If you start making enough money using things that you don't legally own, you're going to eventually get busted, whether you're stealing electricity, or stealing software.
Or stealing fossil fuels out of the ground?
Sooner or later some country somewhere is going to switch to not using oil at all..... preferring instead artificial oil made from plants and waste products. The USA will kick off a bloody battle for the last few drops of oil {and probably drag in the UK, if it still exists as a separate country then..... } and still end up losing..... because the wells will run dry, that is certain. Those without an oil "habit" will be in the best position when this happens. Bear in mind also that, about 30 years ago, they figured there would be enough oil left for about 30 years.
It would then be processor independent..... which is kind of cool..... you could actually have multiple kernels on the disk, boot the appropriate one for the hardware somehow {this depends heavily on BIOS functionality, different systems having their boot sector in different places, and/or instruction sets..... you'd have to write something like a jump instruction to one processor which another processor would see as an innocuous register manipulation or something..... I'm not even sure it's possible, not being too familiar with modern CPU instruction sets, but someone's bound to have a go}; mount an appropriate userland; and compile the game from on-disk sources. It wouldn't be fast but it would appeal to some buyers.....
Actually I'd say the best way of producing games software would be to have the bootstrap loader and OS on the actual CD/DVD media. (I'm actually thinking of doing something like this myself with FUSE and a bunch of old Spectrum games running on a minimal Slackware.) It then would be "neutral" with respect to whatever OS already was installed on the host PC, as long as it had the right architecture.
It needn't even be Linux..... it could be a BSD variant, a pared-down Windows, or even a whole brand new OS if anyone can be bothered to write one. The point is that games with such an on-disc OS would not depend on a particular installation, but would be usable equally by Linux or Windows users. This should lead to greater reliability, since the author would know what package versions were in use and all dependencies would be met already.
I use Apache for all my file sharing needs. Anyone wanting to download anything from me needs either my domain name or IP address -- and has my word that the files are genuine.
Ultimately, the Internet will recognise the uploading of "poisoned" files as damage and route around it accordingly.
The processor is operating at several gigahertz; in other words, the electrical signals are changing thousands of millions of cycles a second.
A microphone will pick up frequencies from just shy of DC, to a few tens of kilohertz. Let's be really generous and suppose that the microphone can follow a vibration of 100kHz. A 2GHz signal will have changed 20 000 times in the same amount of time the microphone's diaphragm could have moved back and forth once. Need I say more?
It's like the myth about hard disk data being recoverable even after several overwrites. It isn't -- that's how magnetic storage devices work. And if it was, then somebody or other would have designed a drive that used the phenomenon to pack more bits in a given space.
But, there are plenty of reasons why somebody might find it useful to convince The General Public and others that they were leaking data. Selling products and services ostensibly to stop such leaks is one of them; persuading people to comply "because we can tell if you're misbehaving and we'll punish you twice as hard if you're lying about it" is another. It is all just classic misinformation.
There are easier ways of getting at someone's data anyway..... start by waving pound notes in their face, or threatening them with a knife. Anyone with a family is even more vulnerable.
I do usually build up computers from parts, hence avoiding paying for a useless copy of Windows; but in the case of laptops, this is not an option, and it is next to impossible to buy a laptop without Windows pre-installed.
You don't buy a copy of Windows. You buy the media and manual, and pay for the rights to use Windows (ie. LICENSE). So you don't actually own it to sell.
If you don't accept the licence, then it must still belong to Microsoft. You are just acting as a bonded warehouse.
How easy is it to get a refund from Microsoft in respect of an unused copy of Windows? Everything I've read seemed to suggest it is a fiendishly difficult business. Has that changed, then? I'd be more than happy to do things by the book if that worked. This machine here won't last forever..... I'd love to know I didn't have to pay for a new copy of Windows that I was never going to use with its eventual replacement.
It is actually staggeringly easy to avoid installing spyware on your computer. Once you have downloaded a piece of software, just comment out anything in the source code that looks like it might be spyware, before you compile it. Then generate a difference file against the source you downloaded, and post it on your own web site as a patch so everyone can share and enjoy it.
If you think that's hard, seek out your local guru and get their advice..... they probably have already created their own patch anyway, if it's a package worth using.
You are talking out of your arse. You are permitted to sell it by the law of the land. If you haven't agreed to the End User Licence Agreement, then it doesn't apply to you at all. If you have agreed to the EULA, then only those parts that do not conflict with the law of the land apply to you.
If you were using a legal key obtained from a Linux user who purchased a copy of Windows without agreeing to the EULA, to activate a borrowed Windows CD, then you would be entirely within your rights under the "any necessary step" provision -- especially as the purchase was made under duress and under protest {which fact it might help to write on the cheque or payment card receipt}. Where someone is physically preventing you from doing something which you have a legal right to do, then you are entitled to use reasonable force. This defence will fail, however, if the court believes that you could have accomplished your intention using less force. Show me a court that wouldn't consider installing a "pirated" copy of Windows to be less forceful than, say, holding a knife to someone's throat and demanding that they sell you a laptop without Windows.
If you accept the EULA, you are not prohibited from selling your copy of Windows -- you have an inalienable right to do that; just like selling a used book, CD or video cassette. It is an offence for anyone to try to persuade you that you do not have that right.
Note that none of this has ever been tested in court. And the numbers of people prepared to jump through all the hoops are so small, that Microsoft could afford to pay compensation equivalent to several times the theoretical amount refundable, by way of "hush money".
Quick solution: If, like me, you bought a laptop and had to pay for Windows XP Home Edition even though you subsequently installed Linux on it, you effectively have a "spare" licence key. Why not everyone who has such a licence key, pass it on to somebody with a pirated copy of XP? That way you get some use out of it {through the rest of the Internet being one machine more secure than it would have used to have been otherwise}, and the Windows user gets updates. You might even get a pint out of it!
..... I don't think [complete strangers reading my code is] a stronger motivator than seen in the commercial world. If I work for a company and I write shitty code, I lose my job.
Perhaps, but what if you write just-good-enough code that passes a few casual tests? As long as whoever audits your code does not think it is completely shitty, you will get to keep your job. This even although your code may have problems that haven't been spotted by anyone in your company -- but would be obvious to anyone outside there, if and only if they were allowed to view it. Errors are often glaringly obvious to everyone except the person who made them.
..... [W]hen your boss asks you why you shouldn't go with a Windows solution, your answer will be "because I don't like Microsoft" and not "because I've evaluated all of our options and the Microsoft offering is deficient for these X reasons." If I were your boss, I'd think that was very lame.
That is not how I would phrase it. My answer would be more like "because a Windows solution would not give us access to the source code, file formats, and so forth; it would either cost us money for licencing, or open us up to investigation by the FAST Gestapo; and it would not run on our existing Linux desktops." But my boss is a hacker like me; he is not at all keen on using MS if there is another way, and "another way" includes writing our own.
IMHO, you should evaluate your options for a problem as it comes up, and pick your best option for that task. Sometimes that's Microsoft.
Not when one of your prime requirements is for access to the source code. It's not that we're planning to pore over every line, but the fact of it being available just gives us certain assurances. If anything goes amiss with the software, we know that we can correct it ourselves or employ someone to do so; and even if that goes T.U., we at least know the file structures, and can translate our saved work so as to open in an alternative application. Plus we have the implicit assurances that the author feels they have nothing to hide and their motives are pure.
A coin shouldn't be able to derail a train; my point was that if someone designed a train so badly that a coin placed on the track would derail it, then the designer would deserve a greater share of the blame than the person who put the coin there.
The overwhelming majority of people who deploy linux do not read the source code. The developers of linux do.
It doesn't require for the majority of users to read the source code {though I believe you seriously underestimate people's sense of morbid curiosity}. It needs for just one person with the right mindset to look at it, and any secret within is blown. When you're writing open-source code, you never know who is reading it -- and you cannot afford the risk of people saying anything bad about it.
Do you seriously think that Microsoft developers don't do security reviews? Is code auditing a phenomenon only seen in open source?
Independent scrutiny. A subtle but important difference. The people who audit Open Source software aren't in the pockets of the people who wrote it, and won't stand to lose anything if they give it a panning.
This notion that linux is open, and therefore everyone will read the code and find problems is a myth. It is open, and a lot of folks look at that code, but bugs are still there. Bugs are a fact of life, open source or not.
The fact that you know complete strangers are going to be able to read your code should make you automatically more careful when you write it.
Windows is a tool, just like any other software. Good for you that you're so ideologic, but realize that you're refusing to use something based on dogmatic reasons, instead of pragmatic ones.
South African fruit prior to 27 April 1994 was a foodstuff, just like any other country's fruit. Good for you that you were so ideologic before 1994, but realise that you were refusing to eat something based on dogmatic reasons, instead of pragmatic ones.
(Assuming it's a UNIX-like system) The useradd command expects the argument to the -p switch to be a pre-scrambled password, such as you would find in/etc/shadow. Nobody except the user in question ever needs to know the unscrambled password. When the user enters it, it is scrambled and compared against the stored version. It's half-safe to print out the file of scrambled passwords, because knowing the scrambled password is no help if you can't unscramble it and you can't prevent the scrambling operation which happens before the check. And anyway, the only way you'll get to see even the scrambled passwords is if you are the one person who doesn't need to know them!
I don't know for sure how Windows stores its passwords; but Samba stores scrambled passwords in its configuration files, so I guess it uses its own scrambling algorithms.
Alternatively the sysadmins there could have just been clueless.....
I was being just a bit melodramatic saying it would have to be a "hacked" nameserver -- yes, basically you would just have to make it claim to be authoritative for the debian.org {or whatever} domain, and just point it at your local on-site mirror. As long as the mirror is accurate, then there isn't much need to touch the "real" debian.org sites; but as you suggest, it could be configured to use a "truthful" nameserver in order to have access to the "real" sites, should it need an emergency sync due to a new package release mid-InstallFest. The DHCP server on the Installfest LAN would simply hand out the address of the "false" nameserver, which would refer clients to the installation mirror. Since apt refers to servers by name rather than IP, then it would still work when you were connected to a "truthful" nameserver {i.e., the real internet after the user gets home}.
Part of the reason why cheapo, povvy on-board sound cards are badly-supported under Linux might well be that Linux developers don't like cheapo, povvy hardware -- they prefer decent sound cards. And it's hardly as if they sound any good under Windows anyway.
How about automating that process? You open up a "special" browser window through an installer programme, go to the web page with the download link, and then the magic happens. The page is parsed for mailing list links, the tarball is downloaded and unpacked. If there is a "configure" file, it is executed. If it runs error-free, then "make" is called. If this, too, proceeds without incident then the user is prompted to enter the root password, and "make install" is called.
If any errors are encountered, a window will appear in case the user can see what is wrong from the messages. Then, "make clean" is called, if necessary, to clear out any broken files before the next attempt. If the user can't resolve it, they get the option to send a message to the mailing list, attaching the output from the aborted installation attempt and relevant system information such as kernel and hardware configuration.
Another thing would be to introduce a way to simplify dependency resolution, by having a database which would allow the correlation of error message => likely missing package..... like the usual "symptom/fault/remedy" troubleshooting charts, but also including some machine-readable stuff. This could be done by means of a script which would take some input from a HTTP GET or POST request, and search a database. The request could be initiated automatically by the installer. This has the disadvantage of relying on the package author, or dedicated volunteers, setting up an interactive site and updating the troubleshooting database; but in its favour, it would be completely distribution-independent.
Well, with Debian, you get a series of messages on the first screen such as "choose this to install in English", "selectionnez ici pour installation en Francais", "hier waehlen fuer in Deutsch installerien", "seleccionar aqui por instalar en espan~ol" &c, with "up" and "down" arrows to scroll the list that mean about the same in every language; and I seem to remember Mandrake displaying something similar, but I wasn't taking my time over that one, just getting it installed on a bunch of machines bam bam bam bam bam.
So the solution is: display the same phrase in several different languages, inviting the user to select whichever one makes sense to them. Easy!
I call BS {though as porny fantasies go, it's not bad}. Passwords are stored internally in scrambled form, so there is no way anyone can find out someone's password. If you're root or administrator {or have a boot CD in your shirt pocket} you can change it without ever knowing the old one; but you can't find out what a password was except by guessing various words and applying the scrambling algorithm thereto.
Don't blame the script kiddies for this. They are just kids, after all..... kids are by nature explorers and experimentalists, and this is pretty much hard-coded into the human firmware.
It's like placing a coin on a railway track to see what happens to the Queen's face when a train runs over it, and ending up derailing the train..... an unfortunate consequence, not one that could reasonably have been foreseen by the "perpetrators" {all manner of crap already gets blown around railway lines, what difference does anyone suppose a coin will make?} but one that should have been taken into account by the implementors of the system. If the train makers can't be sure that a coin on the tracks won't derail their trains, then the trains are no good. What if a bird eats a berry, then shits the seed out and it lands on the track and that derails a train? Do you blame the bird? Blame the owner of the hedge the berry was growing on? Or do you blame the person who designed a train so badly that an object on the track would throw it off altogether?
This is an excellent opportunity to sow seeds of change. Open people's minds to the possibility that there might be an alternative to Windows. Ask questions. Did they know there were vulnerabilities? Well, did they not look at the source code? [the what?] The source code -- you know, the human-readable form of the code that can be examined and modified. What scrutiny did you subject the source code to? [but that's a secret!] What -- you bought a locked box that you knew you weren't going to be allowed to look inside, and you didn't get even the tiniest little bit suspicious that somebody might be trying to hide something from you?
Every piece of food you buy is clearly labelled with a list of the ingredients. {this was actually used in an anti-drug propaganda advertisement in the mid-1990s, till some bright spark suggested that surely legal drugs would be properly labelled and the problems caused by not knowing what was in pills and powders were merely a side-effect of prohibition}. The analogy between Microsoft and Tom Lehrer's Old Dope Peddler is a strong one. Give out free samples {educational licence discount}, get people hooked {file format lock-in}, watch the little puppets dance to your tune.
For my part, I have pledged never again to work with Windows, ever. At all. The only repair I will ever again do to a Windows box is to install Linux on it -- barring that, I will simply unplug the power cable, leave it unplugged and consider that an improvement. The time has already come when I would sooner forego a computer altogether than touch Windows.
Maybe it'll take a whole seventeen years..... by which time the patents will have worn off and everything they covered will be in the public domain. And, of course, software patents are unenforceable in some countries..... the USA will soon be overtaken. See, people who pay for software are a minority. Perhaps one in ten copies of a closed-source application is properly licenced. Even much of the world's business relies on pirated software. Once people realise they can't use their copied Windows applications anymore, cheapo imported hardware running Linux or FreeBSD will become the order of the day. Unless Microsoft's DRM is cracked first.
I haven't had a bath since the second Monday in May 1992 {can't remember what date it was but I know it was a Monday and I know it was between the 8th and 14th}. And I'm unlikely to have another ever again.
can't seem to find out whether this is going to be a Windows-only thing -- I seriously hope not -- or if the BBC is going to support the Open Source movement {though the Dirac project would suggest that someone at the BBC already understands the dangers of allowing for-profit concerns to dictate standards}.
I think this will be sort of similar to Sky Plus, but just for BBC content, and using your Internet connection instead of a Minidish. And, of course, it's the BBC, so no adverts:) Quicker than waiting for them to come around on UKTV Gold, as well!
This is why it would be a good idea to set up an FTP server {or several} to use for network installation. Then you only need to burn a few tens of megs onto the initial install CD..... which is bound to be quicker. Anyone whose machine contains a CD-RW can stop behind and offer some net-install CDs. If you set up your own DNS on your LAN, you can just spoof the {text} addresses of the real FTP server, so the net-install CD should work over the "real" internet later {assuming your ADSL modem has an ethernet connection to your PC}.
Starting a distro flame war is not my intention here, I am just speaking from experience. But:
Debian allows you to boot from CD, do a minimal installation {just enough to get the network up}, then eject the CD and finish the rest of the installation from the Internet. And it has no way of knowing whether the ftp.country.debian.org it's connected to is the real one, or just some LAN address that a bullshitting name server gave them which happens to contain a full mirror, but runs at full 100Mb/s rather than ADSL rate. {Unless you have > 200 clients connected to that server..... but you wouldn't, would you?} When the users get home and plug into the real Internet, their ISP's {truthful} nameserver gives them the address of the distribution's real main ftp site, so they can pull all the extra packages they want.
I'm sure the same technique could be applied to other distributions, though..... Debian wouldn't really be my first choice for a n00b event. I suppose it's a balancing act really -- too much advance preparation is in vain if nobody turns up on the day, not enough and people get frustrated {and the Open Source movement can get cast in a bad light; ha ha, look, those smelly lentil-sucking communist hippies didn't think ahead did they?}.
Perhaps someone will make an InstallFest kit, with a full mirror of a distro {Mandrake would be my favourite for this application -- n00b-friendly, good hardware detection, easy graphical setup, not sure though how it handles installation from network}, a DHCP server and a hacked BIND {to manage the aforementioned DNS spoofing}, and an ISO image of a minimal network install / recovery CD {itself in the form of an installable package, but with a depends: cdrecord and a recommends: k3b, just for ompleteness}. This net-install CD would hardly need any packages, so it could be quick to burn. You'd still need stackloads of blank media if you were giving them out rather than taking them back to use for the next person {and I'd think psychologically it's better that visitors do get a CD that they can take away with them}, but you might blag..... I mean, arrange for these to be sponsored by a local computer store.
Sooner or later some country somewhere is going to switch to not using oil at all
It would then be processor independent ..... which is kind of cool ..... you could actually have multiple kernels on the disk, boot the appropriate one for the hardware somehow {this depends heavily on BIOS functionality, different systems having their boot sector in different places, and/or instruction sets ..... you'd have to write something like a jump instruction to one processor which another processor would see as an innocuous register manipulation or something ..... I'm not even sure it's possible, not being too familiar with modern CPU instruction sets, but someone's bound to have a go}; mount an appropriate userland; and compile the game from on-disk sources. It wouldn't be fast but it would appeal to some buyers .....
Actually I'd say the best way of producing games software would be to have the bootstrap loader and OS on the actual CD/DVD media. (I'm actually thinking of doing something like this myself with FUSE and a bunch of old Spectrum games running on a minimal Slackware.) It then would be "neutral" with respect to whatever OS already was installed on the host PC, as long as it had the right architecture.
..... it could be a BSD variant, a pared-down Windows, or even a whole brand new OS if anyone can be bothered to write one. The point is that games with such an on-disc OS would not depend on a particular installation, but would be usable equally by Linux or Windows users. This should lead to greater reliability, since the author would know what package versions were in use and all dependencies would be met already.
It needn't even be Linux
I use Apache for all my file sharing needs. Anyone wanting to download anything from me needs either my domain name or IP address -- and has my word that the files are genuine.
Ultimately, the Internet will recognise the uploading of "poisoned" files as damage and route around it accordingly.
The processor is operating at several gigahertz; in other words, the electrical signals are changing thousands of millions of cycles a second.
..... start by waving pound notes in their face, or threatening them with a knife. Anyone with a family is even more vulnerable.
A microphone will pick up frequencies from just shy of DC, to a few tens of kilohertz. Let's be really generous and suppose that the microphone can follow a vibration of 100kHz. A 2GHz signal will have changed 20 000 times in the same amount of time the microphone's diaphragm could have moved back and forth once. Need I say more?
It's like the myth about hard disk data being recoverable even after several overwrites. It isn't -- that's how magnetic storage devices work. And if it was, then somebody or other would have designed a drive that used the phenomenon to pack more bits in a given space.
But, there are plenty of reasons why somebody might find it useful to convince The General Public and others that they were leaking data. Selling products and services ostensibly to stop such leaks is one of them; persuading people to comply "because we can tell if you're misbehaving and we'll punish you twice as hard if you're lying about it" is another. It is all just classic misinformation.
There are easier ways of getting at someone's data anyway
How easy is it to get a refund from Microsoft in respect of an unused copy of Windows? Everything I've read seemed to suggest it is a fiendishly difficult business. Has that changed, then? I'd be more than happy to do things by the book if that worked. This machine here won't last forever
It is actually staggeringly easy to avoid installing spyware on your computer. Once you have downloaded a piece of software, just comment out anything in the source code that looks like it might be spyware, before you compile it. Then generate a difference file against the source you downloaded, and post it on your own web site as a patch so everyone can share and enjoy it.
..... they probably have already created their own patch anyway, if it's a package worth using.
If you think that's hard, seek out your local guru and get their advice
You are talking out of your arse. You are permitted to sell it by the law of the land. If you haven't agreed to the End User Licence Agreement, then it doesn't apply to you at all. If you have agreed to the EULA, then only those parts that do not conflict with the law of the land apply to you.
If you were using a legal key obtained from a Linux user who purchased a copy of Windows without agreeing to the EULA, to activate a borrowed Windows CD, then you would be entirely within your rights under the "any necessary step" provision -- especially as the purchase was made under duress and under protest {which fact it might help to write on the cheque or payment card receipt}. Where someone is physically preventing you from doing something which you have a legal right to do, then you are entitled to use reasonable force. This defence will fail, however, if the court believes that you could have accomplished your intention using less force. Show me a court that wouldn't consider installing a "pirated" copy of Windows to be less forceful than, say, holding a knife to someone's throat and demanding that they sell you a laptop without Windows.
If you accept the EULA, you are not prohibited from selling your copy of Windows -- you have an inalienable right to do that; just like selling a used book, CD or video cassette. It is an offence for anyone to try to persuade you that you do not have that right.
Note that none of this has ever been tested in court. And the numbers of people prepared to jump through all the hoops are so small, that Microsoft could afford to pay compensation equivalent to several times the theoretical amount refundable, by way of "hush money".
Quick solution: If, like me, you bought a laptop and had to pay for Windows XP Home Edition even though you subsequently installed Linux on it, you effectively have a "spare" licence key. Why not everyone who has such a licence key, pass it on to somebody with a pirated copy of XP? That way you get some use out of it {through the rest of the Internet being one machine more secure than it would have used to have been otherwise}, and the Windows user gets updates. You might even get a pint out of it!
A coin shouldn't be able to derail a train; my point was that if someone designed a train so badly that a coin placed on the track would derail it, then the designer would deserve a greater share of the blame than the person who put the coin there.
(Assuming it's a UNIX-like system) The useradd command expects the argument to the -p switch to be a pre-scrambled password, such as you would find in /etc/shadow. Nobody except the user in question ever needs to know the unscrambled password. When the user enters it, it is scrambled and compared against the stored version. It's half-safe to print out the file of scrambled passwords, because knowing the scrambled password is no help if you can't unscramble it and you can't prevent the scrambling operation which happens before the check. And anyway, the only way you'll get to see even the scrambled passwords is if you are the one person who doesn't need to know them!
.....
I don't know for sure how Windows stores its passwords; but Samba stores scrambled passwords in its configuration files, so I guess it uses its own scrambling algorithms.
Alternatively the sysadmins there could have just been clueless
I was being just a bit melodramatic saying it would have to be a "hacked" nameserver -- yes, basically you would just have to make it claim to be authoritative for the debian.org {or whatever} domain, and just point it at your local on-site mirror. As long as the mirror is accurate, then there isn't much need to touch the "real" debian.org sites; but as you suggest, it could be configured to use a "truthful" nameserver in order to have access to the "real" sites, should it need an emergency sync due to a new package release mid-InstallFest. The DHCP server on the Installfest LAN would simply hand out the address of the "false" nameserver, which would refer clients to the installation mirror. Since apt refers to servers by name rather than IP, then it would still work when you were connected to a "truthful" nameserver {i.e., the real internet after the user gets home}.
Part of the reason why cheapo, povvy on-board sound cards are badly-supported under Linux might well be that Linux developers don't like cheapo, povvy hardware -- they prefer decent sound cards. And it's hardly as if they sound any good under Windows anyway.
How about automating that process? You open up a "special" browser window through an installer programme, go to the web page with the download link, and then the magic happens. The page is parsed for mailing list links, the tarball is downloaded and unpacked. If there is a "configure" file, it is executed. If it runs error-free, then "make" is called. If this, too, proceeds without incident then the user is prompted to enter the root password, and "make install" is called.
..... like the usual "symptom/fault/remedy" troubleshooting charts, but also including some machine-readable stuff. This could be done by means of a script which would take some input from a HTTP GET or POST request, and search a database. The request could be initiated automatically by the installer. This has the disadvantage of relying on the package author, or dedicated volunteers, setting up an interactive site and updating the troubleshooting database; but in its favour, it would be completely distribution-independent.
If any errors are encountered, a window will appear in case the user can see what is wrong from the messages. Then, "make clean" is called, if necessary, to clear out any broken files before the next attempt. If the user can't resolve it, they get the option to send a message to the mailing list, attaching the output from the aborted installation attempt and relevant system information such as kernel and hardware configuration.
Another thing would be to introduce a way to simplify dependency resolution, by having a database which would allow the correlation of error message => likely missing package
Well, with Debian, you get a series of messages on the first screen such as "choose this to install in English", "selectionnez ici pour installation en Francais", "hier waehlen fuer in Deutsch installerien", "seleccionar aqui por instalar en espan~ol" &c, with "up" and "down" arrows to scroll the list that mean about the same in every language; and I seem to remember Mandrake displaying something similar, but I wasn't taking my time over that one, just getting it installed on a bunch of machines bam bam bam bam bam.
So the solution is: display the same phrase in several different languages, inviting the user to select whichever one makes sense to them. Easy!
I call BS {though as porny fantasies go, it's not bad}. Passwords are stored internally in scrambled form, so there is no way anyone can find out someone's password. If you're root or administrator {or have a boot CD in your shirt pocket} you can change it without ever knowing the old one; but you can't find out what a password was except by guessing various words and applying the scrambling algorithm thereto.
Don't blame the script kiddies for this. They are just kids, after all ..... kids are by nature explorers and experimentalists, and this is pretty much hard-coded into the human firmware.
..... an unfortunate consequence, not one that could reasonably have been foreseen by the "perpetrators" {all manner of crap already gets blown around railway lines, what difference does anyone suppose a coin will make?} but one that should have been taken into account by the implementors of the system. If the train makers can't be sure that a coin on the tracks won't derail their trains, then the trains are no good. What if a bird eats a berry, then shits the seed out and it lands on the track and that derails a train? Do you blame the bird? Blame the owner of the hedge the berry was growing on? Or do you blame the person who designed a train so badly that an object on the track would throw it off altogether?
It's like placing a coin on a railway track to see what happens to the Queen's face when a train runs over it, and ending up derailing the train
This is an excellent opportunity to sow seeds of change. Open people's minds to the possibility that there might be an alternative to Windows. Ask questions. Did they know there were vulnerabilities? Well, did they not look at the source code? [the what?] The source code -- you know, the human-readable form of the code that can be examined and modified. What scrutiny did you subject the source code to? [but that's a secret!] What -- you bought a locked box that you knew you weren't going to be allowed to look inside, and you didn't get even the tiniest little bit suspicious that somebody might be trying to hide something from you?
Every piece of food you buy is clearly labelled with a list of the ingredients. {this was actually used in an anti-drug propaganda advertisement in the mid-1990s, till some bright spark suggested that surely legal drugs would be properly labelled and the problems caused by not knowing what was in pills and powders were merely a side-effect of prohibition}. The analogy between Microsoft and Tom Lehrer's Old Dope Peddler is a strong one. Give out free samples {educational licence discount}, get people hooked {file format lock-in}, watch the little puppets dance to your tune.
For my part, I have pledged never again to work with Windows, ever. At all. The only repair I will ever again do to a Windows box is to install Linux on it -- barring that, I will simply unplug the power cable, leave it unplugged and consider that an improvement. The time has already come when I would sooner forego a computer altogether than touch Windows.
Maybe it'll take a whole seventeen years ..... by which time the patents will have worn off and everything they covered will be in the public domain. And, of course, software patents are unenforceable in some countries ..... the USA will soon be overtaken. See, people who pay for software are a minority. Perhaps one in ten copies of a closed-source application is properly licenced. Even much of the world's business relies on pirated software. Once people realise they can't use their copied Windows applications anymore, cheapo imported hardware running Linux or FreeBSD will become the order of the day. Unless Microsoft's DRM is cracked first.
I haven't had a bath since the second Monday in May 1992 {can't remember what date it was but I know it was a Monday and I know it was between the 8th and 14th}. And I'm unlikely to have another ever again.
.....
Plenty of showers, though
can't seem to find out whether this is going to be a Windows-only thing -- I seriously hope not -- or if the BBC is going to support the Open Source movement {though the Dirac project would suggest that someone at the BBC already understands the dangers of allowing for-profit concerns to dictate standards}.
:) Quicker than waiting for them to come around on UKTV Gold, as well!
I think this will be sort of similar to Sky Plus, but just for BBC content, and using your Internet connection instead of a Minidish. And, of course, it's the BBC, so no adverts
..... how many minutes of advertisements does the BBC show in a day?
This is why it would be a good idea to set up an FTP server {or several} to use for network installation. Then you only need to burn a few tens of megs onto the initial install CD ..... which is bound to be quicker. Anyone whose machine contains a CD-RW can stop behind and offer some net-install CDs. If you set up your own DNS on your LAN, you can just spoof the {text} addresses of the real FTP server, so the net-install CD should work over the "real" internet later {assuming your ADSL modem has an ethernet connection to your PC}.
Starting a distro flame war is not my intention here, I am just speaking from experience. But: ..... but you wouldn't, would you?} When the users get home and plug into the real Internet, their ISP's {truthful} nameserver gives them the address of the distribution's real main ftp site, so they can pull all the extra packages they want.
..... Debian wouldn't really be my first choice for a n00b event. I suppose it's a balancing act really -- too much advance preparation is in vain if nobody turns up on the day, not enough and people get frustrated {and the Open Source movement can get cast in a bad light; ha ha, look, those smelly lentil-sucking communist hippies didn't think ahead did they?}.
..... I mean, arrange for these to be sponsored by a local computer store.
Debian allows you to boot from CD, do a minimal installation {just enough to get the network up}, then eject the CD and finish the rest of the installation from the Internet. And it has no way of knowing whether the ftp.country.debian.org it's connected to is the real one, or just some LAN address that a bullshitting name server gave them which happens to contain a full mirror, but runs at full 100Mb/s rather than ADSL rate. {Unless you have > 200 clients connected to that server
I'm sure the same technique could be applied to other distributions, though
Perhaps someone will make an InstallFest kit, with a full mirror of a distro {Mandrake would be my favourite for this application -- n00b-friendly, good hardware detection, easy graphical setup, not sure though how it handles installation from network}, a DHCP server and a hacked BIND {to manage the aforementioned DNS spoofing}, and an ISO image of a minimal network install / recovery CD {itself in the form of an installable package, but with a depends: cdrecord and a recommends: k3b, just for ompleteness}. This net-install CD would hardly need any packages, so it could be quick to burn. You'd still need stackloads of blank media if you were giving them out rather than taking them back to use for the next person {and I'd think psychologically it's better that visitors do get a CD that they can take away with them}, but you might blag