As most responses have made clear, what you ask cannot be done. IANAL, but I would not think that staking your defense on some censorware would be any better than a home-grown system or none at all (e.g., you could get sued either way).
There is only one solution, and it's the solution that librarians have always relied on: parental control. All you really need is a sign that clearly says, "Use by people under 18 requires parental supervision" or somesuch.
Educate the people at the site so parental control actually happens. Set up a screen saver or somesuch which prompts people for whether they certify are over 18 and supervising anyone under 18 who's there. Simply don't allow unsupervised access to the junior high school kids. (They're not going to be doing their laundry there anyway.)
A few more examples on the futility of software: what if someone reads the Kama Sutra (it's posted recently by Project Gutenberg, who also does Alice in Wonderland and other great works of literature).
Or, forget about pr0n - what if someone finds information about how to make LSD, or skip out of school, or send fake email? Forget about any possibility of shielding yourself from possible mis-use. The only solution is to facilitate strong parental control. You'll sleep better.
The real message (by omission from the C|Net article) is that Intel has no clue when their 64 bit chip will be ready.
The other real message (again by omission) is that Intel won't or can't tell you their forthcoming chips' interface plans. Are we talking Slot 1? Slot 2? PGA? Flip chip (ugh!).
So, if you want to buy a computer now that you can upgrade when the P4s and beyond come out, good fscking luck guessing which interface, which memory type, which bus speed, etc. The main thing we're getting out of Intel's "diversification" in CPU interfaces, cache, bus speed and memory types is screwed out of the ability to just upgrade the CPU when a new one comes out. Instead, we're mostly stuck needing at least a new mobo to go with it, and (while we're at it), why not just get a whole new system?
It's not news that academics are swayed by money. For literally hundreds of years, what research got done and what types of findings were generated has been driven by who pays (start with Christopher Columbus and other exploratory expeditions... work through the North and South pole expeditions at the turn of the 20th century... you get the idea).
I'm glad that Katz is talking about this, and has included the astronomical sums from Columbia as food for thought.
Anyone who kept their eyes open in college should know already about how the money flows. Big science research (where the grants go) have all sorts of equipment, new buildings, classroom space, faculty offices, etc. The places where grants usually don't go (the humanities, especially) are in the run-down buildings and the faculty are still using 386 computers. I work at a big-time research university, and see this every day.
There's still something "pure" about the intellectual climate at colleges and universities, and you're less likely (but far from unlikely) to be censored or fired for expressing unpopular thoughts. So, let's try not to get too cynical about universities that work to make a buck from their intellectual capital (aka, employees). Just keep your eyes open for the evidence that's easy to find for anyone involved with higher education.
IFF your tripwire is statically linked AND launched from a read-only medium (CD, locked floppy...): you might have more of a chance.
Anyone have further illumination to offer? tripwire still needs to call system functions (e.g., to open files), even if it's statically linked. So, a call to open the changed/hacked files might result in forged data being sent.
But this would be a much messier hack...if, for example, the legit sysadmin makes a change to / (the directory), the hacked kernel would need to know to send the current info back via tripwire, instead of the info from when the kernel was hacked. It seems to me like hacking around tripwire would be its own project! (Anyone done it yet? Anyone?)
Cache via Internet2 = legit & govn't sponsored
on
Dialectizer Shut Down
·
· Score: 2
Manipulating others' content, via cacheing, linking or translating, is what BSCs (Big Stupid Corporations) are trying to prevent.
See http://www.internet2.edu/dsi/ for a discussion of the NSF-sponsored Internet 2 research project to enable cacheing.
This is going to be a major culture clash, and hopefully will result in some new laws dealing with cacheing & these other issues. On the one hand, everyone from AOL to Google to the NSF (via Internet 2) agree that cacheing is a great way to make content more readily available. On the other hand, clueless corporations want to use the DMCA and other copyright baseball bats to keep utter control over what happens to their stuff.
PS: Sorry for posting this as a top-level comment, but the other discussions on cacheing seemed specific, rather than addressing the more general issue.
From the article: "We're not standing there watching the screens, but there are people always at the staff desk," Fredine said. "We're there to help people, but in that process, we obviously have to know what is on that screen."
What the librarian is saying is that there is absolutely no privacy - they keep a casual eye on whatever a patron happens to be doing at the computer.
Think about it. This is like someone wandering around after you in the library, monitoring what books you're interested in. This is a crummy policy. Most libraries have policies that are quite different - specifically saying they do NOT monitor and will NOT give out any identifying information about what people are doing with the Internet.
You can come up with your own ideas about the risks of having a easily visible screen on your Internet terminal (even if you're not doing anything questionable). Or, if you want some help, check out my paper: Information Security in Libraries (sorry, it's in RTF format so you need to download and convert).
Java can definitely be a risk. It's weird (as someone else noted) that pretty well all the file types that M$ is limiting are their own products.
If I send you a malicious Java *application*, it can do all kinds of stuff - probably just as well as the VBScript program can (but it would be harder to write, IMHO).
It's a Java *applet* (e.g., run via your friendly Web browser) that's quite limited in what it can do via the sandbox concept. So, Java would not be good as a virus that ran as an applet through your browser, but would work just fine as a virus Java application you ran through your native Java virtual machine (JVM).
The difference is that most people only have a JVM in their Web browser, so they couldn't run a Java application anyway. If Sun has their way, everyone soon will have a JVM....if M$ has their way, maybe we won't. Someone correct me if I'm wrong - I don't think there's any sort of JVM shipping with Windows 98 or 2000, you need to get and install one separately.
Remember, people, this is steganography, not encryption (Ok, there are some encryption aspects, too). Don't complain that it's not secure to eavesdroppers - its purpose is to obfuscate data, not make them unreadable.
One comment (the person with the MS LS/IS) mentioned part of the key: the cost of journals, including e-journals from 'regular' journal publishers, is astounding!
Here at UNC-CH (where I serve on the Library Administrative Board; teach Library & Information Science; also I help run Project Gutenberg - good enough?), total subscription costs for journals published by Elsevier are around $1millionUS/year. Subscription costs go up every year.
The deal that Elsevier offered for access to their e-journal collection (electronic access to print journals) was a little complicated, but boiled down to:
UNC gets access to e-journals + print journals, with some extra e-journal titles thrown in "free"
UNC is not allowed to cancel ANY subscription for at least 3 years
Continued access is vaguely guaranteed - maybe it's through OCLC, maybe another organization. Basically, it's "trust us."
The solution is to accept the deal (sort of Faustian, I'd say). At the same time, we've made local agreements with Duke and NC State to make sure one location keeps a print copy of every journal we're otherwise getting an electronic copy of.
This way, libraries are sure they're continuing their archival role (with paper, in this case), but at the same time trying to offer the benefits of electronic access to their constituents.
Bottom line: While we don't really know how to best maintain archives to ejournals, at least libraries can cooperate to make sure some sort of access is retained, while going forward with new e-journals.
Just a month ago I complained on/. that the 73GB drives Seagate talked about in October/November 1999 were still not out. Now they are.
73GB, Ultra-160 SCSI (160Mbps), 10K RPM. About $1650 available almost anywhere (except in Seagate's online store. Go figure.). Quantum's got essentially the same drives now tho I didn't notice them for sale.
Do the math: Put, say, 7 of these drives in a $300 external enclosure and you've got over 400GB usable RAID-5 for < $12000! That's $0.03US / MB.
I looked through the genome database here, and only found sequences from last August for Drosophila.
Someone else mentioned that there was a 3 month waiting period by the company before release.
Does anyone know if the actual genome is publicly available somewhere? I was thinking of republishing it via Project Gutenberg (we've done the draft human genomes that have been released already).
I'm the guy who maintains the main FTP sites for Project Gutenberg. Yes, I know Michael Hart. Yes, he really does eat that way. I believe the sandwich in question was served up at the Courier Cafe in Urbana.
Just a quick request/plea/suggestion: if you find a typo in a Project Gutenberg etext, please email me the fix. Or, fix the text and email me the text! There are definite quality problems with stuff prior to 1994 especially....today, though, the etexts have higher quality standards and go through more proofreading before posting.
promo.net/pg for the listings; you can link to any of the 2500+ etexts from there. Thanks.
If you've been following the analysis of AMD v. Intel in places like Tom's Hardware, you know that MHz isn't enough for an ultra-high end system.
You also want to support lots of RAM. But the motherboards most places are selling (including Gateway's 1000MHz Athlon system) are limited to either 384M or maybe 768M of memory (the VIA chipset, like on Tyan's S2380, is a good example of a high-end board for the Athlon.
On top of that, there's still no multi-processor (forget that....how about DUAL processor?) motherboard for the Athlon. You can get dual processing MBs for Pentium-III's cheaply, and >2 processor MBs for Xeons, if you want to pay the price.
Just wanted to mention.... of course, even the non-Xeon Pentium-III has relatively few motherboards available that will support over 768M of memory, but you can go to the the Xeon and get MBs with up to 2GB (easily) 4GB (just becoming available from Tyan and others). 1GB is available for regular PIII's from several vendors.
Disclaimer: My system is a Athlon 700MHz. It rocks.
PS: Gee, Compaq: You'd think that when you issue a press release about your new system, you'd actually be selling them, but you're not (at least on your Web site). Gateway is....
Last fall, Seagate announced their 73GB SCSI drives. You can easily find data sheets and other specs on their Web site.
We're still waiting...deeply buried in their Web site (or maybe not) is a quiet mention that the drives are expected out Q1 or Q2 of 2000.
So, it's nice to see the advance to 15KRPM, but this doesn't mean you'll be able to buy one anytime soon! Seagate seems to savor the big announcement about new tech waaaayyyy in advance of when you will actually be able to buy it.
Please read http://www.firstmonday.dk/issues/ issue2_12/minow/ for an analysis of the legal issues. It's hard to imagine that a modern library, even in a fairly small town, would consider filtering software. It's a substantial legal risk for them.
Dude, get in touch with your local library school, in Ann Arbor: The School of Information at UMICH. Faculty will be overjoyed to visit Holland, meet with library administrators and townspeople, and share their experiences.
Here at UNC's School of Information and Library Science, the faculty (me included) wrote a long letter to a community considering such censoring software. It helped.
I've seen some studies of censoring software (sorry, I don't have citations). They tend to censor a disproportionate number of sites that favor women, gays, any sort of liberalism, and basically anything a republican and/or conservative might not like.
Located about 13 million light-years from Earth, NGC4214 (a galaxy) is currently forming clusters of new stars from its interstellar gas and dust.
Excuse me, alleged science journalists: whatever we're seeing in NGC4214 happened 13 million years ago. Not my definition of "currently," although it maybe explains certain software companies' definition of "we'll be coming out with a new version Really Soon Now."
Of course, it might still be "currently" making new stars (right, Mr. Einstein?), but we can't see it.
What's cool about Beowulf is that it lets non-US countries have access to supercomputers that they otherwise could not buy from the US. There are still significant restrictions in place that prevent many companies and governments outside of the US from buying high-end computers.
A/. article last year mentioned that Clinton had raised the limit on what's considered a supercomputer (so today's standard microprocessors can be sold), but it's still a problem.
Yes, Japanense companies (Fujitsu, Hitachi) make some very good supercomputers too. But my point is that places that want to have world-class supercomputers (at least the type that Beowulf offers) can now do so without needing to dance with US commerce restrictions to buy from SGI/CRAY, IBM, Compaq/Digital or HP.
For the Top 500 supercomputers in the world, see top500.org.
In April 1999, egcs merged with GNU C, producing the new GNU C. Version 2.95 was released, and with some minor bug fixes is now at 2.95.2.
Although there were warnings about egcs, I believe that most if not all Linux distributions were distributing egcs instead of GNU C before the projects merged.
There's a ton of new and upgraded stuff from egcs that is now part of GNU C. I'd appreciate people posting information about problems or warnings here - it seems to me to be rock solid. The list of changes is extensive, and online at the GCC web site
The EFF did great work last week on the DeCSS fiasco, and deserve praise. Their beginnings (as defenders of Steve Jackson games and other victims of 1990 law enforcement incompetence) are the stuff of legend.
BUT, they really caved in on encryption and the clipper chip. (Someone, please help me with links to information about this - the EFF public documents claim opposition to Clipper and related technologies, but what the EFF actually did was roll over.)
The fact that the EFF can be, and have been, bought (or sold out...) is unfortunate. Just take a look at their corporate sponsorship list (it's a who's who of big corporate interests).
The EFF still has a role to play, but the heavy corporate sponsorship they've accepted means we can't trust them to always make the "right" choices. (Their early public documents: ftp://ftp.eff.org/pub).
Let's face it: without common standards-compliant compilers, Open Source would be nearly helpless to advance on multiple platforms.
In 1999, gcc saw its first major upgrade for years, as egcs and gcc were merged. This went along with continued developments to make programmers more productive, such as the Standard Template Library and new Matrix Template Library (an awesome project at Notre Dame), to mean we can spend less time doing generic stuff and more time doing application-specific stuff.
GCC made great advances in 1999, and is deserving of recognition.
Slashdot Mirror
As most responses have made clear, what you ask cannot be done. IANAL, but I would not think that staking your defense on some censorware would be any better than a home-grown system or none at all (e.g., you could get sued either way).
There is only one solution, and it's the solution that librarians have always relied on: parental control. All you really need is a sign that clearly says, "Use by people under 18 requires parental supervision" or somesuch.
Educate the people at the site so parental control actually happens. Set up a screen saver or somesuch which prompts people for whether they certify are over 18 and supervising anyone under 18 who's there. Simply don't allow unsupervised access to the junior high school kids. (They're not going to be doing their laundry there anyway.)
A few more examples on the futility of software: what if someone reads the Kama Sutra (it's posted recently by Project Gutenberg, who also does Alice in Wonderland and other great works of literature).
Or, forget about pr0n - what if someone finds information about how to make LSD, or skip out of school, or send fake email? Forget about any possibility of shielding yourself from possible mis-use. The only solution is to facilitate strong parental control. You'll sleep better.
The real message (by omission from the C|Net article) is that Intel has no clue when their 64 bit chip will be ready.
The other real message (again by omission) is that Intel won't or can't tell you their forthcoming chips' interface plans. Are we talking Slot 1? Slot 2? PGA? Flip chip (ugh!).
So, if you want to buy a computer now that you can upgrade when the P4s and beyond come out, good fscking luck guessing which interface, which memory type, which bus speed, etc. The main thing we're getting out of Intel's "diversification" in CPU interfaces, cache, bus speed and memory types is screwed out of the ability to just upgrade the CPU when a new one comes out. Instead, we're mostly stuck needing at least a new mobo to go with it, and (while we're at it), why not just get a whole new system?
It's not news that academics are swayed by money. For literally hundreds of years, what research got done and what types of findings were generated has been driven by who pays (start with Christopher Columbus and other exploratory expeditions ... work through the North and South pole expeditions at the turn of the 20th century ... you get the idea).
I'm glad that Katz is talking about this, and has included the astronomical sums from Columbia as food for thought.
Anyone who kept their eyes open in college should know already about how the money flows. Big science research (where the grants go) have all sorts of equipment, new buildings, classroom space, faculty offices, etc. The places where grants usually don't go (the humanities, especially) are in the run-down buildings and the faculty are still using 386 computers. I work at a big-time research university, and see this every day.
There's still something "pure" about the intellectual climate at colleges and universities, and you're less likely (but far from unlikely) to be censored or fired for expressing unpopular thoughts. So, let's try not to get too cynical about universities that work to make a buck from their intellectual capital (aka, employees). Just keep your eyes open for the evidence that's easy to find for anyone involved with higher education.
"It's in a big box, so there's more to recycle."
IFF your tripwire is statically linked AND launched from a read-only medium (CD, locked floppy...): you might have more of a chance.
Anyone have further illumination to offer? tripwire still needs to call system functions (e.g., to open files), even if it's statically linked. So, a call to open the changed/hacked files might result in forged data being sent.
But this would be a much messier hack...if, for example, the legit sysadmin makes a change to / (the directory), the hacked kernel would need to know to send the current info back via tripwire, instead of the info from when the kernel was hacked. It seems to me like hacking around tripwire would be its own project! (Anyone done it yet? Anyone?)
See http://www.internet2.edu/dsi/ for a discussion of the NSF-sponsored Internet 2 research project to enable cacheing.
This is going to be a major culture clash, and hopefully will result in some new laws dealing with cacheing & these other issues. On the one hand, everyone from AOL to Google to the NSF (via Internet 2) agree that cacheing is a great way to make content more readily available. On the other hand, clueless corporations want to use the DMCA and other copyright baseball bats to keep utter control over what happens to their stuff.
PS: Sorry for posting this as a top-level comment, but the other discussions on cacheing seemed specific, rather than addressing the more general issue.
What the librarian is saying is that there is absolutely no privacy - they keep a casual eye on whatever a patron happens to be doing at the computer.
Think about it. This is like someone wandering around after you in the library, monitoring what books you're interested in. This is a crummy policy. Most libraries have policies that are quite different - specifically saying they do NOT monitor and will NOT give out any identifying information about what people are doing with the Internet.
You can come up with your own ideas about the risks of having a easily visible screen on your Internet terminal (even if you're not doing anything questionable). Or, if you want some help, check out my paper: Information Security in Libraries (sorry, it's in RTF format so you need to download and convert).
Java can definitely be a risk. It's weird (as someone else noted) that pretty well all the file types that M$ is limiting are their own products.
If I send you a malicious Java *application*, it can do all kinds of stuff - probably just as well as the VBScript program can (but it would be harder to write, IMHO).
It's a Java *applet* (e.g., run via your friendly Web browser) that's quite limited in what it can do via the sandbox concept. So, Java would not be good as a virus that ran as an applet through your browser, but would work just fine as a virus Java application you ran through your native Java virtual machine (JVM).
The difference is that most people only have a JVM in their Web browser, so they couldn't run a Java application anyway. If Sun has their way, everyone soon will have a JVM....if M$ has their way, maybe we won't. Someone correct me if I'm wrong - I don't think there's any sort of JVM shipping with Windows 98 or 2000, you need to get and install one separately.
Remember, people, this is steganography, not encryption (Ok, there are some encryption aspects, too). Don't complain that it's not secure to eavesdroppers - its purpose is to obfuscate data, not make them unreadable.
Here at UNC-CH (where I serve on the Library Administrative Board; teach Library & Information Science; also I help run Project Gutenberg - good enough?), total subscription costs for journals published by Elsevier are around $1millionUS/year. Subscription costs go up every year.
The deal that Elsevier offered for access to their e-journal collection (electronic access to print journals) was a little complicated, but boiled down to:
The solution is to accept the deal (sort of Faustian, I'd say). At the same time, we've made local agreements with Duke and NC State to make sure one location keeps a print copy of every journal we're otherwise getting an electronic copy of.
This way, libraries are sure they're continuing their archival role (with paper, in this case), but at the same time trying to offer the benefits of electronic access to their constituents.
Bottom line: While we don't really know how to best maintain archives to ejournals, at least libraries can cooperate to make sure some sort of access is retained, while going forward with new e-journals.
The local NandO published this article about my experiences.
I was surprised the journalist actually talked to the MPAA!
73GB, Ultra-160 SCSI (160Mbps), 10K RPM. About $1650 available almost anywhere (except in Seagate's online store. Go figure.). Quantum's got essentially the same drives now tho I didn't notice them for sale.
Do the math: Put, say, 7 of these drives in a $300 external enclosure and you've got over 400GB usable RAID-5 for < $12000! That's $0.03US / MB.
Someone else mentioned that there was a 3 month waiting period by the company before release.
Does anyone know if the actual genome is publicly available somewhere? I was thinking of republishing it via Project Gutenberg (we've done the draft human genomes that have been released already).
Just a quick request/plea/suggestion: if you find a typo in a Project Gutenberg etext, please email me the fix. Or, fix the text and email me the text! There are definite quality problems with stuff prior to 1994 especially....today, though, the etexts have higher quality standards and go through more proofreading before posting.
promo.net/pg for the listings; you can link to any of the 2500+ etexts from there. Thanks.
my email: gbnewby@ils.unc.edu
For the Project Gutenberg edition of the first 10K digits of Pi, try:
http://metalab.unc.edu/gutenbe rg/etext93/pimil10.txt
You also want to support lots of RAM. But the motherboards most places are selling (including Gateway's 1000MHz Athlon system) are limited to either 384M or maybe 768M of memory (the VIA chipset, like on Tyan's S2380, is a good example of a high-end board for the Athlon.
On top of that, there's still no multi-processor (forget that....how about DUAL processor?) motherboard for the Athlon. You can get dual processing MBs for Pentium-III's cheaply, and >2 processor MBs for Xeons, if you want to pay the price.
Just wanted to mention.... of course, even the non-Xeon Pentium-III has relatively few motherboards available that will support over 768M of memory, but you can go to the the Xeon and get MBs with up to 2GB (easily) 4GB (just becoming available from Tyan and others). 1GB is available for regular PIII's from several vendors.
Disclaimer: My system is a Athlon 700MHz. It rocks.
PS: Gee, Compaq: You'd think that when you issue a press release about your new system, you'd actually be selling them, but you're not (at least on your Web site). Gateway is....
We're still waiting...deeply buried in their Web site (or maybe not) is a quiet mention that the drives are expected out Q1 or Q2 of 2000.
So, it's nice to see the advance to 15KRPM, but this doesn't mean you'll be able to buy one anytime soon! Seagate seems to savor the big announcement about new tech waaaayyyy in advance of when you will actually be able to buy it.
Dude, get in touch with your local library school, in Ann Arbor: The School of Information at UMICH. Faculty will be overjoyed to visit Holland, meet with library administrators and townspeople, and share their experiences.
Here at UNC's School of Information and Library Science, the faculty (me included) wrote a long letter to a community considering such censoring software. It helped.
I've seen some studies of censoring software (sorry, I don't have citations). They tend to censor a disproportionate number of sites that favor women, gays, any sort of liberalism, and basically anything a republican and/or conservative might not like.
Located about 13 million light-years from Earth, NGC4214 (a galaxy) is currently forming clusters of new stars from its interstellar gas and dust.
Excuse me, alleged science journalists: whatever we're seeing in NGC4214 happened 13 million years ago. Not my definition of "currently," although it maybe explains certain software companies' definition of "we'll be coming out with a new version Really Soon Now."
Of course, it might still be "currently" making new stars (right, Mr. Einstein?), but we can't see it.
What's cool about Beowulf is that it lets non-US countries have access to supercomputers that they otherwise could not buy from the US. There are still significant restrictions in place that prevent many companies and governments outside of the US from buying high-end computers.
/. article last year mentioned that Clinton had raised the limit on what's considered a supercomputer (so today's standard microprocessors can be sold), but it's still a problem.
A
Yes, Japanense companies (Fujitsu, Hitachi) make some very good supercomputers too. But my point is that places that want to have world-class supercomputers (at least the type that Beowulf offers) can now do so without needing to dance with US commerce restrictions to buy from SGI/CRAY, IBM, Compaq/Digital or HP.
For the Top 500 supercomputers in the world, see top500.org.
hostindex.com is one of the places where you can vote for (or against) hosting services.
I've been entering a "poor" vote for C I Host daily for the past week or so.
They went from #3 in December to #6 in January. So, VOTE!
In April 1999, egcs merged with GNU C, producing the new GNU C. Version 2.95 was released, and with some minor bug fixes is now at 2.95.2.
Although there were warnings about egcs, I believe that most if not all Linux distributions were distributing egcs instead of GNU C before the projects merged.
There's a ton of new and upgraded stuff from egcs that is now part of GNU C. I'd appreciate people posting information about problems or warnings here - it seems to me to be rock solid. The list of changes is extensive, and online at the GCC web site
The EFF did great work last week on the DeCSS fiasco, and deserve praise. Their beginnings (as defenders of Steve Jackson games and other victims of 1990 law enforcement incompetence) are the stuff of legend.
BUT, they really caved in on encryption and the clipper chip. (Someone, please help me with links to information about this - the EFF public documents claim opposition to Clipper and related technologies, but what the EFF actually did was roll over.)
The fact that the EFF can be, and have been, bought (or sold out...) is unfortunate. Just take a look at their corporate sponsorship list (it's a who's who of big corporate interests).
The EFF still has a role to play, but the heavy corporate sponsorship they've accepted means we can't trust them to always make the "right" choices. (Their early public documents: ftp://ftp.eff.org/pub).
Let's face it: without common standards-compliant compilers, Open Source would be nearly helpless to advance on multiple platforms.
In 1999, gcc saw its first major upgrade for years, as egcs and gcc were merged. This went along with continued developments to make programmers more productive, such as the Standard Template Library and new Matrix Template Library (an awesome project at Notre Dame), to mean we can spend less time doing generic stuff and more time doing application-specific stuff.
GCC made great advances in 1999, and is deserving of recognition.