GNUnet is written in C. One buffer overflow exploit could compromise the whole network.
Not quite true IMHO: it's obviously not sufficient to compromise one client/server to compromise the whole network. If it was, it would be a piece of cake to take the existing source code and use it to build this "compromised" client/server.
If you want to compromise the whole network with one buffer overflow exploit, I guess you will have to find an exploit that works with all versions of GNUnet, and you will have to run it against all (ok, most) clients/servers on the network (most of the traffic seen by one computer on the network doesn't make sense for it, it just relays the packets to other computers).
Now come on. You know very well that there's a huge difference between what is happening in America today and what the Soviets did.
Sure. However:
I don't know about you, but I do not have any fear of being woken up in the middle of the night, thrown into a van, and being shipped off to some Siberian gulag just because I surfed the wrong website last night.
Well depending on your nationality, maybe you should... somewhat... See http://www.cbc.ca/news/background/arar/
I'm even more impressed with the other game, just below Tic Tac Toe: "Guess the number". Very nice game. I like the old-school spirit of your politicians.
It seems Firefox is still missing this "whole word only" checkbox in the search dialogue... or am I dumb or is there an extension for that or something?
Debian has made a good job maintaining the XFree86 packageports for a lot of architectures: alpha, arm, i386, m68k, mips, mipsel, powerpc, sparc, hppa, ia64 (this is why new versions of XFree86 often take a while to go from experimental to unstable). Debian switching to X.Org is a great loss for the XFree86 project.
Mmm well it's true that Stallman's position is not the same in the two cases. But he doesn't address the same problems, does he? The problems are a bit different in nature, and very different in scale (the life in the laboratory vs. shared repositories on Internet).
I don't know what he'd have said in the 70s about the repositories, but I think that today he would say the same things about passwords in the lab as he said back then.
I don't say you're completely wrong. But in the context I understand Stallman's position is tied to the "community" of the users. Like if I tell my family that I don't want the computer to be locked by passwords, which will prevent anyone (and me in particular) to fix things when necessary, and well can't we trust each other in this family !?
Thank you for providing a link to the text, which confirmed my impression that we're speaking about different kinds of "security" (and that the way you presented the quotes is misleading).
Here is a more comprehensive quote:
At the AI Lab, Stallman's political activities had a sharper-edged tone. During the 1970s, hackers faced the constant challenge of faculty members and administrators pulling an end-run around ITS and its hacker-friendly design. One of the first attempts came in the mid-1970s, as more and more faculty members began calling for a file security system to protect research data. Most other computer labs had installed such systems during late 1960s, but the AI Lab, through the insistence of Stallman and other hackers, remained a security-free zone.
For Stallman, the opposition to security was both ethical and practical. On the ethical side, Stallman pointed out that the entire art of hacking relied on intellectual openness and trust. On the practical side, he pointed to the internal structure of ITS being built to foster this spirit of openness, and any attempt to reverse that design required a major overhaul.
"The hackers who wrote the Incompatible Timesharing System decided that file protection was usually used by a self-styled system manager to get power over everyone else," Stallman would later explain. "They didn't want anyone to be able to get power over them that way, so they didn't implement that kind of a feature. The result was, that whenever something in the system was broken, you could always fix it."9
Through such vigilance, hackers managed to keep the AI Lab's machines security-free. Over at the nearby MIT Laboratory for Computer Sciences, however, security-minded faculty members won the day. The LCS installed its first password-based system in 1977. Once again, Stallman took it upon himself to correct what he saw as ethical laxity. Gaining access to the software code that controlled the password system, Stallman implanted a software command that sent out a message to any LCS user who attempted to choose a unique password. If a user entered "starfish," for example, the message came back something like:
I see you chose the password "starfish." I suggest that you switch to the password "carriage return." It's much easier to type, and also it stands up to the principle that there should be no passwords.10
Users who did enter "carriage return"-that is, users who simply pressed the Enter or Return button, entering a blank string instead of a unique password-left their accounts accessible to the world at large. As scary as that might have been for some users, it reinforced the hacker notion that Institute computers, and even Institute computer files, belonged to the public, not private individuals. Stallman, speaking in an interview for the 1984 book Hackers, proudly noted that one-fifth of the LCS staff accepted this argument and employed the blank-string password.
I guess it's just like development kernel versions... always evolving, not really suitable for the task of maintaining a package, since those who want to use the development version likely want the very latest version. Development versions can be built with "tools" like garnome.
Just wondering: how do you use tabs in a file browser? I use tabs in firefox to have several pages in the same window, but surely you're not speaking about several "opened folders" in one file browser?
I don't either. I just wanted to point out that nobody claims that "When a Windows vulnerability is patched, it is proof that closed source software is evil". The fact that a patch is realeased is not relevant, what matters is when it's released. This applies to both OSS and proprietary software.
I thought the original comment to which I responded showed some confusion as to what is criticized in MS products and patches. Of course, when/if a critical Linux vulnerability is patched three months after its discovery, it's as bad as if it were in an MS product.
Have a look at this page. The first significant pieces of information concerning elvish languages (Quenya, Sindarin, etc.) were published in the Lord of the Rings, appendices E and F to the third volume in particular. Since then, many readers wrote letters to Tolkien, asking for more information, and he answered. Some info was thus published in The Letters of J.R.R. Tolkien. Then you have the posthumous works (The Silmarillion with a linguistic index by Christopher Tolkien, based on his father's notes, The Unfinished Tales, the twelve volumes of The History of Middle-earth,...). Most significant is volume 5 from the History of Middle-earth: "The Lost Road and other Writings", which includes The Etymologies, ie. more than fifty pages of elvish roots, and the way they evolved in words in the various elvish tongues (all elvish tongues, and Quenya and Sindarin in particular, are related. All come ultimately from the "Common Elvish"). What's more, most of the names in Tolkien's world have a known meaning.
As for now: Christopher Tolkien (Tolkien's son) sent photocopies of most of his father's papers that are related to the languages of Middle-earth to a group of people who had been editing a fanzine (Vinyar Tengwar) on this topic for several years, with the authorization for them to publish all the material. Thus more and more information is being published concerning Tolkien's languages. "Small" works are published in Vinyar Tengwar, while more comprehensive ones are published in Parma Eldalamberon (most notable are issues 11, 12, 13 and 14. Issue 11 includes the so called "Gnomish Lexicon", Gnomish being an "early version" of Sindarin, and issue 12 the "Qenya Lexicon", Qenya being an "early version" of Quenya, though this is an over-simplification). There are thousands of pages waiting to be published, including detailed grammatical descriptions, etc.
Where is the dictionary, verbs conjugations, grammatical constructs, gender treatments etc etc?
The website Ardalambion given in another comment will give you this kind of information, though it represents the view of its author (Helge Fauskanger), which are sometimes subject to controverse. There is a comprehensive Sindarin dictionary compiled by Didier Willis, which you can download on his website Hisweloke (DragonFlame 2.0 is the best way to get the latest version, but it's a Windows program. However, it uses QT and is licensed under the GPL so anyone is welcomed to port it to Unix).
To what degree can complex and subtle nuances be expressed in this one-man made up language?
Tolkien himself wondered how much poetry, etc. an invented language could really reach (see The Monsters and The Critics). But he was of course technically able to build quite complex sentences, with subtle nuances, etc. "one-man language", yet the work of more than half a century (he started devising these tongues in the second decade of the century, and refined them until his death in 1973). However, it's virtually impossible for anyone else to compose a "new" complex elvish sentence, ie a sentence about which one could say "this is true elvish". One reason for that is that Tolkien always changed his mind, his languages were not fixed in any way (though he felt "bound" by the published material). But even if all the published material was "consistent", there would still be huge lacunes in the available knowledge. This may change when more material is published in Vinyar Tengwar / Parma Eldalamberon... But note that most "experts" don't consider "movie-elvish" as genuine. Some even call this neo-Sindarin "mishmash"...
What I think is that WE pay to influence USA/EU standards. It's just a bit more perverse, since everytime we buy Windows/Office whatever our payments go to Microsoft instead of USE/EU governments/organizations...
When your system crashes, that's it: the system crashed. A problem in one third party application made the system crash, where the worst should have been a crash of the application alone. The system failed.
When you "hack" a system using a flaw in a third party application, this doesn't mean that the system failed in some way: from its point of view, everything is right. It's not the system fault if the application begins using its privileges to do bad things.
http://www.co2andclimate.org
I would never expect everyone to agree with scientific predictions. But those people are a minority. I don't think that many countries would adhere to the Kyoto protocol it there weren't sufficiently convincing reasons to. I doubt Bush was convinced to retract from the protocol by an enlightening scientific demonstration that those fears were unfounded. More likely, this decision represents the priorities of the man.
http://www.whitehouse.gov/news/releases/2003/12/20 031204-5.html
So what? They announce the cheat was successful and stop it, so it was not wrong? I you want to defend Bush's decision, you should rather show that it was not in violation of free trade agreements. I'm sure many countries would find convenient to violate those agreements just the time to help their locale industry.
I care. Simple: when the hardware is no longer supported my the manufacturer, what do you do if it becomes incompatible with new kernel versions? Or let's say that for some reason (I can think of one), you don't want to use XFree86. Too sad, your driver doesn't work with Y or freedesktop.org X servers... you have to stay with whatever the manufacturer chooses.
Slashdot Mirror
Could your Mother download, compile and install gnunet-gtk?
:)
apt-get install gnunet-gtk, or your prefered graphical package manager
GNUnet is written in C. One buffer overflow exploit could compromise the whole network.
Not quite true IMHO: it's obviously not sufficient to compromise one client/server to compromise the whole network. If it was, it would be a piece of cake to take the existing source code and use it to build this "compromised" client/server.
If you want to compromise the whole network with one buffer overflow exploit, I guess you will have to find an exploit that works with all versions of GNUnet, and you will have to run it against all (ok, most) clients/servers on the network (most of the traffic seen by one computer on the network doesn't make sense for it, it just relays the packets to other computers).
And there is also a Java implementation under development.
Now come on. You know very well that there's a huge difference between what is happening in America today and what the Soviets did.
Sure. However:
I don't know about you, but I do not have any fear of being woken up in the middle of the night, thrown into a van, and being shipped off to some Siberian gulag just because I surfed the wrong website last night.
Well depending on your nationality, maybe you should... somewhat... See http://www.cbc.ca/news/background/arar/
I'm even more impressed with the other game, just below Tic Tac Toe: "Guess the number". Very nice game. I like the old-school spirit of your politicians.
It seems Firefox is still missing this "whole word only" checkbox in the search dialogue... or am I dumb or is there an extension for that or something?
Debian has made a good job maintaining the XFree86 packageports for a lot of architectures: alpha, arm, i386, m68k, mips, mipsel, powerpc, sparc, hppa, ia64 (this is why new versions of XFree86 often take a while to go from experimental to unstable). Debian switching to X.Org is a great loss for the XFree86 project.
Given that mldonkey is here, open-source and implements most of the P2P protocols, this release will not make a big difference.
By the way, mldonkey is really a great project! Its client-server approach is very handy to download in the background and control downloads remotely.
It must not be that hard to identify random data as such - there must be a way to "measure" the entropy of data or something...
Mmm well it's true that Stallman's position is not the same in the two cases. But he doesn't address the same problems, does he? The problems are a bit different in nature, and very different in scale (the life in the laboratory vs. shared repositories on Internet).
I don't know what he'd have said in the 70s about the repositories, but I think that today he would say the same things about passwords in the lab as he said back then.
I don't say you're completely wrong. But in the context I understand Stallman's position is tied to the "community" of the users. Like if I tell my family that I don't want the computer to be locked by passwords, which will prevent anyone (and me in particular) to fix things when necessary, and well can't we trust each other in this family !?
Here is a more comprehensive quote:
Not every package offers a source package, however.
Do you mean packages in the official debian distributions? Or third-party packages for which of course the source may not be available?
Too bad they are not included in the Swiss Army knives :/ (ie. the knife you get when you enter the recruit school (which is mandatory)).
I guess it's just like development kernel versions... always evolving, not really suitable for the task of maintaining a package, since those who want to use the development version likely want the very latest version. Development versions can be built with "tools" like garnome.
(However, there is a gimp 1.3 package...)
Just wondering: how do you use tabs in a file browser? I use tabs in firefox to have several pages in the same window, but surely you're not speaking about several "opened folders" in one file browser?
A sufficiently long time I think. If you want to continue this discussion, I suggest we do it by email. You can write to elendur@hotmail.com .
I don't either. I just wanted to point out that nobody claims that "When a Windows vulnerability is patched, it is proof that closed source software is evil". The fact that a patch is realeased is not relevant, what matters is when it's released. This applies to both OSS and proprietary software.
I thought the original comment to which I responded showed some confusion as to what is criticized in MS products and patches. Of course, when/if a critical Linux vulnerability is patched three months after its discovery, it's as bad as if it were in an MS product.
Sigh...
When a Windows vulnerability is patched, it is proof that closed source software is evil.
When a critical Windwos vulnerability is patched thre months after its discovery, it is proof that blahblahblah.
Wne a Linux vulnerability is patched, it is proof that open source software is wonderful.
When a [critical, or whatever...] Linux vulnerability is patched within minutes/hours/even a few days, it is proof that open source software works.
No, you will have one more reason to understand them: the University of Texas has been giving elvish courses for years!.
Where is this language documented?
...). Most significant is volume 5 from the History of Middle-earth: "The Lost Road and other Writings", which includes The Etymologies, ie. more than fifty pages of elvish roots, and the way they evolved in words in the various elvish tongues (all elvish tongues, and Quenya and Sindarin in particular, are related. All come ultimately from the "Common Elvish"). What's more, most of the names in Tolkien's world have a known meaning.
Have a look at this page. The first significant pieces of information concerning elvish languages (Quenya, Sindarin, etc.) were published in the Lord of the Rings, appendices E and F to the third volume in particular. Since then, many readers wrote letters to Tolkien, asking for more information, and he answered. Some info was thus published in The Letters of J.R.R. Tolkien.
Then you have the posthumous works (The Silmarillion with a linguistic index by Christopher Tolkien, based on his father's notes, The Unfinished Tales, the twelve volumes of The History of Middle-earth,
As for now: Christopher Tolkien (Tolkien's son) sent photocopies of most of his father's papers that are related to the languages of Middle-earth to a group of people who had been editing a fanzine (Vinyar Tengwar) on this topic for several years, with the authorization for them to publish all the material. Thus more and more information is being published concerning Tolkien's languages. "Small" works are published in Vinyar Tengwar, while more comprehensive ones are published in Parma Eldalamberon (most notable are issues 11, 12, 13 and 14. Issue 11 includes the so called "Gnomish Lexicon", Gnomish being an "early version" of Sindarin, and issue 12 the "Qenya Lexicon", Qenya being an "early version" of Quenya, though this is an over-simplification). There are thousands of pages waiting to be published, including detailed grammatical descriptions, etc.
Where is the dictionary, verbs conjugations, grammatical constructs, gender treatments etc etc?
The website Ardalambion given in another comment will give you this kind of information, though it represents the view of its author (Helge Fauskanger), which are sometimes subject to controverse. There is a comprehensive Sindarin dictionary compiled by Didier Willis, which you can download on his website Hisweloke (DragonFlame 2.0 is the best way to get the latest version, but it's a Windows program. However, it uses QT and is licensed under the GPL so anyone is welcomed to port it to Unix).
To what degree can complex and subtle nuances be expressed in this one-man made up language?
Tolkien himself wondered how much poetry, etc. an invented language could really reach (see The Monsters and The Critics). But he was of course technically able to build quite complex sentences, with subtle nuances, etc. "one-man language", yet the work of more than half a century (he started devising these tongues in the second decade of the century, and refined them until his death in 1973). However, it's virtually impossible for anyone else to compose a "new" complex elvish sentence, ie a sentence about which one could say "this is true elvish". One reason for that is that Tolkien always changed his mind, his languages were not fixed in any way (though he felt "bound" by the published material). But even if all the published material was "consistent", there would still be huge lacunes in the available knowledge. This may change when more material is published in Vinyar Tengwar / Parma Eldalamberon... But note that most "experts" don't consider "movie-elvish" as genuine. Some even call this neo-Sindarin "mishmash"...
What I think is that WE pay to influence USA/EU standards. It's just a bit more perverse, since everytime we buy Windows/Office whatever our payments go to Microsoft instead of USE/EU governments/organizations...
These are two totally different things:
When your system crashes, that's it: the system crashed. A problem in one third party application made the system crash, where the worst should have been a crash of the application alone. The system failed.
When you "hack" a system using a flaw in a third party application, this doesn't mean that the system failed in some way: from its point of view, everything is right. It's not the system fault if the application begins using its privileges to do bad things.
here
http://www.co2andclimate.org I would never expect everyone to agree with scientific predictions. But those people are a minority. I don't think that many countries would adhere to the Kyoto protocol it there weren't sufficiently convincing reasons to. I doubt Bush was convinced to retract from the protocol by an enlightening scientific demonstration that those fears were unfounded. More likely, this decision represents the priorities of the man. http://www.whitehouse.gov/news/releases/2003/12/20 031204-5.html
So what? They announce the cheat was successful and stop it, so it was not wrong? I you want to defend Bush's decision, you should rather show that it was not in violation of free trade agreements. I'm sure many countries would find convenient to violate those agreements just the time to help their locale industry.
I care. Simple: when the hardware is no longer supported my the manufacturer, what do you do if it becomes incompatible with new kernel versions? Or let's say that for some reason (I can think of one), you don't want to use XFree86. Too sad, your driver doesn't work with Y or freedesktop.org X servers... you have to stay with whatever the manufacturer chooses.