and virussed Windows boxes connected to it) as a good indication that: 1. If crime does reach epidemic proportions then the majority of people are still ignorant despite a reasonable amount of public media coverage. 2. By the time you have an epidemic it's waaay too late.
I went warwalking the other day around my block, and it's like 90% unencrypted, and 25% factory defaults. Can you think of any way to "get the word out" to my neighbors (just to improve everyone's security and make the world a better place) without looking like an idiot or an evil cracker?
Some options spring to mind:
1. Scan the network for unpassworded printers (network printers or SMB shares) and print an easy to understand, polite message, explaining the problem. If you're feeling really friendly you could identify the model of AP and provide step by step instructions for securing the network. I would avoid advertising your services to do it though.:)
2. Send a Windows Messager message to any machines on the network - again, polite, maybe pointing at the URI of the manufacturer's online manual.
Whether these make you look like an "evil cracker", or whether the people you tell actually care enough to fix it is debatable. You're making active scans so that might be considered a bad thing even though you're not doing any damage.
Unfortunately, whilest you can do these things while "war walking", doing them while war driving isn't really an option because there's no way you can associate with a network and scan it while you're moving at speed - you're just not in range long enough.
Also be aware that some of the apparantly unencrypted networks will be using other security measures instead of WEP (e.g. IPSEC) - especially true of businesses and universities with competent IT staff.
If protecting your data is really that important, you would upgrade your infrastructure or not use Wireless at all.
Most of the time the lack of security on the networks is down to the administrators (who are often just home-users or small businesses with no IT knowledge) not bothering to turn the existing systems on. There's no point in inventing shiny new security protocols if noone bothers turning on the existing ones. This is at least partly the fault of the manufacturers for making it possible (or at least easy) to set the products up without basic security.
IMHO there is a limited need for new wireless security protocols - a good proportion of people don't even turn on WEP, let alone more complex protocols like WPA. And those who do understand security are probably quite capable of using the existing protocols that do a very good job already (e.g. you can ensure all your traffic is ESP and AH encapsulated).
If you want to improve security for the people who already understand the improtance then just provide a more user friendly way of setting up the existing security protocols. For everyone else, if they can't even manage to tick the "WEP" checkbox and type in a passphrase how are new, more complex protocols going to help?
But security is not about stopping these novice users, who are less likely to cause any damage in the first place
I've got to argue with this - stepping back from the whole wireless thing and talking about security in general, I can tell you that the crackers that cause the most damage are the ones who really don't know what they're doing and have just picked up a cracking toolkit (i.e. script kiddies). The script kiddies frequently end up leaving a machine they've attacked in a completely destroyed state _by accident_ (their intention is to use the machine, not destroy it but frequently it ends up trashed). On the other hand, if your system is attacked by people who know what they're doing the chances are you won't notice for a long time.
It doesn't make it less likely that someone will go out of their way to use it, because those people have things like Kismet on hand. It only prevents the people who have naïve Windows XP boxen from accidentally connecting.
It makes it _slightly_ less convenient for people (who know what they're doing) to connect. But possibly more to the point, it shows anyone who's trying to connect that it's not a public AP - you have at least done something (although not much) to secure it. Locks keep honest people out.
You could be right about MS but I don't think the same applies to Apple. Apple have always been a "complete solution" seller - you buy a box that has everything in (hardware + OS), so there isn't exactly a "free" bit there, you're buying everything. MS on the other hand, is a software producer and other manufacturers bundle the software. Because the computer is, say a Dell, and the software is Microsoft, it may well be seen as "free software" rather than a single package like Apple do.
I've got to say though that I think Apple's use of DRM is about the only sane one I've seen - they want to keep the "complete solution" idea and stop people running (a possibly legit copy of) OS X on non-Apple hardware. I.e. they want to stop Apple going the way that IBM went with the original PC. I think that's a fairly sane idea, keeps support costs down (noone phoning up complaining "I've installed OS X on my random combination of hardware and it doesn't work") and preserves the "just works" experience you get with Apple today, where they've already tested it on all combinations of hardware they sell so they know it works, unlike a Windows system where there are so many random hardware combinations that they can't be tested.
Truth of the matter is though that Apple probably don't care about the people who might have the knowledge to crack the DRM, they're just trying to keep the general public from using OS X on random hardware coz they're the people who will cause trouble when it breaks.
It's authorized if a human tells you it is, though some form of human-to-human communication. Getting a DHCP lease doesn't count - *many* people have home LANs set up that way with no idea that it lets outsiders connect.
The term "unauthorised" is very vague these days. The computer misuse act says that it is illegal to gain unauthorised access to a computer system. What constitutes authorisation? Assuming your "if a human tells you it is" idea that means you'd have to phone up the administrator of every web server, mail server, etc. before contacting it. In actual fact, we don't do that at all - we assume that if there is a web server listening on port 80 and it isn't asking for authentication then it is publically accessible. (And your "many people have home LANs set up that way" applies here too - many people accidentally have web servers running).
IMHO, if you can assume that a service is public because it's not restricted in a case where you have to actually go out of your way to contact the server, the same must apply even more so in the case of an open access point, which is _broadcasting_ _advertisements_ in _public airspace_ and on _public frequencies_ to advertise that it's open and unrestricted.
If I make my house look like a pub and leave the door unlocked, I shouldn't be surprised if people walk in wanting a drink - security (or at least making it obvious that you don't want intruders) should be the responsibility of the AP owner.
I believe your arguement also falls down because a number of people allow free public internet access through their AP _on purpose_ and your arguement would prevent them from doing so.
I believe you're exactly who companies who do copy protection do not care about; I'm sure they're more than happy to let you do what you want.
You're missing my point - I am a fairly law-abiding person, they make money out of me. However, if they break the CDs I buy with "copy protection" so I can nolonger rip them onto my computer, play them in my car, etc then they have automatically lost me as a customer - they have made the legal product useless to me whilest the illegally distributed content is still useful. i.e. the manufacturer has forced me into illegally copying something I would normally have paid for.
Copy protection is solely to try and prevent theft
No, copy protection stops copyright infringement, not theft - the "copy protection" on CDs doesn't stop me breaking into my local music store and stealing a bunch of CDs.
Then I'll crack it.
As a paying customer, why should you have to jump through hoops cracking copy protection? And probably more to the point, how many people are going to put hours into cracking some copy protection on something they legitimately paid for rather than just downloading the freely available illegal version? Yeah you're probably right that breaking the law probably doesn't do much for your conscience, but I for one would have a reasonably clear concience if the manufacturer had forced me into illegally copying their material instead of buying it.
Why would you buy something if you already have a perfectly good free copy?
1. Because I want a legal copy 2. Because I want a physical copy (i.e. a CD) 3. Because a good artist deserves some money
You obviously have a pretty low moral standard if you'd rather get a good product for free illegally when it's available for a reasonable price legally.
They only started using copy protection on CDs because of widespread piracy. You can bet your ass that if, as you suggest, the music companies looked into the causes of piracy before starting to use copy protection, they wouldn't have found that people were pirating their music because of copy protection. Try again.
Piracy _was_ a problem before they started copy protecting CDs. However, their response is only going to increase the amount of piracy, not reduce it. That's because it only takes a few people to get around the copy protection before the content becomes available illegally (so you've automatically failed there since copy protection isn't 100% effective), but in copy protecting the material you've also prevented legitimate users from using the product legitimately. So now not only have you get the original pirates still copying the content, you just added a bucket-load of previously legit users to the "pirate" category since the only way they can get the content in a format that's useful to them is by pirating it.
Not to mention that there's an aweful lot of evidence that suggests the illegal distribution of music can actually _increase_ sales since you get people like me doing "try-before-you-buy", so people producing good content are probably benefitting.
Yeah, I think I heard the key reason was the pirated stuff being priced a lot better.:-P
If you'd bothered to read my post you would've seen the bit which said that I download TV shows off bit torrent because that way I can get them at their air date instead of 3 - 6 months later when the UK TV stations bother to show them. Cost is not a factor - there just isn't any legal way to get them.
As for music, yes - I "illegally" download music... and then I delete the downloaded copies and if I like them I buy the CD. The only thing the music industry is losing there is that I don't buy CDs I don't like, and as a result I buy more CDs in total since I can identify the ones I do like before spending money. So I guess the parts of the music industry that produce crap might not be happy.
Honestly, I do not blame the UK government for going down on this guy; he deserves it. Especially since he was stupid enough to get caught the way he did. Sure, war driving is one thing, but blatently sitting infront of someone's home, leeching their network is a whole different case.
What constitutes unauthorised use?
If I connect to a BT OpenZone hotspot and I've paid then presumably that's authorised, right?
What happens if I connect to a public hotspot that's free? I guess that's authorised too since it's been set up as a service.
So, if I turn on my laptop, and it associates with an open network, gets handed a DHCP lease and a default route, how is that unauthorised? As far as I can tell, running an open network that broadcasts it's presence and hands out a IP address and route through DHCP to anyone who asks is _advertising_ itself as a free public hotspot.
I really can't see the difference between a free public hotspot and a unsecured private network - it's not really possible to tell the difference between the 2 from a technological perspective.
"Copy protected" CDs can be defeated using a combination of a slow drive {24 speed or less; the slowness isn't the critical thing, but it seems that a feature was silently incorporated into more modern drives to make them artificially incompatible with some discs} and CDParanoia. I bought a CDS200-protected CD once, for the hacker challenge factor more than the music; and was disappointed to find that it ripped first time.
Yes - I'm aware of the deficiencies in the copy protection systems and I haven't had to return a CD because it was un-rippable _yet_. However, because of the _intent_ of the copy protection, my point still stands:
1. Paying customers should not have to jump through hoops in order to rip a CD for their personal use. 2. Less technical people won't know how to jump through those hoops, so the _only_ solution for them is to illegally copy the music. 3. Some of the copy protection systems prevent you from legitimately _playing_ (not ripping) a CD on a computer, personal CD player, car CD player, etc. In that case the only solution is to illegally download the music and burn your own CD of it. 4. Having spent 10 - 15 ukp for a CD (which IMHO is overpriced) there is no way that I'm going to buy the same music again in a different format. The music industry goes out of their way to make it known that we are buying the _content_ of a CD, not the CD itself. But then they try and prevent us using the content we paid for on a different medium.
As it is, they have taken a problem (piracy) and by trying to prevent it have ended up making it worse by making sure that customers who have previously bought content legally have no choice but to download it illegally.
Most people will go for the legal option if it's reasonably priced and usable. If you start making the legal option far to expensive and/or useless to the customer then there's nothing the customer can do but either do without the content or acquire it illegally.
You know... as much as it sucks, you have to admit that if people weren't pirating things, there'd be no need for DRM.
Honestly, how can you blame companies for trying to protect their profits when thousands of people are ripping them off every day?
Instead of just blindly saying "pirates are bad" and then handcuffing everyone, even the law abiding people who make them money, they should examin _why_ people pirate. Obviously there is the "pay vs. free" thing, but there are other factors for why people pirate stuff.
A lot of piracy is at least partly down to the pirated material being "better" than the originals in many ways - take TV shows for example. Why do people download them from torrents instead of watching them on TV? Certainly for me, the reason for doing it is that I have to wait well over 3 months after the original air-date for most stuff to get shown here in the UK. I.e. the illegal distribution method is a lot better than the legal one.
Another example: I buy music CDs. Once I have bought them then they get ripped to MP3 so I can easilly get at the music without sorting through stacks of CDs and the CDs themselves only get used on my personal CD player and in the car. So if I buy a CD that's "copy protected" which won't let me do this, it's useless to me, whereas the MP3s of the same CD I can download work fine. I.e. the illegal copies allow me to do what I need (and should be able to do with something I've legally bought), and thus are "better".
A large proportion of people _want_ the legal version of something, but they're not going to buy it if the illegal version is so much better. The producers should look at this and rather than stamping out the illegal competition through restrictions they should improve their own systems so that they "outcompete" the illegal stuff.
Slashdot Mirror
I really didn't like Win 95, as the requirements where terrible for what I thought was only the application that was meant to launch other applications...
:)
I remember "playing" the Microsoft demonstration game for Win95 - Hover. And I was suitably unimpressed and thought anyone who developed games under windows must be a complete loony coz whilest my machine ran Doom at a nice playable speed, Hover ran at a stonking 1 frame per second.
as far as plug and play and sheer useability goes
:)
Ahh, who here remembers the huge mistake that was ISA PnP - the massive technological leap from spending 2 seconds popping a jumper in place to select the IRQ to letting the software set the IRQ to one that was already in use and there being nothing you could do about it...
If Microsoft had not felt a real threat from OS/2 which at the time was starting to show some signs of life, if not on its own merits but its ability to run Windows apps more stably
:)
Nono, Microsoft don't need competition in order to innovate and stay on the forefront of technology - I mean, just look at the huge amount of development that went into IE in the few years before FireFox appeared.
I can never understand how Linux zealots are so enamoured with cryptic command-line tools.
Because once you're used to them they're _really_ fast to do stuff with, and they usually come with good, concise man pages explaining how to use them (much better then your usual Windows online help).
Man pages are pretty-much opaque, and require a Man page themselves to understand.
Uh, I dunno what man pages you've been reading but most of the ones I've ever read are very concise and tell you what you need to know assuming you have the slightest clue what the tool you're looking at the man for _does_.
GUI materials are self-documenting - you can see what you can do with them just by looking at them.
Mmm.. yes.. right... Having used Unix exclusively for about 5 years I have been pushed back to using windows as a workstation (but thankfully not for my actual work - that gets done through an ssh and X session into boxes running a proper OS) and I can tell you that most of the GUIs are written by people who clearly think they're self documenting... and they're wrong (unless you count opening every single menu and dialogue box to find an option that they've stuck in some non-obvious place as "self documenting").
Going from being purely commandline based to having to use a GUI for stuff I can tell you that using a GUI feels sooooo slow - I was 5 times as productive doing stuff at the commandline as doing stuff in a GUI with all that pointing and clicking.
But meanwhile most Unix nuts are still convinced that Bash is the be-all and end-all, despite having utterly bizarre gotchas.
No, I certainly don't consider Bash to be the be-all and end-all of scripting - there are far better languages about. But for hacking up a quick script to do something relatively simple, it's very fast to develop in and you can pretty much guarantee it's going to be on almost all systems. I think the thing I find most powerful in bash is the ability to knock up quick scripts to do things on the commandline - the number of times I need to do an operation to a number of files and hack up a quick for-loop at the prompt.
Also, pipes have got to be one of the most useful inventions for doing some reasonably complex stuff in a hurry.
Learning to do a new task in a pure-text environment is like trying to learn how to spell a word with a dictionary - you can't look it up until you know how to spell it.
Yes - there you're right. If you've never before done anything like what you're currently trying to do then there is some effort involved. However, if you're used to the environment then a lot of concepts are transferrable - you can see similarities between tasks and reuse the knowledge you gained the last time. And more to the point, once you _know_ how to do something then it's just so much faster to do it at the CLI than in a GUI.
Maybe a CLI isn't for everyone but for me I couldn't use an OS which didn't have a powerful CLI - even in Windows I fire up Bash very frequently to do stuff because it's just easier and faster.
Meanwhile, a nice GUI lets you figure it all out just from checking out the widgets.
Again, I agree - a GUI lets you figure it out by opening every menu and dialogue box and probably reading the help on obscure widgets... as opposed to a 2 minute flick through a man page to find what you're after - I'll take the man page every time since I just don't have the time and patience to click through a GUI.
All I know is that the win2k "find" screen makes 10x more sense than the grep command.
Yes, and it's about a billion times less useful. Turns out that if you remove almost all the useful features in a program it's easier for people to understand... and almost completely useless to everyone too.
If the business can save money by dumping Windows in favor of Linux then the fact that their employees don't know how to use Linux shouldn't (necessarilly) be a huge consideration - weigh up cost savings against retraining and rehiring.
No need for an encyclopedia to explain the concept.
The term "viral" immediately gives the impression that it's bad. However, I think in this context it's good - the "marketting" is well targetted, so doesn't annoy people who aren't interested, and is interesting to those targetted (if it wasn't, it wouldn't work).
I am a fairly computer literate person, and every time I mess around with Linux there is some stumbling block that prevents me from doing what I am trying to do and I then have to spend hours googling or in chat rooms trying to figure out what the hell I need to do.
I am a fairly computer literate person, and every time I mess around with Windows there is some stumbling block that prevents me from doing what I am trying to do and then I have to spend hours googling trying to figure out what the hell I need to do only to discover it isn't possible (it would be under Linux) or at least would cost me a lot of money to do (free under Linux).
Yes, I agree that some stuff it difficult to do (but please, show me an OS where there _isn't_ something that's difficult somewhere). But in my experience most "stumbling blocks" I hit with Windows are either impossible to resolve (because of the closed nature of the system) or would cost a lot of money to get a licence to do it (despite the fact I probably already _have_ the software itself, just not a licence). Comparitively, most stumbling blocks under Linux are possible to resolve and usually don't cost vast amounts of money so long as you know what you're doing (obviously if you don't have a clue and have to contract someone to do it for you then it's gonna cost you).
And especially in the professional world, time is money.
In the professional world you could replace the people who don't know what they're doing with people who do...
It's about loosing your trademark if you don't defend it. Linus holds the trademark "Linux", so it's up to him to take actions to protect that trademark.
I don't know who has been sent demands, but IMHO using "Linux" on a product that's running Linux is fair use - the only thing you can legitimise as "defending" the trademark, IMHO, is if someone is using it on a product in a context that's not associated with Linux.
I.e. if I sell you a Linux distribution it should be fine for me to tell you it's Linux. If I sell you BSD and tell you it's Linux I should expect trouble.
Similarly, if I sell you a network card and say "works with Linux" then that also would seem fair (so long as that's true) even though it isn't _running_ Linux itself.
I guess what I am trying to say is security is not absolute, but a relative measure. There is no checklist that you can tick away and say OK I am now secure.
Absolutely - security is always a balancing act between security and usability. On one end of the scale we have the most secure setup - you have everything unplugged and turned off all the time. Obviously whilest that's completely secure from remote attack it's also completely unusable. On the other end of the scale is no security and everything's really easy to use.
A check list of _possible_ security measures and their repercussions would probably be a good thing to make someone look through when they're installing a wireless network though.
For example:
1. (ignoring it's security weaknesses for a moment) WEP is remarkably easy to set up and has very few usability problems so that's quite high on the list. The only usability problems I can think of is the effort of typing your passphrase into new machines when you connect them to the AP.
2. MAC filtering is slightly more complex to set up since you have to extract the MAC from a new machine and then configure the AP to allow it. If you have a reasonably static network setup then that might be the option for you, but if new machines are coming and going all the time then probably not.
These are the sort of thins which people who are setting up a network really need to think through. It's really not that different from securing your house:
1. Do we want a lock on the door? It has the disadvantage that if you lose your keys then you're screwed.
2. Do we want bars on the windows? It increases security but also increases the risk of you not being able to escape a fire.
etc.
At the moment, a large proportion of people are handed an access point that's pre-configured to be fully open and they are never made to think of the security questions - it's like going out and buying a front door for your house, getting it fitted and noone mentioning that it doesn't have a lock on it as standard.
I was thinking of more, how can I phrase a flyer to put in people's mailboxen
I think (part of) my suggestion still stands - if you can identify the model then step-by-step instructions would be good (there aren't that many different models out there so you're not dealing with a massive set of different instructions).
Obviously be polite and clearly explain (in terms your grandmother could understand) what the problem is and why they need to fix it.
I think using it to advertise your services would be seen as bad form unless you plan on helping people secure their networks for free (and even then there would be a big "what's the catch?" aspect to it from the recipient's perspective). Having said that, some people will genuinely need help so maybe it'd be ok to provide a list of 5 - 10 small businesses who would secure a small network for a reasonable fee - make sure the people you recommend are actually capable of doing the job of course.
I'm not really comfortable sending stuff to people's computers, because, although the threshold of legal/illegal use of someone's WiFi is fuzzy, I would consider that past it, or at least quite suspicious.
As I said, I'm not sure how most people would see that - if I got home and found such a printout on an 802.11 connected printer then I would be fairly ok with it, but then I'm technical and know how to check that noone's compromised my machines. Certainly, just pushing a page of data at a printer is quite harmless compared to other things that _could_ be done over an unsecured network (reading/trashing improtant data, etc). It'd probably really wind a few people up though.
You can mind your own business.
So you don't believe in education?
If noone had educated you to lock your door, how would you know to do it? Or would it be ok to live in ignorance until someone actually wandered into your home and stole all your stuff?
And in any case, I think you can take the current state of the Internet (with the millions of rootkitted and virussed Windows boxes connected to it) as a good indication that:
1. If crime does reach epidemic proportions then the majority of people are still ignorant despite a reasonable amount of public media coverage.
2. By the time you have an epidemic it's waaay too late.
I went warwalking the other day around my block, and it's like 90% unencrypted, and 25% factory defaults. Can you think of any way to "get the word out" to my neighbors (just to improve everyone's security and make the world a better place) without looking like an idiot or an evil cracker?
:)
Some options spring to mind:
1. Scan the network for unpassworded printers (network printers or SMB shares) and print an easy to understand, polite message, explaining the problem. If you're feeling really friendly you could identify the model of AP and provide step by step instructions for securing the network. I would avoid advertising your services to do it though.
2. Send a Windows Messager message to any machines on the network - again, polite, maybe pointing at the URI of the manufacturer's online manual.
Whether these make you look like an "evil cracker", or whether the people you tell actually care enough to fix it is debatable. You're making active scans so that might be considered a bad thing even though you're not doing any damage.
Unfortunately, whilest you can do these things while "war walking", doing them while war driving isn't really an option because there's no way you can associate with a network and scan it while you're moving at speed - you're just not in range long enough.
Also be aware that some of the apparantly unencrypted networks will be using other security measures instead of WEP (e.g. IPSEC) - especially true of businesses and universities with competent IT staff.
If protecting your data is really that important, you would upgrade your infrastructure or not use Wireless at all.
Most of the time the lack of security on the networks is down to the administrators (who are often just home-users or small businesses with no IT knowledge) not bothering to turn the existing systems on. There's no point in inventing shiny new security protocols if noone bothers turning on the existing ones. This is at least partly the fault of the manufacturers for making it possible (or at least easy) to set the products up without basic security.
IMHO there is a limited need for new wireless security protocols - a good proportion of people don't even turn on WEP, let alone more complex protocols like WPA. And those who do understand security are probably quite capable of using the existing protocols that do a very good job already (e.g. you can ensure all your traffic is ESP and AH encapsulated).
If you want to improve security for the people who already understand the improtance then just provide a more user friendly way of setting up the existing security protocols. For everyone else, if they can't even manage to tick the "WEP" checkbox and type in a passphrase how are new, more complex protocols going to help?
But security is not about stopping these novice users, who are less likely to cause any damage in the first place
I've got to argue with this - stepping back from the whole wireless thing and talking about security in general, I can tell you that the crackers that cause the most damage are the ones who really don't know what they're doing and have just picked up a cracking toolkit (i.e. script kiddies). The script kiddies frequently end up leaving a machine they've attacked in a completely destroyed state _by accident_ (their intention is to use the machine, not destroy it but frequently it ends up trashed). On the other hand, if your system is attacked by people who know what they're doing the chances are you won't notice for a long time.
It doesn't make it less likely that someone will go out of their way to use it, because those people have things like Kismet on hand. It only prevents the people who have naïve Windows XP boxen from accidentally connecting.
It makes it _slightly_ less convenient for people (who know what they're doing) to connect. But possibly more to the point, it shows anyone who's trying to connect that it's not a public AP - you have at least done something (although not much) to secure it. Locks keep honest people out.
You could be right about MS but I don't think the same applies to Apple. Apple have always been a "complete solution" seller - you buy a box that has everything in (hardware + OS), so there isn't exactly a "free" bit there, you're buying everything. MS on the other hand, is a software producer and other manufacturers bundle the software. Because the computer is, say a Dell, and the software is Microsoft, it may well be seen as "free software" rather than a single package like Apple do.
I've got to say though that I think Apple's use of DRM is about the only sane one I've seen - they want to keep the "complete solution" idea and stop people running (a possibly legit copy of) OS X on non-Apple hardware. I.e. they want to stop Apple going the way that IBM went with the original PC. I think that's a fairly sane idea, keeps support costs down (noone phoning up complaining "I've installed OS X on my random combination of hardware and it doesn't work") and preserves the "just works" experience you get with Apple today, where they've already tested it on all combinations of hardware they sell so they know it works, unlike a Windows system where there are so many random hardware combinations that they can't be tested.
Truth of the matter is though that Apple probably don't care about the people who might have the knowledge to crack the DRM, they're just trying to keep the general public from using OS X on random hardware coz they're the people who will cause trouble when it breaks.
It's authorized if a human tells you it is, though some form of human-to-human communication. Getting a DHCP lease doesn't count - *many* people have home LANs set up that way with no idea that it lets outsiders connect.
The term "unauthorised" is very vague these days. The computer misuse act says that it is illegal to gain unauthorised access to a computer system. What constitutes authorisation? Assuming your "if a human tells you it is" idea that means you'd have to phone up the administrator of every web server, mail server, etc. before contacting it. In actual fact, we don't do that at all - we assume that if there is a web server listening on port 80 and it isn't asking for authentication then it is publically accessible. (And your "many people have home LANs set up that way" applies here too - many people accidentally have web servers running).
IMHO, if you can assume that a service is public because it's not restricted in a case where you have to actually go out of your way to contact the server, the same must apply even more so in the case of an open access point, which is _broadcasting_ _advertisements_ in _public airspace_ and on _public frequencies_ to advertise that it's open and unrestricted.
If I make my house look like a pub and leave the door unlocked, I shouldn't be surprised if people walk in wanting a drink - security (or at least making it obvious that you don't want intruders) should be the responsibility of the AP owner.
I believe your arguement also falls down because a number of people allow free public internet access through their AP _on purpose_ and your arguement would prevent them from doing so.
I believe you're exactly who companies who do copy protection do not care about; I'm sure they're more than happy to let you do what you want.
You're missing my point - I am a fairly law-abiding person, they make money out of me. However, if they break the CDs I buy with "copy protection" so I can nolonger rip them onto my computer, play them in my car, etc then they have automatically lost me as a customer - they have made the legal product useless to me whilest the illegally distributed content is still useful. i.e. the manufacturer has forced me into illegally copying something I would normally have paid for.
Copy protection is solely to try and prevent theft
No, copy protection stops copyright infringement, not theft - the "copy protection" on CDs doesn't stop me breaking into my local music store and stealing a bunch of CDs.
Then I'll crack it.
As a paying customer, why should you have to jump through hoops cracking copy protection? And probably more to the point, how many people are going to put hours into cracking some copy protection on something they legitimately paid for rather than just downloading the freely available illegal version? Yeah you're probably right that breaking the law probably doesn't do much for your conscience, but I for one would have a reasonably clear concience if the manufacturer had forced me into illegally copying their material instead of buying it.
Why would you buy something if you already have a perfectly good free copy?
1. Because I want a legal copy
2. Because I want a physical copy (i.e. a CD)
3. Because a good artist deserves some money
You obviously have a pretty low moral standard if you'd rather get a good product for free illegally when it's available for a reasonable price legally.
They only started using copy protection on CDs because of widespread piracy. You can bet your ass that if, as you suggest, the music companies looked into the causes of piracy before starting to use copy protection, they wouldn't have found that people were pirating their music because of copy protection. Try again.
Piracy _was_ a problem before they started copy protecting CDs. However, their response is only going to increase the amount of piracy, not reduce it. That's because it only takes a few people to get around the copy protection before the content becomes available illegally (so you've automatically failed there since copy protection isn't 100% effective), but in copy protecting the material you've also prevented legitimate users from using the product legitimately. So now not only have you get the original pirates still copying the content, you just added a bucket-load of previously legit users to the "pirate" category since the only way they can get the content in a format that's useful to them is by pirating it.
Not to mention that there's an aweful lot of evidence that suggests the illegal distribution of music can actually _increase_ sales since you get people like me doing "try-before-you-buy", so people producing good content are probably benefitting.
Yeah, I think I heard the key reason was the pirated stuff being priced a lot better. :-P
If you'd bothered to read my post you would've seen the bit which said that I download TV shows off bit torrent because that way I can get them at their air date instead of 3 - 6 months later when the UK TV stations bother to show them. Cost is not a factor - there just isn't any legal way to get them.
As for music, yes - I "illegally" download music... and then I delete the downloaded copies and if I like them I buy the CD. The only thing the music industry is losing there is that I don't buy CDs I don't like, and as a result I buy more CDs in total since I can identify the ones I do like before spending money. So I guess the parts of the music industry that produce crap might not be happy.
Honestly, I do not blame the UK government for going down on this guy; he deserves it. Especially since he was stupid enough to get caught the way he did. Sure, war driving is one thing, but blatently sitting infront of someone's home, leeching their network is a whole different case.
What constitutes unauthorised use?
If I connect to a BT OpenZone hotspot and I've paid then presumably that's authorised, right?
What happens if I connect to a public hotspot that's free? I guess that's authorised too since it's been set up as a service.
So, if I turn on my laptop, and it associates with an open network, gets handed a DHCP lease and a default route, how is that unauthorised? As far as I can tell, running an open network that broadcasts it's presence and hands out a IP address and route through DHCP to anyone who asks is _advertising_ itself as a free public hotspot.
I really can't see the difference between a free public hotspot and a unsecured private network - it's not really possible to tell the difference between the 2 from a technological perspective.
"Copy protected" CDs can be defeated using a combination of a slow drive {24 speed or less; the slowness isn't the critical thing, but it seems that a feature was silently incorporated into more modern drives to make them artificially incompatible with some discs} and CDParanoia. I bought a CDS200-protected CD once, for the hacker challenge factor more than the music; and was disappointed to find that it ripped first time.
Yes - I'm aware of the deficiencies in the copy protection systems and I haven't had to return a CD because it was un-rippable _yet_. However, because of the _intent_ of the copy protection, my point still stands:
1. Paying customers should not have to jump through hoops in order to rip a CD for their personal use.
2. Less technical people won't know how to jump through those hoops, so the _only_ solution for them is to illegally copy the music.
3. Some of the copy protection systems prevent you from legitimately _playing_ (not ripping) a CD on a computer, personal CD player, car CD player, etc. In that case the only solution is to illegally download the music and burn your own CD of it.
4. Having spent 10 - 15 ukp for a CD (which IMHO is overpriced) there is no way that I'm going to buy the same music again in a different format. The music industry goes out of their way to make it known that we are buying the _content_ of a CD, not the CD itself. But then they try and prevent us using the content we paid for on a different medium.
As it is, they have taken a problem (piracy) and by trying to prevent it have ended up making it worse by making sure that customers who have previously bought content legally have no choice but to download it illegally.
Most people will go for the legal option if it's reasonably priced and usable. If you start making the legal option far to expensive and/or useless to the customer then there's nothing the customer can do but either do without the content or acquire it illegally.
You know... as much as it sucks, you have to admit that if people weren't pirating things, there'd be no need for DRM.
Honestly, how can you blame companies for trying to protect their profits when thousands of people are ripping them off every day?
Instead of just blindly saying "pirates are bad" and then handcuffing everyone, even the law abiding people who make them money, they should examin _why_ people pirate. Obviously there is the "pay vs. free" thing, but there are other factors for why people pirate stuff.
A lot of piracy is at least partly down to the pirated material being "better" than the originals in many ways - take TV shows for example. Why do people download them from torrents instead of watching them on TV? Certainly for me, the reason for doing it is that I have to wait well over 3 months after the original air-date for most stuff to get shown here in the UK. I.e. the illegal distribution method is a lot better than the legal one.
Another example: I buy music CDs. Once I have bought them then they get ripped to MP3 so I can easilly get at the music without sorting through stacks of CDs and the CDs themselves only get used on my personal CD player and in the car. So if I buy a CD that's "copy protected" which won't let me do this, it's useless to me, whereas the MP3s of the same CD I can download work fine. I.e. the illegal copies allow me to do what I need (and should be able to do with something I've legally bought), and thus are "better".
A large proportion of people _want_ the legal version of something, but they're not going to buy it if the illegal version is so much better. The producers should look at this and rather than stamping out the illegal competition through restrictions they should improve their own systems so that they "outcompete" the illegal stuff.
(And no, don't say Linux - I don't have enough time to learn it well enough to use it as a desktop machine on a daily basis.)
Please explain - why is learning a modern Linux distro more time consuming than learning OS X?