Most of the popular music sold at mass market venues are highly produced and engineered with the purpose of selling as many albums as possible. Unfortunately, that often leaves little room for artistic expression. That is not to belittle the talent of the artist, but to recognize a greater reality in that market: that business is business no matter what the atistic merit of the product.
If you are aware enough to recognize art when you see or hear it, you are also aware enough to seek out venues that feature such artists. Such venues do not cater to mass marketing. These are the bars, honkey tonks, indie recording labels that have been showcasing the best artists for generations. You find them at the edge of the university district, in the raucus dives, the after hours clubs, in the back of the local news rag that nobody really reads, and in the small record stores in the old strip mall downtown.
The major labels are good at doing one thing well, and only one thing, and that's making money. Don't let them kid you, even if CD sales are falling, they are still making money hand over fist. They will try to tell you that since this years take is smaller than last years take, they have somehow lost money. That is simply not true. They have made money, just not as much as last year. Boo Hoo.
If there are any record RIAA executives reading this comment, this is for you: "It's the ECONOMY, stupid!"
There's a misnomer if I ever heard one. So far, I've yet to see any reality show that bore any resemblance at all to the things I might encounter in my daily life. I consider myself to be a fairly cosmopolitan guy, too.
The shows I've seen that come closest to it are shows like Dave Atel's Insomniac. Hell, that's a comedy. It's not even a reality show, yet it's truer to life. As Homer would say, "It's funny because it's true."
It's sad but, in a morbidly predictable fashion, it's also very apropo.
A spell checker is just a dictionary with a few extra tools. Language semantics do not enter into it at all. As long as the spell checkers dictionary is reasonably complete, in that it contains all common words and their permutations, it can work for nearly any language that can be written in discreet words. I should think a spell checker for Kanji symbols would be much more difficult.
A grammar checker, on the other hand, may be much more difficult in Swahili than in English if the syntatic rules are really that much more complex.
Re:Consistency, please
on
CSS for the LDP?
·
· Score: 4, Informative
Perhaps I should have read the LDP website first. It appears that they insist that all documentation be submitted in XML or SGML DocBook formats. They even have a group of volunteers to help with that if the author is not able to provide DocBook.
A quick perusal of CPAN revealed eight modules specifically for dealing with DocBook. No doubt other languages have similar libraries.
Looks to me like more than half the work is already done. It shouldn't be a difficult matter to create a script to run the DocBook -> HTML+CSS conversions with predictable results.
Re:Consistency, please
on
CSS for the LDP?
·
· Score: 3, Insightful
I think he meant not having the documentation authors be able to specify CSS files for their own documents. That's totally different than what you are suggesting, which is user-selectable alternate style sheets.
Both are exellent ideas. However, in order to do this properly, the LDP would have to also create a style guide for their documentation authors so that they can check their HTMl against it.
Perhaps having a group available to edit mark-up for the authors would also be a good idea. These people would be volunteers, and would not necessarily be among the same group as the authors. The downside to this is that it creates added overhead to the document submission process, which results in longer delays to publishing. That is not to say, however, that it should not be considered. Sufficient planning could overcome such obstacles rather easily.
Customers should be warned that I hold IP rights to all hats that incorporate my foil. Scoria's "virtual tinfoil hats", in particular, contain many examples of said IP and users of this product may face substantial liability in that regard.
However, I do not wish to be seen as the 800 pound ogre in this market, so I am now offering licenses for my IP to all Scoria customers at the low rate of $699.00 per brain.
While it's not quite what you asked for, thinkgeek.com has the 10-in-1 Atari controller and the 5-in-1 Namco controller. Both are reasonably priced.
If that's not to your liking, it would be fairly easy to custom build a cabinet (perhaps out of old stereo parts) with a cheap mobo with built-in video, audio, usb and game controller socket. That and an internal hard drive. I'll bet you could even approach your $25 mark if you shop carefully and scrounge thoroughly for free/discarded items.
My brother is a bona fide sea captain. When I told him about the PIRATE Act being sponsored by our favorite right-wing nut job, Orin Hatch, he honestly thought I was talking about piracy on the high seas and I could only wish that it were so. It would certainly make more sense.
I find a combination of VNC and remote X works rather well for me. At my work, we have a limited number of IP addresses (2) and therefore a limited number of ports we can forward. So I use VNC to connect to the gateway, and then use remote X to run applictions on my workstation. The VNC provides reasonably efficient network utilization across the internet, remote X provides convenient access to my applications across the local network where speeds are faster.
VNC is also useful for running applications on X without having to have a local user logged in. For instance, we have an application that does automatic document conversions (to HTML, mostly) using OpenOffice.org filters. To do this, an instance of OpenOffice.org must be running in an X session. VNC allows us to do that without having to have a user logged in at the terminal.
Incidently, the conversions are performed with, wait for it... a macro. Unlike MS macros however, there is no concern that it might one day break our business processes.
Seriously though, I wonder if gopher could be used effectively on RF networks for set-top boxes. That could be very useful for a terminally bandwidth-limited project I'm working on right now.
Nope, I don't think so. It's possible, sure, but unlikely. I think this was a professional exploit, or at least was created with a professional toolkit. One reason I suspect this is because of the 'witty' signature. It sounds much like the <-- insert content here --> comments found in HTML editors. Furthermore, with such a toolkit a virus writer would not need much time at all to exploit a known class of vulnerabilities such as buffer overflows.
What kind of a person would write create something for the sole purpose of ruining other people's computers?
Umm... what makes you think that that is it's sole purpose? I tend to think that worms like this one are merely test runs. The virus writers are fine tuning their toolkits. Part of such tuning would be tests to determine the effectiveness of destructive payloads.
There is an old maxim that states that one should never do anything for just one reason. That is to say that if you can only think of one reason to do something, it's probably not worth doing. I suspect a similar philosophy is at work here.
What a great post. I have a couple of clarifications and corrections though. Some of the tactics you mention are in fact being used and some have been for a long time.
1. Social engineering. This one of the most relied upon attack vectors in the computer world and goes back a considerable ways. Melissa, SoBig, and many other worms/viruses qualify as this type.
2. Feints and Diversions. This tactic is new this year. The viruses that attacked sco.com and microsoft.com while creating armies of spam/DDOS bots are examples of this tactic.
It is apparent to me that the virus writers are becoming very organised and their tools are becoming very refined. I think that it is only a matter of time before they release a VERY destructive worm.
I fear that the IT community will not be ready for it. I also fear that other governments (or our own for that matter) are watching and studying these developments with great interest. I suspect that they have programs to develop such techniques with the aim of being able to bring down enemy networks almost instantly. If I were a military chief, I would have just such a program; so it's difficult for me to assume that one does not exist in reality.
Not being a black hat (see name), I can only speculate. So here goes.
I should think it would be fairly trivial to develop a program that simply scans networks for specific open ports and then logs them. A utility like this would provide the perfect hitlist for an exploit that relies on a specific service such as BlackICE. In fact, I'd be rather suprised if just such a utility does not exist already.
Nmap comes to mind, although that certainly is not a trivial program.
Yes, yes it is a large leap to any conclusion of that kind. To follow the car analogy, if someone were to steal my car and ram it into a crowded restaurant, I would not be held responsible even had I left the door open and the engine running. That is exactly what is happening with trojaned computers. It is the attackers that should be held responsible, not the poor sap who's computer got hijacked.
There is no reason on Earth that this worm couldn't have attacked Linux boxen. If this worm had been tailored to attack the the recent openssh vulnerability the day after it came out, many of us would have been owned immediately. How many of us have an open ssh port through our NAT devices and firewalls? The scary thing about this worm is that the authors have demonstrated an ability to attack new vulnerabilities in third-party software very quickly. In the case of the openssh vulnerability (a root exploit) that would have meant that very many of us Linux users would have been affected before we could do anything about it.
But the two camps do co-exist and do overlap. As you probably know, most GUI apps in linux are little more than graphical interfaces to command line tools. CLI junkies stick to the tools and config files, and that's fine, but it in no way hinders the development of GUI applications. Nor does development of GUI tools hinder CLI junkies because the GUI tools use the CLI tools as a base. The two paradigms overlap in that each camp can use a disto tailored to them. One OS, multiple, complimentary implementations.
oh, and btw,
vi VS emacs arguments are pointless and a waste of time.
How much can you change in the GUI without confusing Joe Sixpack too much?
Indeed. For that matter, how much can you change the interface without confusing the nerds too? The 2D desktop works very well and has been continually refined over the past three decades. People have much invested in learning that style of interface, and therefore there is much inertia inherent in it.
That's not really a good argument though. If another paradigm were to prove that it is better, then maybe it stands a chance. Personally, I don't see how a 3D environment rendered on a 2D monitor could really work out. It seems to me that in order for a 3D environment to work, it needs to envelope the user in real space, otherwise it's still essentially a 2D interface, regardless of how it appears. Until we have technology that can project objects into real space ala Star Trek, the 3D desktop is doomed to failure as a poorly implemented 2D replacement.
OSX is an operating system aimed at the home and education markets. Linux is an operating system written by hackers for their own use. Two very different goals - hence the two very different approaches that have been taken.
This is both true and false. Although Linux was originally developed as a open-source UNIX-like OS primarily for computer professionals, some people have since decided to turn into something suitable for mass consumption. Other people like having a free hard core OS for gurus. The beauty of Linux is that it can be, and is, both and much more.
So it is not a case of conflicting goals, but of multiple goals. Since there is a nearly unlimited number of opportunities to pursue each goal, and a large number of people to do so, there is nothing wrong with such a division of resources. The pursuit of each different goal, in this case, has the unique benifit of strengthening all the others. This cooperation in competition is, in my opinion, Linux's single greatest strength and is what is driving the exponential growth in adoption and development that it currently enjoys.
Novell claims to have learned from past experience (which is admirable), yet they still want "very tight integration"? Isn't this what got Microsoft in trouble in the first place?
Sort of, but not really. Microsoft was convicted of using it's monopoly power to unfairly compete in the desktop market. They did this by bundling applications on their platform so as to give them an inherent advantage in market share terms. Novell is not a monopoly in any sense, and so does not have to play by the same rules. They are free to bundle away.
Slashdot Mirror
Most of the popular music sold at mass market venues are highly produced and engineered with the purpose of selling as many albums as possible. Unfortunately, that often leaves little room for artistic expression. That is not to belittle the talent of the artist, but to recognize a greater reality in that market: that business is business no matter what the atistic merit of the product.
If you are aware enough to recognize art when you see or hear it, you are also aware enough to seek out venues that feature such artists. Such venues do not cater to mass marketing. These are the bars, honkey tonks, indie recording labels that have been showcasing the best artists for generations. You find them at the edge of the university district, in the raucus dives, the after hours clubs, in the back of the local news rag that nobody really reads, and in the small record stores in the old strip mall downtown.
The major labels are good at doing one thing well, and only one thing, and that's making money. Don't let them kid you, even if CD sales are falling, they are still making money hand over fist. They will try to tell you that since this years take is smaller than last years take, they have somehow lost money. That is simply not true. They have made money, just not as much as last year. Boo Hoo.
If there are any record RIAA executives reading this comment, this is for you: "It's the ECONOMY, stupid!"
There's a misnomer if I ever heard one. So far, I've yet to see any reality show that bore any resemblance at all to the things I might encounter in my daily life. I consider myself to be a fairly cosmopolitan guy, too.
The shows I've seen that come closest to it are shows like Dave Atel's Insomniac. Hell, that's a comedy. It's not even a reality show, yet it's truer to life. As Homer would say, "It's funny because it's true."
It's sad but, in a morbidly predictable fashion, it's also very apropo.
A spell checker is just a dictionary with a few extra tools. Language semantics do not enter into it at all. As long as the spell checkers dictionary is reasonably complete, in that it contains all common words and their permutations, it can work for nearly any language that can be written in discreet words. I should think a spell checker for Kanji symbols would be much more difficult.
A grammar checker, on the other hand, may be much more difficult in Swahili than in English if the syntatic rules are really that much more complex.
Perhaps I should have read the LDP website first. It appears that they insist that all documentation be submitted in XML or SGML DocBook formats. They even have a group of volunteers to help with that if the author is not able to provide DocBook.
A quick perusal of CPAN revealed eight modules specifically for dealing with DocBook. No doubt other languages have similar libraries.
Looks to me like more than half the work is already done. It shouldn't be a difficult matter to create a script to run the DocBook -> HTML+CSS conversions with predictable results.
I think he meant not having the documentation authors be able to specify CSS files for their own documents. That's totally different than what you are suggesting, which is user-selectable alternate style sheets.
Both are exellent ideas. However, in order to do this properly, the LDP would have to also create a style guide for their documentation authors so that they can check their HTMl against it.
Perhaps having a group available to edit mark-up for the authors would also be a good idea. These people would be volunteers, and would not necessarily be among the same group as the authors. The downside to this is that it creates added overhead to the document submission process, which results in longer delays to publishing. That is not to say, however, that it should not be considered. Sufficient planning could overcome such obstacles rather easily.
I think you meant to say "Bloody fibre".
*chuckle* Ha. Ha. Heh.
BWAHAHAHAHAAAAA!
*sniff* *wipes tear*
Man, oh man....
You owe me one bowl of cheerios, you insensitive clod.
Customers should be warned that I hold IP rights to all hats that incorporate my foil. Scoria's "virtual tinfoil hats", in particular, contain many examples of said IP and users of this product may face substantial liability in that regard.
However, I do not wish to be seen as the 800 pound ogre in this market, so I am now offering licenses for my IP to all Scoria customers at the low rate of $699.00 per brain.
Act now to avoid future legal liabilities.
While it's not quite what you asked for, thinkgeek.com has the 10-in-1 Atari controller and the 5-in-1 Namco controller. Both are reasonably priced.
If that's not to your liking, it would be fairly easy to custom build a cabinet (perhaps out of old stereo parts) with a cheap mobo with built-in video, audio, usb and game controller socket. That and an internal hard drive. I'll bet you could even approach your $25 mark if you shop carefully and scrounge thoroughly for free/discarded items.
Heh.
My brother is a bona fide sea captain. When I told him about the PIRATE Act being sponsored by our favorite right-wing nut job, Orin Hatch, he honestly thought I was talking about piracy on the high seas and I could only wish that it were so. It would certainly make more sense.
I find a combination of VNC and remote X works rather well for me. At my work, we have a limited number of IP addresses (2) and therefore a limited number of ports we can forward. So I use VNC to connect to the gateway, and then use remote X to run applictions on my workstation. The VNC provides reasonably efficient network utilization across the internet, remote X provides convenient access to my applications across the local network where speeds are faster.
VNC is also useful for running applications on X without having to have a local user logged in. For instance, we have an application that does automatic document conversions (to HTML, mostly) using OpenOffice.org filters. To do this, an instance of OpenOffice.org must be running in an X session. VNC allows us to do that without having to have a user logged in at the terminal.
Incidently, the conversions are performed with, wait for it... a macro. Unlike MS macros however, there is no concern that it might one day break our business processes.
This is strange. Google is picking up the link to yesterday's /. article as though it were this one. Currently it says it was scraped 10 minutes ago.
s hdot.org/articles/04/03/22/138243.shtml%3Ftid%3D10 6
http://news.google.com/news/en/us/technology.html
http://news.google.com/url?ntc=04SJ0&q=http://sla
Oh absolutley. Notice I said through the firewall, not on it.
Not dying, dead. Somebody call the GhostBusters.
Seriously though, I wonder if gopher could be used effectively on RF networks for set-top boxes. That could be very useful for a terminally bandwidth-limited project I'm working on right now.
Nope, I don't think so. It's possible, sure, but unlikely. I think this was a professional exploit, or at least was created with a professional toolkit. One reason I suspect this is because of the 'witty' signature. It sounds much like the <-- insert content here --> comments found in HTML editors. Furthermore, with such a toolkit a virus writer would not need much time at all to exploit a known class of vulnerabilities such as buffer overflows.
What kind of a person would write create something for the sole purpose of ruining other people's computers?
Umm... what makes you think that that is it's sole purpose? I tend to think that worms like this one are merely test runs. The virus writers are fine tuning their toolkits. Part of such tuning would be tests to determine the effectiveness of destructive payloads.
There is an old maxim that states that one should never do anything for just one reason. That is to say that if you can only think of one reason to do something, it's probably not worth doing. I suspect a similar philosophy is at work here.
What a great post. I have a couple of clarifications and corrections though. Some of the tactics you mention are in fact being used and some have been for a long time.
1. Social engineering. This one of the most relied upon attack vectors in the computer world and goes back a considerable ways. Melissa, SoBig, and many other worms/viruses qualify as this type.
2. Feints and Diversions. This tactic is new this year. The viruses that attacked sco.com and microsoft.com while creating armies of spam/DDOS bots are examples of this tactic.
It is apparent to me that the virus writers are becoming very organised and their tools are becoming very refined. I think that it is only a matter of time before they release a VERY destructive worm.
I fear that the IT community will not be ready for it. I also fear that other governments (or our own for that matter) are watching and studying these developments with great interest. I suspect that they have programs to develop such techniques with the aim of being able to bring down enemy networks almost instantly. If I were a military chief, I would have just such a program; so it's difficult for me to assume that one does not exist in reality.
Not being a black hat (see name), I can only speculate. So here goes.
I should think it would be fairly trivial to develop a program that simply scans networks for specific open ports and then logs them. A utility like this would provide the perfect hitlist for an exploit that relies on a specific service such as BlackICE. In fact, I'd be rather suprised if just such a utility does not exist already.
Nmap comes to mind, although that certainly is not a trivial program.
Yes, yes it is a large leap to any conclusion of that kind. To follow the car analogy, if someone were to steal my car and ram it into a crowded restaurant, I would not be held responsible even had I left the door open and the engine running. That is exactly what is happening with trojaned computers. It is the attackers that should be held responsible, not the poor sap who's computer got hijacked.
There is no reason on Earth that this worm couldn't have attacked Linux boxen. If this worm had been tailored to attack the the recent openssh vulnerability the day after it came out, many of us would have been owned immediately. How many of us have an open ssh port through our NAT devices and firewalls? The scary thing about this worm is that the authors have demonstrated an ability to attack new vulnerabilities in third-party software very quickly. In the case of the openssh vulnerability (a root exploit) that would have meant that very many of us Linux users would have been affected before we could do anything about it.
oh, and btw,
Obviously
How much can you change in the GUI without confusing Joe Sixpack too much?
Indeed. For that matter, how much can you change the interface without confusing the nerds too? The 2D desktop works very well and has been continually refined over the past three decades. People have much invested in learning that style of interface, and therefore there is much inertia inherent in it.
That's not really a good argument though. If another paradigm were to prove that it is better, then maybe it stands a chance. Personally, I don't see how a 3D environment rendered on a 2D monitor could really work out. It seems to me that in order for a 3D environment to work, it needs to envelope the user in real space, otherwise it's still essentially a 2D interface, regardless of how it appears. Until we have technology that can project objects into real space ala Star Trek, the 3D desktop is doomed to failure as a poorly implemented 2D replacement.
OSX is an operating system aimed at the home and education markets. Linux is an operating system written by hackers for their own use. Two very different goals - hence the two very different approaches that have been taken.
This is both true and false. Although Linux was originally developed as a open-source UNIX-like OS primarily for computer professionals, some people have since decided to turn into something suitable for mass consumption. Other people like having a free hard core OS for gurus. The beauty of Linux is that it can be, and is, both and much more.
So it is not a case of conflicting goals, but of multiple goals. Since there is a nearly unlimited number of opportunities to pursue each goal, and a large number of people to do so, there is nothing wrong with such a division of resources. The pursuit of each different goal, in this case, has the unique benifit of strengthening all the others. This cooperation in competition is, in my opinion, Linux's single greatest strength and is what is driving the exponential growth in adoption and development that it currently enjoys.
Novell claims to have learned from past experience (which is admirable), yet they still want "very tight integration"? Isn't this what got Microsoft in trouble in the first place?
Sort of, but not really. Microsoft was convicted of using it's monopoly power to unfairly compete in the desktop market. They did this by bundling applications on their platform so as to give them an inherent advantage in market share terms. Novell is not a monopoly in any sense, and so does not have to play by the same rules. They are free to bundle away.
More power to them, I say.
The US has become Mexico.
People are coming here to exploit our weak currency!
Ahh... globalism. Ain't it grand?