If they weren't an activist organization until this year, what the heck were they the previous twenty four years?
I think they were concentrated much more on supporting free software development directly.
That's less of a priority now, I suppose (for the happy reason that lots of other people are spending money on development), so they're concentrating more on politics--something the various companies funding developers may not be able to do.
... find an open-source project, join the mailing list, and lurk for a month or two. Keep an eye out for easy projects that they need somebody to do--often there are simple things that desperately need doing that get neglected just because nobody has the time. Keep an eye out for technical terms everybody but you seems to know, and google them and/or find a relevant book at your local university library or technical bookstore. Don't expect people to lay out projects for you--the project maintainers are probably very busy, so even if you're a volunteer, your work isn't "free" to them if they have to take time to deal with it. Download the source and build it. Try tinkering with some small part of it to see what happens. Don't expect to do anything really huge at first. (But, what the heck, keep notes of your most ambitious ideas somewhere in case they later turn out to be easier than you thought.)
Oh, and remember to have fun!
There are so many apps that use IE embedded in them, that if they were different (different interfaces), you'd end up with a real mess.
Surely this mess should be trivial to sort out--give one of the two installations a different name, make sure it doesn't overwrite any of the other's shared libraries, whatever. It doesn't seem that different from having multiple browsers (IE, firefox, opera...) installed side-by-side.
Help out a poor non-Windows user: why on earth do you need an entirely separate copy of the OS to run a different version of IE? Why can't you run the two side-by-side under one OS?
It seems to me that requiring a boarding pass is less about increasing security and more about reducing the number of people passing through the security checkpoints. Can you imagine how long the lines would be if friends and loved ones were still allowed to see you off/meet you at the gate?
Sure; it's not checking boarding passes that's being made fun of--it's the idea that the no-fly list can prevent people with certain names from flying.
The fake-boarding-pass generator points out that you don't even need to forge a photo ID to bypass the no-fly list; you just need to forge one boarding pass, at a cost of a few pennies worth of printing.
All these things can do is maybe get someone into the gate area. But seriously, if a terrorist wanted to blow up an airport, do you honestly think he would spend the hundreds of dollars building a bomb, and then balk at the $80 for a plane ticket?
You missed the point: it's not to save buying a ticket. (They scan the boarding pass at the gate and can detect a fake at that point, so you need to carry a real boarding pass anyway.) One of the goals of the system appears to be to exclude people from certain names from flying, at least without some additional checks. Since they don't scan the boarding pass at security, you can hand them a fake boarding pass (matching your real ID) at security. If that's the only time they check ID, then you can use a real boarding pass (bought under somebody else's name) at the other points. And if I understand right it's only at those other points that they actually check the name against no-fly lists. So the no-fly list doesn't work even given really good unforgeable ID's.
Seems like kind of a crazy system if that's correct--so it's fair game for being made fun of, which is all the fake boarding-pass generator does as far as I can tell.
Depends how separate separate is. I used to live in Milton Keynes (UK, half way between London & Brimingham) and it has the bike tracks as totally separate roads. Though you have to watch out for the horses...
The success of the Milton Keynes path network appears to be contraversial at best.
It's a real pain to share a 40 MPH road with someone driving 20 MPH, especially when they're driving a bike and it will fit on the sidewalk.
Sidewalks have poor safety records for bicyclists. The problem is the intersections--drivers crossing crosswalks or sidewalks (such as at driveways) check for pedestrians, but not cyclists, who (due to higher speed) are generally a lot farther away from the potential collision point at the time the driver checks.
Sharing the road between people going different speeds is a problem with or without cyclists--especially in a dense urban environment with lots of people turning, parking, etc.--and cyclists can sometimes be easier to pass than other cars thanks to being narrower and easier to see around.
Which isn't to say that there can't be slowdowns--the typical example I notice is the narrow winding country roads without a lot of space or good visibility for passing.
And on-street bike lanes can have a place for keeping traffic of different speeds flowing. But note people have a false expectation that they'll totally segregate car and bike traffic; that's not really a good idea: (assuming US drive-on-the-right conventions in the following)
Bikes turning left should merge left ahead of the intersection instead of trying to turn left from the right curb at the last moment.
Cars turning right should merge right ahead of the intersection (so they end up partially in the bike lane) rather than, as is unfortunately typical, cutting right across the bike lane at the last moment (usually without checking for cyclists in the bike lane first...)
Similarly if a driver has to stop for a moment to drop someone off, merging over into the bike lane first is a good idea. (And following cyclists should stop whining about "cars using the bike lane" and appreciate the fact that this saves them getting doored by someone unexpectedly dropping off a passenger in front of them)
In general there's this expectation that total segregation of cars and bicycles is going to make cyclists safer--but the big accident risk is at intersections, and cars and bicycles have to interact there anyway.... So getting people to take predictable, conflict-minimizing paths through intersections is more important than segregating the different types of traffic.
Cyclists as myself aklthough often feel -and I believe are- much safer on seperate bike lanes.
As it turns out, the evidence seems to mostly be on the other side.
Most accidents happen at intersections, and at intersections you want people sorted according to the direction they want to go in, not according to type of vehicle.
That's not how all medical insurance is designed to work.
No, it is--but I think we actually agree here:
There are expensive plans with low copays, and cheaper plans with higher copays.
Right. And in either case, the insurance is a net loss in the case of routine work--that is to say, you'll spend more money with insurance than you would if you didn't buy the insurance and paid as you went instead. That's more obvious in the high-deductable case (where the insurance may pay out nothing, and hence be a pure loss, in the case of a routine visit), but it probably usually works out to be a loss in the low-deductable case too.
Naively you might think catastrophic insurance is more efficient from a market standpoint because people are incentivized to avoid unnecessary health care for small problems. Problem is, many health care problems are progressive. If you avoid treating small problems now, you get to treat big problems later, which is much more expensive.
Medical insurance, unless you have some severe, traumatic injury, is a worthless investment.
That's the way medical insurance is *designed* to work. It's a net loss as long as all we need is routine stuff (like wisdom tooth extractions). And we accept that in the understanding that in the case of a severe, traumatic injury--something we just wouldn't be able to pay for *at all* otherwise--we'll be covered.
Well, the resply from our (impressively responsive) the washtenaw county clerk is:
The "touchscreen voting machines" referred to in Muskegon are the AutoMark devices for the disabled. There is one in every Michigan polling place to satisfy the Help America Vote Act.
They are not really "voting machines". They are like a high-tech pencil for disabled voters to mark a paper ballot, using various interfaces including a touch screen, earphones, braille buttons, etc. The ballot, once marked, is counted like any other ballot.
The number of people who use the AutoMark to mark their ballots is very small, probably an average of less than one person per precinct, and that includes nondisabled people (like me in the August primary) who wanted to check them out under election conditions.
"The windows based ones here in michigan are all having problems. I talked to 3 other people in different voting places and they all noticed that the electronic machines were not working with some kind of error window popped up on the screen."
Which county are you in?
This blog entry from the washtenaw county clerk claims that "every Michigan jurisdiction uses the optical scan paper ballot, similar to the forms used in standardized school tests."
They're read by electronic tabulators after you vote, but the ballots are kept and can be recounted if necessary.
there's an assumption that everyone who uses Linux is an expert in hardware support.
Yep, the problem is those lazy linux developers. It's not that hardware companies don't write drivers (or provide documentation or NDA's that would allow it). It's not that in some cases the only "support" some hardware makers provide requires giving up the one thing (liberal licensing) that brought many of us into linux and that is one if its greatest competitive advantages.
Nope, it's just those darned lazy developers who won't get off their butts and reverse engineer every piece of PC hardware in the world the moment it comes out.
But thanks to your tireless efforts informing them of this problem, a problem I'm sure no one else has ever brought up before, I'm sure that now they'll get right to it.
Or, more accurately, is it enough more difficult in either case for us to be confident of code written inside the country as opposed to outside?
No, no, you don't understand. See, the word is divided into the 300 million people who live inside our borders and the 6 billion outside. Every single one of the 300 million insiders is a patriotic hard working american who could never write any insecure code, intentionally or not; only the outsiders are suspect. Any rare exceptions to this rule are therefore completely explained as failures to properly separate insiders from outsiders. So a modest investment in border security will solve all such security problems.
upgrades for debian-like systems are usually flawless -- people do them on a DAILY basis with debian sid
That's been my experience, agreed. Though note actually that upgrades "on a DAILY basis" are probably easier for the distributor to handle, not harder--the typical developer probably tests the case of upgrading a package by one version number at a time, but probably doesn't as frequently test upgrades that skip several versions at once.
If the government thinks that he is enabling the "terrorists", they may also see contributing to his defense fund as contributing to terrorists which would result in your loss of habeas corpus.
If people have really been so cowed that even such a far-fetched, miniscule chance of persecution would deter any contribution to a cause that the current government disapproves of.... Then we're even more lost than I'd previously imagined.
Fortunately I doubt such extreme cowardice is typical.
I wonder why Christopher Soghoian didn't just create a site anonymously.
He's one guy, he's young, and he's been entirely open and straightforward about why he's doing this--that gives him a much better chance to shame the TSA. It would've hurt his case (with the public, at least) if he'd looked furtive.
And someone with determination (not to mention search warrants) could probably figure out who he was eventually anyway.
Unfortunately our society aplauds the whistleblower only well after the whistle has been blown
Browsers have been running in protected mode on Linux for years.
If you mean that browsers don't generally run as root, sure, that's true. That's pretty minimal protection, though. On the typical home desktop machine, most of the important data is kept under a single uid. And the desktop is probably administered by su'ing to root from that user account (or something equivalent), so escalating to root is just a matter of waiting for the su.
I don't know exactly what the new protections are that he's talking about, but there's a *lot* more that we could be doing here. Clients (mail readers, web browsers) are attacked all the time these days. I'm not at all happy that a complicated piece of software like my web browser, which is continually running untrusted code and data from all over the net, has to run with my full user priveleges.
A few years ago, my local college paper (the Michigan Daily), in their Crime Notes section, included an item under the headline "Boyfriend reports missing girlfriend, later found":
A male resident a Cozen's Residence Hall became worried Saturday evening after he was unable to locate his girlfriend, DPS reports state. The man had previously made plans with his girlfriend, who was later located.
You read the article, and you think, that could not possibly be improved on--love lost and regained all in 35 words. And then you realize the headline does it all in 6 words. It's a masterpiece.
I just have the clipping now, stuck to my office door, and don't even know what year it came from, much less who wrote it.
Somebody should track them down and buy the movie rights.
Because a goodly number of people would prefer this headline be changed from
"Root Exploit For NVIDIA Closed-Source Linux Driver"
to
"Root Exploit For NVIDIA Linux Driver"
The headline would then be ambiguous, since there are two different drivers that could be referred to by the term "NVIDIA Linux Driver", only one of which is closed source.
Slashdot Mirror
I think they were concentrated much more on supporting free software development directly.
That's less of a priority now, I suppose (for the happy reason that lots of other people are spending money on development), so they're concentrating more on politics--something the various companies funding developers may not be able to do.
... find an open-source project, join the mailing list, and lurk for a month or two. Keep an eye out for easy projects that they need somebody to do--often there are simple things that desperately need doing that get neglected just because nobody has the time. Keep an eye out for technical terms everybody but you seems to know, and google them and/or find a relevant book at your local university library or technical bookstore. Don't expect people to lay out projects for you--the project maintainers are probably very busy, so even if you're a volunteer, your work isn't "free" to them if they have to take time to deal with it. Download the source and build it. Try tinkering with some small part of it to see what happens. Don't expect to do anything really huge at first. (But, what the heck, keep notes of your most ambitious ideas somewhere in case they later turn out to be easier than you thought.) Oh, and remember to have fun!
Surely this mess should be trivial to sort out--give one of the two installations a different name, make sure it doesn't overwrite any of the other's shared libraries, whatever. It doesn't seem that different from having multiple browsers (IE, firefox, opera...) installed side-by-side.
Help out a poor non-Windows user: why on earth do you need an entirely separate copy of the OS to run a different version of IE? Why can't you run the two side-by-side under one OS?
Sure; it's not checking boarding passes that's being made fun of--it's the idea that the no-fly list can prevent people with certain names from flying.
The fake-boarding-pass generator points out that you don't even need to forge a photo ID to bypass the no-fly list; you just need to forge one boarding pass, at a cost of a few pennies worth of printing.
You missed the point: it's not to save buying a ticket. (They scan the boarding pass at the gate and can detect a fake at that point, so you need to carry a real boarding pass anyway.) One of the goals of the system appears to be to exclude people from certain names from flying, at least without some additional checks. Since they don't scan the boarding pass at security, you can hand them a fake boarding pass (matching your real ID) at security. If that's the only time they check ID, then you can use a real boarding pass (bought under somebody else's name) at the other points. And if I understand right it's only at those other points that they actually check the name against no-fly lists. So the no-fly list doesn't work even given really good unforgeable ID's.
Seems like kind of a crazy system if that's correct--so it's fair game for being made fun of, which is all the fake boarding-pass generator does as far as I can tell.
The success of the Milton Keynes path network appears to be contraversial at best.
Nope.
Sidewalks have poor safety records for bicyclists. The problem is the intersections--drivers crossing crosswalks or sidewalks (such as at driveways) check for pedestrians, but not cyclists, who (due to higher speed) are generally a lot farther away from the potential collision point at the time the driver checks.
Sharing the road between people going different speeds is a problem with or without cyclists--especially in a dense urban environment with lots of people turning, parking, etc.--and cyclists can sometimes be easier to pass than other cars thanks to being narrower and easier to see around.
Which isn't to say that there can't be slowdowns--the typical example I notice is the narrow winding country roads without a lot of space or good visibility for passing.
And on-street bike lanes can have a place for keeping traffic of different speeds flowing. But note people have a false expectation that they'll totally segregate car and bike traffic; that's not really a good idea: (assuming US drive-on-the-right conventions in the following)
In general there's this expectation that total segregation of cars and bicycles is going to make cyclists safer--but the big accident risk is at intersections, and cars and bicycles have to interact there anyway.... So getting people to take predictable, conflict-minimizing paths through intersections is more important than segregating the different types of traffic.
As it turns out, the evidence seems to mostly be on the other side.
Most accidents happen at intersections, and at intersections you want people sorted according to the direction they want to go in, not according to type of vehicle.
No, it is--but I think we actually agree here:
Right. And in either case, the insurance is a net loss in the case of routine work--that is to say, you'll spend more money with insurance than you would if you didn't buy the insurance and paid as you went instead. That's more obvious in the high-deductable case (where the insurance may pay out nothing, and hence be a pure loss, in the case of a routine visit), but it probably usually works out to be a loss in the low-deductable case too.
Yup.That's the way medical insurance is *designed* to work. It's a net loss as long as all we need is routine stuff (like wisdom tooth extractions). And we accept that in the understanding that in the case of a severe, traumatic injury--something we just wouldn't be able to pay for *at all* otherwise--we'll be covered.
Well, the resply from our (impressively responsive) the washtenaw county clerk is:
Googling around.... I guess they look like this?Which county are you in?
This blog entry from the washtenaw county clerk claims that "every Michigan jurisdiction uses the optical scan paper ballot, similar to the forms used in standardized school tests."
They're read by electronic tabulators after you vote, but the ballots are kept and can be recounted if necessary.
Yep, the problem is those lazy linux developers. It's not that hardware companies don't write drivers (or provide documentation or NDA's that would allow it). It's not that in some cases the only "support" some hardware makers provide requires giving up the one thing (liberal licensing) that brought many of us into linux and that is one if its greatest competitive advantages.
Nope, it's just those darned lazy developers who won't get off their butts and reverse engineer every piece of PC hardware in the world the moment it comes out.
But thanks to your tireless efforts informing them of this problem, a problem I'm sure no one else has ever brought up before, I'm sure that now they'll get right to it.
So Canadians, French, Japanese, are "foxes", and americans are all "hens"? I don't get the analogy here.
And they prevent employees from writing crapp code, how?
No, no, you don't understand. See, the word is divided into the 300 million people who live inside our borders and the 6 billion outside. Every single one of the 300 million insiders is a patriotic hard working american who could never write any insecure code, intentionally or not; only the outsiders are suspect. Any rare exceptions to this rule are therefore completely explained as failures to properly separate insiders from outsiders. So a modest investment in border security will solve all such security problems.
Hope that explains the situation adequately.
That's been my experience, agreed. Though note actually that upgrades "on a DAILY basis" are probably easier for the distributor to handle, not harder--the typical developer probably tests the case of upgrading a package by one version number at a time, but probably doesn't as frequently test upgrades that skip several versions at once.
If people have really been so cowed that even such a far-fetched, miniscule chance of persecution would deter any contribution to a cause that the current government disapproves of.... Then we're even more lost than I'd previously imagined.
Fortunately I doubt such extreme cowardice is typical.
He's one guy, he's young, and he's been entirely open and straightforward about why he's doing this--that gives him a much better chance to shame the TSA. It would've hurt his case (with the public, at least) if he'd looked furtive.
And someone with determination (not to mention search warrants) could probably figure out who he was eventually anyway.
Well, I'm applauding.
You can also contribute to his legal defense fund, if you'd like to show your support.
If you mean that browsers don't generally run as root, sure, that's true. That's pretty minimal protection, though. On the typical home desktop machine, most of the important data is kept under a single uid. And the desktop is probably administered by su'ing to root from that user account (or something equivalent), so escalating to root is just a matter of waiting for the su.
I don't know exactly what the new protections are that he's talking about, but there's a *lot* more that we could be doing here. Clients (mail readers, web browsers) are attacked all the time these days. I'm not at all happy that a complicated piece of software like my web browser, which is continually running untrusted code and data from all over the net, has to run with my full user priveleges.
A few years ago, my local college paper (the Michigan Daily), in their Crime Notes section, included an item under the headline "Boyfriend reports missing girlfriend, later found":
You read the article, and you think, that could not possibly be improved on--love lost and regained all in 35 words. And then you realize the headline does it all in 6 words. It's a masterpiece.
I just have the clipping now, stuck to my office door, and don't even know what year it came from, much less who wrote it.
Somebody should track them down and buy the movie rights.
The headline would then be ambiguous, since there are two different drivers that could be referred to by the term "NVIDIA Linux Driver", only one of which is closed source.