YOU are the one that brought ClearCase into this - not I. I never said, implied, or indicated in any way that I was speaking of ClearCase. You clearly have strong feelings about ClearCase - but they do not matter with respect to my first post in this thread, as I never brought up ClearCase. Clearly, your exposure to ClearCase has traumatized you - but don't let your PCCSS (Post-ClearCase Stress Syndrome) cause you to see it where it is not.
Next, the list of features that would have to be added to a VCS in order to support Linus is much larger than I would wish to put into a Slashdot message - so I picked a couple of obvious issues as examples (hence the usage of the abbreviation e.g. to indicate the items listed are not the complete set of issues).
IBM could just as easily lend its weight to Subversion, Arch, or any other extant project - I used CVS simply because it is far easier to type.
Did I ever say "ClearCase"? Remember, ClearCase is a product IBM bought, not created.
IBM has had VCS long before they bought ClearCase.
In fact, I rather specifically mentioned writing a VCS - not using a currently existing one.
In fact, what I was thinking (and rather hoping to get others to think about) was the fact that the biggest problems that Linus had with CVS as it stands now were issues with managing changes as a change-set (rather than as unrelated changes to each individual file) and change-set merging and conflict resolution.
Now, what would happen if IBM were to dedicate some resources to modifying CVS to support tracking a commit as a change-set across files, and to improve the change detection logic to better handle merges? e.g. making CVS not panic if the same change is made to the same section of a file by 2 different branches upon their merger to the common branch, and allowing CVS to better handle file renaming/moving.
A CVS 2.0 which supported operations like "revert these changes to this file and any changes to any other files which were part of the same change sets" would go miles to solving the problems Linus had with CVS 1.x.
And since such a program would not poach on the ClearCase model of a centralized repository server accessed by all the developers for any operations, such a modified CVS could easily be released as Free Software - and IBM could STILL make money on it by selling the service of setting it up for customers who don't want the ClearCase model.
Version control is a service to software developers - thus commercial companies are willing to pay for somebody to set up a version control repository for them.
A version control system for a company needs to be reliable - RAID storage, high availablity, redundant everything. Such hardware is very high margin (read: profitable).
Writing version control software takes experience in both using VCS and writing VCS.
It also takes programmers. Lots of programmers.
IBM makes high availability hardware. IBM sells computing services. IBM has lots of experience in using VCS. IBM has written their own VCS. IBM has lots of programmers.
It looks like, in order to make use of this flaw, the attacker must get the victim to run Javascript.
Once again demonstrating the danger in the current mindset of "I will use Javascript to do everything, even things that can be done with plain HTML like opening a new window".
I have my Mozilla configured to ask me if I want it to fetch Javascript from remote sites (alas, you cannot protect yourself from Javascript embedded in the HTML of the site you are visiting), to ask me if I want to run any requested plugins, and to ask be before allowing any cookies to be set on my browser.
If you can, try this yourself - you will be AMAZED at the number of sites that insist upon setting a cooking on you the first thing when you visit them, or that insist upon trying to load Javascript, or Flash plugins.
Cookies are fine for sites which require log-in (e.g./.). Javascript is fine for sites that need to do some client side processing (e.g. order entry sites which use JS to compute the order amounts to avoid a round-trip to the server). Flash is fine for some applications.
"Very well. Here's your ticket for failing to have proper vehicle registration - you can show up for court on a week from Thursday if you want to try to fight it, or you can pay the $100 fine. Either way, you will need to get a new registration tag within three business days for $50, and show up at a vehicle inspection station to get it checked out - failure to comply will cause your driver's license to be revoked.
Now, about your driver's license - you need to get THAT replaced within three business days as well - you'll need to go down to the DMV for that, and it will cost you $35.
Good day, drive safely, buckle up, and, uhhh, try to avoid those "stray electromagnetic fields" in the future, sir."
That is great for marking a page as being relevant to the search in question.
But what I'd like to see is a "LESS like this" or "Not this!" link, to indicate the pages in question are NOT related to the link.
When I am searching for information on the Free Software package that implements the Microsoft Windows API under Unix-like systems, I do NOT want to be inundated with links for the beverage made from the fermented juice of grapes - so I want to be able to click on the myriad of vineyard links and say "NO! I meant WINE the Software, not the drink! That's why I included the term Software you NINNY!"
Better still would be if Google could come up with some form of automatic diambiguation page (like Wikipedia has).
What you need is known as an off-line UPS, which is nothing more than a battery charger, a battery, and an inverter.
The charger charges the battery, the inverter runs from the battery - if the line voltage spikes, the battery charger takes the hit. If the line voltage sags, the inverter draws power from the battery until power is restored.
You can take along just the inverter if you can count upon getting batteries and chargers for them at your location.
The charger MUST be able to put out more current than the inverter will draw - so for a 400W computer system your charger will need to be able to put out about 40 amps at 12VDC.
The other advantage to this approach is the ability to run off a battery string charged by photovoltaic panels.
Lastly, if you can find somebody with the skill, you can get a replacement power supply for the computer that will take 12VDC to make the voltages for the computer (usually 5VDC, 12VDC, and 3.3VDC) - this will eliminate the inverter (at the downside of using a non-standard power supply for the computers.)
First of all, you need to define what part of the world you are planning on doing this in. Different parts of the world are governed by different agencies, and different laws. Information that may be valid within the US may not be valid in the UK, for example.
That said - let me examine your statements from the context of a project to operate within the US.
First, there is the question of what frequency you want to be operating in. If you are wanting 100's of meters, and yet you are planning on operating in part 15 rules (unlicenced operation), you are going to have problems if you try to work in some of the higher frequency bands. If you want more power, you are going to have to use a licensed service of some sort.
Next, the fundamental rule of Part 15 operation is "Thou Shalt Not Cause Interference To Anybody Else" - you are the bottom of the rung. If you park your radio on 146.52MHz and I (as a licensed Part 97 amateur radio operator authorized to use that frequency) complain - you lose.
Secondly - the only way you can achieve the goal of "Authorized users work, non-authorized users don't" is to encrypt the signal before modulation, and have some means of keeping "unauthorized users" from getting an authorized key. If the key is built into the radio hardware, then realize that all you can say is "this is an authorized radio", not "this is an authorized user".
But the single most important question here is:
Why do you want to do this?
Why do you feel the need to prevent "unauthorized" users from using your gizmo?
Re:An observation on IPv6
on
The Next Net
·
· Score: 2, Interesting
True, IPv4 addresses are a subset of the IPv6 address space.
However, if the site in question does not support IPv6 packet formats, then an IPv6-only host would not be able to contact the site, as the site would not be able to form the IPv6 packets back to the requesting host.
So either the requesting host would have to have an IPv4 address available to it (either directly or via NAT), or the requesting host would be unable to access the site.
And the simplest way a web site can advertise its ability to support IPv6 is to have a AAAA record in DNS.
An observation on IPv6
on
The Next Net
·
· Score: 3, Informative
Here's a little observation about IPv6 - very few major web sites have an IPv6 address.
Try it yourselve with dig or nslookup - try looking up AAAA records for any of the sites you visit, and see how many would be accessible via IPv6.
This "license" is not enough, as it only allows for READING files - you will NOT be allowed to create a Free Software program that can WRITE the files.
So, while you may be able to open such a file in OpenOffice, you will not be able to save your changes back.
Everybody who cares about this issue should go to the Mass. feedback page for this, and write a coherent message of protest using proper English grammer and spelling.
Every time Microsoft embeds something into the OS, and then later is called upon to remove it from the OS when it is determined to be unfair produce tying, and then claims that removal "breaks" the OS, they are giving the lie to the greatest advantage OLE has.
In theory, you should be able to completely replace IE with Firefox, so long as Firefox registers all the same OLE interfaces as IE does. The, when an application says "I need an HTML renderer - give me a handle to one" the system would hand it a handle to an object created from the Gecko DLL rather than the MSHTML DLL.
However, due to the way Microsoft implemented the idea, you cannot simply replace the DLLs and rewrite the registry entries. DLLs call functions that are not exported via the normal interfaces, rendering what ought to be a model of OOP a bowl of sticky, congealed spaghetti.
I've said it before with respect to to Mozilla, and I shall once again say it with respect to Media player - until users are able to replace system component objects with third party programs, and do so seamlessly, they will never win, and Microsoft will continue to be a monopoly.
The courts should focus upon requiring Microsoft to follow proper software design principles and the design concept of OLE/COM by making each COM object use ONLY the published interfaces from the other objects in the system, and to allow the user to replace those objects with third party objects if they so choose.
Were Microsoft to do this, they could then look the court, Slashdot, and the people in the eyes and say "We've done our part - here's the freaking documentation on the APIs - if Mozilla or Real have not seen fit to make their product able to do a simple DllRegisterServer and replace our GUIDs, then bitch to MozDev, not us!"
"Crack dealers" Watch as these criminals sell drugs, shoot people, and destroy peoples lives.
"PHisher" Watch as these theives steal credit card numbers, money, and detroy peoples lives.
"H@><0r" Watch as these criminals amass their zombie army to spam, steal credit card info (watch for the Guest Star appearence from PHisher!) and destroy the utility of the Internet as we know it.
-------------- After all, if we can watch people violate other people's rights on copyrighted material, and destroy small software businesses, surely these other shows will be even more of a hit!
Nearly 100% of pirates have been exposed to the dangerous chemical DiHydrogen Monoxide at some point in their lives, and most still have traces of it in their urine.
Almost 100% of all pirates were born after 1900 AD.
1 in 5 people who own a TV set are pirates.
1 in 5 people who have ridden in public transportation are pirates.
1 in 5 people who wear two shoes are pirates.
Could it possibly be that, perhaps, by the definitions used in this study, that one in five PEOPLE are pirates?
I don't get the email in real time - so by the time I can tell the system that the mail is spam, the connection to the source is long gone.
Due to email's store and forward architechture, it is far too easy to hide the source IP of the mail. VoIP requires packets be routeable back to the source - and thus traceable.
True, grandma may not be able to, at this time, trace back to the VoIP spammer.
But is Grandma using VoIP right now?
How long will it take the makers of VoIP to add a "report telemarketing" button to the applications?
So, when one of these turkeys calls me, I can keep them on the line until I traceroute where his call is coming from, then go after him and his ISP with any number of legal charges as well as possible DDoSs.
It could theoretically reduce the bandwidth, except that the CPU cost to apply the data and reconstruct the image would be prohibitive with anything we have now-a-days.
They are NOT applying these scribbles in real-time - they scribble, the computer **grinds**, and quite some time later an image appears.
With the kind of CPU power it would take to apply this sort of data in real time, you could probably get much greater compression using a very exhaustive wavelet search.
The one bad thing about coral-ized links is that, due to the Coral servers usually NOT being on port 80, if you are behind a restrictive corporate firewall that does not allow traffic on J. Random Port, you cannot use them.
It Would Be Nice If Coral had servers on port 80....
This is perfectly in keeping with my point. For the risk of logging into Slashdot, I gain several advantages over not logging in - the ability to post messages with more chance of them being read, the ability to filter stories, etc.
The only data Slashdot has on me is my preferred nickname, my Slashdot password, and an email.
The worst that could happen were Slashdot's database comprimised is the revelation of my Slashdot password and my email - so I would have to change one password and I might see a marginal increase in spam (my email account already receives a significant amount of spam).
However, most of the "Registration required" newsites give you nothing but basic access - which they could do without requiring registration. In exchange they want a great deal of information about me.
Now, if these sites allowed for logged-in users to provide story feedback, story filtering, advertisment elimination via subscription (in other words, the set of features Slashdot offers), then I might view the increased risk of information leakage being offset by the value added.
The whole point of my post is simple - too damn many organizations in this world want too damn much information about you for no damn good reason, and then take damn poor care to prevent that information from being leaked. If people would THINK for five seconds each time anybody asked them for information, and would start saying "No, the information you have asked for is not relevant to you, and so you cannot have it." many of these cases of identity theft would not be possible.
Slashdot Mirror
Sigh.
OK, let's take this from the top.
YOU are the one that brought ClearCase into this - not I. I never said, implied, or indicated in any way that I was speaking of ClearCase. You clearly have strong feelings about ClearCase - but they do not matter with respect to my first post in this thread, as I never brought up ClearCase. Clearly, your exposure to ClearCase has traumatized you - but don't let your PCCSS (Post-ClearCase Stress Syndrome) cause you to see it where it is not.
Next, the list of features that would have to be added to a VCS in order to support Linus is much larger than I would wish to put into a Slashdot message - so I picked a couple of obvious issues as examples (hence the usage of the abbreviation e.g. to indicate the items listed are not the complete set of issues).
IBM could just as easily lend its weight to Subversion, Arch, or any other extant project - I used CVS simply because it is far easier to type.
Connectiva and Mandrake merge.
How about Con-Man?
No, wait, crap. There's already a Con-Man Linux distro.
Did I ever say "ClearCase"? Remember, ClearCase is a product IBM bought, not created.
IBM has had VCS long before they bought ClearCase.
In fact, I rather specifically mentioned writing a VCS - not using a currently existing one.
In fact, what I was thinking (and rather hoping to get others to think about) was the fact that the biggest problems that Linus had with CVS as it stands now were issues with managing changes as a change-set (rather than as unrelated changes to each individual file) and change-set merging and conflict resolution.
Now, what would happen if IBM were to dedicate some resources to modifying CVS to support tracking a commit as a change-set across files, and to improve the change detection logic to better handle merges? e.g. making CVS not panic if the same change is made to the same section of a file by 2 different branches upon their merger to the common branch, and allowing CVS to better handle file renaming/moving.
A CVS 2.0 which supported operations like "revert these changes to this file and any changes to any other files which were part of the same change sets" would go miles to solving the problems Linus had with CVS 1.x.
And since such a program would not poach on the ClearCase model of a centralized repository server accessed by all the developers for any operations, such a modified CVS could easily be released as Free Software - and IBM could STILL make money on it by selling the service of setting it up for customers who don't want the ClearCase model.
Some observations to think about:
Version control is a service to software developers - thus commercial companies are willing to pay for somebody to set up a version control repository for them.
A version control system for a company needs to be reliable - RAID storage, high availablity, redundant everything. Such hardware is very high margin (read: profitable).
Writing version control software takes experience in both using VCS and writing VCS.
It also takes programmers. Lots of programmers.
IBM makes high availability hardware. IBM sells computing services. IBM has lots of experience in using VCS. IBM has written their own VCS. IBM has lots of programmers.
IBM is into Linux.
It looks like, in order to make use of this flaw, the attacker must get the victim to run Javascript.
/.). Javascript is fine for sites that need to do some client side processing (e.g. order entry sites which use JS to compute the order amounts to avoid a round-trip to the server). Flash is fine for some applications.
Once again demonstrating the danger in the current mindset of "I will use Javascript to do everything, even things that can be done with plain HTML like opening a new window".
I have my Mozilla configured to ask me if I want it to fetch Javascript from remote sites (alas, you cannot protect yourself from Javascript embedded in the HTML of the site you are visiting), to ask me if I want to run any requested plugins, and to ask be before allowing any cookies to be set on my browser.
If you can, try this yourself - you will be AMAZED at the number of sites that insist upon setting a cooking on you the first thing when you visit them, or that insist upon trying to load Javascript, or Flash plugins.
Cookies are fine for sites which require log-in (e.g.
But please don't over use them.
Yes, but is Hara Arena included? If not, will it be included by May 20th?
"Very well. Here's your ticket for failing to have proper vehicle registration - you can show up for court on a week from Thursday if you want to try to fight it, or you can pay the $100 fine. Either way, you will need to get a new registration tag within three business days for $50, and show up at a vehicle inspection station to get it checked out - failure to comply will cause your driver's license to be revoked.
Now, about your driver's license - you need to get THAT replaced within three business days as well - you'll need to go down to the DMV for that, and it will cost you $35.
Good day, drive safely, buckle up, and, uhhh, try to avoid those "stray electromagnetic fields" in the future, sir."
The stupidity of this 1 April's /. stories is making me want to kill all the authors who created such garbage, and the editors who are approving it.
Perhaps funding on such a vaccine should be increased.
That is great for marking a page as being relevant to the search in question.
But what I'd like to see is a "LESS like this" or "Not this!" link, to indicate the pages in question are NOT related to the link.
When I am searching for information on the Free Software package that implements the Microsoft Windows API under Unix-like systems, I do NOT want to be inundated with links for the beverage made from the fermented juice of grapes - so I want to be able to click on the myriad of vineyard links and say "NO! I meant WINE the Software, not the drink! That's why I included the term Software you NINNY!"
Better still would be if Google could come up with some form of automatic diambiguation page (like Wikipedia has).
At this rate they are going to burn through all twelve of the Doctor's regenerations in another three months - then what will they do?
What you need is known as an off-line UPS, which is nothing more than a battery charger, a battery, and an inverter.
The charger charges the battery, the inverter runs from the battery - if the line voltage spikes, the battery charger takes the hit. If the line voltage sags, the inverter draws power from the battery until power is restored.
You can take along just the inverter if you can count upon getting batteries and chargers for them at your location.
The charger MUST be able to put out more current than the inverter will draw - so for a 400W computer system your charger will need to be able to put out about 40 amps at 12VDC.
The other advantage to this approach is the ability to run off a battery string charged by photovoltaic panels.
Lastly, if you can find somebody with the skill, you can get a replacement power supply for the computer that will take 12VDC to make the voltages for the computer (usually 5VDC, 12VDC, and 3.3VDC) - this will eliminate the inverter (at the downside of using a non-standard power supply for the computers.)
First of all, you need to define what part of the world you are planning on doing this in. Different parts of the world are governed by different agencies, and different laws. Information that may be valid within the US may not be valid in the UK, for example.
That said - let me examine your statements from the context of a project to operate within the US.
First, there is the question of what frequency you want to be operating in. If you are wanting 100's of meters, and yet you are planning on operating in part 15 rules (unlicenced operation), you are going to have problems if you try to work in some of the higher frequency bands. If you want more power, you are going to have to use a licensed service of some sort.
Next, the fundamental rule of Part 15 operation is "Thou Shalt Not Cause Interference To Anybody Else" - you are the bottom of the rung. If you park your radio on 146.52MHz and I (as a licensed Part 97 amateur radio operator authorized to use that frequency) complain - you lose.
Secondly - the only way you can achieve the goal of "Authorized users work, non-authorized users don't" is to encrypt the signal before modulation, and have some means of keeping "unauthorized users" from getting an authorized key. If the key is built into the radio hardware, then realize that all you can say is "this is an authorized radio", not "this is an authorized user".
But the single most important question here is:
Why do you want to do this?
Why do you feel the need to prevent "unauthorized" users from using your gizmo?
True, IPv4 addresses are a subset of the IPv6 address space.
However, if the site in question does not support IPv6 packet formats, then an IPv6-only host would not be able to contact the site, as the site would not be able to form the IPv6 packets back to the requesting host.
So either the requesting host would have to have an IPv4 address available to it (either directly or via NAT), or the requesting host would be unable to access the site.
And the simplest way a web site can advertise its ability to support IPv6 is to have a AAAA record in DNS.
Try it yourselve with dig or nslookup - try looking up AAAA records for any of the sites you visit, and see how many would be accessible via IPv6.
For example, try
Just think - you could have:
And thus the cycle is complete.
Just be careful when you hear your phone ring....
OK, I have the failing of mis-spelling "grammar". However, the gist of my post was "Run your message through a spell-check before sending"
On the happy day that either Slashdot or Mozilla provide spell checking on text boxes, I shall most definitely enable it!
I never claimed to be perfect!
This "license" is not enough, as it only allows for READING files - you will NOT be allowed to create a Free Software program that can WRITE the files.
So, while you may be able to open such a file in OpenOffice, you will not be able to save your changes back.
Everybody who cares about this issue should go to the Mass. feedback page for this, and write a coherent message of protest using proper English grammer and spelling.
Every time Microsoft embeds something into the OS, and then later is called upon to remove it from the OS when it is determined to be unfair produce tying, and then claims that removal "breaks" the OS, they are giving the lie to the greatest advantage OLE has.
In theory, you should be able to completely replace IE with Firefox, so long as Firefox registers all the same OLE interfaces as IE does. The, when an application says "I need an HTML renderer - give me a handle to one" the system would hand it a handle to an object created from the Gecko DLL rather than the MSHTML DLL.
However, due to the way Microsoft implemented the idea, you cannot simply replace the DLLs and rewrite the registry entries. DLLs call functions that are not exported via the normal interfaces, rendering what ought to be a model of OOP a bowl of sticky, congealed spaghetti.
I've said it before with respect to to Mozilla, and I shall once again say it with respect to Media player - until users are able to replace system component objects with third party programs, and do so seamlessly, they will never win, and Microsoft will continue to be a monopoly.
The courts should focus upon requiring Microsoft to follow proper software design principles and the design concept of OLE/COM by making each COM object use ONLY the published interfaces from the other objects in the system, and to allow the user to replace those objects with third party objects if they so choose.
Were Microsoft to do this, they could then look the court, Slashdot, and the people in the eyes and say "We've done our part - here's the freaking documentation on the APIs - if Mozilla or Real have not seen fit to make their product able to do a simple DllRegisterServer and replace our GUIDs, then bitch to MozDev, not us!"
Next on BitTorrentTV:
"Crack dealers"
Watch as these criminals sell drugs, shoot people, and destroy peoples lives.
"PHisher"
Watch as these theives steal credit card numbers, money, and detroy peoples lives.
"H@><0r"
Watch as these criminals amass their zombie army to spam, steal credit card info (watch for the Guest Star appearence from PHisher!) and destroy the utility of the Internet as we know it.
--------------
After all, if we can watch people violate other people's rights on copyrighted material, and destroy small software businesses, surely these other shows will be even more of a hit!
Could it possibly be that, perhaps, by the definitions used in this study, that one in five PEOPLE are pirates?
True, grandma may not be able to, at this time, trace back to the VoIP spammer.
But is Grandma using VoIP right now?
How long will it take the makers of VoIP to add a "report telemarketing" button to the applications?
So, when one of these turkeys calls me, I can keep them on the line until I traceroute where his call is coming from, then go after him and his ISP with any number of legal charges as well as possible DDoSs.
Yes, that sounds like a GREAT way to make money.
It could theoretically reduce the bandwidth, except that the CPU cost to apply the data and reconstruct the image would be prohibitive with anything we have now-a-days.
They are NOT applying these scribbles in real-time - they scribble, the computer **grinds**, and quite some time later an image appears.
With the kind of CPU power it would take to apply this sort of data in real time, you could probably get much greater compression using a very exhaustive wavelet search.
The one bad thing about coral-ized links is that, due to the Coral servers usually NOT being on port 80, if you are behind a restrictive corporate firewall that does not allow traffic on J. Random Port, you cannot use them.
It Would Be Nice If Coral had servers on port 80....
This is perfectly in keeping with my point. For the risk of logging into Slashdot, I gain several advantages over not logging in - the ability to post messages with more chance of them being read, the ability to filter stories, etc.
The only data Slashdot has on me is my preferred nickname, my Slashdot password, and an email.
The worst that could happen were Slashdot's database comprimised is the revelation of my Slashdot password and my email - so I would have to change one password and I might see a marginal increase in spam (my email account already receives a significant amount of spam).
However, most of the "Registration required" newsites give you nothing but basic access - which they could do without requiring registration. In exchange they want a great deal of information about me.
Now, if these sites allowed for logged-in users to provide story feedback, story filtering, advertisment elimination via subscription (in other words, the set of features Slashdot offers), then I might view the increased risk of information leakage being offset by the value added.
The whole point of my post is simple - too damn many organizations in this world want too damn much information about you for no damn good reason, and then take damn poor care to prevent that information from being leaked. If people would THINK for five seconds each time anybody asked them for information, and would start saying "No, the information you have asked for is not relevant to you, and so you cannot have it." many of these cases of identity theft would not be possible.