Slashdot Mirror


User: ajs318

ajs318's activity in the archive.

Stories
0
Comments
4,821
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,821

  1. Re:this is your chance on "Spim" is Latest Online Annoyance · · Score: 1

    ..... and be sure to promote it heavily, by sending lots of instant messages!

  2. Good news for Linux users! on Wal-Mart to Launch Online Music Store · · Score: 1

    Haven't Wal*Mart, in the past, sold PCs with Linux pre-installed? If they want to run an online music store, they will have to make it work with PCs sold in the real life store -- which basically means it's going to have to be a penguin-friendly system! Let's hope it's Ogg Vorbis or another open standard :-) It shouldn't be too hard for someone to write an Apache plugin that does on-the-fly encryption against a public key sent in a cookie, and that would work well enough ..... the worst abuses I can think of would be to request a file which would end up being totally unreadable, as there would be no suitable decryption key; or to broadcast a public key to someone you didn't want knowing it, but a public key by itself is pretty useless.

    On the other hand, given that large corporations often have one department at odds with another, it's possible that whoeaver dreamt up the online music idea has no idea that Wal*Mart have actually sold Linux PCs. What never ceases to amazes me is that a business can get that close to total disintegration and yet not only muddle through, but actually make a profit! Must say something about the human survival instinct, I guess.

    As to the munging of music, I hadn't heard of any stores in this country having special cleaned-up CDs, though some of the local radio stations play edited versions. So do the satellite TV music stations - but usually only in the daytime. I guess I will have to check out the CDs in my local ASDA {now pwned by Wal*Mart}.

  3. Re:White noise is probably the easiest to locate. on Single Speaker Unit Delivers Surround Sound · · Score: 1

    Although that sort of makes sense, I still think that there would be certain things that you wouldn't be able to discern quite so reliably. With single-frequency sine waves, for instance, passing through the skull and entering the ear from the "wrong" angle would just cause an attenuation equivalent to a different distance, still giving you a locus bigger than a single point for the source.

    Now, maybe your brain figures out all the fancy time domain - frequency domain transforms and so forth. Maybe it only takes a slight tilt of your head to determine the direction {classical theory says you need to detect a source in 3 places to position it; if you can move your head while the sound persists then you have detected it from 4 places, giving you some redundancy, plus you have some data from Doppler shift during the movement}. That was why I said short bursts. And white noise subjected to Doppler shift is still white noise. Although, if it's in short bursts, it's not strictly white noise, since it has been filtered {albeit in the time domain} and some frequencies can't be represented with at least one crest and one trough in the pulse envelope .....

    The longer I keep thinking about this, the more variables I find I'm missing. I'm seriously going to have to experiment on this one .....

  4. How Many Times Again on Replace Your Music....Again · · Score: 3, Insightful

    The public will not fall for such a cheap stunt again. CD is here to stay for a looooong time. Its faults are quite tolerable. The only reason anyone ever put up with the lousy audio quality of walkman tapes was the ability to record your own at home. One of the recordable DVD formats, together with an open-standard audio codec, will be the next logical progression for portables. Uncompressed CD can already stray beyond the ken of most consumer-grade headphones and loudspeakers. If any new format takes over, it will be one we can record at home - and whatever it is, we're not going to pay to replace our CDs with it in the same way we replaced our vinyl LPs with CDs.

    Now think about this for awhile. When you buy a piece of prerecorded media, the cost is going two ways. Some is going on stuff that you can do for yourself {i.e. writing to media and assorted logistical matters}, and some is going on stuff you can't {i.e. singing the song in the first place -- well, you could do that, but I'm assuming you want to hear it as performed by the original group}.

    We should contact our representatives and push for a new law: Non-Discriminatory Licencing. The gist is, if the group has licenced the record label to sell the music on their media in return for a certain fee paid to the group, then anyone should be licenced under the same agreement to make one copy of the music for the same fee. Furthermore, anyone distributing the content to third parties must make said third parties aware of the fact that they have a right to make copies conditional on payment of a fee, the amount to send and who to send it to.

    Fair enough, it won't stop anyone copying without paying; but I think there are many people who would pay a nominal fee in return for not being criminalised, and I don't see for one instant what difference it makes whether or not I involve the record labels, as long as the artist gets their money. Record labels are just middlemen - and expensive ones at that. Everyone likes to miss out the middleman if they can.

    Traditional deal: I pay 14.99 for prerecorded CD, record co. takes 14.00, artist gets 0.99 {note these figures may not be strictly accurate as I don't know for certain how much of the purchase price of a CD goes to the artist}
    Under NDL: I pay 0.20 for blank CD, 0.02 for electricity, 0.99 to artist, artist gets 0.99.

    If I wanted to sell the media I had recorded, or offer the files for paid download, I - not the eventual recipient - would be responsible for paying the artist's fee, and the law should not allow me to disclaim such responsibility.

    If anyone cares enough to comment, I'll probably write a more official-sounding spec for my NDL vision that might be better received by government types.

  5. Re:A little market segmentation might help on OSDL To Start Pushing on Desktop Linux · · Score: 2, Informative
    How many software products can I get from my local computer store that are products that can run on Linux?
    You don't buy software for Linux in your local computer store. You download software for Linux from your distributor's, or the developer's, website. That's the fundamental difference between free software and slaveware. It's also why the distro that makes it into the home bigtime will be the one that makes it next to impossible not to contribute.
  6. Re:Copy paste? on OSDL To Start Pushing on Desktop Linux · · Score: 1
    We have got a reliable copy/paste!
    1. Position cursor at beginning of text to copy
    2. Deress and hold left button
    3. Move mouse to end of text to copy
    4. Let go of left button
    5. Position cursor where text is to be inserted
    6. Depress and release middle buton
  7. BZZZZZZZT! on OSDL To Start Pushing on Desktop Linux · · Score: 1
    Troll alert! Mandrake uses RPMs, in fact Mandrake is largely Red Hat with different graphics. And source code will compile and run on ANY properly-installed Linux distro, subject to hardware constraints. In fact, I actually prefer .tar.gz files because they are so reliable, and no need for a -devel package either {upon which, in my experience, 95% of dependencies really depend; if foo says it depends on bar, chances are it really depends on a file in bar-devel}.

    In case you aren't trolling:

    How to handle a .tar.gz {or .tgz} file {substitute "foo" with what the package is really called}
    ajs318@laptop2:/home/ajs318/ $tar -xvzf foo.tar.gz
    ajs318@laptop2:/home/ajs318/ $cd foo
    Look for files called README, INSTALL or similar, and read them; but the following procedure is nearly universal:
    ajs318@laptop2:/home/ajs318/foo/ $./configure
    ajs318@laptop2:/home/ajs318/foo/ $make
    ajs318@laptop2:/home/ajs318/foo/ $su
    type your root password at prompt
    root@laptop2:/home/ajs318/foo/ $make install
    root@laptop2:/home/ajs318/foo/ $exit
    or you can just press ctrl-D on most systems
    ajs318@laptop2:/home/ajs318/foo/ $
    That which I tell you three times is true:
    Always install the -devel package when working with .RPMs.
    ALWAYS install the -devel package when working with .RPMs.
    ALWAYS INSTALL THE -devel PACKAGE WHEN WORKING WITH .RPMS!
    Alternatively
    Use kpackage. 'Nuff said.
  8. Re:How Many Speakers Do You Need? on Single Speaker Unit Delivers Surround Sound · · Score: 1

    AFAIK your brain can only measure {by means of some really complex mathematics} the distance from the sound source to each ear. The intersection of these two radii form a circle centred on your head, in a plane perpendicular to the imaginary line joining your ears. If you keep your head perfectly still, you cannot determine whether the sound source is above, behind, beneath or before you. Short bursts of white noise {like you would get by briefly connecting a battery to a speaker and letting go again} ought to be very difficult to locate in space. I might try setting up an experiment if I can get together enough identical speakers, stands and a quiet outdoor location.

    The only other explanation for how it would be possible to determine so precisely the direction from which a sound comes would be if something other than your ears is detecting sound. Then you would be able to get a proper triangulation fix on the source.

  9. How Many Speakers Do You Need? on Single Speaker Unit Delivers Surround Sound · · Score: 1

    First of all, this is not a "one-speaker" solution at all - it is several speakers in one box. I suppose it depends on whether you think of "speaker" as referring to the mechanism for converting electrical impulses into acoustic pressure waves by means of a moving diaphragm, or the cabinet containing one or more of such devices .....

    But how many speakers do you need anyway? I mean, you've only got two ears, for crying out loud ..... meaning you know which side a sound is coming from {left or right} but you can't actually tell whether a sound is coming from ahead or behind unless you cheat and move your head around. Even that won't work if you're wearing headphones. And since when you're watching telly, you are looking at the picture, your brain is getting enough clues from the visuals to work out where the sound should be coming from. So one speaker should be plenty! I'm sticking with my old telly with its 51cm., 4:3 screen and monophonic sound {though it has a separate woofer and tweeter}. It has a SCART socket and that is all that matters to me. I'll replace it when it breaks and not before.

  10. Sovereignty Issues on Orbdev Files US Federal Suit Over Asteroid Claim · · Score: 3, Interesting
    No US body has jurisdiction over non-US territory. Since asteroids are not US territory {in fact they are not even Earth territory} then this loon's claim is unenforceable.

    Although, he may have a claim against Orbdev for selling him something they did not own {ever been to Paris and had someone try to sell you the Eiffel tower? Or been to London and had someone try to sell you Tower Bridge? Or
    foreach ($landmarks as $city => $landmark) {
    echo "Have you ever been to $city and had someone try to sell you $landmark?\n";
    }
    } Well, you get the idea. And it's Orbdev that are going to be needing the lawyers, because fraud is criminal, not civil.
  11. Re:Film disposables couldn't be reused.. on Ritz Disposable Digital Camera Hacked · · Score: 1

    Many moons ago, in the days of roll film and 60x60 negs, a photographer friend of my dad's used to have a neat portable kit that allowed him to develop a film wherever a supply of clean water was available {This was mono, obviously; any chemical reaction speeds up with increasing temperature. Colour developing requires strict temperature control as there are three separate chemical reactions going on which must all reach completion at the same moment}.

    This kit included a special sleeved bag a bit like a thick padded jacket bit with no neck or waist, just arm sleeves and a baffled zip for inserting the camera and dev tank. Under cover of darkness in the bag, the film could be wound onto the developing spool and sealed in the tank. Now, to wind the film from the camera spool into the dev tank spool requires a sort of back-and-forth twisting action {a ratchet mechanism pushes the film into a groove which holds the layers apart allowing the fluid to get to both sides}.

    One sunny day, after taking some pictures on a remote railway station, he was sitting outside the men's room winding his film in his transfer bag on his lap, developing fluid already mixed in a bottle by his side. Needless to say, a passer-by misinterpreted his concentrated fumbling and smelly bottle, and called the old bill ..... who had of course never seen this kit before, and he had to do a lot of explaining!

  12. Re:I don't understand... on Ritz Disposable Digital Camera Hacked · · Score: 1

    OTPROM {One Time Programmable ROM} is actually identical to UV EPROM, but the envelope does not have a transparent window in it - so you can't just suntan the chip {light is waves, and energy is inversely proportional to wavelength; at UV, the vibration is sufficient to physically knock electrons out of place. The same phenomenon is used in photocopiers and laser printers to discharge selected portions of a pre-charged, conductive surface [the printing drum] so that the uncharged, solid ink particles won't stick to it. The pattern of light and dark may be got by direct reflection from an already printed surface or beamed in a computer-generated pattern}. It is possible to erase OTPROM using radiation such as X-rays or gamma rays, which will penetrate the envelope and do the same discharging thing. The difficulty is that you must not over-irradiate the chip for fear of causing permanent damage {you only want to shift electrons, but at that sort of energy you are running the risk of moving protons or neutrons}. Or, you could carefully split open the envelope without damaging the chip inside and expose it to light. Either method is usually more expensive to arrange than buying a windowed package in the first place.

  13. Re:I don't understand... on Ritz Disposable Digital Camera Hacked · · Score: 1

    Cracking RSA is difficult because it involves a lot of trial and error.

    RSA depends on the fact that (a**b)**c == (a**c)**b == a**(b*c). To mitigate the effects of all that multiplying {and cunningly add an extra layer of compilcation - see later}, "modulo arithmetic" is used {think of a counter that rolls over every so often; m modulo n, or [in programmer's notation] m % n, is the remainder when m is divided by n}. Now, for some values of b, c, d {which are determined in the process of key generation} a**(b*c) % d == a. The public key is the function P(x) = x**b % d {giving you b and d}, the secret key is S(x) = (x**c) % d {giving you c and d}. So P(S(x)) == S(P(x)) == x.

    You tell everyone P(x) but you keep S(x) to yourself. If anyone sends you P(message), you evaluate S(P(message)) and get the message. If you send someone S(message) {plus some cleartext metadata so they know who might have sent it, and therefore which P(x) to use}, they can evaluate P(S(message)) and know it must have come from you.

    If you know a, b and d, then you can build up an equation to solve for c: {bold => known quantities}: a**(b*c) == n*d+a. Unfortunately, you don't know the value of n {how many times the counter rolled over}. All you know is it must be an integer. You have to keep trying different values until you get a fit.

    If you wanted to crack RSA for all b, c, d, you would have to do so by stealth. One way would be to write a piece of closed-source software that became very popular, and use many millions of CPUs in parallel, each trying to solve for a particular set of b, c, d. The "seeding" of each instance of the programme to search over a particular range could be carried out under the guise of entering a "serial number" to "activate" the programme. Results could be uploaded to the internet under the guise of an "automatic software update" request.

  14. You Know What You Can Do on E-Voting Glitch: 19,000 Voters, 144,000 Votes · · Score: 2, Insightful

    Back in the days when votes were counted by hand {or today, in countries where they stil are} the whole process was transparent.

    If your country uses electronic voting, you should write to your representative and point out the necessity of opening up the process. Specifically, the need for the public to be able to examine mechanical drawings and software source code. Public scrutiny over the democratic process is more important than any corporate secret.

  15. Look at it this way on Security FUD On Linux · · Score: 1

    Windows is just an operating system and desktop environment, but almost every Linux distribution includes a full suite of applications - office, connectivity, scientific, graphics and so forth. Of course there are likely to be more problems where there are more places for them to appear. If you have a vegetable garden where you grow peas, beans, cabbages, carrots, potatoes, celery, onions, beetroot and turnips, then you are potentially vulnerable to more pests and diseases than a commercial farmer who grows just oil-seed rape.

    Everything in the open source community is done under a rather large microscope. Good guys outnumber bad; so, statistically, there is a greater chance of a vulnerability being discovered by a good guy {who intends to get it fixed} than by a bad guy {who intends to exploit it for his own ends}. Everything closed-source, on the other hand, is kept under cover - until the covers are forced off. And anyway, it's better to make a mistake and admit to it than to pretend you never make mistakes.

    At the end of the day, I will never trust someone who refuses to let me see their source code. If they want to hide something from me, I do not want to have anything to do with them - because what might be hidden in closed-source software is far, far worse than a simple error of programming.

  16. Re:I still state my position on 1st Real Internet-Option Election in North America · · Score: 1

    That's the trouble ..... if you compel people to vote they are ostensibly less free than if you don't compel them to do anything. But if enough people don't vote, then there is a possibility that, under the wrong sort of government, they could become even less free than citizens who are compelled to vote. Once you start forcing people to do things, it looks like the thin end of a very big wedge, and it gets easier to consider other, less benign forms of coercion as reasonable.

    You have to consider not just what you are trying to achieve, but how people will interpret your efforts. If you concentrate too much on the ends, you end up a ranting idealist; but if you concentrate too much on the means, you end up a spin doctor, telling people their plates are getting bigger when there is less food to go around. There is a delicate balance to be struck.

    A less overtly forcible method might be to treat an abstention as a vote for "re-open nominations [1], all others no vote". {I'm assuming here single transferrable voting with the pseudo-candidate R.O.N., as happens in student union elections in UK universities}. Then a no show becomes an automatic vote of no confidence in any of the candidates. But then, if RON keeps winning, there is effectively no government for as long as it takes for a real candidate to get elected.

    And yes, unfortunately, as much as we might wish it not true, there are some people who aren't fit to choose their own government. Historically, these people have been in such a small minority as to hold no influence over the final outcome. Modern party politics is disillusioning voters, as the impression given off is overwhelmingly one of little difference to the end result whoever wins.

    Back in the '80s, we had a Conservative government and a vocal Labour opposition. Today we have a Labour government that might as well be a direct continuation from that Conservative government, a weak Conservative opposition with nothing to say because Labour have turned into the Conservatives, and an electorate who simply don't know how to choose between the two evils. And we all know what happens when good people do nothing .....

  17. I still state my position on 1st Real Internet-Option Election in North America · · Score: 4, Insightful
    that the fundamental basis of democracy is too important to be entrusted to any process not open to scrutiny at every stage.

    In this country there are three ways to cast a vote, besides walking to the polling station:
    1. Get a lift from a volunteer
    2. Arrange a postal vote in advance
    3. Arrange a proxy vote in advance
    The ballot papers are counted by hand, with candidates and guests in attendance. This system works. Now, you may say it is a minor inconvenience to actually have to get off your behind and cast your vote once every five years, and maybe to have to help counting up the papers or driving assorted strangers back and forth to the polling station all day. But your employer is not allowed to take any disciplinary action against you if you have to vote on works time, and when you realise that the alternative could be a fascist dictator forcing his way into power by hijacking an election, it really doesn't seem so much of an inconvenience after all. Maybe it would be appropriate to punish people who fail to vote? People have fought and died for democracy, and yet this is what we do in their memory. Of course, [GODWIN'S LAW EXEMPTION REQUEST] it doesn't help that there are politicians out there who have ideas that Adolf Hitler could only have had wet dreams about .....
  18. Re:Linux for security on IBM and Its Thoughts on Desktop Linux · · Score: 1

    There's a way of resurrecting such a PC by editing or unlinking a file somewhere. Obviously you have to be able to restart the PC in order to do this, but that's not as easy to prevent as some people believe.

  19. Re:So... on IBM and Its Thoughts on Desktop Linux · · Score: 1
    I call BS. You say you installed KDE. Well, KDE includes KMail - a very nice e-mail client which has no problem saving attachments - and kpackage - which does software installation for you, and is usually preconfigured by distributors to work "out of the box" with their package repository. Dependencies are easy to resolve thanks to modern package management systems as found in everything but Slackware. Just be sure always to install the -devel version. Since it depends on the ordinary version, that will get installed as well as a matter of course. Circular dependencies are resolved by installing both packages at the same time.

    Of course, if the attachments were some Microsoft-specific proprietary format, then he most probably would not be able to open them - but that's not Linux's fault. When you only have a CD player, you can't expect to be able to do anything with "Fisher Price My First Walkman" tapes - and it's the fault of the sender for not using an open format. But the sender probably was another clueless dupe, coerced by Microsoft's slick propaganda into believing Windows was all there was. How far can you blame a person in that situation? They were weak, they were exploited by convicted felons, now they're helping those same criminals peddle their warez.

    But things will get better. Most people are polite and understanding and will respond positively to a resuest like "can you please save it as RTF instead of DOC" - especially if you can explain to them how to do that. IDNUW but I guess it's most probably something in the Save requester. We went from mechanical typewriters to word processors, in case you forgot; that was a bigger deal than anything else word-processing-wise is ever going to be. Going back further, we progressed from no written language to scratches on stone to quill pens to fountain pens ..... for crying out loud, we have it all so much easier than our ancestors. Has something fundamental changed where we can no longer evolve?

    As for the command line, you are doing people a great disservice by saying people "don't want to use it". The command line is great for some operations. Just because the DOS command line was so awful, don't tar the bash prompt with the same brush. After all, DOS would never let you enter something like this:
    for i in track*; do lame -h $i && rm $i; done
    but that doesn't mean it isn't good to have the ability to do it.

    Linux is ready for the desktop. It just isn't - and never will be - Windows. But so what? People already comfortable with non-computerised methods probably wouldn't want to switch to Windows. Human beings are infinitely adaptable, so stop bitching that some bits aren't exactly what you've been taught to expect and get used to it.
  20. Re:Energy source? on The Case for the Moon · · Score: 1

    The Moon is about 384 megametres away, so it would take 1.28 seconds for a signal to travel all the way there from Earth before anything could be done about it. That sounds like plenty of time in which to get unlucky .....

    Anyway, Mini-Me would end up humping the laser, unless they got a freakin' room together already!

  21. Re:The moon on The Case for the Moon · · Score: 1

    You transport rock from the Moon to the Earth, so the sum of the two masses stays the same - I'll give you that - but the force of gravity depends on the product of the two masses. When I did my engineering degree, we didn't go assuming that simply because m1 + m2 == m1' + m2' then m1 * m2 == m1' * m2'. Try it with some figures ..... five sixes are thirty, but four sevens are only twenty-eight, and the error grows with the difference: three eights are twenty-four, and two nines are eighteen.

    I've had too long a day to apply this to the figures and work out how much mass you'd need to shift before you got, say, a one percent change. And I'm not even sure what sort of a change you'd need before you got any effect.

    And you might want to check your prefixes. A gigagramme is a thousand Mg or a million kg. A megagramme is as near a ton as damn is to swearing {2205lb vs. 2240lb; close enough anyway as any measurement in non-metric units is expected to be approximate}.

  22. Re:Booring on The Anatomy of Cross Site Scripting · · Score: 1

    Ah, right. I thought you were implying only 7 characters were ever encrypted when using MD5. I see now.

    You basically are trying to get a piece of JavaScript sourced off one site to modify a document sourced off another site {and since that connection isn't encrypted, the cookie contents won't be encrypted either - but the "query string", neatly formatted too thanks to the HTML cookie spec being so similar, will be recorded in /var/log/httpd/access.log even if your one-pixel gif ignores it}.

    Surely a well-written web browser would alert the user to these sort of shenanigans? Maybe even not permit the running of JavaScript except from selected sites? *cough* Konqueror *cough*

  23. Re:Know of a sanitizing script in PHP? on The Anatomy of Cross Site Scripting · · Score: 3, Informative
    You need to do something like this. Use preg_replace to change all mustang signs to < and > sequences. But that's overzealous - you need to un-mung sequences that look like HTML tags you regard as innocuous. Now you have to define an array for allowed HTML tags, indexed by their "munged" form, like this:
    $allowed_tags = array('&lt;B&gt;' => '<B>',
    '&lt;/B&gt;' => '</B>',
    &c.);
    Do a foreach ($allowed_tags as $i=>$j), and str_replace {it's supposedly quicker than preg_replace} each occurrence of the index $i with the value $j. Only permitted HTML tags will remain. You can even do a second foreach further down the page to list the permitted tags {since they're already HTML-escaped you can just display the indexes and the reader will see it rendered to look like a HTML tag}.

    If you want to allow <A> or <IMG> tags, you should use preg_match expressions for elementary sanity checking.
  24. Re:Booring on The Anatomy of Cross Site Scripting · · Score: 1

    7 characters? I think you're getting your md5 mixed up with your crypt(3) .....

    What if the intended target server is using https? Would the grabbing script {presumably ordinary http} get the encrypted or the plaintext version? If the browser thinks it's sending the form via https, then it has no reason to send out the unencrypted version - does it?

  25. Re:Can someone explain? on The Anatomy of Cross Site Scripting · · Score: 2, Interesting

    The English letter X has the same shape as the Greek letter chi, which has the English sound "kh" or "ch". Chi is also the first letter of the Greek word Khristos, meaning Christ. So "X" became an abbreviation for "Christ".

    The fish thing is from the Greek word "Ikhthus" {iota, chi, theta, upsilon, sigma} meaning "fish" but also forming an acronym of the Greek words which translate as "Jesus Christ, Son of God, Saviour". The early Christians, forced to meet in secrecy, identified themselves to one another by the sign of the fish <><. This is still used today by Christians, and can be seen outside businesses, homes and on the bumpers of cars - so the rest of us know who to avoid.