Slashdot Mirror


User: SanityInAnarchy

SanityInAnarchy's activity in the archive.

Stories
0
Comments
12,413
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,413

  1. So how should it work? on A Legal Analysis of the Sony BMG Rootkit Debacle · · Score: 1

    Linux does not, and cannot, prevent this kind of attack. That you think it could shows you have a profound lack of understanding of what the attack was. (Here's a hint -- where do you think the word "rootkit" came from? Duh?)

    There is, of course, exactly one difference: On Windows, AutoRun is the default, and entirely specified by the CD. On Linux, AutoRun barely exists at all, and where it does, it's entirely controlled by the OS -- it never runs a program off the CD, if anything, it launches a media player to play the CD. However, you can easily configure Windows to behave this way.

    In fact, as a software engineer, I cannot think of a way that you could prevent an attack like this without also locking down the machine so hard you might not even be able to install Linux, and certainly, Windows would be a lot less friendly to work with. Vista is an example of what happens when this is tried.

    Can you think of a way this could possibly work?

    Let's look at your suggestion:

    This could be as easy as when the customer boots from his purchased legit installation CD and asks it directly to verify his OS. There is no way any hacker could compromise the code on a stamped CD.

    Actually, yes, yes there is. All it would take is a buffer overrun or any other, similar exploit while it was "verifying" that OS, and the CD would be worthless.

    Also, how do you propose that CD tell the difference between a compromised OS and an upgraded OS? How about the difference between a compromised OS and a deliberately customized OS?

    At least the computer owner would know his computer is telling him the truth over which processes and threads are running, and know the registry keys are being honestly reported.

    Oh, we can already check registry keys -- there are Linux boot CDs for that. But here's a question: Do you actually understand the purpose of every single process and registry key on your system? I know I don't.

    It would really only make a difference once you knew, specifically, what to look for. And once you do, it doesn't really matter, because whoever discovered it would certainly have a recipe for removing it -- a recipe that either wouldn't require a truthful listing of processes and registry keys, or would include a means to discover such a listing.

  2. Not entirely open. on BBC iPlayer Welcomes Linux (and Macs) · · Score: 1

    From the Wikipedia page:

    Although a full specification of SWF is available, it is not an open format, as implementing software that plays the format is disallowed by the specification's license. Reverse engineering is therefore the only legal way to compete with the official SWF player. Implementing software which creates SWF files is permitted, on the condition that the resulting files render "error free in the latest publicly available version of Adobe Flash Player."

    In other words, not like PDF at all.

  3. mpeg. on BBC iPlayer Welcomes Linux (and Macs) · · Score: 1

    There are all kinds of things they could do. And they certainly didn't seem to be opposed to people downloading things.

    There are mpeg2 decoders everywhere -- it's just about as ubiquitous as Flash. And there's no reason they can't do both.

  4. Mesh networking. on Microsoft and Google Duke It Out For the Future · · Score: 1

    That, too, is going to become increasingly irrelevant.

    I really do want "desktop" or "laptop" computers to succeed, but right now, they've got nothing going for them except privacy and user control, neither of which anyone seems to give a fuck about anymore (see Myspace).

  5. Re:Consoles. on Microsoft and Google Duke It Out For the Future · · Score: 1

    Spoken like a true "hardcore" gamer. The Wii makes you a minority, sorry.

    I will always have a pretty powerful computer, and I will always play open source games and mods. And I will always be a minority.

  6. Re:Desktop For Me on Microsoft and Google Duke It Out For the Future · · Score: 1

    What happens when you get employees who aren't developers?

    We generally don't. (Or at least, the corporate end is in another part of the country, so I can pretend that's true...)

    But at least for the moment, well, everyone has to have a home computer, right? So everyone knows at least enough to use a personal computer.

    Or an employee who isn't familiar with the OS you use?

    "the" OS?

    We use at least two that I know of -- and anyway, the point of web apps is that it doesn't matter. They only have to be familiar with the web apps we need, and that's part of essential training. (So is the OS, in cases where they have to use one OS for the job.)

  7. Re:Damned if we do, damned if we don't. on Leaked MediaDefender Emails Show Student P2P Traffic Down · · Score: 1

    The only thing I can think they would sue for is for someone using one of the fair use rights.

    Nope. They would sue for piracy.

    My point is that this is how absurdly innaccurate their methods are, that they might not even notice.

    Agreed. I would like to see some independent research done about piracy and its fallout, but I haven't actually found anything yet.

    There's another catch 22, by the way.

    Recently, I took a look at the Consumer Reports website. They seems to have a slogan of sorts -- "Expert, Independent, Nonprofit". Well, 2 out of 3...

    They recommend Vista. Worse than that -- every article they've written about OSes is under the assumption that Vista is the natural, logical choice of an upgrade, and the only reason you wouldn't upgrade is if you didn't want to spend the time or the money.

    I don't know if you're actually going to debate that point -- I know a lot of people did, when I posted about it. But I take that as proof that it's impossible to be independent and unbiased, and yet have a clue what you're talking about.

    It may not be true for everything, but it would seem that piracy is one of these difficult things.

    Yes, but you can't simply say they're significantly different and expect them to change. They need to know how it's different, and why that difference discounts the approach they were using. What is it about Internet piracy that makes suing so ineffective?

    Simplest answer: The amount of it and the difficulty of tracing who is doing it.

    More difficult to swallow: Because the pirates are your customers, or your best potential customers. Barring a few starving college students, anyone wealthy enough to have the bandwidth for piracy is probably also able to pay for the content itself. And those starving college students will likely grow up to be that wealthy. Therefore, the end result of suing all pirates is going to be having practically no customers.

    Lawsuits work with physical-medium piracy largely because it's easy to find out who originated the counterfeits. Sue them, and the whole house of cards falls. But this is difficult or impossible to do with Internet piracy, and even if you did, anyone can rip a DVD and upload it (though in practice, almost no one does).

    No, Windows is not just held in place by convention, but by several conventions. Namely, protocols, standards, and specifications that others cannot easily share.

    And that's different than iTunes how?

    You can't easily use two operating systems on the same computer, especially at full speed.

    Nor can you easily use two media players. Well, yes you can, but you're likely going to sell the old one.

    The same applies to operating systems -- you can, indeed, use two operating systems, at full speed, on separate computers. But you'd probably sell one of the computers, then.

    iTunes, by contrast, can and has been copied in interface and functionality, and can be used comfortably with any other competitor.

    Except that iTunes cannot and has not been copied (legally) in how it talks to the iPod, or how it talks to its music store.

    Therefore, leaving iTunes involves leaving any of your music which was DRM'd, and leaving your iPod -- or doing something illegal, and which very likely won't work.

    There will always be some variability, but at least there'll be no risk of credit card fraud.

    Stores don't have to be a risk of that, either.

    Simple example: Let everything run through some central authority. eBay, Amazon, iTunes, etc -- I kind of like PayPal, though I wish there was a standard for that. Kind of ties in with the idea of the unified store/download/player app that plugs into your portable player (iPod, etc).

    Because, on the same token, there d

  8. Re:Ubuntu != secure on Ubuntu Gutsy Gibbon vs. Mac OS X Leopard · · Score: 1

    As an aside, your website got my browser entirely wrong. (It reports me as mozilla/netscape 5 or something. I'm on a fairly recent Konqueror.)

  9. Not only emotion... on RIAA Backs Down On "Unlicensed Investigator" · · Score: 5, Interesting

    Part of this is to show the sheer innaccuracy of the RIAA lawsuits in the first place.

    I'm making a list. To my knowledge, they've sued:

    • Several pre-teen girls, who could not possibly afford either to buy the music legitimately or to pay the settlement.
    • Several grandmothers, who are unlikely to even know what P2P is.
    • At least one dead person.
    • At least one person who has never, in her life, touched a computer.

    There's probably more, but I haven't been paying attention.

    If the facts are so firmly on the defendants' sides as Ray would have us all believe, why is it necessary to resort to such blatantly manipulative appeal to emotion?

    If the facts are so firmly on the defendants' sides, why not appeal to emotion?

    Just understand, pointing out the people involved -- especially when those people are unlikely to be capable of piracy, much less want to -- is not always an appeal to emotion. Sometimes, it's simply an appeal to common sense -- which is why you will occasionally see articles tagged "suddenbreakoutofcommonsense", for when the RIAA/MPAA is losing.

  10. Consoles. on Microsoft and Google Duke It Out For the Future · · Score: 1

    The sad fact is, just about all need for a "desktop" computer can now be replaced by an Internet appliance and a game console.

  11. Re:Desktop For Me on Microsoft and Google Duke It Out For the Future · · Score: 1

    As an IT Director.... Google isn't who the CEO is going to come to when his secretary can't produce something he needs RIGHT NOW.

    Here's a frightening thought, though: Google, and other web services, may be the reason the CEO decides he doesn't need an IT Director, or even an IT Department.

    I hope that's not the case everywhere, if only so we don't end up with a monopoly, but that's exactly the way it is at our company. Small company, we basically have a NAS in a box for local filesharing, there's a printer somewhere (that I never use). We use Gmail for corporate email, Google Docs for actual, printable documents. We keep our version control on a Subversion server provided by CVSDude, and we now use Trac for project planning, bug tracking, and its built-in Wiki for documents that are meant to be common (been migrating away from Google docs for that).

    So, basically, our in-house IT consists of being a software company, thus every employee at least knows how to admin their own machine (install Windows and such). Any of the stuff I keep wanting to do, as a Linux admin -- a VPN, a real fileserver/mailserver, and so on -- are completely irrelevant.

    The one thing my admin skills are useful for, now, is EC2. But that doesn't need to be on-site, so it could easily be outsourced if I'm needed elsewhere.

  12. Re:This is apart of a larger "openening" of Flash on Adobe Opens Up AMF Spec · · Score: 1

    And while not opening up the full SWF format

    Why haven't they?

    And more importantly, can we please stop taking Flash seriously until they do?

  13. Re:Open Standards on Adobe Opens Up AMF Spec · · Score: 1

    Any AJAX implementation of that would be just a hack.

    Any Flash implementation would be by definition a hack. The difference is, as you say, there's actually an open standard for AJAX.

  14. Re:Hope the license doesn't give them trouble. on NYSE Moves to Linux · · Score: 5, Interesting

    You know, if you don't even bother to reformat your article, it really does sound like a cut'n'paste troll. Let's check...

    Well, here's one. Must be a fairly new cut'n'paste troll.

    I'll have some fun with it anyway, and feel free to copy and paste my response anywhere you see this troll:

    (specifically, Linux's lack of Token Ring support and the fact that we were unable to defrag its ext2 file system)

    That really dates this troll, or at least, the troll wants us to think it is that out of touch. Seriously, who uses TokenRing or ext2? (Oh, and you can defrag ext2, if you really, really want to.)

    So you can imagine our suprise when we were informed by a lawyer that we would be required to publish our source code for others to use.

    Sucks to be you. Try reading the license.

    It was brought to our attention that Linux is copyrighted under something called the GPL, or the Gnu Protective License.

    That's General Public License.

    Part of this license states that any changes to the kernel are to be made freely available.

    Indeed it does, but only to whoever you distribute binaries to.

    Unfortunately for us, this meant that the great deal of time and money we spent "touching up" Linux to work for this investment firm would now be available at no cost to our competitors.

    If you're sending free binaries to your competitors, sure. But you'd have to be retarded to do that.

    Furthermore, after reviewing this GPL our lawyers advised us that any products compiled with GPL'ed tools - such as gcc - would also have to its source code released.

    Absolutely untrue.

    We could either give away our hard work, or come up with another solution.

    If you're rewriting it anyway, why not give away your hard work? Worked well for id software.

    I may reconsider if Linux switches its license to something a little more fair, such as Microsoft's "Shared Source".

    And of course, no mention of exactly how that's more fair, other than this comparison to such a strawman GPL.

    Until then its attempts to socialize the software market will insure it remains only a bit player.

    Except, of course, a top online investment firm kind of proves you wrong there. I'll point to Amazon EC2 and consider the discussion closed.

  15. Re:Shallow on The Future of Love and Sex - Robots · · Score: 1

    Sad thing is, you don't. You just go play with your anthropomorphic Fleshlight.

  16. Re:Unbalanced article. on Ubuntu Gutsy Gibbon vs. Mac OS X Leopard · · Score: 1

    Please explain to me how Entourage and Apple Mail developers should collaborate, seeing as they're products from competing organizations?

    That doesn't seem to stop all the competing organizations who collaborate on various open source projects.

    The supposed and much-hyped strength of free software development is the creation of software that's ideologically, legally and technically unfettered by all the limitations that come from proprietary development.

    Strawman. Who said "all"? And why did you take them seriously?

    Example: Free software is quite frequently fettered (so to speak) by things like memory leaks, due to, oh, being largely written in C.

    I will argue, however, that it's a lot less limited, as evidenced by, oh, Entourage and Mail. Not only is it unlikely that Apple and Microsoft would choose to collaborate in this case, it's also likely a legal impossibility. Consider, also, that were they two open source projects, people from one project could always port code to the other, maybe eventually merge them -- and the reasons this doesn't happen are most often technical, not legal or political. No small step like that can be made with Entourage or Mail -- before the port could be made, both companies would have to open source to each other, so it would have to be a mutual decision from the start -- there can't really be any initial good-faith move there.

    Dunno dude. Try not to become so emotional.

    Heh. That was actually confusion and disbelief.

    They tested it on the entire range of users, did they?
    Pretty much.

    I'd like to see that.

    What, they fit everyone in a room?

    Otherwise, they selected a demographic somewhere, somehow, and I guarantee that demographic was not "the entire range of users".

    Steve Jobs' opinion eh - are you his personal assistant, or is this your opinion?

    Actually did have a fairly long discussion with someone who did work closely with him. So that is secondhand.

    Touching, but subjective.

    A bit less than your points, I would say.

    I suppose you would be happy if I maintained a log of how much time I spent, and how much I got accomplished? (Oh wait, productivity is subjective, too.)

  17. Re:Unlikely on Opera Files EU Complaint Against Microsoft · · Score: 1

    Not responding to the rest of your post, where you seem to have answered your own point, but here:

    But even in other cases home users are willing to pay for antiviruses that do more than what they should need as a home user.

    This is true. However, they never got antivirus for free, so they don't understand that it should be free.

    They have, however, always gotten a browser for "free", so that's what they expect.

  18. Re:Standards. on Opera Files EU Complaint Against Microsoft · · Score: 1

    And what about websites that work on Opera but not on Firefox? Or Safari?

    Name one.

    More to the point, you're not an actual web developer, are you? It is much easier to build a webpage that will work in Firefox, Safari, Konqueror, Opera, iCab, even lynx, than it is even to build a webpage that will work in Firefox and IE.

    You know why? Because Opera follows the standards! In fact, just about every browser on Earth is better at following these standards than IE is.

    Sooner or later, all this talk of "standards" is bullshit since no one is willing to even acknowledge the fact that IE is the de-facto "standard" already.

    ...

    You know what, fuck Godwin's law. In Nazi Germany, Aryans were the de-facto standard. That doesn't make it right.

  19. Re:Is this what people actually believe? on Opera Files EU Complaint Against Microsoft · · Score: 1

    IE, or rather MSHTML, IS built-in to the OS. I'm not talking about physically built-in, but it being an integral part.

    Not entirely correct. An HTML engine is built-in, but as I said (or at least I think I said), you can replace that with another. I have taken apps which embed MSHTML, and run them under Wine on Linux, using Gecko as the HTML engine.

    I know the difference, but thanks for assuming I'm an idiot.

    Thanks for making an idiotic post.

    What, you were expecting fair and unbiased analysis with your "sandy vagina" comment?

    The bloat I'm talking about is having them on the install media.

    Does it cost that much more to, say, offer different versions of that media?

    But forgive me if you're using a definition of "bloat" that most people don't have a clue about. (And, for that matter, consider that XP fits on one CD, so presumably there'd be plenty of space on a DVD, especially if all you're talking about is HTML engines.)

  20. Re:Damned if we do, damned if we don't. on Leaked MediaDefender Emails Show Student P2P Traffic Down · · Score: 1

    The system works nicely when piracy is low enough so that each suit can be dealt with tact and respect, but the situation becomes a whole lot uglier.

    At the risk of going around in circles here, I find the blame for this one lies entirely with the media guys. I see no reason why they cannot sue people for just as much money, but bother to gather real evidence, or, really, any evidence at all. How, exactly, do you manage to sue a dead guy?

    I think I understand your point -- that if piracy was less of a problem, they might do that. But I think it's actually pretty unrelated, at this point. I think that if piracy completely stopped tomorrow, there'd still be some RIAA lawsuit on Monday.

    What I do want to say is we can take an average, which is exactly what we're doing. Each person's earnings are different, each person's total value of pirated materials is different, but we just take the average. All the massive pirated media collections out there make the individual probability, on average, very low, but I would say not low enough to make it negligible.

    I would tend to think that the average individual probability is actually not very much lower than it would be without piracy as a mitigating factor. But this would be very difficult to prove even if we had statistics, and we don't, so I guess there's not really a conclusion to be had here, other than agree-to-disagree.

    I never said it had to be original, it's just that they adapted to the piracy threat. Is piracy so fundamentally different from VHS that the media companies can't use the same technique for fighting both?

    If you mean "is Internet piracy..." then the answer is "Yes."

    Understand that I don't mean they need tougher laws and tougher techniques. I mean they need fundamentally different ones.

    It doesn't have to be too broad. Something like making it illegal to block IP addresses in the government range, or something like that. Or even, IP blocking without a permit.

    Hmm. That raises another question -- how would it be enforceable?

    No, don't answer that, I'm fairly sure that any world in which it could be enforced is a world I don't want to live in. IP "blocking" is, in actuality, simply IP "ignoring", and it seems like it'd be difficult to prove that you're ignoring someone on purpose.

    Yes, but there's no reason why a P2P client can't be preloaded or an alternative for using with a particular very popular portable media player. Currently, all we have is convention holding that up. It's not a particularly strong force.

    Well, by that logic, "convention" is all that's keeping Windows around, so I'd say it's a damned strong force.

    As it is, the reason why this won't happen is, most computers are still going to be preloaded with Windows + crapware, and there's actually a financial reason for the crapware. And I seriously doubt Apple would jeopardize their media aspirations by building iTunes on a peer-to-peer system. It doesn't have to be apple, but it's about as hard to kill the iPod as it is to kill Windows.

    Only if you use bittorrent. All you need is the client for things like Limewire or KaZaA.

    In which case, your experience is still much worse than a store in that you never know what you're getting, in terms of both content and bandwidth. The webpage is actually a really good solution to the problem of both a central tracker (so the downloads generally go very fast) and a known-good quality (in that people can generally comment on these torrents, so you're warned away from the bad ones.)

    Now, Azureus now bundles this online store called Vuze, in a very nice, clean, slick package. There's a lot of free content, and some of it requires a credit card, but no matter what, once you've got the client, that's all you need -- and you get the speed and reliability benefits

  21. Re:crybaby on DOJ Doesn't Like the Idea of A Copyright Czar · · Score: 2, Insightful

    Of course, because ripping a DVD and putting it on your video iPod is stealing.

    It's not about stealing, dipshit. It's about choice.

  22. Good? on The Future of Love and Sex - Robots · · Score: 1

    As creepy as that sounds, it could be good in that, if the race survives, it will be entirely through people who don't want or need sex toys. (Or, at least, people whose wants/needs aren't exclusively satisfied by sex toys.)

  23. Re:Shallow on The Future of Love and Sex - Robots · · Score: 1

    And robots could be more than anthropomorphic dildos in another 50 years, which is what TFA was about.

  24. Backup your home directory. on KDE 4 Uses 40% Less Memory Than 3 Despite Eye-Candy · · Score: 1

    I do reconfigure a lot of this -- but I do it exactly once per machine.

    If/when I decide to actually share my home directory somehow, I will do it exactly once, and it will stay configured for all time.

  25. How did it get there? on Ubuntu Gutsy Gibbon vs. Mac OS X Leopard · · Score: 1

    On Windows, the only way to install software is to download an exe and pray. (Or pop in a CD and pray.)

    On Linux, we have package managers, which means repositories. Which means I don't do ./installCrap, I do apt-get install crap. The former might give me malware -- the latter won't.

    Perhaps more importantly, how did installCrap get there? How did it come to be executable? (Never mind that shiny new icons don't come in executable form.)

    On Windows, for a user to install malware, they have to open the wrong email or visit the wrong website, and maybe they have to click "yes" or "ok". On Linux, for a user to install malware, they have to open the wrong email or visit the wrong website, but they then have to download a file, remember where they saved it, find it, mark it executable, then run it. And if it needs admin rights, they actually have to enter a password, not just click "ok".

    Ultimately, you are right -- if the user is determined to crap up their computer, there's not much we can do about it. But Linux is quite a lot farther along than Windows. The fact that Windows and OS X both ripped off sudo should tell you something.