Not to mention the rather minor point that the US broke international law by invading Iraq in the first place.
Can war ever by justified by international law? I don't suppose that any treatied group of nations would allow one member to declare war against another member.
Hey Jackass have you ever used Jahjah? The call is _free_ for both sides. Are you a shill for some competitor? How does this shit get on slashdot unverified?
The call is not free for either side if you have to pay for airtime. If your friends pay for airtime and you have a free incoming calls deal....
Yes, but college students/grad students/faculty are more likely to actually make decisions about the home OS than schoolkids. At the least, schoolkids will get a dual-boot partition and Windows will still be the most used OS.
For some stupid reason in the US the one receiving the call is the one who has to pay. The rest of the world goes the more sane route where the person making the call pays.
No, in the US the one who's mobile pays, unless he's within his free minutes deal (e.g., free nights and weekends). This has nothing to do with making or receiving and everything to do with "airtime".
(In the US the person making a long-distance call also pays, but that's different and usually very small.)
Over the next few years as we see more governments organizations (and some schools) moving to desktop Linux solutions
Actually, there are quite a few schools that have been using desktop Linux. The last two I've attended - UL Lafayette and MIT - have been using some *nix or another on the desktop for years, most recently Solaris. Now that Linux is the most popular* desktop *nix, they're starting to use it instead.
*Mac OS X might be more popular, and yes, it's real UNIX, but it's quite non-trivial to keep the Mac GUI (instead of using X) and add an existing *nix-based layer like MIT's Athens.
What about the author of a book, especially a non-fiction work that is the result of a significant amount of research? Is the copy of the book worth nothing, and the research worth money? How should the researcher/author expect to get paid for the work that she did?
If you can pull off a completely free market and ignore copyrights, then yes, the book will approach zero price because the data is infinitely copiable. I suppose then the motivation for non-fiction writers is to write by commission: e.g., a consortium of colleges would commission a textbook company to produce a textbook (which becomes distributed freely, to their students and to anyone else) because it's cheaper than having the course staff write the text and homework poblems. Economic and political theory works would be commissioned by the government, much like this report was commissioned and the think tank is posting it freely. And so forth.
I sent it already, sorry. I kinda wanted to draw a parallel with an innocent man who's trying to help but is being silenced by scared weak people. That's also why I referenced Laocoon.
Not quite. He should listen to a Massachusetts resident, even if one not in his district.
Rep. Markey,
I read with dismay an article claiming that you have called for the arrest of Christopher Soghoian. Mr. Soghoian is one of the few people brave enough to defend America's freedom, and calling for his arrest, regardless of what happens, will undoubtedly silence him and many others like him. If the government does not know of these holes in security, and if the public does not pressure the government to fix them, then the sad fact is that the terrorists (who undoubtedly knew of this already) will be too happy to abuse our vulnerability, and we will be left wondering how this happened.
Mr. Soghoian obviously never intended to use this to board a plane illegally, but neither was his purpose in this website to help people who want to bypass TSA security. People who want to get past security already can - Mr. Soghoian is simply putting pressure on the TSA to fix this glaring hole. As you yourself would have noticed when you travel, screeners only glance at the boarding pass before letting you into the "secure" area. It would only take five minutes' work in Word or Photoshop to create a boarding pass to fool most screeners.
About a month ago I met a researcher named Keith Winstein. Keith is somewhat famous in computing circles as the man who wrote a piece of software called "qrpff", six lines of computer code that can break the copy-protection on commercial DVDs. I can assure you that Keith is no movie pirate - he has too much real work to be involved in the black-market pirating gangs. His software was simply a demonstration that the DVD copy protection is weak and that encrypting movies is not worth the movie industry's money or the customer's inconvenience. Denouncing Keith's work would only stop his legitimate, unrelated research and do nothing to stop the gangs in China or the people who sneak video cameras into movies.
Similarly, Mr. Soghoian is a researcher, not a terrorist, and he is only pressuring the TSA to stop what we have all known for years to be the weak airline security. If he attempts to board a plane with the faked pass, certainly arrest him - but I doubt he has so much as printed out and cut out the boarding pass. Security researchers are one of our nation's best defenses against terrorism, and blaming this modern-day Laocoon will only help the enemies of our country.
Sincerely, Geoffrey Thomas Massachusetts Institute of Technology
Charles Simonyi is the Hungarian in Hungarian notation (you know, m_lpszUsrTxt and the like).
To be entirely fair to him, it wasn't intended to make variable names inscrutable, it applied to a language with weak type checking and few real types, and it still has valid uses today if you use it to mark information about the type of data instead of the "type" of variable.
Uh oh. I started reading when I was 39. I guess I missed the age thingy in the fine print.
"Age" was perhaps the wrong word to use here. There are 20-year-olds who are too busy to hack with their computers, and there are newly retired 60-year-olds who are just getting involved with Linux. But at some point the former may have been hackers, and the latter lose interest. For each person there's probably a range of ages in which Slashdot's subject matter interests them, and when you pass that phase of your life it's not worth worrying that Slashdot isn't growing up.
Slashdot isn't growing up. New users are joining, and older users grow past the intended age of Slashdot readers. If Slashdot grew up, there would be far fewer articles on topics of relevance to high school and college students who have time to tinker but no money to buy commercial solutions.
You simply stopped watching Sesame Street eventually. You didn't say that Sesame Street wouldn't "grow up". It simply gained a new crop of viewers each year, born one year later, and kept targetting the same age group. Same with Slashdot.
And if you're mentioning the liberal bias, you know what they say: if you're 20 and not liberal you have no heart, and if you're 30 and not conservative you have no brain.
I could probably go on-and-on, Read the rest of this comment...
Anyway.
Block what's not rated. It's also important that your filter have a mechanism to request that a site be unblocked
My HS started doing this a few months before I graduated. I was surprised it worked as well as it did - I would've thought it would be blocking a lot of sites because of the whitelist. Anyway, yes, a human verifier who responds quickly (~1 day) is pretty much a necessity with this scheme, but if you use a commercial filtering system they already have a very large database.
There were two problems with the filter. I won't name the filter here because I don't want students to try this and cause problems.
1) Even though it had whitelists on domains and IPs, it did not check the whitelist for one-word domains. A lot of sites really don't care about the host header, or have a sensible default virtual host. That means you can go into/etc/hosts (or its Windows equivalent) and add, e.g., "foo 18.242.0.29" and http://foo/ will work even if http://geminorum.mit.edu/ is blocked.
2) The filter had a really stupid bug (as far as I can tell - I'll probably test this more over Christmas break) that if you didn't send the first significant part of the HTTP header in one packet, it wouldn't detect that it was HTTP traffic and would not invoke the filter. Therefore the packets ["G"] ["ET http://www.porn.com/ HTTP/1.1\n..."] worked perfectly fine. I noticed this with telnet, but it would not be difficult to write a proxy to allow your browser to do the same.
I assumed finding and re-downloading the stuff was more fun than listening to the teacher anyway.
Unless you have a decent content filter. You probably already have one thanks to CIPA...just turn on "games" and "music". It's annoying for the students (and I speak as a former student) but it works.
Besides, students who need full access will eventually figure out how to ssh -D to an external server (e.g., one they run), and these students generally aren't the ones who will goof off and cut up.
So what's the solution? Give up, and let them do it.
My experience is that the sufficiently motivated students (me and a few others) didn't actually want to play games or anything...so one answer is to allow only the sufficiently motivated students to get past it (not explicitly open it) but threaten them with discipline if they tell others.
And yes, any machine with physical access is inherently insecure. That isn't necessarily a bad thing, if you plan your security model around that. MIT gives out the root passwords for its public machines, for instance, but you can only become root through su-ing from a normal account - and su is logged. (And root doesn't have read access to other user's networked home directories, of course.)
(If it's FAT32, it's a hundred times easier - grab a boot floppy. That's faster to create and to use.)
There is an easier way, by the way. Go into the folder (somewhere in Program Files) with the Deep Freeze DLLs and rename those. It will fail to load at Windows startup, and you can rename them back from within Windows.
For a personal machine, expect to get the performance hit of not being able to save a single file permanently - unless you repartition into "system" and "data" partitions, and only freeze the former.
Other than that, I've used machines with Deep Freeze and never noticed any performance problems. At the least, it's way better than a malware-clogged machine. I believe it has a side effect of making a pretty large memory cache, which is okay since files are supposed to be destroyed on shutdown.
What's the distribution of (nd6)/n as n->infinity? Obviously the mean approaches 3.5, but it seems to form a normal curve (with the variance seemingly inversely proportional to n, which seems intuitive). I'm plotting some data in Mathematica but I'm not seeing a certain bell even with n=10000 and 1000 data points.
Or if you want to be really crazy...what's the distribution of the sum [ d1 + (d2)/2 + (d3)/3 + (d4)/4 +.... (dn)/n ]/n, again with n tending to infinity?
Note that the link is for the en-GB version. A lot of Slashdotters may prefer the en-US version.
(Note that I haven't actually tested that file, since I'm on a Mac right now; I just changed the URL and made it a link for all you lazy people. If you have problems with letting me karma whore, mod me funny; I want this link to be visible, so I'm keeping the karma bonus.)
Yes, but are you sure those are necessarily evil networks?
Your post reminded me of the ad-hoc "Free Public WiFi" that I've been seeing a lot of, and I've never gotten a connection through. A quick Google revealed that this seems to be a case of computers picking up that ad-hoc network from other computers and rebroadcasting that name for the next while. TechBlog: "Free Public WiFi"? Not!
And yes, I don't have a problem connecting to sketchy networks. Other people can always associate with the legitimate network I'm on and try attacks, and my firewall's decent. And if I'm worried about sniffing I'll launch a VPN.
I ran across that site today while in the SIPB room, actually...it seems to be last year's webpage (which is still probably enough for the submitter). SIPB's current page is http://stuff.mit.edu/sipb/.
In particular, scripts is a webserver that allows CGIs in several popular languages and SQL databases, has auto-installers for software like MediaWiki, and depends on quite a few hacks running on SELinux to make the site secure between users (I've heard that even if you get Apache to run arbitrary code you gain nothing).
Slashdot Mirror
Because Knuth recommended it.
Don't knock MS alone for messed-up error lookup tables. Try getting MIT's com_err error library to work right when you compile something yourself.I'm sure it's possible (after all, it works right on the official binary distributions), but it's decidedly non-trivial.
Then later you could go online and scan it in...or some office...and "verify" your vote.
Give me that barcode so I can make a copy of it, in case you lose it. If not, you're fired.
What? Why are you worried I'll check who you voted for? You did vote for the candidate I told you to vote for, didn't you?
Even better to have the Republicans choose one and the Democrats the other.
Yes, that would work so well given that the Constitution requires the US to have a two-party system.
Not to mention the rather minor point that the US broke international law by invading Iraq in the first place.
Can war ever by justified by international law? I don't suppose that any treatied group of nations would allow one member to declare war against another member.
Hey Jackass have you ever used Jahjah? The call is _free_ for both sides. Are you a shill for some competitor? How does this shit get on slashdot unverified?
The call is not free for either side if you have to pay for airtime. If your friends pay for airtime and you have a free incoming calls deal....
Yes, but college students/grad students/faculty are more likely to actually make decisions about the home OS than schoolkids. At the least, schoolkids will get a dual-boot partition and Windows will still be the most used OS.
For some stupid reason in the US the one receiving the call is the one who has to pay. The rest of the world goes the more sane route where the person making the call pays.
No, in the US the one who's mobile pays, unless he's within his free minutes deal (e.g., free nights and weekends). This has nothing to do with making or receiving and everything to do with "airtime".
(In the US the person making a long-distance call also pays, but that's different and usually very small.)
Over the next few years as we see more governments organizations (and some schools) moving to desktop Linux solutions
Actually, there are quite a few schools that have been using desktop Linux. The last two I've attended - UL Lafayette and MIT - have been using some *nix or another on the desktop for years, most recently Solaris. Now that Linux is the most popular* desktop *nix, they're starting to use it instead.
*Mac OS X might be more popular, and yes, it's real UNIX, but it's quite non-trivial to keep the Mac GUI (instead of using X) and add an existing *nix-based layer like MIT's Athens.
What about the author of a book, especially a non-fiction work that is the result of a significant amount of research? Is the copy of the book worth nothing, and the research worth money? How should the researcher/author expect to get paid for the work that she did?
If you can pull off a completely free market and ignore copyrights, then yes, the book will approach zero price because the data is infinitely copiable. I suppose then the motivation for non-fiction writers is to write by commission: e.g., a consortium of colleges would commission a textbook company to produce a textbook (which becomes distributed freely, to their students and to anyone else) because it's cheaper than having the course staff write the text and homework poblems. Economic and political theory works would be commissioned by the government, much like this report was commissioned and the think tank is posting it freely. And so forth.
I sent it already, sorry. I kinda wanted to draw a parallel with an innocent man who's trying to help but is being silenced by scared weak people. That's also why I referenced Laocoon.
Charles Simonyi is the Hungarian in Hungarian notation (you know, m_lpszUsrTxt and the like).
To be entirely fair to him, it wasn't intended to make variable names inscrutable, it applied to a language with weak type checking and few real types, and it still has valid uses today if you use it to mark information about the type of data instead of the "type" of variable.
Read and find out, of course. :-)
Uh oh. I started reading when I was 39. I guess I missed the age thingy in the fine print.
"Age" was perhaps the wrong word to use here. There are 20-year-olds who are too busy to hack with their computers, and there are newly retired 60-year-olds who are just getting involved with Linux. But at some point the former may have been hackers, and the latter lose interest. For each person there's probably a range of ages in which Slashdot's subject matter interests them, and when you pass that phase of your life it's not worth worrying that Slashdot isn't growing up.
Slashdot isn't growing up. New users are joining, and older users grow past the intended age of Slashdot readers. If Slashdot grew up, there would be far fewer articles on topics of relevance to high school and college students who have time to tinker but no money to buy commercial solutions.
You simply stopped watching Sesame Street eventually. You didn't say that Sesame Street wouldn't "grow up". It simply gained a new crop of viewers each year, born one year later, and kept targetting the same age group. Same with Slashdot.
And if you're mentioning the liberal bias, you know what they say: if you're 20 and not liberal you have no heart, and if you're 30 and not conservative you have no brain.
Hm. Yeah, I was doing something wrong. Turns out that you need to increase the number of trials, not n - even n=3 with 10000 trials looks reasonable.
Hehe.
/etc/hosts (or its Windows equivalent) and add, e.g., "foo 18.242.0.29" and http://foo/ will work even if http://geminorum.mit.edu/ is blocked.
I could probably go on-and-on,
Read the rest of this comment...
Anyway.
Block what's not rated. It's also important that your filter have a mechanism to request that a site be unblocked
My HS started doing this a few months before I graduated. I was surprised it worked as well as it did - I would've thought it would be blocking a lot of sites because of the whitelist. Anyway, yes, a human verifier who responds quickly (~1 day) is pretty much a necessity with this scheme, but if you use a commercial filtering system they already have a very large database.
There were two problems with the filter. I won't name the filter here because I don't want students to try this and cause problems.
1) Even though it had whitelists on domains and IPs, it did not check the whitelist for one-word domains. A lot of sites really don't care about the host header, or have a sensible default virtual host. That means you can go into
2) The filter had a really stupid bug (as far as I can tell - I'll probably test this more over Christmas break) that if you didn't send the first significant part of the HTTP header in one packet, it wouldn't detect that it was HTTP traffic and would not invoke the filter. Therefore the packets ["G"] ["ET http://www.porn.com/ HTTP/1.1\n..."] worked perfectly fine. I noticed this with telnet, but it would not be difficult to write a proxy to allow your browser to do the same.
I assumed finding and re-downloading the stuff was more fun than listening to the teacher anyway.
Unless you have a decent content filter. You probably already have one thanks to CIPA...just turn on "games" and "music". It's annoying for the students (and I speak as a former student) but it works.
Besides, students who need full access will eventually figure out how to ssh -D to an external server (e.g., one they run), and these students generally aren't the ones who will goof off and cut up.
So what's the solution? Give up, and let them do it.
My experience is that the sufficiently motivated students (me and a few others) didn't actually want to play games or anything...so one answer is to allow only the sufficiently motivated students to get past it (not explicitly open it) but threaten them with discipline if they tell others.
And yes, any machine with physical access is inherently insecure. That isn't necessarily a bad thing, if you plan your security model around that. MIT gives out the root passwords for its public machines, for instance, but you can only become root through su-ing from a normal account - and su is logged. (And root doesn't have read access to other user's networked home directories, of course.)
(If it's FAT32, it's a hundred times easier - grab a boot floppy. That's faster to create and to use.)
There is an easier way, by the way. Go into the folder (somewhere in Program Files) with the Deep Freeze DLLs and rename those. It will fail to load at Windows startup, and you can rename them back from within Windows.
For a personal machine, expect to get the performance hit of not being able to save a single file permanently - unless you repartition into "system" and "data" partitions, and only freeze the former.
Other than that, I've used machines with Deep Freeze and never noticed any performance problems. At the least, it's way better than a malware-clogged machine. I believe it has a side effect of making a pretty large memory cache, which is okay since files are supposed to be destroyed on shutdown.
What's the distribution of (nd6)/n as n->infinity? Obviously the mean approaches 3.5, but it seems to form a normal curve (with the variance seemingly inversely proportional to n, which seems intuitive). I'm plotting some data in Mathematica but I'm not seeing a certain bell even with n=10000 and 1000 data points.
.... (dn)/n ] /n, again with n tending to infinity?
Or if you want to be really crazy...what's the distribution of the sum [ d1 + (d2)/2 + (d3)/3 + (d4)/4 +
Note that the link is for the en-GB version. A lot of Slashdotters may prefer the en-US version.
(Note that I haven't actually tested that file, since I'm on a Mac right now; I just changed the URL and made it a link for all you lazy people. If you have problems with letting me karma whore, mod me funny; I want this link to be visible, so I'm keeping the karma bonus.)
Yes, but are you sure those are necessarily evil networks?
Your post reminded me of the ad-hoc "Free Public WiFi" that I've been seeing a lot of, and I've never gotten a connection through. A quick Google revealed that this seems to be a case of computers picking up that ad-hoc network from other computers and rebroadcasting that name for the next while. TechBlog: "Free Public WiFi"? Not!
And yes, I don't have a problem connecting to sketchy networks. Other people can always associate with the legitimate network I'm on and try attacks, and my firewall's decent. And if I'm worried about sniffing I'll launch a VPN.
I ran across that site today while in the SIPB room, actually...it seems to be last year's webpage (which is still probably enough for the submitter). SIPB's current page is http://stuff.mit.edu/sipb/.
In particular, scripts is a webserver that allows CGIs in several popular languages and SQL databases, has auto-installers for software like MediaWiki, and depends on quite a few hacks running on SELinux to make the site secure between users (I've heard that even if you get Apache to run arbitrary code you gain nothing).