>> Without a physical, voter-verifiable paper ballot, a user can never be sure what the machine did when they pushed the button to vote.
Doesn't hanging chad, duplicate marks, and all the other problems with paper type ballots make this a uniform problem, and not just one with electronic voting?
>> 2. Make the code open source.
Are the manfacturing specs available for the punch card machines? Or any other paper ballot machine? Are we allowed to take the machine apart and verify that it is manufactured to those specs?
I have to say that while electronic voting may not be totally secure, I do think it would be easier to fudge with the punch card machines to throw an election. And I could do it with much less skilled people. Hire someone to bend a punch, so it doesn't always punch the hole correctly. Have a slightly longer punch, so more duplicate punches show up. Fill in the dot cards? shouldn't be too hard to figure out how to smudge the dots a little.
Paper votes for a recount? Only if we recount 7 times and the first time we get 4 totals that match do they count.
If you own a car and let anyone drive it, and one of them causes damage then you are responsible.
Same liability here, you own it you are responsible for the people you let use it. It doesn't matter if you know what their name is or what they are using it for.
It is a little different if you are not letting others use it and they take it from your control.
But then that is what we are saying we want to happen, we want people to just take what they want and not have to worry about the owners intentions.
>> How many false positives does their brain-dead software flag up?
I didn't think it was that many. Seems like it was fewer then a half dozen that I have paid attention to. Are there that many more?
Of course there is also the question of whether they identified the wrong individual or if the ISP gave the wrong information. I haven't seen anything that said how the wrong people were identified.
>> Most advanced scripts, especially javascript, have had wildly different implementations with reality (HTML standard) and fantasy world (IE).
I think you will find that if runs in your "reality" world that it can run in IE. Just because IE makes somethings so much easier we do it that way instead of jumping through the hoops to make other browsers work. And last I looked the "standard" DOM was lacking a lot in functionality that was useful.
>> This is a market barrier but also an abuse of standards.
Your bank coding to IE and not some universal standard is because of MS? How? They didn't write the webpages, they didn't have anything to do with it other then provide useful 'features'. They benifit from it, I will agree with that. But all they did was give the developer a shortcut, it was the developer who ignored the standards.
But you will pay for it if it is installed or not. Do you think that if it is not installed it didn't cost anything to develope? That if they don't install it that the cost of R&D disappears?
Actually you will probably have to pay more if it is not there. You will not only pay for it, but you will also pay for the replacement help system, the replacement file viewer, and the replacement formatting language development. These are all things that the IE engine is used for that would have to have an alternative.
Having a standard api there that can display files is a bonus for almost anyone. Replacing it with something else may help some, but it will actually cause more problems for others.
There is a huge convience factor for anyone who needs to display a file, they know that API is there and it will display the file.
When the COM interface gets done for Mozilla (are they still working on it?) then there might be a way to pick a different rendering engine. But for now I can either display plain text in Notepad or HTML with the IE engine. Not much else is going to be there for sure.
>> Symantec should concentrate more on making their crappy AV software work better and resist disabling by virii better
That's what we need. More software that won't let the user or system disable it. That will be a big help. NOT.
We need more press releases from Symantec and other security companies informing the public about what is happening and how to protect themseleves and others from it. That will help, not more software that can't be turned off.
>>Worms, Adware, Spyware, bad user habits, and just plain crappy commercial software, are all just a bit more than a typical Windows OS installation can handle.
And this makes Windows a piece of crap?
There isn't an OS that can handle all of that. I can write crappy software that will cause problems on almost anything. Worms? They are availiable for just about any (if not all) OS there is. Bad user habits? How can an OS do anything about that? If I want to run as root, is that RedHat's fault? Spyware, keyloggers, network sniffers and all of that is just the user running programs. The OS (ESPECIALLY MICROSOFT) had better NOT tell me what programs I can run on my machine! I want to download and install 6 copies of Gater it had better let me. And it's not the OS's fault if I do. It's not the OS's fault if I do it and don't know what I am doing.
There are many reasons an OS might be a piece of crap. Hard to code for, missing functionality, OS itself have access violations, hard to use, and on and on.
But the reasons you gave just prove the OS is popular, not a piece of crap.
And how would you explain 98 being more stable under VMWARE?
VMWARE doesn't replace any of the OS does it? Just provide a simulated hardware enviroment for it?
A comment like this would lead me to believe that the instability without VMWARE is either from bad hardware, or flakey hardware drivers for non-emulated hardware.
>> Perhaps but at the same time the music industry also has a very popular contract standard that doesn't give an artist a right to decide on the free distribution of music.
I believe the ONLY distribution that the RIAA can have any say over is with music they have a contract with. If the rights have not been signed over to them you may distribute it any way you want.
This really has nothing to do with the RIAA. If you want to control the way your music (or films) are distributed then don't sign the rights to them over to ANYONE.
While you make a good arguement, it just doesn't hold water.
They are worried about someone hearing something new? But they are only going after people sharing the music they already control. They don't sue you for sharing an independent's music. They are telling you to ONLY share music of the independent that want's their music shared.
If you want people to find new music you need to support the RIAA and tell people to stop sharing music controlled by the RIAA and only share music of independent musicians.
But he didn't show any new vulnerability. All he did was take one that was already known, modify it to steal people's information.
What is good about that?
Someone comes along and kills you and we say "See he was just showing us that killing is still bad"? He says it was easy to do so it was your fault, so we let him go?
Is killing different then stealing? Yes, but wrong used to be wrong no matter what. It doesn't matter how easy it was to do, it was still wrong and should not be tolerated.
When was the last virus that used Outlook to do anything but read the email and have the user execute an executable?
In fact didn't most of the virus in May require the user to unzip the email with a password before it ran?
My point is that we are past the access that Outlook has to the OS. We are way into the users proving they will jump through hoops to run a program from an unknown source.
Although I will admit that some of them actually were faking coming from a trusted source (your ISP) pretty well.
Why is it the first thing I noticed about your list is that MS programs worked and non-MS didn't? More hidden API's? Or just companies not following the rules?
I sure hope your parents can continue to support you:)
As for your dreams of being sued by the RIAA, I hope you don't loose too much sleep over it. If you haven't noticed they are only worried about people who are sharing music that they control. They couldn't care less about local bands without a contract with them.
But who might sue you is one of your local bands that didn't give you permission. They might want to control who and how their music is distributed.
Enforce strict HELO/EHLO checks on your mail server and you lose incoming email from ANY misconfigured mail server.
As for them providing a documented way to change it, it's one of the configuration fields. A quick search in yahoo found several pages showing how to set name sent. Several of them pointing to pages on microsoft.com.
Now admins may not know what name should be set and enter the wrong one. Nothing server software can do about that.
Slashdot Mirror
AOL Broadband has slow speeds?
AOL Broadband has a dialer program?
Crappy service, maybe. But I think you forgot to even read the title of the article, much less the article itself.
>> Without a physical, voter-verifiable paper ballot, a user can never be sure what the machine did when they pushed the button to vote.
Doesn't hanging chad, duplicate marks, and all the other problems with paper type ballots make this a uniform problem, and not just one with electronic voting?
>> 2. Make the code open source.
Are the manfacturing specs available for the punch card machines? Or any other paper ballot machine? Are we allowed to take the machine apart and verify that it is manufactured to those specs?
I have to say that while electronic voting may not be totally secure, I do think it would be easier to fudge with the punch card machines to throw an election. And I could do it with much less skilled people. Hire someone to bend a punch, so it doesn't always punch the hole correctly. Have a slightly longer punch, so more duplicate punches show up. Fill in the dot cards? shouldn't be too hard to figure out how to smudge the dots a little.
Paper votes for a recount? Only if we recount 7 times and the first time we get 4 totals that match do they count.
This would be hard if the number is going down. If the number is going down they must be taking someone off the list.
So how does explain all the people paying for Cable/DSS TV? They get a cheap TV and then pay many times more then that for the programming.
How about phone service? Especially cell phones. Get a cheap phone and then pay monthly for the use of it.
We like to think that software is different, but to most of the population it ends up being like many other things they pay for.
If you own a car and let anyone drive it, and one of them causes damage then you are responsible.
Same liability here, you own it you are responsible for the people you let use it. It doesn't matter if you know what their name is or what they are using it for.
It is a little different if you are not letting others use it and they take it from your control.
But then that is what we are saying we want to happen, we want people to just take what they want and not have to worry about the owners intentions.
>> How many false positives does their brain-dead software flag up?
I didn't think it was that many. Seems like it was fewer then a half dozen that I have paid attention to. Are there that many more?
Of course there is also the question of whether they identified the wrong individual or if the ISP gave the wrong information. I haven't seen anything that said how the wrong people were identified.
I wonder what would happen if people had the choice between going to a movie in two places, one that jammed cell phones and one that didn't.
You are saying that you would go to the one that didn't jam, while I think I would go to the one that did jam.
I think that if businesses can decide which they want to do it would be a good thing for everyone.
>> Most advanced scripts, especially javascript, have had wildly different implementations with reality (HTML standard) and fantasy world (IE).
I think you will find that if runs in your "reality" world that it can run in IE. Just because IE makes somethings so much easier we do it that way instead of jumping through the hoops to make other browsers work. And last I looked the "standard" DOM was lacking a lot in functionality that was useful.
>> This is a market barrier but also an abuse of standards.
Your bank coding to IE and not some universal standard is because of MS? How? They didn't write the webpages, they didn't have anything to do with it other then provide useful 'features'. They benifit from it, I will agree with that. But all they did was give the developer a shortcut, it was the developer who ignored the standards.
But you will pay for it if it is installed or not. Do you think that if it is not installed it didn't cost anything to develope? That if they don't install it that the cost of R&D disappears?
Actually you will probably have to pay more if it is not there. You will not only pay for it, but you will also pay for the replacement help system, the replacement file viewer, and the replacement formatting language development. These are all things that the IE engine is used for that would have to have an alternative.
Having a standard api there that can display files is a bonus for almost anyone. Replacing it with something else may help some, but it will actually cause more problems for others.
There is a huge convience factor for anyone who needs to display a file, they know that API is there and it will display the file.
When the COM interface gets done for Mozilla (are they still working on it?) then there might be a way to pick a different rendering engine. But for now I can either display plain text in Notepad or HTML with the IE engine. Not much else is going to be there for sure.
>> I have a viable alternative to insurance. Be a student with absolutly nothing to your name. Nothing.
This works if you are always going to be a student and NEVER have anything in your life.
And let me point out that your life could last a long time.
I may not have much now, but I will someday. And I want to make sure when I get it I get to keep it.
>> Symantec should concentrate more on making their crappy AV software work better and resist disabling by virii better
That's what we need. More software that won't let the user or system disable it. That will be a big help. NOT.
We need more press releases from Symantec and other security companies informing the public about what is happening and how to protect themseleves and others from it. That will help, not more software that can't be turned off.
>>Worms, Adware, Spyware, bad user habits, and just plain crappy commercial software, are all just a bit more than a typical Windows OS installation can handle.
And this makes Windows a piece of crap?
There isn't an OS that can handle all of that. I can write crappy software that will cause problems on almost anything. Worms? They are availiable for just about any (if not all) OS there is. Bad user habits? How can an OS do anything about that? If I want to run as root, is that RedHat's fault? Spyware, keyloggers, network sniffers and all of that is just the user running programs. The OS (ESPECIALLY MICROSOFT) had better NOT tell me what programs I can run on my machine! I want to download and install 6 copies of Gater it had better let me. And it's not the OS's fault if I do. It's not the OS's fault if I do it and don't know what I am doing.
There are many reasons an OS might be a piece of crap. Hard to code for, missing functionality, OS itself have access violations, hard to use, and on and on.
But the reasons you gave just prove the OS is popular, not a piece of crap.
And how would you explain 98 being more stable under VMWARE?
VMWARE doesn't replace any of the OS does it? Just provide a simulated hardware enviroment for it?
A comment like this would lead me to believe that the instability without VMWARE is either from bad hardware, or flakey hardware drivers for non-emulated hardware.
>> Perhaps but at the same time the music industry also has a very popular contract standard that doesn't give an artist a right to decide on the free distribution of music.
I believe the ONLY distribution that the RIAA can have any say over is with music they have a contract with. If the rights have not been signed over to them you may distribute it any way you want.
This really has nothing to do with the RIAA. If you want to control the way your music (or films) are distributed then don't sign the rights to them over to ANYONE.
>> What about music I "licensed" in the past?
Just follow the license that you purchased it under. If it says you can copy it, then copy it. If it says you are not allowed to copy it, then don't.
If you don't like the terms of it, then read the license better next time BEFORE you buy the product.
While you make a good arguement, it just doesn't hold water.
They are worried about someone hearing something new? But they are only going after people sharing the music they already control. They don't sue you for sharing an independent's music. They are telling you to ONLY share music of the independent that want's their music shared.
If you want people to find new music you need to support the RIAA and tell people to stop sharing music controlled by the RIAA and only share music of independent musicians.
And at that point we will be distributing copyrighted work that belongs to someone with less money. We still won't pay for it.
And this is better how?
I thought he modified the virus to allow him to take control of the computers and steal information from them.
Stealing from me is something I frown on, I don't care how old the individual is.
I am in favor of making sure he does not attempt it again, and that others are discouraged from doing the same thing.
I would support this!
And I don't think we would have to more then 3 make it all the through death row and almost all the virus would stop.
But he didn't show any new vulnerability. All he did was take one that was already known, modify it to steal people's information.
What is good about that?
Someone comes along and kills you and we say "See he was just showing us that killing is still bad"? He says it was easy to do so it was your fault, so we let him go?
Is killing different then stealing? Yes, but wrong used to be wrong no matter what. It doesn't matter how easy it was to do, it was still wrong and should not be tolerated.
When was the last virus that used Outlook to do anything but read the email and have the user execute an executable?
In fact didn't most of the virus in May require the user to unzip the email with a password before it ran?
My point is that we are past the access that Outlook has to the OS. We are way into the users proving they will jump through hoops to run a program from an unknown source.
Although I will admit that some of them actually were faking coming from a trusted source (your ISP) pretty well.
Why is it the first thing I noticed about your list is that MS programs worked and non-MS didn't? More hidden API's? Or just companies not following the rules?
I sure hope your parents can continue to support you :)
As for your dreams of being sued by the RIAA, I hope you don't loose too much sleep over it. If you haven't noticed they are only worried about people who are sharing music that they control. They couldn't care less about local bands without a contract with them.
But who might sue you is one of your local bands that didn't give you permission. They might want to control who and how their music is distributed.
Except that downloading RIAA music from most P2P sources is more like a customer placing a block of cheese in the store so people can sample it.
There is a difference between the store giving away the sample willingly and the customer just handing out samples because they want to.
If the store doesn't want to give away free samples they don't have to allow it. So why do we expect anyone else to be forced to give them away?
Enforce strict HELO/EHLO checks on your mail server and you lose incoming email from ANY misconfigured mail server.
As for them providing a documented way to change it, it's one of the configuration fields. A quick search in yahoo found several pages showing how to set name sent. Several of them pointing to pages on microsoft.com.
Now admins may not know what name should be set and enter the wrong one. Nothing server software can do about that.