Slashdot Mirror


User: SanityInAnarchy

SanityInAnarchy's activity in the archive.

Stories
0
Comments
12,413
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,413

  1. Re:Compatibility... on Tom's Hardware Reviews ATI and Nvidia on Linux · · Score: 1

    I believe there's some stuff they've licensed for use in the binary distribution, like the InstallShield libraries... Something like that.

    Also, Point2Play is just a good idea for games.

    I would use the CVS, but they killed off the Gentoo ebuild for that, which means no auto-updates and a fairly difficult build process. I would like to support them, anyway, and it gives me the ability to vote on games. Although that's always going to be skewed, I do want to remind them that I have some obscure games that don't work perfectly yet, and I'd like some work done on them.

    But, there are other problems with paying that I don't feel like talking about, as I'm still trying to get them resolved...

  2. Re:Lame on Has Zend Source Encryption Been Rendered Useless? · · Score: 2, Interesting
    A person who is an accomplished lockpick can pick your average brass deadbolt in a few minutes or less... so to them, every lock is effectively papier mache.

    Except the difference here is, there are theives who would break in and steal your stuff without also knowing how to pick a deadbolt. Most people who want to steal this source code could do it easily.

    What's more, automatic lockpicks don't work yet (as far as I know), nor can you easily build a robot to pick locks, run in, steal stuff, and bring it straight to the pawnshop. This kind of thing is easily possible with this kind of "encryption" (sorry, "protection") -- I can certainly automate the process of Googling for code that looks like it was "protected" this way, "decrypt" it, and email the results to me, figuring that anyone using this probably has something to hide in their PHP -- maybe a vulnerability, even.

    In any case, would you feel as confident about this if someone really was selling paper-mache deadbolts? If it really is just a question of magnitude, remember, someone still might be able to decompile code fairly quickly (and crack it to do things it tries to prevent, like making a game run without the CD). Compiling, even just to bytecode (and you can do that with some variants of PHP), is more like a real deadbolt. "Encrypting" is paper-mache, and I don't see how it's even "good enough for most".

    Ah, well, at least this is better than the HTML "encryption", which seriously damages the usability of your site, without even slowing down a "hacker" wanting to "steal" your code -- not that you should care about this in HTML, anyway.

  3. Re:DRM on Has Zend Source Encryption Been Rendered Useless? · · Score: 4, Interesting

    I actually got a response from one company, who called themselves "American Computer Systems". I followed a link from a spam, and they were actually relatively advanced -- they use JavaScript to construct your source from a very long string of alphanumeric characters. At the end, they document.write it. They show this effect off on their homepage. So, I made a textarea in the original page, swapped "document.write(foo)" for "document.(the.text.area).value = foo", then sent it all back to them. Here's the first email I sent them:

    Well, that was an interesting little project. Too bad client-side JavaScript will always be vulnerable to a little tweak here and there, and you didn't even bother to crunch the HTML down ahead of time. It is nice, clean, and readable... Why is it you used to play WMA music? Ah, nevermind, wouldn't have worked, I'm on a Mac at the moment.

    Really, why do you bother? All this does is provide a fun exercise for people like me. I actually automated the process, just for fun. All this does is make the page completely unreadable to people who don't have JavaScript enabled, and it makes it impossible to save bandwidth by compressing the page, as it's now encrypted. Oh, it does compress, but the compressed version of your encrypted JavaScript is twice as big as the compressed version of the original source.

    Anyway, I've found the source code to your main frame, and I've attached it to this email. Now, please stop spamming me, and please find something better to do with your life. And while you're at it, you should read a bit about open source philosophy.

    Now that I look at it, I can see why you'd want to keep it a secret. Looks like you're borrowing source code just like everyone else. That's not a bad thing, but everyone else isn't trying to sell a product on the idea of wanting to not share source code. Someone shared their code with you, but you don't want to share back?

    Well, if you're going to be that way, I guess I won't give you the source code to the program I have which now decrypts the results of your software.

    To my astonishment, I actually got a response. A response somehow defending the position of "encrypting" websites.

    Hi David.

    Thanks for your message. Is nice to read your opinion.You know there is always a better or faster or cheaper way.
    With this program it is the same as with a car. There is no 100% protection, but it help's a lot to lock it.
    By the way I dont steal code to produce my websafe. It is 100% maded here. By the way the original code is abt. the same size
    as the scrambled one. We dont write code like the one you send me. He is already stripped.

    I have seen that your hometown isin the east of the USA. My self I was living quit a while im Maryland. Was a good time David.
    Ok I hope I'm not wasting your time.

    Thanks for your message.

    Erwin

    ps. The wma comes back. Just a filesize problem with one of my providers.

    Funny, I could swear I saw the WMA bit commented out? Ah, well, I'll give him that one, but this is too fun to stop now...

    Erwin Jabor wrote:
    > >
    > > Hi David.
    > >
    > > Thanks for your message. Is nice to read your opinion.You know there is
    > > always a better or faster or cheaper way.
    > > With this program it is the same as with a car. There is no 100%
    > > protection, but it help's a lot to lock it.

    Only, in this case, I have the equivalent of a master key. You're
    better off simply not putting so much value on your HTML design.

    > > By the way I dont steal code to produce my websafe. It is 100% maded
    > > here.

    I meant the code for your website, not your software, and no, it's not.
    You actually give credit to the place you got your hit counter and
    other such things. I can point it out for you if you like.

    The difference is, most w

  4. Re:fglrx is a piece of crap! on Tom's Hardware Reviews ATI and Nvidia on Linux · · Score: 2, Informative

    Where's your line breaks?

    Bad Slashdotter. No cookie.

    Regarding your problems, I'm not surprised. The last time I had an ATI card, I had to manually hack the Linux drivers, as they were autodetecting my system as using AGP 2.0, when it was AGP 3.0 (AGP 8x). Now, I have two PCI Express systems, so that wouldn't be a problem, except that experience was enough to put me off of ATI on Linux, and I haven't bought an ATI card since, except the one in this Powerbook.

    Once I got it working (by commenting out autodetection and hardcoding AGP 3.0), I still had similar problems to yours -- I never really tried TV out, but I never, ever had the ability to play video properly while using the proprietary ATI drivers. The open source DRI drivers worked fine, of course, but they didn't have any 3D acceleration at all, much less the extensions required by UT2003. So I had to choose, on boot, whether I wanted to be able to watch video or play games.

    Basically, even the parts of the driver that were open source (the AGP acceleration) sucked. The closed parts sucked even more, especially because I could actually fix the open parts, but not the closed ones.

    My next video card was nVidia, and I've never looked back. Almost completely proprietary, but they keep it up to date with every new kernel and kernel feature I try. I have a fairly custom kernel -- 64-bit, patched for Reiser4 and recent open source drivers straight from my gigabit card manufacturer, lots of custom hacks here and there -- but all I ever have to do is "emerge nvidia-kernel" whenever I get a new kernel. And everything works as well or better than any open source drivers I've had -- I can do XvMC (hardware-accelerated mpeg decoding), or just xv (X Video extension) which almost always looks good, fullscreen, antialiased by mplayer, at 1600x1200, no matter what the video is. Any game that I can get to work on Linux, period, never has any problems from the video drivers -- stuff just works.

    My only ATI card left is something I had to get for my server, which I built as a second desktop machine, with the same motherboard as my desktop -- which was built for PCI Express, which does not boot unless it has a PCI Express card in there, even though the BIOS would seem to suggest that I could use a standard, $5 bargain-bin PCI video card. Problem was, although the PCI video card works fine, it won't boot at all unless there's a PCI Express card in there. So I got a $50 ATI card, which has the added advantage that, for another $10 or so, I got a tuner card to go with it. If I ever get around to it, I can set up MythTV on that box.

  5. Re:Performance issues on Tom's Hardware Reviews ATI and Nvidia on Linux · · Score: 1
    # emerge ut2004

    Ok, I cheated. Our ut2004 comes on four or five CDs, each of which has data files which must be copied over. Same with Doom 3. However, there's no next-next-next at all, just agree to one license and go.

  6. Re:They missed something in the article. on Tom's Hardware Reviews ATI and Nvidia on Linux · · Score: 1

    It tells me no one cares. Quake 3 is probably old enough that it's playable in software mode, or on a 3dfx card.

  7. Re:They missed something in the article. on Tom's Hardware Reviews ATI and Nvidia on Linux · · Score: 1

    Yes, it is. It costs money, but it's still "free" as in "libre" -- you can get sourcecode for Quake 3.

  8. Re:Compatibility... on Tom's Hardware Reviews ATI and Nvidia on Linux · · Score: 1, Interesting

    This is an important distinction, by the way. While it does probably mean slower performance than running the same program natively under Linux, there have been instances where games run faster under Wine or Cedega than under Windows.

    Cedega does cause a price problem, though. I would encourage everyone to use Cedega and wipe out their XP partitions so that games start being ported, but I can't really recommend it for the price alone. New Windows every 7 years: $200. Cedega: $5/mo = $120/year. Thus, Cedega is more expensive than Windows.

    Wine is better for everything but games, though. While I would like to see something similar to the Point2Play interface, especially if I could get some nice sandboxing, it isn't really necessary. But, right now, Wine seems to have a better overall architecture than Cedega -- cleaner design -- and it does seem to support things that Cedega does not.

  9. Re:I hope it won't end up like Doom on Halo Movie Scribe Talks Game Faithfulness · · Score: 1

    Good point. I hope they don't take out all the religious stuff about prophets and heretics.

    Knowing Bungie, they probably would try, but Bungie would throw the book at them. As in, the Halo Bible.

  10. Re:What this all means: on Intel's Core 2 Desktop Processors Tested · · Score: 1

    Upgrade your CPU/motherboard, but get something cheap, unless you really expect to be upgrading your CPU later, in which case, get the very latest socket type...

    Not because you need the CPU speed, but because you want PCI Express, because those video cards don't cost any more, but I don't see us needing a new standard for awhile.

  11. Re:Agree Completely on Teachers Union Opposes Virtual K-8 Charter School · · Score: 1
    It is a lot of work, but the upshot is improved grammer and spelling skills that are lacking in the technical..... I'm going on to so a PhD in socialolgy where I'll be line for tenure where I have a much more rewarding job then beeing a science freak or an engineer.

    I guess "improved spelling skills" means inventing words like "socialology" and "beeing". I'm sure if I had the education, I could point out exactly where else you're wrong. In any case, no offense, but your writing seems somewhat worse than my brother's, and he's fifteen. Same problem he used to have, though -- ridiculously long run-on sentences. Maybe it's perfectly grammatically sound but it also makes you feel out of breath by the time you get to the end of it even if you're reading silently like in your head.

    Seriously, I've had one year of college, you've had how many? And I failed English 105 both times, not because it was hard, but because it was boring as hell.

    Can you really blame me for "beeing" elitist, when I can build a computer from parts, program for a living, figure out most people's computer problems in less than a minute, but still type at sixty words per minute with better spelling, grammar, and punctuation than you, without even trying?

    I try not to be arrogant about it, but you really asked for that. And I won't bring up the rest of your post about science, because other people have already humiliated you there -- astrology? Seriously? Ok, smart guy, if science is 95% opinion, then why do 95% of the opinions among real scientists agree? Because they're based on repeatable experiments. It's very hard to find a single song that 95% of people agree sounds good, because tastes vary so much -- certainly 95% of people will not find that their own iTunes library is 95% the same stuff.

    Oh, sorry, you don't like numbers. Well, you brought it up. You really did ask for that.

  12. ANNOYING!!! on An AI Coach for Bad Gamers? · · Score: 1

    In every form I've seen this, it does nothing but piss me off. Sure, sometimes they have a point, but no one likes a backseat driver, especially when they're dead right. This would probably be hilariously annoying for being dead wrong, and having a limited number of canned phrases.

    "There's some Nazi guards sneaking up on you."

    In real life? My response would probably be:

    "You've only told me this eight fucking times in the past 30 seconds. Has it occurred to you that maybe I'm setting a trap, and don't want them to know I've noticed them yet? Or maybe it's simpler: I'm sniping some guys off the building nextdoor. Every time you say that it throws off my aim, and judging by their sweep, they'll probably notice me soon. I just need ten more seconds to pick off the last of them, giving me plenty of time to spin around and toss a grenade at these fools trying to sneak up on me."

    Ok, that may be a bit far-fetched, but the only hint system that ever worked for me was a tip of the day, or the gentle introduction to the game. I do NOT want Clippy in my games! Especially considering a human coach has a hard enough time figuring out what I'm about to pull, what makes you think a bot really knows whether I'm not paying attention to my minimap, or whether I simply don't care. Or whether it's so blatantly obvious that it's just more noise... yeah, I do NOT need the bot to tell me Flood are closing in from every possible direction, and I do NOT need to hear "Are you checking your minimap? Are you checking your minimap? Are you checking your minimap?" while I'm trying to spray my SMG fire efficiently enough that I'll be able to reload without dying.

    A beginner might find this useful, but really, they could gain a lot more by either playing online or cooperatively (learning by example things the AI won't dream of for another two years) or by simply referring back to the manual now and then, or at least doing a casual, visual sweep of the screen to make sure there isn't some HUD element (like the minimap) that they've been forgetting to check.

    That's what I want in a game, really -- decent co-op, teammates who won't accidently kill me if I allow friendly fire to count, who know when to give me covering fire, when to just watch my back and let me kick ass, and when to take the easy kills (grunts) while I go after hunters/bosses. But then, maybe I just need to play the Half-Life 2 episodes.

    Maybe me and my perfect bot can go assassinate Clippy with a coordinated RPG attack. Screw that, coordinated Redeemers. "Imagine every atom in your body accelerating outward at the speed of light..."

  13. Punishment? on Suspended Animation Tests Successful · · Score: 1

    How about being someone's bitch for a lifetime?

    Besides, what is the point of punishment anymore? My understanding is, punishment is what you do when you want someone changed. You spank them and say "No, no, no! Don't do that again!" And then maybe they won't. Whether that works with the current prison system is up for debate.

    The other reason usually given is that it removes these people from society. This one I can buy. But doesn't life remove people as effectively as death?

    Life costs more than death. So if you want to talk about a moral issue, I think it's far more ethical to kill a convict for their organs than to kill a convict because it costs more money to hold them. Only way I can see around that is to donate a lifetime's worth of prison upkeep to some charity everytime you kill someone... but that benefits the charity. If you burn the money, that causes inflation, which is certainly good for someone.

    Ok, I know you're just the messenger, but I don't like this at all -- not to mention the whole dead innocents bit. But if I was in charge, I'd have to do some math -- how many innocent lives can be saved by finding someone now serving life wasn't guilty? How many innocent lives could be saved by donating that same amount of money to charity? Or even sending it back into the tax system, maybe put it in education, maybe raise more doctors, who can save someone else's life later?

    In any case, tricky as it is, it's such a waste -- especially because I'm sure there are plenty of people on death row who still have some kind of ethics. You know, maybe some sick KKK bastard who rapes and murders little black girls, but would love to donate his organs to a good white family. It's not the family's fault he was a racist. Or maybe it's a psychopath, someone who went absolutely batshit crazy and killed 20 or 30 people, then reverted to a mostly normal human being -- someone who knows she can never live a good life, who knows she'll always have the capacity for that, but still has her good moments, and wants to do some good, even if it's the last thing she does.

    I just don't see organs as being that much more powerful a motivator for the death penalty than money. Maybe I'm just used to the less morally ambiguous kind of corruption.

  14. Re:What a crap article title. on Whatever Happened to the Gaming Mascot? · · Score: 1

    Admit it, Gordon Freeman and Master Chief are both much more interesting than reflective, shiny, rippling water. They are certainly popular enough that I've seen people do scenes of Master Cheif running over Gordon in a Warthog, or Gordon crowbarring the Chief's head off. Can your shiny water do that?

  15. WTF? on Net Neutrality a Threat to Online OSes? · · Score: 1

    Seriously, WTF? Both the original article and the poster seem to be... erm... confused about what Net Neutrality means. I mean, I make the same mistake, but they seem to be thinking net neutrality means the opposite of what it does...

    Weird.

    Anyway, it's completely backwards. What makes you think an "online operating system" will be easier to run if its run by an ISP? What's more, how does it help you if there's no neutrality -- won't you run into even worse issues than you do today if you try to take your MediacomGmailRipoff account to your friend's house, who's on SBC? At least today, Gmail either works about the same for everyone or it doesn't really work for anyone...

    Eh, nevermind. This guy is insane, and so is any consumer who doesn't want net neutrality.

  16. Dangerous. on MS Research Automates Search Engine Spam Hunt · · Score: 1

    Arms race.

    This is exactly what happens in email. You say "Oh! I can filter 99% of my spam by grabbing anything with 'Viagra' in the subject line!"

    The spammers, noticing this, start using subject lines like "Urgent! Read now!"

    You adjust your filter to watch for anything with "Urgent" in the subject line and "Viagra" in the body.

    They send you Vi.ag.ra instead. You catch that, they send you Vlagra.

    They send "Penis pills". You filter anything with "Penis". Then your freind changes their signature to "The Pen is Mightier than the Sword". Since your filter is smart enough to catch "Vi ag ra", it's also dumb enough to think "Pen is" means "Penis".

    You adjust your filter to assign a score based on how many bad things it notices, and you add a few good things to even the score -- like whitelisting a few close friends, and anything coming in with "I AM NOT SPAM" in the subject line. Of course, you realize it won't work entirely -- the spammers will eventually use "I AM NOT SPAM", and sooner or later you'll get an email from someone you never heard of, who wants to talk to you about a business proposition, who got your email from somewhere like a forwarded message or somewhere else on the Internet, and they don't add the "I AM NOT SPAM" flag. But for awhile, it works.

    Then the spammers start sending messages that contain no text at all, just a few large images.

    You filter that, meaning you completely miss your grandmother's email -- family photos -- or your girlfriend's birthday surprise email -- you fill in the blanks.

    Before you know it, you're spending all your spare time tweaking your spam filtering settings, and it's still not enough. You thought it would be so easy -- just a Perl one-liner used to block 99% of your spam, with 0 false positives! But things are changing too fast now. At some point, you get the genius idea to make it open source. Hundreds of like-minded people flock to it, desparate. Every day, your spamfilter downloads a new copy of the rules database, a collection of Perl one-liners used to catch spam. But you're getting hundreds of spams a day now, which means as soon as the spammers switch tactics, you could have a thousand spams in your inbox before you get the daily database update -- and that's assuming the daily update has a rule that blocks these.

    Basically, you've created Spam Assassin. Works like an anti-virus program. It also means that someone has to get hit with a new virus (type of spam) before the filter can block it, but even when it's at its best, it's still nowhere near good enough. Remember, 95% accuracy on 500 spams a day means you still get 25 spams in your inbox.

    This is why its best to automate this kind of thing. Use a statistical filter such as dspam, bogofilter, or crm114. They are actually more accurate, when trained by humans, than a hand-coded filter.

    So yes, you do need humans to train your web filter, but you also need your humans to continue to train and retrain a statistical filter. You can't just pick an arbitrary five websites and either assume that's all there is, or remove everything like those five, because that just starts the exact same arms race I've just described.

  17. Define an action. on Google's Click-Fraud Crackdown · · Score: 1

    As he said, fill out a survey or whatever. Add your own captchas, all up to you.

    Here's the problem -- how can Google implement this in such a way that they retain enough control to know whether the item was bought, survey was filled out, or whatever? What's to stop someone from just setting up a paypal donation link and calling that their "purchase", but then having the rest of the site be a sales pitch for a sale which is actually handled somewhere else?

    Google would have to take over the whole process of purchasing and collecting money from the consumer (or a survey, or whatever), and they'd still have to manually look at some of them, at least.

  18. Re:Reminds me of Anakin on The Multi-Pointer X server · · Score: 1

    Yeah, then he killed her. You bastards!

  19. Re:Reminds me of Anakin on The Multi-Pointer X server · · Score: 1
    I'd go for, say #100 on the hit parade. High enough up to be to far too valuable to waste, not high enough to be considered a threat to the established order.

    Won't work. Vader has a tendency to waste people who fail him, no matter where they are.

    Hell, Vader has a tendency to kill anyone, with him or against him, including the person in the #1 spot. The safest ones would be old, familiar Jedi like Luke or Obi-Wan, because Vader will have the decency (stupidity?) to face them head-on, alone, in a lightsaber duel. Anyone else, he doesn't care, he'll just blow up their damned planet.

    Anyway, back on topic, two mice does sound cool, but mostly it would be useless and confusing. For games, I'd really prefer a mouse and a joystick anyway -- joystick replaces WASD with actual, analog control, mouse is much quicker and accurate than having another joystick (like you would on a console game). Joystick feels much more natural than any mouse configuration I can think of for controlling walking, though -- if it's based on how far the mouse is from a central point, it'd be difficult to stop, but the alternative is to pedal the mouse to walk...

  20. Re:Procedural generation is still crap. on What if Game Graphics Never Aged? · · Score: 1

    First off if you look at Procedural generation you have to code the way the system works very carefully. It's like explaining to an alien what my DDR pad is. "it's a large pad with four buttons on it, It has lights." oops forgot it's metal, forgot this and that.

    Sounds familiar... Ah, yes, this is what you have to do with any kind of deisgn! This is exactly what modelling is all about.

    And what's worse, every single time you use it you'll have to create a new way to describe the texture, or you'll get the same texture for everything.

    Are you familiar with concepts like fractal geometry? The whole point of things like SpeedTree is that it generates different trees, every single time, even though it's using about the same algorithm. It means that humans don't have to design a forest. Humans design five or ten different kinds of trees, and say "Go Go Gadget ProceduralForest" and BOOM! And yet, each tree is different in the kinds of ways a tree might be different in real life.

    It's a bit harder to do with things like GTA, because of things like street signs and such. But it's by no means impossible to generate a city.

    And since you don't have to use it for everything, you have to wonder, why aren't people using procedural techniques for things like GTA? Generate a city, all the buildings and everything, then start manually editing. Leave some buildings alone if you like.

    In fact, I know for a fact everyone uses roughly procedural techniques for all kinds of things. Half-Life 2 is about a gig because of their ability to copy and paste, and keep track of everything, meaning that they defined a wooden plank once, and use it everywhere, and it behaves exactly the same everywhere they use it, and refers back to the exact same chunk of space.

    But at the same time, the developed a small game for it. Did they have trees, multiple people with tons of different clothes, flowing textures. Did their game sell a couple million copies?

    No, but then, neither did Cube or Saurbraten. The 96k game was developed by a team of maybe 10 people, probably in their spare time.

    It boils down to this. If procedural generation is the solution to all our problems why haven't we used it in everything?

    Who's claiming it solves all our problems? It just does a lot of nice things.

    And that's like saying, if anything obscure is great, why isn't it more widespread? For instance: If Linux is so great, why doesn't everyone use it? What about Firefox? What about Erlang and functional languages? What about Lisp?

    The answer is as disappointing as always: momentum. Take Lisp: There have been examples of small companies who, mostly by using Lisp properly, were able to keep their code insanely small, flexible, and functional compared to their competitors. A competitor announces a feature in a press release, and a couple of days later, our Lisp guys have it already implemented -- not because they're stealing trade secrets, but because their code is that much easier to work with.

    Or take Erlang: Ericsson has been using it for awhile, and its proven itself over and over again to be fast enough for just about anything (despite not having a functional JIT), but it also provides a very nice mechanism for hot code replacement. Think about that -- most people have to reboot Windows to get a patch, an Erlang program doesn't even have to restart the program. Just drop the new functions in and phase out the old ones -- like an Apache Graceful Restart, only without any extra effort from the programmer to make it possible.

    But really, I don't have to argue this with you, because everyone has some obscure thing they like. Just because it isn't mainstream doesn't mean it isn't suitable for mainstream. In the case of procedural graphics, I think the issue is just a lack of people who are trained to work that way -- right now we have prog

  21. Re:Slashes, forward and back on Linux/Mac/Windows File Name Friction · · Score: 1
    The .app's own package is just one *domain* (or "scope") in which to include frameworks/libraries.

    I get it. But I can't say I've ever seen a .app file with any external dependencies other than what comes with the OS. Ok, I lied -- there are a few, like Eclipse or Filemaker, but Filemaker isn't packaged as a .app (and I don't think Eclipse is either), and it does kind of negate the point of having the one self-contained bundle.

    Well, there is another side to that coin... Portability/Easily moved/Compatibility.

    Which does limit the use of shared libraries, I get it. The weird thing is, I can't think of ANY time I've been happy to have .app on my mac. Most of the time, the apps were either small enough that you'd send them the download link, or they're large enough that it's a .mpkg anyway.

    Maybe I'm unique, but I cannot remember the last time I ever did something like, say, put a .app on a thumbdrive to give to a friend. I cannot count the number of times I've been annoyed at a computer being slow -- not a Mac specifically, but any computer. Thus, making it slower all the time (using more RAM), and making it more difficult to update/maintain, in order to make something easier that I've never seen or heard of a real Mac user doing, makes no sense at all to me.

    I could go on, but let's just say I hate .app, but I love apt-get.

  22. Re:spaces bad, special chars bad on Linux/Mac/Windows File Name Friction · · Score: 1
    instead of, sensibly, storing that information elsewhere.

    You're right, but where? It's kind of hard to sensibly enforce a way of storing it inside the file. The only bit of metadata that reliably follows a file around is its name.

    I believe OS X lets me set which program I want to open a given file with, as well as global "files of this type" preferences. The file extension is still useful.

    You sound like you'd be right at home on the Reiser4 mailing list, though -- they are all about letting the filesystem itself handle every kind of metadata, which is an interesting, unconventional approach that's also not relevant right now.

  23. Re:Seems to be a matter of reading 'man fstab' ... on A Closed Off System? · · Score: 1

    Who says there will be other filesystems mounted?

    Anyway, this makes the problem much easier -- just use a shell that doesn't allow running scripts on a noexec-mounted filesystem. Linux is already very close to right on this -- the rest is just a matter of doing things like disabling JavaScript in web browsers, disabling macros in word processors (or chosing word processors that don't support macros), etc. Hard, but not impossible.

    Much easier than starting an OS from scratch, or starting with one that doesn't support noexec at all...

    Or another approach: Reset every now and then. Logout, kill all processes by that user, login again. If you deny write access to any rc script, that means that after every reset, you have to start over and somehow convince the user to click on whatever it is.

    I think this whole thing is a bit silly, though. It's possible to be reasonably secure even on Windows, and on Unix, it's much easier -- out of the box, even. I don't see why I should have to turn the PC into a kiosk just so people don't have to learn how to use it. On the other hand, it always was easier to program a way around user stupidity than to assume you can educate users, and it's very dangerous to underestimate the ingenuity of stupid users.

  24. Re:why not slipstream it? on ' Naughty Bits' Decision Not So Nice · · Score: 1
    Heck, they (DVD's) do have the functionality to do multi-angles (mainly for p0rn) and the "follow the white rabbit" icons (easter eggs),

    Heh. But no, that wouldn't work well -- as I understand it, multi-angles means multiple video tracks, just as you can have multiple audio and subtitle tracks. So, while it could conceivably work -- an audio track that cuts out when you have naughty words, a video track that shows black when you have questionable content, and have them both cut to a blank screen when a whole scene is bad.

    But this also means storing two copies of the movie, as I understand it, so I really see no difference between that and shipping two separate DVDs. Really, next time you're watching The Matrix, check to see what title/chapter you're actually on. I know it's an entirely different title depending on whether you're "following the white rabbit", or just want to watch the movie without annoying white rabbits popping up all the time.

    Of course, maybe I lack some fundamental understanding of how DVDs work -- maybe ISO9660 supports hardlinks? I don't think so -- I know that when I dump a DVD title with Mplayer, even a title like The Matrix with so little extra content, the movie itself is usually about half the size of the DVD. I think they add all that extra stuff in just to make damn sure it's more than you can fit on a single-layer DVD.

    Anyway, I also understand that Blu-Ray uses Java to do its menus, so maybe with a real programming language to work with, we could do something like this, and have it look professional, without actually using much more space than a single movie? I'd just as soon have a separate, censored audio track -- that's a trivial amount of space, and you still need the video to make it meaningful -- but the video is too big for that to be practical, and it might still do nothing to solve the copyright issues.

  25. Re:Shared RAM? on Parallels Desktop for OS X Reviewed · · Score: 1

    It's possible, but not likely. The way I see it working for a Windows client is having some program on the guest OS running at some insanely high priority which is somehow able to always allocate enough RAM on the guest OS side to compensate for the host OS using RAM.

    But really, this is the same kind of problem that you would have trying to virtualize the hard disk. Even on the same OS, it takes a very specialized filesystem to handle two separate OSes writing to the same filesystem simultaneously -- useful for things like network attached storage.

    You also have the standard problems of virtualization -- every OS assumes that a partition is a large, physical chunk of space. Same with RAM -- the smart ones (Linux) also attempt to use all of the RAM they can for buffers and caching, so that spare RAM is always used for something. But here, you'd want the guest OS to behave like a program, and surrender spare RAM back to the host OS.

    I'm sure if Microsoft wanted to play nice, something could be done about this. But then, if Microsoft wanted to play nice, wouldn't they help out with Wine? I like wine -- virtualization is always guaranteed to be as slow or slower than dual-boot. Wine can actually run faster, depending on the application and how much you've tuned the host OS. For one thing, with virtualization or emulation, you're using a disk image, which either has to be allocated all at once, or gets fragmented as it expands. Like LVM, you now have a fragmented filesystem on top of a fragmented image(file) on another filesystem. Take all of the slowness you get from fragmentation, and double it, and you have an idea of what it's like.

    What this really means is, virtualization is not a way to take one computer and make it into two computers, equally fast. It means you take one computer, and split it in half -- one half per OS. There are tricks you can do to make it better, but it'll never be quite as good as something like Wine. The trick is, either make Wine work, or actually get a second computer. I have a PowerPC Powerbook, because I got it before the Intel switch, and I'll never risk Windows on a laptop. My desktop dual-boots XP and a 64-bit Gentoo, so if I must run a secure Unix and a stubborn Windows app (that doesn't work on Wine) at the same time, I set down my Mac next to my PC. If I end up doing that a lot, I'll buy a KVM switch or use VNC; as it is, it's not a big deal.

    And Wine is so much better than virtualization -- Wine can actually be faster than dual-boot, but virtualization will never be as fast as dual-boot. It's certainly no out-of-the-box, cureall solution like Parallels, but its incompatibility and bugginess is greatly exaggurated.

    But if you must virtualize, I'd much rather use kqemu under Ubuntu. Free (as in beer), and 64-bit support now.