For those few who do not have a Google bookmark (or have a built-in window a la Safari and Firefox), they can likely type "google.com" into their browser faster than...(they're already typing in their query). "search.msn.com" is just, for lack of a better word, ugly.
Who says that users must type search.msn.com in their URL text entry field? Microsoft could modify the apps so that everything that doesn't look like a URL will be automatically redirected towards search.msn.com. It would be actually even easier for users to search stuff: just type in what you need and voila, MSN search spits out a page of results.
Competition is always good for the user. There are not so many (relevant) spiders out there, and now that msnbot joined the small party, one can expect more results out of *metasearch* engines.
The real issue here is potential lockdown by Microsoft. They are in a position to do this, because they control the desktop of more than 90% of the population. Just like their.doc (and other) file formats, they may later modify the frontpage of search.msn.com in such a way, that it requires some proprietary MS-only application or library to get [quality] results. Like in: "Use *our* OS to search the web, or get lost, freak!"
Google wouldn't do this, because they don't control the desktop. They could theoretically too modify their front-end to force users to download some proprietary application to access their results; but it seems highly unlikely, regarding their past (and hopefully future) integrity. At least let's hope so.
Or am I just too paranoid w.r.t. Microsoft, and they are really trying genuinely to "play nice" this time?
...can the owner of a blog ever be held responsible for content posted on the site?
IANAL, but: the blog owner is responsible for the content, because he *directly* provides the platform to publish it and because he has the technical means to edit its contents. He must use due dilligence by eye-scanning the content regularly and purging illegal stuff.
In many (though not all) countries, blog owners can be held responsible, because they are considered being some kind of press editors. Even when they are not being awarded press status, they are still responsible as individuals.
And what about the ISP that actually owns the server
ISPs themselves are seldom held responsible, though they are required by law (in most countries) to react to complaints once they receive them.
Some ISPs can take down sites with illegal content themselves, when the illegality is very obvious even to the layman. Other ISPs prefer to wait for a court order to do so, because they prefer to avoid legal trouble with their customers.
To summarize: it depends in which country the ISP, the blog owner, and other parties are located.
I love ports - my understanding is it is much like Gentoo
Actually, Gentoo borrowed the ports system from BSD. We've already had ports since FreeBSD 2.0 (perhaps even earlier). Gentoo didn't even exist back then:)
(Never used it, but I like the idea of compiling the whole distribution from scratch - takes a while, but many things are much easier that way)
One other reason is that it is always a good idea to have the sources to the system AND ports handy, just in case you want to security-audit something, or play around a bit. Using ports, you will always be sure that your sources and the binaries are in sync.
Hmmm... I tried to boot NetBSD 2.0 on my EPIA 5000 (Eden) mini-ITX board, to no avail (FreeBSD 5.3 ran just fine). But in general terms it's absolutely true. NetBSD is the most portable OS in the world.
a generous guess of $5 a month in saved energy costs
Just curious, but how much do you pay per kWh, including all taxes?
Some regions of the world put horrendous taxes on electricity, and every saved kWh translates into real money, not just spare change. I know people who even switched to fanless mini-ITX boards just for this reason, and they were amazed at the huge savings in energy bills.
So it all depends upon the geographic region where you're currently living.
Anyone involved with the PANIX outage or otherwise stolen domains should really write their comments there. Please help bring ICANN back to their senses. Without public comments, they may even think that everything's fine with their screwed domain transfer policy.
Keep in mind while it's theoretically possible, it's not actually practically pssible to change the IP addresses of the root serevrs; they're embedded in too many places. They shouldn't be, but they are.
Why should this be a problem? There are two solution here:
1. the primary root server admins decide to change NS records for.net,.com etc... so that they point to servers run by volunteers.
2. the network admins (also volunteers in most cases) change the BGP advertisements and reroute traffic from and to the DNS root to other servers run by volunteers.
There's nothing really magic about the IP addresses in the bootstrap files on all computers in the world. Either the admins of those servers decide to ignore the ICANN cartel and provide links to free gTLD and ccTLD servers, or they get routed around by the network guys, if they refuse to cooperate.
In other words: should ICANN one day get too cheesy and irresponsive to the needs of professionals, they'll quickly become irrelevant. At least technically, that is.
This is nonsense. DeNIC does not require paperwork, and did not require paperwork, at least not since i'm in the business (since 1995).
Ah, okay. Thank you for the clarification. There's a lot of FUD going on w.r.t. DeNIC.
But your "outside the US" argument is inacceptable. I for one am not too happy to have my.net registrations under US jurisdiction, so the problem is the same, be it US or be it germany.
Yes, you have a point here. However, the.net gTLD has always been under US jurisdiction (not that it is any better or worse than other jurisdictions; please don't get me wrong here). Changing the rules for already registered domains could prove really problematic. Some domains that are perfectly legit in the US could be banned in Germany (or vice-versa), and moving the complete registry from one jurisdiction to another is like opening up a window of opportunity to *a lot* of lawsuits. Mind you, your courts won't be all that happy about the additional burden:)
There's nothing wrong with gTLD registries outside the US, like, say,.info or.name. The point here is that they didn't move between jurisdictions in the first place. That's the biggest difference between those gTLDs that are outside the US, and.net, that has been in the US and would move outside (DeNIC or whatever).
Aren't those guys extremely burocratic w.r.t. domain transfers etc? Didn't they require real paperwork to transfer domains in their.de ccTLD (at least in the past)? Anyone with DeNIC experience cares to comment or explain?
There's also another point here: transferring.net to a ccTLD operator would also mean that all.net domains would be subject to the national laws of that operator's country. Do we really want the whole.net domain managed by an entity outside the US, governed by totally different rules and regulations?
This is by no means a rebuttal of or prejudice against DeNIC eG or other ccTLD operators. I'm just a bit worried that such a transfer would affect existing domains in negative ways (like less legal protection, higher legal costs, UDRP overrides, etc...).
P4 systems are dirt cheap nowadays, but there's a big caveat for those migrating from low-end systems: you'll be surprised how much power those P4 eat. If you happen to live in California (or other parts of the world with very high taxes on utilities bills), you won't like your P4 for very long.
If you can live with lower speeds, go for a mini-itx based system, like the EPIA 5000 (roughly a 350MHz Celeron). Depending on the processor, some systems are entirely fanless, which is great if you like silent computers! You can build up a mini-itx system for as little as $300 ($80 for the mobo+cpu, $80 for a 512 MB PC133 RAM stick, $100 for a fanless ATX DC-DC converter + AC-Adapter, and the rest for a 2.5" harddrive).
Now to go back on topic: xfce runs perfectly fine on those low-end EPIA 5000 systems with FreeBSD and Linux.
Is there any law which says that I have to hand out the key?
First of all, only people with a warrent have the power to enter your home and search your hard drive. If you let someone else in, it's your problem.
In most juristications, you can be FORCED to hand out the key to your encrypted partitions, but only if the judge sees a reasonable reason suspicition.
There's an easy work-around though, but it has not yet been technically implemented in GBDE, CFS or other crypto filesystems: use multiple keys for different purposes. If you provide them key1, you'll get at something irrelevant. They'll see that you're cooperating and will give up harrassing you. Once you're safe again, use key2 to decrypt the bits that really matter.
While this can happen to every gTLD domain, some (if not most) ccTLD domains are safe, if they are managed by a single operator. The problem here is that ICANN invented an incredibly stupid inter-registrar procedure for registrars that compete on a single registry. So the only way to solve this problem is to revert back to the previous rule (deny transfer unless explicitely approved by admin contact).
The reason behind ICANN's change of policy was, of course, to tackle the situation when a registrar goes out of business (or stays irresponsive for whatever reason), a transfer without their involvement would still be possible. Or when the ISP hosting the admin contact emails goes down or closes that account. Anyway: a solution to this problem would be that the newly acquiring registrar requests physical paperwork (a signed fax or something similar) from the domain owner or its admin contact prior to domain transfer.
A registrar should NEVER be allowed to assume that the transfer has been approved without the admin contact jumping through some (safety) hoops. At least, it should NEVER EVER assume that not replying to a transfer notice consitutes approvement. This also includes replies sent by C/R systems, which MUST NOT be construed as an automatic approval.
It's IMHO incredibly stupid from ICANN not to have tought about this more seriously before putting the whole inter-registrar system in jeopardy.
My wish would be an (optional!) MSIE compatible rendering engine, that would show web pages as they would in IE. Bug-for-bug compatible, if at all possible, and, of course, must run on non-Windows systems as well. It doesn't need to be fancy (like ActiveX etc...), just show HTML+CSS like they would appear on MSIE please!
FULL ACK! I would happily shell out real money to buy MSIE or MS-Office for Linux or FreeBSD. Being forced to use some flavor of Windows just because these apps are not available for other platforms is kinda insulting. If MSFT started playing nice this way, they would not only gain a better reputation (not that they needed it anyway!) and sympathy, but also customers in the FOSS camp.
The problem is with IE that is not idiot proof enough.
Hmmm... if IE bugs were then only problem here, it would be absolutely meaningless. As you point out, redirections happen all the time, and who's still using IE nowadays knows what to expect from a security point of view.
The point here is a breach of privacy. A program jumps to some obscure and unknown website without asking you in the first place. If IE does it, well, that's what a web browser is expected to do. But most naive or uninformed users don't expect Media Player to leave a trail behind it on servers they never heard about. That's the real problem that should be tackled. Microsoft's lawyers probably tugged a provision regarding this in their EULAs, so users are as always powerless to do anything about it, but they should know about such tactics on a largest possible scale anyway.
Hey, that's a great idea [...] to crack down on spam.
That was intended from the start!:-) Or let your representative know that terrorists [could] use the "spam network" to hide their tracks... and pronto! spam will be outlawed faster than you can say Rolex!
Just running the application, without an actual torrent being transfered, consumes 23 MB of memory (on Windows) -- for that cheesy, very simplistic little GUI.
Python itself is awesome when it comes to rapid prototyping. But nothing forces you to use it. ctorrent is a nice BT CLI client written in C, which won't use that much memory. Remember: it's about the protocol itself. As soon as it stabilizes, the apps could be recoded in C.
The problem with Kenosis is, of course, it's reliance upon a central DNS server to point to a list of distributed trackers. Many will undoubtely point out, that this DNS server could be taken off, and that's it.
Now how can we really circumvent this problem? One solution would be to advertize a list of DNS resolvers on USENET. A preconfigured list of newsgroups could be used to bootstrap this, and new usegroups (should the original newsgroups get closed) could be regularly advertized as well. A client would just go to those newsgroups, and fetch the updated list of DNS servers, newsgroups etc...
This system would be much more resilient to attacks by RIAA or MPAA because they won't have a single point to attack. Closing newsgroups is much more difficult than taking one DNS server from the upper zone.
Another way to advertize the DNS servers would be via spam! Yes, you didn't misread this. One can easily encode the location of DNS servers in spams and have clients read those spams, effectively extracting an updated list every now and then!
This is very important, because spam is already used as a covert channel to prevent traffic analysis. Specialy crafted spam checkers can extract useful information from spams. One such information would be the distributed location of trackers (or DNS servers that point to them).
Just because it's unethical (to piggy back useful data on top of spam), doesn't mean that it's not already used on a quite wide scale. There's no reason why it shouldn't work on a new generation of distributed BitTorrent trackers!
Slashdot Mirror
I am surprised that GNU would go for that.
Why are you surprised? Was Mach released under GPL?
The point here is that everything written on top of L4Ka::Pistachio for the Hurd/L4 project is GPLed. So, me thinks, it's still GNU compliant enough.
For those few who do not have a Google bookmark (or have a built-in window a la Safari and Firefox), they can likely type "google.com" into their browser faster than...(they're already typing in their query). "search.msn.com" is just, for lack of a better word, ugly.
Who says that users must type search.msn.com in their URL text entry field? Microsoft could modify the apps so that everything that doesn't look like a URL will be automatically redirected towards search.msn.com. It would be actually even easier for users to search stuff: just type in what you need and voila, MSN search spits out a page of results.
That's the "beauty" of desktop dominance.
Competition is always good for the user. There are not so many (relevant) spiders out there, and now that msnbot joined the small party, one can expect more results out of *metasearch* engines.
The real issue here is potential lockdown by Microsoft. They are in a position to do this, because they control the desktop of more than 90% of the population. Just like their .doc (and other) file formats, they may later modify the frontpage of search.msn.com in such a way, that it requires some proprietary MS-only application or library to get [quality] results. Like in: "Use *our* OS to search the web, or get lost, freak!"
Google wouldn't do this, because they don't control the desktop. They could theoretically too modify their front-end to force users to download some proprietary application to access their results; but it seems highly unlikely, regarding their past (and hopefully future) integrity. At least let's hope so.
Or am I just too paranoid w.r.t. Microsoft, and they are really trying genuinely to "play nice" this time?
Because they feel the need to crawl web pages roughly 5 times as much as Google does.
Perhaps the OS their spiders are running on bluescreens every now and then, so they need to rescan freqently between reboots?
IANAL, but: the blog owner is responsible for the content, because he *directly* provides the platform to publish it and because he has the technical means to edit its contents. He must use due dilligence by eye-scanning the content regularly and purging illegal stuff.
In many (though not all) countries, blog owners can be held responsible, because they are considered being some kind of press editors. Even when they are not being awarded press status, they are still responsible as individuals.
And what about the ISP that actually owns the server
ISPs themselves are seldom held responsible, though they are required by law (in most countries) to react to complaints once they receive them.
Some ISPs can take down sites with illegal content themselves, when the illegality is very obvious even to the layman. Other ISPs prefer to wait for a court order to do so, because they prefer to avoid legal trouble with their customers.
To summarize: it depends in which country the ISP, the blog owner, and other parties are located.
Also tried w3m? It's quite good too, though it has shortcomings of its own.
I love ports - my understanding is it is much like Gentoo
Actually, Gentoo borrowed the ports system from BSD. We've already had ports since FreeBSD 2.0 (perhaps even earlier). Gentoo didn't even exist back then :)
(Never used it, but I like the idea of compiling the whole distribution from scratch - takes a while, but many things are much easier that way)
One other reason is that it is always a good idea to have the sources to the system AND ports handy, just in case you want to security-audit something, or play around a bit. Using ports, you will always be sure that your sources and the binaries are in sync.
NetBSD = Most universal runs anywhere..
Hmmm... I tried to boot NetBSD 2.0 on my EPIA 5000 (Eden) mini-ITX board, to no avail (FreeBSD 5.3 ran just fine). But in general terms it's absolutely true. NetBSD is the most portable OS in the world.
a generous guess of $5 a month in saved energy costs
Just curious, but how much do you pay per kWh, including all taxes?
Some regions of the world put horrendous taxes on electricity, and every saved kWh translates into real money, not just spare change. I know people who even switched to fanless mini-ITX boards just for this reason, and they were amazed at the huge savings in energy bills.
So it all depends upon the geographic region where you're currently living.
Anyone involved with the PANIX outage or otherwise stolen domains should really write their comments there. Please help bring ICANN back to their senses. Without public comments, they may even think that everything's fine with their screwed domain transfer policy.
Keep in mind while it's theoretically possible, it's not actually practically pssible to change the IP addresses of the root serevrs; they're embedded in too many places. They shouldn't be, but they are.
Why should this be a problem? There are two solution here:
There's nothing really magic about the IP addresses in the bootstrap files on all computers in the world. Either the admins of those servers decide to ignore the ICANN cartel and provide links to free gTLD and ccTLD servers, or they get routed around by the network guys, if they refuse to cooperate.
In other words: should ICANN one day get too cheesy and irresponsive to the needs of professionals, they'll quickly become irrelevant. At least technically, that is.
This is nonsense. DeNIC does not require paperwork, and did not require paperwork, at least not since i'm in the business (since 1995).
Ah, okay. Thank you for the clarification. There's a lot of FUD going on w.r.t. DeNIC.
But your "outside the US" argument is inacceptable. I for one am not too happy to have my .net registrations under US jurisdiction, so the problem is the same, be it US or be it germany.
Yes, you have a point here. However, the .net gTLD has always been under US jurisdiction (not that it is any better or worse than other jurisdictions; please don't get me wrong here). Changing the rules for already registered domains could prove really problematic. Some domains that are perfectly legit in the US could be banned in Germany (or vice-versa), and moving the complete registry from one jurisdiction to another is like opening up a window of opportunity to *a lot* of lawsuits. Mind you, your courts won't be all that happy about the additional burden :)
There's nothing wrong with gTLD registries outside the US, like, say, .info or .name. The point here is that they didn't move between jurisdictions in the first place. That's the biggest difference between those gTLDs that are outside the US, and .net, that has been in the US and would move outside (DeNIC or whatever).
See my problem?
Aren't those guys extremely burocratic w.r.t. domain transfers etc? Didn't they require real paperwork to transfer domains in their .de ccTLD (at least in the past)? Anyone with DeNIC experience cares to comment or explain?
There's also another point here: transferring .net to a ccTLD operator would also mean that all .net domains would be subject to the national laws of that operator's country. Do we really want the whole .net domain managed by an entity outside the US, governed by totally different rules and regulations?
This is by no means a rebuttal of or prejudice against DeNIC eG or other ccTLD operators. I'm just a bit worried that such a transfer would affect existing domains in negative ways (like less legal protection, higher legal costs, UDRP overrides, etc...).
P4 systems are going for $500
P4 systems are dirt cheap nowadays, but there's a big caveat for those migrating from low-end systems: you'll be surprised how much power those P4 eat. If you happen to live in California (or other parts of the world with very high taxes on utilities bills), you won't like your P4 for very long.
If you can live with lower speeds, go for a mini-itx based system, like the EPIA 5000 (roughly a 350MHz Celeron). Depending on the processor, some systems are entirely fanless, which is great if you like silent computers! You can build up a mini-itx system for as little as $300 ($80 for the mobo+cpu, $80 for a 512 MB PC133 RAM stick, $100 for a fanless ATX DC-DC converter + AC-Adapter, and the rest for a 2.5" harddrive).
Now to go back on topic: xfce runs perfectly fine on those low-end EPIA 5000 systems with FreeBSD and Linux.
Doesn't the rule that you can't be forced to incriminate yourself prevent this?
That's a good point! I didn't think of it. Thanks for pointing it out!
In most juristications,
s/juristications/jurisdictions/
Is there any law which says that I have to hand out the key?
First of all, only people with a warrent have the power to enter your home and search your hard drive. If you let someone else in, it's your problem.
In most juristications, you can be FORCED to hand out the key to your encrypted partitions, but only if the judge sees a reasonable reason suspicition.
There's an easy work-around though, but it has not yet been technically implemented in GBDE, CFS or other crypto filesystems: use multiple keys for different purposes. If you provide them key1, you'll get at something irrelevant. They'll see that you're cooperating and will give up harrassing you. Once you're safe again, use key2 to decrypt the bits that really matter.
While this can happen to every gTLD domain, some (if not most) ccTLD domains are safe, if they are managed by a single operator. The problem here is that ICANN invented an incredibly stupid inter-registrar procedure for registrars that compete on a single registry. So the only way to solve this problem is to revert back to the previous rule (deny transfer unless explicitely approved by admin contact).
The reason behind ICANN's change of policy was, of course, to tackle the situation when a registrar goes out of business (or stays irresponsive for whatever reason), a transfer without their involvement would still be possible. Or when the ISP hosting the admin contact emails goes down or closes that account. Anyway: a solution to this problem would be that the newly acquiring registrar requests physical paperwork (a signed fax or something similar) from the domain owner or its admin contact prior to domain transfer.
A registrar should NEVER be allowed to assume that the transfer has been approved without the admin contact jumping through some (safety) hoops. At least, it should NEVER EVER assume that not replying to a transfer notice consitutes approvement. This also includes replies sent by C/R systems, which MUST NOT be construed as an automatic approval.
It's IMHO incredibly stupid from ICANN not to have tought about this more seriously before putting the whole inter-registrar system in jeopardy.
My wish would be an (optional!) MSIE compatible rendering engine, that would show web pages as they would in IE. Bug-for-bug compatible, if at all possible, and, of course, must run on non-Windows systems as well. It doesn't need to be fancy (like ActiveX etc...), just show HTML+CSS like they would appear on MSIE please!
There are very vew (good!) books about writing viruses. One of them is "The Shellcoder Handbook" by Koziol et. al.
Any other suggestions?
Split out the apps.
FULL ACK! I would happily shell out real money to buy MSIE or MS-Office for Linux or FreeBSD. Being forced to use some flavor of Windows just because these apps are not available for other platforms is kinda insulting. If MSFT started playing nice this way, they would not only gain a better reputation (not that they needed it anyway!) and sympathy, but also customers in the FOSS camp.
Oh well, let's keep hoping!
The problem is with IE that is not idiot proof enough.
Hmmm... if IE bugs were then only problem here, it would be absolutely meaningless. As you point out, redirections happen all the time, and who's still using IE nowadays knows what to expect from a security point of view.
The point here is a breach of privacy. A program jumps to some obscure and unknown website without asking you in the first place. If IE does it, well, that's what a web browser is expected to do. But most naive or uninformed users don't expect Media Player to leave a trail behind it on servers they never heard about. That's the real problem that should be tackled. Microsoft's lawyers probably tugged a provision regarding this in their EULAs, so users are as always powerless to do anything about it, but they should know about such tactics on a largest possible scale anyway.
Hey, that's a great idea [...] to crack down on spam.
That was intended from the start! :-) Or let your representative know that terrorists [could] use the "spam network" to hide their tracks... and pronto! spam will be outlawed faster than you can say Rolex!
Sure, like Pearl or Java,
Pearl? You mean Perl, right?
Just running the application, without an actual torrent being transfered, consumes 23 MB of memory (on Windows) -- for that cheesy, very simplistic little GUI.
Python itself is awesome when it comes to rapid prototyping. But nothing forces you to use it. ctorrent is a nice BT CLI client written in C, which won't use that much memory. Remember: it's about the protocol itself. As soon as it stabilizes, the apps could be recoded in C.
The problem with Kenosis is, of course, it's reliance upon a central DNS server to point to a list of distributed trackers. Many will undoubtely point out, that this DNS server could be taken off, and that's it.
Now how can we really circumvent this problem? One solution would be to advertize a list of DNS resolvers on USENET. A preconfigured list of newsgroups could be used to bootstrap this, and new usegroups (should the original newsgroups get closed) could be regularly advertized as well. A client would just go to those newsgroups, and fetch the updated list of DNS servers, newsgroups etc...
This system would be much more resilient to attacks by RIAA or MPAA because they won't have a single point to attack. Closing newsgroups is much more difficult than taking one DNS server from the upper zone.
Another way to advertize the DNS servers would be via spam! Yes, you didn't misread this. One can easily encode the location of DNS servers in spams and have clients read those spams, effectively extracting an updated list every now and then!
This is very important, because spam is already used as a covert channel to prevent traffic analysis. Specialy crafted spam checkers can extract useful information from spams. One such information would be the distributed location of trackers (or DNS servers that point to them).
Just because it's unethical (to piggy back useful data on top of spam), doesn't mean that it's not already used on a quite wide scale. There's no reason why it shouldn't work on a new generation of distributed BitTorrent trackers!