> Is a system that could save millions of lives without infringing on our freedoms worth it? Yes. How could anyone think otherwise. These missile defense system can not feasibly be used offensively. If someone gets mad at us for wanting to be able to defend ourselves, isn't that their problem?
I believe you are completely missing the point here... Try imagining it the opposite way for a second: China and Russia is setting up an missil shield that US cannot penetrarte - all to protect their own citizens in the event of a (nuclear) missil war. USA does not have any equivelent shield. You do realize that Russia could send missiles against defenseless USA whereas all missiles from USA would be shut down? So what would USA have to do? - the obvious answers are the same as what Russia and China today will do. The shield just as the arms themselves are double edged - each cause an arms race. It will not stop until each of the parties are able to destroy each other, or the worst case that only one power remains.
I always look for reviews of a product before buying. If the product does not contain the exact number and version that is listed in the reviews I ignore it. Also, I dont accept whatever review there is neither - I will ignore reviews I dont deem neutral. I can tell you it is usually very dificult to find the products that actually get the good score - Try finding the shavers listed in the reviews arround! You will hardly ever find them - it looks like they only want the brand itself to win, but wont sell top items anywhere regardless if it is Braun, Phillips or whatever. I often end up buying online for that very reason, retail stores keep shooting themselves in the foot by not using the very version numbers winning the tests, being computers, shavers, or whatever.
That does not remove the fact that there is a use case for the type of user we are that is distinct from a regular user.
For example making a sales site and only making use cases for the people going to buy things does not remove the use case for one that need to maintain the inventory of the site...
> "UI designers", on the other hand, are more interested in creating software that looks "pretty", even if it's damn impossible to use productively
That should not be correct, it that is the case, then fire the guy! The objective of an UI designer is to make the UI intuitive and quick to use. We are talking about testing how fast people grasp the UI, how fast they can get certain things done. We are talking about making use cases, and see how those use cases are met. Eliminating clutter. Evaluating if is it easy or confusing to get from A to B.
Where this often go wrong is in the evaluation of who the users are. There should be use cases for each kind of user we expect should use the system. For an online shopping site that might be "unregistered users", "registered users", "inventory manager", "content editor", "translator", and so on. But when it comes to a "Desktop" application this become MUCH harder...
Try defining all the types of users of a Desktop... What does it mean? In real life, a carpenter or a metal worker would have a clearly different desktop than an office worker, but does those roles translate into computer different kinds of desktops in a computer? Should an accountant be considered a different kind of desktop user than a Java programmer? What about a gamer? Or a sales representative? Does the kind of desktop we have depend upon these distinctions? If not, what is it that does define distinct users of a "Desktop"?
I believe the problem here is that the "Desktop" in general was only an virtual illusion created to make people have a concept to easier associate things in the virtual world to the real world. We create archive folders, drop down indexes and so on. Virtual illusions to make us to associate with things we can take and feel. In several ways we are beyond this now too: we now have use cases for desktop as an assistant for example: get me file X in any of my folders, e-mail, document or whatever. Find me application Y. Read this text loud. Inform me when someone calls or sends a message. Call person Z for me. I mean - do you really want to select the phone application before asking the machine to make a call? - In other words, you do see that this is a newer role of a "desktop", right?
It is indeed confusing and complex, and I truly do not think a group of programmers would do better if they to design the interface by without input from others. I do think it will be UI designers that will eventually figure out of the confusion - maybe realizing that a cell phone is more or an mobile assistant than a desktop - I mean - you wont sit down with your phone and think of it as your desk anytime soon. The question is, how much of the old computer desktop today should resemble a desk, what should now be more as an assistant, and what else?
I can't say I have any modern favorite desktop; as for now I prefer Gnome2 or XFCE on Linux, the early interfaces on Mac OS X 10.4. Hopefully we get the right balance soon.
"is the massive data Siri will collect in the next 2 years â" all being stored in Apple's massive North Carolina data center"
Hu? I am thinking of the consequences of that as something far reaching and that can backfire badly... How is the users private data maintained here? Do you always known when your phone is in "command" mode, or may the phone send what you are saying as if a command unintentionally?
And will it be accepted in Europe that potential unintended voice recording of whatever you or those you talk with say will be stored in North Carolina?
I agree with parent here. There are good reasons when to use Redhat and other good reasons to use CentOS. I think you do a major mistake if the reason you want to choose Redhat in a job is in order to support Open Source. You must make a real business case to justify investing in Redhat here - to support Open Source is not a business decision!
You must for example focus on the potential cost of downtime from one solution over the other. Maybe the solution you build have critical components to the company, where quick patches are essential. Redhat will for sure patch much quicker than CentOS issues like Apache, DNS, and other forward facing applications, and you might be able to make a business case of the value of those days with vs without protection. Of course - if you for example only have an informational site it would be a tough sale... But if your site have thousands of daily users its something else.
Another issue is code review. Redhat has a major QA process, so in most cases you might not need to manually review their patches for your solution. For CentOS you are on your own, so you got to test everything much more thoroughly before doing large scale deployments company wide.
Then you have an entirely different aspect of this all - I did once convince management to use Redhat ES above alternative solutions due to support and our solution did have major exposure from all over the world. But, we started quickly to find that our needs where NOT met with what was certified!!! We suddenly had to have custom installations of Sendmail due to the one included in Redhat at the time did not support keeping copies of all outgoing mail, now we had no longer Redhat support for Sendmail... Then we had to use PHP modules that were not built into Redhat's PHP build... We ended up needing a custom build of Apache, PHP, Sendmail, and much more, and the next thing management would ask of course was: Why are we using Redhat now? None of our critical solutions have support anymore... Only MySQL and other minor things...
I got a great lessen to learn from that incident and I will not do the same mistake again. I do see when I should recommend Redhat and when I should recommend CentOS for a project today. There are many factors - going Redhat servers are usually for things that must stay reliable - that run quite stable software - and you hardly should touch. It might also be when a good sales argument to your client is that you run on fully certified solutions. Dynamic servers where you are expected to upgrade to the latest and greatest constantly are for sure solutions where you should suggest Redhat to management.
Sit back and review why it is you think Redhat is better than CentOS for this project. If you can't manage to justify it with benefits to the company you work for, then CentOS is most certainly the correct solution for you!
And am very happy. I know three are newer Asus machines that work even better than mine today due to improved dual graphics card support. I usually have my machine running more than 6 hours on battery in Linux! It is rated as 10 hours max in Windows, however I find Ubuntu 64bit overall uses less resources except for when totally idle, and Ubuntu is much more responsive than Windows 7 on this machine!
I have never used XML Encryption, however, why does is it using a SHARED key??? Sure, it might be heavier on the transaction, but this is about security first of all or no? Then we find:
Is in the Example encrypted as <EncryptedData Type='http://www.w3.org/2001/04/xmlenc#Element' xmlns='http://www.w3.org/2001/04/xmlenc#'> <CipherData> <CipherValue>A23B45C56</CipherValue> </CipherData> </EncryptedData>
(The ChiperValue appear to be an example only as the same text appear in other examples with other data). But more than 50% of the text is tags, and you know the location of those tags... It seems obvious this is a problem.</p> <p>It can appear that PKI would greatly improve this situation as it is TWO PASS - first encrypted with the servers private key, then the result encrypted with the recipient's public cert. In other words, the end and start tags would be gibberish between the passes.
Another method is to implement compression in the spec as well, however that would be a can of worms in it self as you would need some way to specify what compression algorithm was used, which likely would require even more clear text XML tags...
instead of signals transmitted using electricity. That essentially remove surges between your equipment from the equation. I have no longer any count of how many times I have experienced small shocks from connecting an external hard drive with its own power cord to my laptop or desktop. That may not stop, but I will at least know this no longer impact my machine. On the other side - I am not going to run for Thunderbolt until I know the failure rate of fiber cables due to bending etc. vs current USB cables... Especially if the price for new cables is substantially more expensive.
From what is stated; 1) The key given to the reporter was not the key for the insurance file 2) The Assange had provided a backup method for others to recover the data in the case he was a) killed, b) otherwise rendered incapable to act by other than having the group act on his behalf 3) Whereas it is easy to revoke access to content on a central server, it is impossible to revoke access to a file that cannot be changed (a password can simply not be revoked unless you can write to it) In other words you cannot revoke passwords for content that is available on bit torrent etc. 4) The way encryption usually work is through two sets of keys, i.e. LUKS. The real key is essentially always 512bits, but nobody including you ever use this key - you have a password and a separate key that releases the 512bit key!!! No, we do not know if there was a second pass-phrase key on the content provided to the reporter, but if it was, having one key which gives access to the full 512bit key and content might be used to reveal alternative keys to get the real key. One of which might cascade to the key used in the insurance file. Which is why it was truly irresponsible of the reporter to publish the key regardless!!! That is as far as I see neglect, and being clueless is under no circumstance justification. Yes, the password could be revoked on access, but any backup prior to revocation can as stated above would retain access with that key whether it is a tape, an USB copy, or bit torrent.
Anyway, it is not for sure there where any alternative keys combined with that content, however, we do know the group had access to release the content of the insurance file in case something did happen to Assange anyway...
That the Insurance file was released on Bit torrent was most certainly not a mistake, however, it will have been a mistake if an alternative key used on the content given to the reporter could cascade to this key somehow. (From what I have learned of the case, I kind of don't think the problem was here).
So that leaves the people who where on the inside with the knowledge necessary to release the key...
Sure, there has been a lot of mistakes happening; we can blame Assange for believing in the fools who left for OpenLeaks. They were likely always the number 1 threat to the whistle blowers: Internals who sabotage, steal and try to destroy the original organization with internal knowledge.
We have already been told keeping the antenna close to the ears for long hours can provoke cancer etc. Now getting multiple antennas essentially as close as it is possible to get without an implant. How will this change the cancer statistics etc. in the next few years?
"broadcast" require it to be multiple recepients, you cant possibly claim it is broadcast when the channel is only going to one particular destination! See IP addresses: if you send to 0.0.0.0 then you are broadcasting to everyone, 1.1.1.0, then you are broadcasting to the 1.1.1.x subnet containing 255 ip addresses, but if you are sending to 1.1.1.1 you are NOT broadcasting but sending to one particular recipient!.
What licenses do you need to open a regular video store in USA renting out physical media like DVD's? This store is after all only renting out physical media to the client where the delivery is their physically rented player as the delivery address. Does really the movie studios need to authorize every single video store?
What I understand they where not authorized to was renting movies over the Internet, but they technically are not doing so.
Lets say you are having a dedicated or virtual dedicated server with your hosting provider. Are you or the hosting company responsible for the content you store on your dedicated server? Are you allowed to store proprietary software on this server rented at the Hosting provider by sending the software by DVD to them? Lets say for an instance that the DVD contain the phone catalog with relevant software licensed by the phone company for one machine that must have the dvd in the player at all times. Is it legal to place this on your dedicated server with your ISP? Who needs to buy the license? Who is responsible?
Lets say you sent a video DVD to your rented dvd-player at your hosting company. Who is responsible now? Lets say the ISP place the DVD into your dvd player. That's it. Did it create any stream? No, it did not even start playing! Now you are logging into your rented server at the hosting company, over a SSH or SSL connection, accessing the dvd player, and initiating a stream to the the remote display which is your own tv at home.
Is your hosting company liable for enabling you to stream something? Is the movie rental company liable for shipping the movie to the address you specified? If it is you who is now streaming, is it illegal for you to stream this simply because it is a rented movie despite it only being between your own equipment and you are not broadcasting anything?
From what I can see that is not the issue: They ARE authorized to rent out the movies, what the studios refuse is rending out streaming over the Internet. However, in this case they are: 1) renting the physical dvd's to the clients 2) placing the physical dvd rented into the physical dvd player also being rented by the client 3) providing an interface to use the physically rented dvd player to the clients that lets the end user initiate a stream over a secure connection
Step 2 and 3 is apparently OK if the movie is not a recent one Step 1 is also perfectly OK. The problem claimed is that new movies are not physically picked up by the client but is streamed.
As far as I can see, it is not the store who initiate the streaming, but the end user from his rented dvd player... This should be just as legal as streaming the movie from your Wifi enabled dvd player to the TV. What is it here that really makes this illegal???
Last time I checked, If I rent a web server and I create streaming content on it, then it is me and not my hosting service that create the streaming content.
If I now rent a dvd player with SSH or HTTP / SSL connection and I log into my rented box and flip the switch to start a stream, who is it that now create the stream? My service provider or me?
1) You are renting a video player which is located in the store and provide exclusive access to you while renting through an encrypted virtual interface 2) You are separately renting a movie 3) You ask as delivery method that someone is placing your rented movie inside your rented dvd player 4) You connect the rented player to your display unit 5) You see the movie
Streaming was done by you from your equipment to your equipment. The streaming can in this case not be said to be done by the store, as it is solely initiated by the client from his own rented player with his own rented physical media. I don't see how this can be illegal. Maybe I did not understand it right, and they don't rent the player out separate from the movie? In that case there might be problems...
This was from about 1980-85 so it was way before Internet... It was demonstrated with a 60w light bulb, sure it was not as bright as it would have been if connected to the cord, but the coil was for sure no more than a kilo, mostly copper. The light bulb was connected to the coil and it was demonstrated holding it up in the air, I were allowed to hold it up myself. The closer we got by the power lines the brighter the light.
The one we used looked more like the middle one in the upper picture on that page, but it was bigger, had a finer copper wire, and it was twisted around the ring much more than that one.
The essential point is to get the coil in the same frequency as the your power grid. The one who made the one I saw was a electrician by profession, and knew the math behind it well. Note also that it was done in Europe with 240 volt power, but I believe the grid we was close to had an even greater voltage(?)
The article is most certainly correct that it is prohibitively expensive if living even a few hundred meters from the power lines. But the electrician who demonstrated it was also the one stating the company could notice the power drop on the line when used extensively, and would then investigate it, find you, and prosecute you.
I remember it was demonstrated that people living close to the grid could get free energy simply by using a coil.
It did not take long though until this became prohibited as it actually did tap the energy from the cables. It even resulted being possible to detect someone was tapping the power.
So here we are again, this time with power from radio waves. How much interference does this cost if we add to the scale? will the radio stations and wireless access points get reduced range by this? If so, don't be surprised that this technology too will be deemed illegal.
... Lightpeek will probably be an important technology for those seeking the best performance for a long time. The reason USB 3.0 will be dominant is that it will for certain be much cheaper than an advanced fiber-optical cable which is bendable. I for one am concerned still how bendable it is - my guess is that it will be nowhere as safe as USB, and it will likely be substantially more expensive. Lightpeek might replace all other cables, and Intel might push it in their devices, but will others who now will have to pay Intel royalties every time? USB 3.0 is free to use and a much safer bet, however we will likely see both in premium machines. USB 3.0 will be fast enough for most people for now. We can also assume there will be an USB 4.0 coming when the demand actually gets there as they will accept paying Intel the royalties for the premium machines where they can recover the cost and at the same time earn money, but cannot recover the cost when we want that speed in a budget machine... My guess is that USB will remain relevant until we remove the cables permanently, maybe something like lightfleet (http://lightfleet.com/) but a version which would not get interrupted by someone walking in between or something.
Reading the article they talk about an older simpler problem not mentioning a birthdate resulting in probability of 1/3. This was wrong just as well as the Tuesday not being relevant. The calculations in both cases failed to take into account that we did not know which boy where older as well. The list should not have been: boy / boy boy / girl girl / boy girl / girl ( impossible) resulting in 2/3 probability the other was a girl and 1/3 for a boy. This is however wrong... It should have been listed as: boy (1) / boy (2) boy (2) / boy (1) boy / girl girl / boy girl (1) / girl (2) (impossible) girl (2) / girl (1) (impossible) Resulting in 2/4 for both boy and girl giving the real result of 50%.
There are no indication as to whether the boy listed was the younger or older.
Adding the Tuesday information will now correctly not make any difference.
There is also another important difference. Music and movies are made to express something, they are usually not made upon demand. Software on the other hand should be made because someone needs it. Anyone needing the software enough should be willing enough to pay the price to get it done, with open source, this additional work may be provided back to the community to ensure the company don't need to develop the same software again when ten versions later a serious problem is found in the old version. If they did not contribute back, they would now need to do the work again, but having contributed the code most likely made sure all the aspects the company needed has been taken care of, and even improved!
Software developers in the Open Source world do not expect to be selling millions of versions of any software - they expect to get a request for providing the functionality that a company demands, get paid for making what is needed, and move on to the next demand. The continuous improvement of the code base make Open Source the clear winner in the long run. There will not be any room for a Software company thinking the old way of make once, sell everywhere anymore.
From experience I totally agree: I myself tried to learn linux 3 times before I finally moved to the platform. I had my then had Redhat 5.2, SuSE, Mandrake, and some others before dropping out - the interfaces worked well, but I did not understand the fundamentals - expecially things like why I could not execute my programs etc - which I later on learned was - my programs where not in path and thus I had to make them executable and then use./ and other issues.
All solutions - Ubuntu, Redhat, Slackware, etc use entirely different package managers etc. This was another huge problem for me - I was learned the Redhat way and had no understanding of how I could install things myself when I needed. This is a major issue.
Through my Linux experience in school which essentially was more about creating some basic C programs etc, I had yet no understanding of the way the system worked, why there was a/bin,/usr/bin,/usr/local/bin and so on, and I was close to drop Linux altogether.
I did make one last attempt - Linux from Scratch http://www.linuxfromscratch.org/ : Finally a project that helped me make sense of all the Unix systems!! It took me only one single week despite having to recompile all the code! The compilation time was time to learn the fundamentals - partitioning, file system considerations, Linux Standard Base : why some things are to be in/bin, others in/usr/bin or/usr/local/bin or/opt and so on.
As soon as I had finished the basic Linux from Scratch program, I had learned enough to use ANY Linux system; I moved to Gentoo at the time to make sure I did not forget what I had learned and improve some more. Today I use Redhat ES for servers and mostly Ubuntu for desktop.
1) Open Source is mainly a replacement of "built in house/customized software" than packaged software. You are approaching people who want full control rather than a generalized solution. 2) By returning the changes to the community, they can ensure other improvements done can be implemented cheaply in the future. 3) Other people and organizations may find that the new base is a start point for their organization too, and use it with or without modifications.
These steps are valuable for consultants, companies who want control and save money, etc. However, when a project grows quickly or is of a kind that is critical many people would desire someone to ensure them that next time they upgrade their solution it does not cause problems, or can be quickly resolved by someone, or someone who are liable to fix the issues should they occur in their system, then it might go to a new level for the maintainers:
4) The real money for a development company will not be there until sufficient amount of people or organizations want to pay for support.
Face it - Open Source is about mass customization. It is also about making the common a commodity - do not expect to sell things that are common needs for everyone for a massive price forever (word-processors, base operating systems, etc), The money will only come from supporting these application when the base is big enough.
Assuming you can sell your software to enough companies, you might not be interested in Open Sourcing it out - a large part of it all is weather you believe you will gain more on support by obtaining a larger number of users, or if you think the selling to and supporting less people bring more value.
I do agree there is a pain changing passwords constantly, and I can't say I like it any better where am working with two separate rolling passwords every 2 months. I did however obtain a great tip on the net previously: Find yourself a 8 letter pass-phrase but leave two spots empty: example "_phrase_", "Phra__se" or something. Memorize the phrase except for the 2 letters you left out - this give you 3600 alternative passwords combinations to choose from! And you can write down these two letters. : Q!, : W*, and so on. Nobody can guess your phrase, so the password is still quite safe! I am using one phrase for work, another for my personal stuff. Now every time I update my password I simply update these letters. Sure, I am still at times typing the wrong password right after I have changed one, but after two tries I am sure to remember that I changed it, and what combination I changed to after last one.
Slashdot Mirror
> Is a system that could save millions of lives without infringing on our freedoms worth it? Yes. How could anyone think otherwise. These missile defense system can not feasibly be used offensively. If someone gets mad at us for wanting to be able to defend ourselves, isn't that their problem?
I believe you are completely missing the point here... Try imagining it the opposite way for a second: China and Russia is setting up an missil shield that US cannot penetrarte - all to protect their own citizens in the event of a (nuclear) missil war. USA does not have any equivelent shield. You do realize that Russia could send missiles against defenseless USA whereas all missiles from USA would be shut down? So what would USA have to do? - the obvious answers are the same as what Russia and China today will do. The shield just as the arms themselves are double edged - each cause an arms race. It will not stop until each of the parties are able to destroy each other, or the worst case that only one power remains.
I always look for reviews of a product before buying. If the product does not contain the exact number and version that is listed in the reviews I ignore it. Also, I dont accept whatever review there is neither - I will ignore reviews I dont deem neutral. I can tell you it is usually very dificult to find the products that actually get the good score - Try finding the shavers listed in the reviews arround! You will hardly ever find them - it looks like they only want the brand itself to win, but wont sell top items anywhere regardless if it is Braun, Phillips or whatever. I often end up buying online for that very reason, retail stores keep shooting themselves in the foot by not using the very version numbers winning the tests, being computers, shavers, or whatever.
That does not remove the fact that there is a use case for the type of user we are that is distinct from a regular user.
For example making a sales site and only making use cases for the people going to buy things does not remove the use case for one that need to maintain the inventory of the site...
> "UI designers", on the other hand, are more interested in creating software that looks "pretty", even if it's damn impossible to use productively
That should not be correct, it that is the case, then fire the guy! The objective of an UI designer is to make the UI intuitive and quick to use. We are talking about testing how fast people grasp the UI, how fast they can get certain things done. We are talking about making use cases, and see how those use cases are met. Eliminating clutter. Evaluating if is it easy or confusing to get from A to B.
Where this often go wrong is in the evaluation of who the users are. There should be use cases for each kind of user we expect should use the system. For an online shopping site that might be "unregistered users", "registered users", "inventory manager", "content editor", "translator", and so on. But when it comes to a "Desktop" application this become MUCH harder...
Try defining all the types of users of a Desktop... What does it mean? In real life, a carpenter or a metal worker would have a clearly different desktop than an office worker, but does those roles translate into computer different kinds of desktops in a computer? Should an accountant be considered a different kind of desktop user than a Java programmer? What about a gamer? Or a sales representative? Does the kind of desktop we have depend upon these distinctions? If not, what is it that does define distinct users of a "Desktop"?
I believe the problem here is that the "Desktop" in general was only an virtual illusion created to make people have a concept to easier associate things in the virtual world to the real world. We create archive folders, drop down indexes and so on. Virtual illusions to make us to associate with things we can take and feel. In several ways we are beyond this now too: we now have use cases for desktop as an assistant for example: get me file X in any of my folders, e-mail, document or whatever. Find me application Y. Read this text loud. Inform me when someone calls or sends a message. Call person Z for me. I mean - do you really want to select the phone application before asking the machine to make a call? - In other words, you do see that this is a newer role of a "desktop", right?
It is indeed confusing and complex, and I truly do not think a group of programmers would do better if they to design the interface by without input from others. I do think it will be UI designers that will eventually figure out of the confusion - maybe realizing that a cell phone is more or an mobile assistant than a desktop - I mean - you wont sit down with your phone and think of it as your desk anytime soon. The question is, how much of the old computer desktop today should resemble a desk, what should now be more as an assistant, and what else?
I can't say I have any modern favorite desktop; as for now I prefer Gnome2 or XFCE on Linux, the early interfaces on Mac OS X 10.4. Hopefully we get the right balance soon.
"is the massive data Siri will collect in the next 2 years â" all being stored in Apple's massive North Carolina data center"
Hu? I am thinking of the consequences of that as something far reaching and that can backfire badly... How is the users private data maintained here? Do you always known when your phone is in "command" mode, or may the phone send what you are saying as if a command unintentionally?
And will it be accepted in Europe that potential unintended voice recording of whatever you or those you talk with say will be stored in North Carolina?
I agree with parent here. There are good reasons when to use Redhat and other good reasons to use CentOS. I think you do a major mistake if the reason you want to choose Redhat in a job is in order to support Open Source. You must make a real business case to justify investing in Redhat here - to support Open Source is not a business decision!
You must for example focus on the potential cost of downtime from one solution over the other. Maybe the solution you build have critical components to the company, where quick patches are essential. Redhat will for sure patch much quicker than CentOS issues like Apache, DNS, and other forward facing applications, and you might be able to make a business case of the value of those days with vs without protection. Of course - if you for example only have an informational site it would be a tough sale... But if your site have thousands of daily users its something else.
Another issue is code review. Redhat has a major QA process, so in most cases you might not need to manually review their patches for your solution. For CentOS you are on your own, so you got to test everything much more thoroughly before doing large scale deployments company wide.
Then you have an entirely different aspect of this all - I did once convince management to use Redhat ES above alternative solutions due to support and our solution did have major exposure from all over the world. But, we started quickly to find that our needs where NOT met with what was certified!!! We suddenly had to have custom installations of Sendmail due to the one included in Redhat at the time did not support keeping copies of all outgoing mail, now we had no longer Redhat support for Sendmail... Then we had to use PHP modules that were not built into Redhat's PHP build... We ended up needing a custom build of Apache, PHP, Sendmail, and much more, and the next thing management would ask of course was:
Why are we using Redhat now? None of our critical solutions have support anymore... Only MySQL and other minor things...
I got a great lessen to learn from that incident and I will not do the same mistake again. I do see when I should recommend Redhat and when I should recommend CentOS for a project today. There are many factors - going Redhat servers are usually for things that must stay reliable - that run quite stable software - and you hardly should touch. It might also be when a good sales argument to your client is that you run on fully certified solutions. Dynamic servers where you are expected to upgrade to the latest and greatest constantly are for sure solutions where you should suggest Redhat to management.
Sit back and review why it is you think Redhat is better than CentOS for this project. If you can't manage to justify it with benefits to the company you work for, then CentOS is most certainly the correct solution for you!
And am very happy. I know three are newer Asus machines that work even better than mine today due to improved dual graphics card support. I usually have my machine running more than 6 hours on battery in Linux! It is rated as 10 hours max in Windows, however I find Ubuntu 64bit overall uses less resources except for when totally idle, and Ubuntu is much more responsive than Windows 7 on this machine!
I typically follow this guy for these machines: http://wiki.daviddarts.com/Ubuntu_Maverick_on_the_Asus_UL30VT
I have never used XML Encryption, however, why does is it using a SHARED key??? Sure, it might be heavier on the transaction, but this is about security first of all or no? Then we find:
<CreditCard Limit='5,000' Currency='USD'>
<Number>4019 2445 0277 5567</Number>
<Issuer>Example Bank</Issuer>
<Expiration>04/02</Expiration>
</CreditCard>
Is in the Example encrypted as
<EncryptedData Type='http://www.w3.org/2001/04/xmlenc#Element'
xmlns='http://www.w3.org/2001/04/xmlenc#'>
<CipherData>
<CipherValue>A23B45C56</CipherValue>
</CipherData>
</EncryptedData>
(The ChiperValue appear to be an example only as the same text appear in other examples with other data). But more than 50% of the text is tags, and you know the location of those tags... It seems obvious this is a problem.</p>
<p>It can appear that PKI would greatly improve this situation as it is TWO PASS - first encrypted with the servers private key, then the result encrypted with the recipient's public cert. In other words, the end and start tags would be gibberish between the passes.
Another method is to implement compression in the spec as well, however that would be a can of worms in it self as you would need some way to specify what compression algorithm was used, which likely would require even more clear text XML tags...
instead of signals transmitted using electricity. That essentially remove surges between your equipment from the equation. I have no longer any count of how many times I have experienced small shocks from connecting an external hard drive with its own power cord to my laptop or desktop. That may not stop, but I will at least know this no longer impact my machine. On the other side - I am not going to run for Thunderbolt until I know the failure rate of fiber cables due to bending etc. vs current USB cables... Especially if the price for new cables is substantially more expensive.
OpenVPN can use any port and is not detected as regular VPN communication, and can thus bypass firewalls that blocks VPN communication.
From what is stated;
1) The key given to the reporter was not the key for the insurance file
2) The Assange had provided a backup method for others to recover the data in the case he was a) killed, b) otherwise rendered incapable to act by other than having the group act on his behalf
3) Whereas it is easy to revoke access to content on a central server, it is impossible to revoke access to a file that cannot be changed (a password can simply not be revoked unless you can write to it) In other words you cannot revoke passwords for content that is available on bit torrent etc.
4) The way encryption usually work is through two sets of keys, i.e. LUKS. The real key is essentially always 512bits, but nobody including you ever use this key - you have a password and a separate key that releases the 512bit key!!!
No, we do not know if there was a second pass-phrase key on the content provided to the reporter, but if it was, having one key which gives access to the full 512bit key and content might be used to reveal alternative keys to get the real key. One of which might cascade to the key used in the insurance file. Which is why it was truly irresponsible of the reporter to publish the key regardless!!! That is as far as I see neglect, and being clueless is under no circumstance justification. Yes, the password could be revoked on access, but any backup prior to revocation can as stated above would retain access with that key whether it is a tape, an USB copy, or bit torrent.
Anyway, it is not for sure there where any alternative keys combined with that content, however, we do know the group had access to release the content of the insurance file in case something did happen to Assange anyway...
That the Insurance file was released on Bit torrent was most certainly not a mistake, however, it will have been a mistake if an alternative key used on the content given to the reporter could cascade to this key somehow. (From what I have learned of the case, I kind of don't think the problem was here).
So that leaves the people who where on the inside with the knowledge necessary to release the key...
Sure, there has been a lot of mistakes happening; we can blame Assange for believing in the fools who left for OpenLeaks. They were likely always the number 1 threat to the whistle blowers: Internals who sabotage, steal and try to destroy the original organization with internal knowledge.
It is hardly 4 months since a panel of 31 scientist came to the conclusion that cell phone radiation increases the risk for cancer:
http://www.cbloomnews.com/TopNews.aspx?Article_id=85332&Cat=5
http://www.cnn.com/2011/HEALTH/05/31/who.cell.phones/index.html
http://www.pcworld.com/businesscenter/article/229054/cell_phones_may_cause_cancer_says_the_who_what_to_do.html
What news are you reading to say "no one respectable has said that for decades"???
We have already been told keeping the antenna close to the ears for long hours can provoke cancer etc. Now getting multiple antennas essentially as close as it is possible to get without an implant. How will this change the cancer statistics etc. in the next few years?
Has safety been considered at all?
"broadcast" require it to be multiple recepients, you cant possibly claim it is broadcast when the channel is only going to one particular destination! See IP addresses: if you send to 0.0.0.0 then you are broadcasting to everyone, 1.1.1.0, then you are broadcasting to the 1.1.1.x subnet containing 255 ip addresses, but if you are sending to 1.1.1.1 you are NOT broadcasting but sending to one particular recipient!.
What licenses do you need to open a regular video store in USA renting out physical media like DVD's? This store is after all only renting out physical media to the client where the delivery is their physically rented player as the delivery address. Does really the movie studios need to authorize every single video store?
What I understand they where not authorized to was renting movies over the Internet, but they technically are not doing so.
Lets say you are having a dedicated or virtual dedicated server with your hosting provider. Are you or the hosting company responsible for the content you store on your dedicated server? Are you allowed to store proprietary software on this server rented at the Hosting provider by sending the software by DVD to them? Lets say for an instance that the DVD contain the phone catalog with relevant software licensed by the phone company for one machine that must have the dvd in the player at all times. Is it legal to place this on your dedicated server with your ISP? Who needs to buy the license? Who is responsible?
Lets say you sent a video DVD to your rented dvd-player at your hosting company. Who is responsible now? Lets say the ISP place the DVD into your dvd player. That's it. Did it create any stream? No, it did not even start playing!
Now you are logging into your rented server at the hosting company, over a SSH or SSL connection, accessing the dvd player, and initiating a stream to the the remote display which is your own tv at home.
Is your hosting company liable for enabling you to stream something?
Is the movie rental company liable for shipping the movie to the address you specified?
If it is you who is now streaming, is it illegal for you to stream this simply because it is a rented movie despite it only being between your own equipment and you are not broadcasting anything?
From what I can see that is not the issue: They ARE authorized to rent out the movies, what the studios refuse is rending out streaming over the Internet. However, in this case they are:
1) renting the physical dvd's to the clients
2) placing the physical dvd rented into the physical dvd player also being rented by the client
3) providing an interface to use the physically rented dvd player to the clients that lets the end user initiate a stream over a secure connection
Step 2 and 3 is apparently OK if the movie is not a recent one
Step 1 is also perfectly OK.
The problem claimed is that new movies are not physically picked up by the client but is streamed.
As far as I can see, it is not the store who initiate the streaming, but the end user from his rented dvd player... This should be just as legal as streaming the movie from your Wifi enabled dvd player to the TV. What is it here that really makes this illegal???
Last time I checked, If I rent a web server and I create streaming content on it, then it is me and not my hosting service that create the streaming content.
If I now rent a dvd player with SSH or HTTP / SSL connection and I log into my rented box and flip the switch to start a stream, who is it that now create the stream? My service provider or me?
Notice that there is already several DVD players on the market that allows you to output the movie to your TV using Wifi and streaming:
(Example: http://www.amazon.com/LG-BD690-Wireless-Network-Blu-ray/dp/B004OF9XMI )
1) You are renting a video player which is located in the store and provide exclusive access to you while renting through an encrypted virtual interface
2) You are separately renting a movie
3) You ask as delivery method that someone is placing your rented movie inside your rented dvd player
4) You connect the rented player to your display unit
5) You see the movie
Streaming was done by you from your equipment to your equipment. The streaming can in this case not be said to be done by the store, as it is solely initiated by the client from his own rented player with his own rented physical media. I don't see how this can be illegal. Maybe I did not understand it right, and they don't rent the player out separate from the movie? In that case there might be problems...
This was from about 1980-85 so it was way before Internet...
It was demonstrated with a 60w light bulb, sure it was not as bright as it would have been if connected to the cord, but the coil was for sure no more than a kilo, mostly copper. The light bulb was connected to the coil and it was demonstrated holding it up in the air, I were allowed to hold it up myself. The closer we got by the power lines the brighter the light.
The method is mentioned somewhat here: http://en.wikipedia.org/wiki/Inductor
The one we used looked more like the middle one in the upper picture on that page, but it was bigger, had a finer copper wire, and it was twisted around the ring much more than that one.
The essential point is to get the coil in the same frequency as the your power grid. The one who made the one I saw was a electrician by profession, and knew the math behind it well. Note also that it was done in Europe with 240 volt power, but I believe the grid we was close to had an even greater voltage(?)
This guy claims he got 4kwh from what to me sounds like the same mechanism, though he was an amateur originally believing he got power from the aether... : http://www.pureenergysystems.com/news/exclusive/wireless_transformer/
The article is most certainly correct that it is prohibitively expensive if living even a few hundred meters from the power lines. But the electrician who demonstrated it was also the one stating the company could notice the power drop on the line when used extensively, and would then investigate it, find you, and prosecute you.
I remember it was demonstrated that people living close to the grid could get free energy simply by using a coil.
It did not take long though until this became prohibited as it actually did tap the energy from the cables. It even resulted being possible to detect someone was tapping the power.
So here we are again, this time with power from radio waves. How much interference does this cost if we add to the scale? will the radio stations and wireless access points get reduced range by this? If so, don't be surprised that this technology too will be deemed illegal.
... Lightpeek will probably be an important technology for those seeking the best performance for a long time.
The reason USB 3.0 will be dominant is that it will for certain be much cheaper than an advanced fiber-optical cable which is bendable. I for one am concerned still how bendable it is - my guess is that it will be nowhere as safe as USB, and it will likely be substantially more expensive. Lightpeek might replace all other cables, and Intel might push it in their devices, but will others who now will have to pay Intel royalties every time? USB 3.0 is free to use and a much safer bet, however we will likely see both in premium machines. USB 3.0 will be fast enough for most people for now. We can also assume there will be an USB 4.0 coming when the demand actually gets there as they will accept paying Intel the royalties for the premium machines where they can recover the cost and at the same time earn money, but cannot recover the cost when we want that speed in a budget machine... My guess is that USB will remain relevant until we remove the cables permanently, maybe something like lightfleet (http://lightfleet.com/) but a version which would not get interrupted by someone walking in between or something.
Reading the article they talk about an older simpler problem not mentioning a birthdate resulting in probability of 1/3. This was wrong just as well as the Tuesday not being relevant.
The calculations in both cases failed to take into account that we did not know which boy where older as well. The list should not have been:
boy / boy
boy / girl
girl / boy
girl / girl ( impossible)
resulting in 2/3 probability the other was a girl and 1/3 for a boy. This is however wrong... It should have been listed as:
boy (1) / boy (2)
boy (2) / boy (1)
boy / girl
girl / boy
girl (1) / girl (2) (impossible)
girl (2) / girl (1) (impossible)
Resulting in 2/4 for both boy and girl giving the real result of 50%.
There are no indication as to whether the boy listed was the younger or older.
Adding the Tuesday information will now correctly not make any difference.
There is also another important difference. Music and movies are made to express something, they are usually not made upon demand.
Software on the other hand should be made because someone needs it. Anyone needing the software enough should be willing enough to pay the price to get it done, with open source, this additional work may be provided back to the community to ensure the company don't need to develop the same software again when ten versions later a serious problem is found in the old version. If they did not contribute back, they would now need to do the work again, but having contributed the code most likely made sure all the aspects the company needed has been taken care of, and even improved!
Software developers in the Open Source world do not expect to be selling millions of versions of any software - they expect to get a request for providing the functionality that a company demands, get paid for making what is needed, and move on to the next demand. The continuous improvement of the code base make Open Source the clear winner in the long run. There will not be any room for a Software company thinking the old way of make once, sell everywhere anymore.
Music and Movies on the other hand...
From experience I totally agree: ./ and other issues.
I myself tried to learn linux 3 times before I finally moved to the platform. I had my then had Redhat 5.2, SuSE, Mandrake, and some others before dropping out - the interfaces worked well, but I did not understand the fundamentals - expecially things like why I could not execute my programs etc - which I later on learned was - my programs where not in path and thus I had to make them executable and then use
All solutions - Ubuntu, Redhat, Slackware, etc use entirely different package managers etc. This was another huge problem for me - I was learned the Redhat way and had no understanding of how I could install things myself when I needed. This is a major issue.
Through my Linux experience in school which essentially was more about creating some basic C programs etc, I had yet no understanding of the way the system worked, why there was a /bin, /usr/bin, /usr/local/bin and so on, and I was close to drop Linux altogether.
I did make one last attempt - Linux from Scratch http://www.linuxfromscratch.org/ : Finally a project that helped me make sense of all the Unix systems!! It took me only one single week despite having to recompile all the code! The compilation time was time to learn the fundamentals - partitioning, file system considerations, Linux Standard Base : why some things are to be in /bin, others in /usr/bin or /usr/local/bin or /opt and so on.
As soon as I had finished the basic Linux from Scratch program, I had learned enough to use ANY Linux system; I moved to Gentoo at the time to make sure I did not forget what I had learned and improve some more. Today I use Redhat ES for servers and mostly Ubuntu for desktop.
1) Open Source is mainly a replacement of "built in house/customized software" than packaged software. You are approaching people who want full control rather than a generalized solution.
2) By returning the changes to the community, they can ensure other improvements done can be implemented cheaply in the future.
3) Other people and organizations may find that the new base is a start point for their organization too, and use it with or without modifications.
These steps are valuable for consultants, companies who want control and save money, etc. However, when a project grows quickly or is of a kind that is critical many people would desire someone to ensure them that next time they upgrade their solution it does not cause problems, or can be quickly resolved by someone, or someone who are liable to fix the issues should they occur in their system, then it might go to a new level for the maintainers:
4) The real money for a development company will not be there until sufficient amount of people or organizations want to pay for support.
Face it - Open Source is about mass customization. It is also about making the common a commodity - do not expect to sell things that are common needs for everyone for a massive price forever (word-processors, base operating systems, etc), The money will only come from supporting these application when the base is big enough.
Assuming you can sell your software to enough companies, you might not be interested in Open Sourcing it out - a large part of it all is weather you believe you will gain more on support by obtaining a larger number of users, or if you think the selling to and supporting less people bring more value.
I do agree there is a pain changing passwords constantly, and I can't say I like it any better where am working with two separate rolling passwords every 2 months.
I did however obtain a great tip on the net previously: Find yourself a 8 letter pass-phrase but leave two spots empty: example "_phrase_", "Phra__se" or something. Memorize the phrase except for the 2 letters you left out - this give you 3600 alternative passwords combinations to choose from! And you can write down these two letters. : Q!, : W*, and so on. Nobody can guess your phrase, so the password is still quite safe!
I am using one phrase for work, another for my personal stuff. Now every time I update my password I simply update these letters.
Sure, I am still at times typing the wrong password right after I have changed one, but after two tries I am sure to remember that I changed it, and what combination I changed to after last one.