Slashdot Mirror


User: SanityInAnarchy

SanityInAnarchy's activity in the archive.

Stories
0
Comments
12,413
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,413

  1. Not too hard, just too much apathy on PGP Is 15 Years Old · · Score: 1

    My family is perfectly capable of understanding and using PGP. The problem is, like many people, they just don't think it's worth it. On an intellectual level, they understand how risky it is, but they live in a town so small and friendly you hardly have to lock your doors at night. It's that disease of saying "I'm not important enough, don't these kinds of things happen to Other People?"

    I'd set it up for them, taking care of #2 -- I wouldn't mind setting up all my friends, work colleagues, and family -- but #1 is difficult.

    Oh, and by the way, you're lucky if these people really understand secure payments over the web. Everyone I know just uses them automatically, so in fact, SSL is pretty useless. We only just barely keep it working by complaining loudly when a site doesn't use it for something critical, and most people are very surprised when I tell them a total of about 5 corporations could sieze control of every secure transaction on the Web.

  2. Because they're not. on PGP Is 15 Years Old · · Score: 2, Insightful

    When signing, in fact, the exact opposite happens.

    Public and private isn't too bad, it's just that no one ever, EVER bothers to learn them. I mean, come on, if people can learn words like "clutch", "gearshift", "ignition", and so on, why can't they understand that the PUBLIC key is what you send to everyone, and the PRIVATE key is what you don't even share with your lover?

  3. GPG+Enigmail. on PGP Is 15 Years Old · · Score: 1

    Not easy to setup, granted, but it's free, it does what you want, and it's actually pretty easy to use.

  4. Re:Too bad it isn't better integrated into things on PGP Is 15 Years Old · · Score: 1
    Once upon a time I generated a key, and discovered there was no one around to swap keys with.

    You do send email, right? When people ask you about that funny little attachment to all your emails, explain PGP to them and help them generate their own key. As long as they understand that the public key must be securely verified, most people (even nontechnical people) do alright with the concept.

    It needs to be as easy as hitting send on an email, automatically sign it, and if the recipient is known to have a key then encrypt it to them.

    For years, feels like decades, Enigmail has done this in Mozilla and Thunderbird. My Thunderbird is set up to automatically sign my emails with PGP/MIME, and encrypt them if my GPG knows about their key.

    I think most people don't care enough and probably most of their email doesn't matter enough to bother with encrypting or signing.

    You are quite wrong.

    Most people will actually agree with your statement, and they're also quite wrong.

    This is because most people have never actually had someone intercept, read, and modify their email, and for some strange reason, they assume that email is confidential. I recently was setting up a small group of friends to keep in touch over the Internet, and I did actually get them to use an alternative once I explained how ridiculously insecure email actually is.

    Most people, if you ask them, would be perfectly happy with PGP, even as it stands, if someone else set it up for them and taught them how to use it.

    Personally, I've given up. Most people I need secure communications with are on the same corporate network, and it's such a small company that if anyone really wanted to do something evil, they wouldn't need to mess with the network at all.

  5. Re:thawte offers free x.509 certificates . . . on PGP Is 15 Years Old · · Score: 1
    As for the big list of pre-trusted CAs, just remove the ones you don't trust.

    And suddenly, I can't visit any https URLs except my own.

    Really, the PGP concept of "trust" is important. There are multiple levels of trust, from simply "I trust that this key actually belongs to this person" to "I fully trust this person to be competent at signing keys, and will trust any key they sign"...

    Generally, trust is earned, based on experience. Really, what has Thawte, VeriSign, or any other root CA done to earn my trust?

  6. Re:Offtopic, but interesting. on Second Life Businesses Close Due To Cloning · · Score: 2, Interesting

    Starfleet may be a free society, but it's also a military society. Thus, if you want to, say, command a starship, you have to be productive.

    And there was an episode where they dealt with "holodiction".

    Still, it was never really made clear. Sometimes there's talk of money, sometimes there's talk of how we've done away with currency. Sometimes there's barter, most often there's no mention of it. Kind of like how sometimes the replicators can produce any material you want, yet some materials are somehow scarce and can't be produced by the replicators. Yet, even these can often be beamed, which is supposedly the same technology.

    It's a fascinating universe, but still a space opera -- they cherrypick the "science" they want to suit a particular fiction. In fact, it gets so bad that some scripts literally have "TECHNO" throughout -- as in, "Insert technobabble here." So, you see lines like "We can't TECHNO because TECHNO! But maybe if we TECHNO..." Which, of course, maps pretty closely to what most people hear.

  7. Offtopic, but interesting. on Second Life Businesses Close Due To Cloning · · Score: 1

    After all, in some episodes/movies of Star trek, there is currency, but in other episodes/movies, there is not. I mean, the Ferengi are always in it for a profit, but Kirk is completely lost trying to "get" the concept of currency in the 20th century.

    But it does make you wonder.

  8. Winelib. on Linux Users Banned From World of Warcraft? · · Score: 1

    To everyone else replying to this, you're missing the point. It does not take $20 million to recompile your software. They would just have to license Cedega's Winelib.

    Transgaming would be happy, because they'd get a small kickback. Users would be happy, because it'd likely cost less than actually owning a copy of Cedega. Blizzard would be happy, because they'd have more users.

    Of course, it's more complicated than that, but it doesn't have to be a full port -- and a full port probably isn't as hard as you think it is, anyway.

    About distros, how is it that every commercial game I've tried on Linux works flawlessly in every distro? Even if it was that hard, the distros would do all the work, bending over backwards to say "We support WoW!"

  9. Stupid calculations. on Internet Only 1% Porn · · Score: 1
  10. Re:ONLY 1% Porn? on Internet Only 1% Porn · · Score: 1

    I was about to write a long-ish attack on you and your beliefs, but I think your score of "5, Funny" says it all.

    I don't care whether you're being sarcastic or whether you really believe that, it's still funny as hell.

  11. There is a disconnect on Internet Only 1% Porn · · Score: 1

    For instance, how many of you would walk into work, stand up in the middle of the cubicle forest, and shout "FUCK THE WORLD!!!"

    How many of you would type something similar into Slashdot?

    The disconnect is perhaps not about our real sexuality, but how it's expressed. Most people would feel a hell of a lot safer talking about sex here, behind some perceived anonymity, than in life, especially at the office, in front of that cute brunette at reception... or in front of your fat, aging, pointy-haired boss...

    The same could be said for a lot of other things, though. Personally, I'd feel a lot more comfortable talking to the cute brunette about sex than trying to explain system administration to her. The admin talk is a lot more likely to be boring. But on the Internet, no one cares if you're boring -- they can easily ignore you, and find something more interesting -- whereas in life, she's stuck at that desk, so it's actually rude to be boring to her.

    Thus, the Internet is more sexual than life in general, but perhaps more closely represents how sexual people are in general. This could skew it both ways, but I stand by that point, certainly if we look at browsing histories, not just web pages that exist.

  12. Re:Actually... on How To Build a Web Spider On Linux · · Score: 1

    Not in this game. The pages are not actually user-created, they are generated daily from the actual game data and hosted by the company who runs the game. The only thing you have control over is whether your inventory/bank/whatever appears on the page, and I can just as easily scan for people who refuse to list them.

    So, it's actually much more efficient to scan for a specific string that I know will be there for a particular item -- it's literally impossible for them to try to mask it with, say, leetspeak.

  13. Re:Give them inscentives. on Getting Development Group To Adopt New Practices? · · Score: 1

    Perhaps, and I don't think it'd be a good idea in the long run. However, it would be a nice kick in the pants if you discover that people are still being fundamentally uncooperative.

  14. Give them inscentives. on Getting Development Group To Adopt New Practices? · · Score: 1

    On the same note, give them inscentives to not only adopt these practices themselves, but also spot others not doing them.

    I'm making this up on the spot, so feel free to actually make it into something worthwhile:

    Create a ficticious currency, or some sort of point system. Report someone accurately as doing something wrong, and you get a point. If you're doing something right, you get a point or two. Get caught doing something wrong, and lose a point. At the end of the week (or other time period), give something relevant to the person with the most points, at every level. (So, for instance, at the level of a 10-person sub-sub-sub-project, you'd probably give the winner a beer of the week. At a company-wide level, but somewhat less frequently, well, depends how much you want to do -- a little bird told me that Google has some really cool inscentives, like cars and vacations, for people who really get stuff done.

  15. Actually... on How To Build a Web Spider On Linux · · Score: 3, Interesting

    Some websites do not have good search functionality. Sometimes it's an area that Google doesn't crawl (robots.txt and such), and sometimes I'm looking for something very, very specific.

    Regardless, I do, in fact, build spiders. For instance, in an MMO I play, all users can have webpages, so it's very useful to have a spider as part of a clan/guild/whatever to crawl the webpages looking for users who have illegal items and such. In a more general way, there is a third-party site which collects vital statistics of everyone who puts those in their user page, so you can get lists of the most powerful people in the game, the richest people, etc.

  16. Re:some points on How To Build a Web Spider On Linux · · Score: 1

    You don't want to automate IE. Aside from the fact that it's IE, you don't want to use any browser unless you have to. Mechanize is your friend, and you can always change the user agent string if you want to be a jackass.

    Firefox's automation capabilities don't need to match those of IE, for pretty much the same reason. The only thing Mechanize can't do is JavaScript, and there are vague plans about that.

  17. Re:I admit to have not RTFA, but on The Importance of OS Backwards Compatibility · · Score: 1
    Well, yeah. But you can say this about pretty much any sufficiently large company. My only point is that the Linux kernel is not exactly something you want to hold up as an example of backwards compatibility.

    Well, like anything else, it's backwards compatible through defined interfaces. For one thing, I didn't see a single program notice or complain about the switch from 2.4 to 2.6, probably because the kernel<->userland interface is fairly stable and well-defined.

    As soon as you start talking about a kernel module, it all falls apart. Trying to make that compatible is like trying to make patches to another program compatible across all versions. For clarification: Linux program running on the Linux kernel is kind of like, say, xmms plugin running in xmms -- and, indeed, most xmms plugins run unmodified on new versions of xmms (or bmp, or audacious). However, Linux module running in Linux kernel is like xmms patch working with xmms -- if the module still works across a major version change, that's like saying a wholly custom xmms patch still works in Audacious.

    Miracles do happen, but I think if a kernel can still run unmodified binaries from earlier versions of itself, it's doing pretty damn well, and I do hold it up as an example of backwards compatibility.

  18. Re:I admit to have not RTFA, but on The Importance of OS Backwards Compatibility · · Score: 1

    iBCS is not an app, really -- as I understand it, this kind of thing would have to be in the kernel, right?

    If that's right, let's not be blind to XP's faults, either. I've had a device which had a driver for "Win98 or higher", which, in fact, only worked on Win98, Win98SE, and WinME. 2000 and XP wouldn't even touch it. Fortunately, I only needed this device to work for about 5 mins, so it was possible to set up a Win98 box to run it on, but come on -- Office even breaks file format compatibility across versions of itself -- newer versions of Office can't always read files from older versions.

    Microsoft seems to do a good job of backwards compatibility, and in fact a good job of everything, but only where it would cost them a significant amount of money by not doing a good job.

  19. Re:Standard data format on The Importance of OS Backwards Compatibility · · Score: 1

    You have just proceeded to argue directly for parent's point. If your corporate data was stored in an open format, you wouldn't have this problem. "Open" does not mean you have the source code.

    Maybe it becomes clearer if we talk about the second half of that: Standard. An open standard means it's a no-brainer to migrate.

  20. Re:With open source ... on The Importance of OS Backwards Compatibility · · Score: 2, Informative

    Looks like I'm arguing against it.

    Those who do not understand package management are doomed to reimplement it, poorly. Although you do make a point:

    Note, that this is mearly an issue for third-party packages for your os.

    Perhaps, but most distros now support adding third-party repositories, and even if you don't, when you download a .deb file manually, it's still going to pull in dependencies when you install it.

    Ultimately, I see compiling things statically as being kind of like offering a WinZip Self-Extractor file for a Windows XP program. Ok, it's guaranteed to work, but it's still a bit of pointless waste.

    And by the way:

    Because if something else uses that lib, chances are it will need libfoo-1.7.4.so, and be incompatible with libfoo-1.7.5.so (even though minor version increases shouldn't break compatibility, but it happens anyways).

    There are multiple, very good ways of dealing with this. The libfoo guys shouldn't have broken compatibility, or should've sat around and come up with all the ways they'd like to break compatibility and put together libfoo-2.0.0. Or, the package that's incompatible with libfoo-1.7.5 could depend on libfoo-1.7.4 -- both can easily exist on the same system. Or you could just not symlink libfoo-1.7.5.so to libfoo-1.7.so or any of its other aliases -- packages that know about 1.7.5 can link to the 1.7.5 version, packages which don't know about them will stick with 1.7.4 automatically.

    All of this can be handled by a distro maintainer, so a really simple solution for most of these problems is to simply find a way to allow your app to be distributed, or if you can't do that, pay some developers to maintain parts of the distro that your app cares about, and keep everything compatible.

    And audio/video codecs should not break compatibility between versions... period. How simple can you get? But if you let your app use a shared library, that means your app could automagically get any codec I install with the system.

  21. Re:This is good, but... on Sun Open Sources Java Under GPL · · Score: 1

    Good points, I'm sure. I still need to learn more about threading models, although I think coroutines could be ridiculously useful to get some sort of threading done quickly.

    My point is that we don't really see any threading-specific language constructs in most of these languages. They express threading in terms of what's already there. Java is an "object-oriented language", not a "threading langugae", so threads in Java are an object, and anything related to threading is expressed that way. Perl lets you do "ties" for anything really bizarrely outside the ordinary, and Perl threads kind of look like that. C does most things as functional/procedural, either passing structures around or (more likely) passing ids around, and that's how threading is implemented in C.

    I'm not saying any of these are a bad or wrong way to do it, but I suspect that a language designed from the ground up to do threading -- as one of the major design goals of the language, not just an incedental thing -- that language would look fundamentally different.

    Therefore, I still say Python is as good at threading as most other languages, because like most languages, threading is kind of bolted on, but you can still do some cool things with it.

  22. Re:Does "Aunt Tilly" make a difference? on The War Is Over, and Linux Has Won · · Score: 1
    And the 'you obviously don't' - this type of 'not-just-Holier, but SMARTER-than-thou-too' attitude is what turns off a lot of people. re:above comment.

    Again, you started it. And I quote:

    (And no, my Windows XP will not automatically update my nVidia drivers.. and if you played games regularly, you wouldn't want yours updating by themselves either.)

    I play games regularly, and I do want them updating by themselves. If something breaks from an update, I can always roll back the update -- but I can't ever remember this happening from a driver update. I guess that must mean I "don't play games regularly" or I'd run into it? But back to the real debate:

    Yeah, ANYTHING is easy once you 'know your way around". insert pointless automotive analogy here.

    Consider that Windows is only easy because you know your way around, reasonably well, hence your trollish reaction towards Linux.

    I personally think that tweaking your KERNEL to make your GAMES run faster is anti-productive, and Nerd-gasmic BS at best.

    How is it any worse than updating your video card?

    I don't want to have to STOP!!!

    Where did you draw the conclusion that you have to do anything to the kernel? Un-fucking-believable.

    I think I'm actually quite justified in acting smarter than you, when you say things that moronic.

    Farnkly, the people who do WANT to do this kind of thing are also rarely true 'gamers'. They're Nerds, and the love of All Things Nerdy is what makes them play games, and it makes them waste their time re-compiling their kernel while the rest of us are trying to get Epic Lewtz in Warcraft.

    Funny how you see Epic Lewtz as less nerdy than performance tuning. At the end of the day, your Epic Lewtz are worthless unless you're selling them for real cash. On the other hand, my skills at tweaking the kernel, untarring, and generally messing with commandlines -- oh, and not being afraid to try new things -- is actually really useful in my day job.

    At the end of the day, you're just a gamer nerd, but I am a professional hacker.

    I'm happy that Linux/OSS is trying to make things easier for us gamers. In the meantime, stop beating me over the head about all the completely free, cool, and utterly USELESS things you can do,

    I can't believe you just fucking said that. Improving performance is "useless" and "nerdy", but collecting Epic Lewtz is -- what -- useful and macho?

    I'll stop when you stop attacking what I do as "useless". More importantly: If you don't want to use Linux, fine, but just because you couldn't figure it out, don't spew FUD about how you "have to" patch the kernel, mess with tarballs, or any of the other BS arguments you bring up which haven't been valid since about 2002.

    Linux isn't perfect, but it's a hell of a lot easier than you make it sound -- and you don't even use it. You gave up. So shut up.

    Really, if you have nothing intelligent to say, just filter out linux.slashdot.org and go post on a topic that you actually know something about. I'm sure there's something you're passionate about, that you "know your way around".

  23. Re:You're both wrong... on Man's Vote for Himself Missing In E-Vote Count · · Score: 1

    User error and/or lying in 8 or 10 people is a bit tougher to believe. They are making a big deal out of his own vote not being counted because, I mean, come on! But there were other people who claim to have voted for him, and who also weren't counted.

  24. What BitTornado were you running? on Sun Open Sources Java Under GPL · · Score: 1

    Mine (albeit on a single torrent) was barely noticeable at all on a 1.8ghz amd64. I mean, between that, gaim, and moblock, I was still 98% idle or so.

    By that calculation, I could run 50 simultaneous instances of BitTornado, and still have plenty of room to spare.

    Azureus, though. Doesn't even start up properly -- always has 3 error messages in a row. Then it works, and it's very nice and pretty and powerful, but really, performance was about the same. At least until, after months of use (not continuous use -- I didn't leave the same instance open, duh), Azureus began to thrash my disks (nice little RAID) so hard it slowed down the Torrent a touch, and definitely enough to make the rest of the box unusable.

    This on a single torrent of less than 200 megs. My BitTornado just finished downloading a nice little torrent of about 15 gigs or so.

    Anything that makes the cursor lag is fucking broken. I miss the queuing, but that's it.

  25. Re:This is good, but... on Sun Open Sources Java Under GPL · · Score: 1

    It seems that most major languages I look at don't start out designed to be multithreaded. They start out single-threaded, assuming the language is atomic, and lots of libraries are not thread-safe. Then threading gets added to the language, and it's unstable for quite awhile, and even when it's stable, you have to check whether libraries are thread-safe. This is at least as true for Java as it is for Python.

    And python does seem to have quite good support for threading... I think it's called TwistedPython.

    But really, if a language was designed to be threading from the beginning, I think we'd be seeing some more useful constructs like coroutines.