Since our politicians seem oblivious to the warnings the technical community has provided them on this issue... I hereby present Top Sex Ways to Defeat Censorsh*t:
sed -e 's/sex/xes/g' -e 's/fuck/fsck/g'
Filtering proxies (to filter content ratings, or replace them with erroneous data).
Digital underground!!! e-mail me at hotsexybabes@somecorp.com and I'll send you jpegs of *insert name of hot sexy babe here*.
IRC. Need I say more?
You can filter, but you can't hide! This system is doomed to fail... as it should. There is no substitute, technical or other, for parental supervision. Until the world figures that out, these botched attempts to "save the children!" will continue indefinately.
That was posted to bugtraq almost a month ago - complete with fix. Now... who's at fault - Redhat, or the people who put this contest on with a box stock system with known vulnerabilies? Check it out:
------------------------------------------------ --------------------- Red Hat, Inc. Security Advisory
By creating a crontab that runs with a specially formatted 'MAILTO' environment variable, it is possible for local users to overflow a fixed-length buffer in the cron daemon's cron_popen() function. Since the cron daemon runs as root, it would be theoretcially possible for local users to use this buffer overflow to gain root privilege.
To the best of our knowledge, no known exploits exist at this time.
Also, it was possible to use specially formatted 'MAILTO' environment variables to send commands to sendmail.
8. Solution:
For each RPM for your particular architecture, run:
rpm -Uvh
where filename is the name of the RPM.
9. Verification:
MD5 sum Package Name ------------------------------------------------ -------------------------- a90bf7adbc719fdb5a8ed335fda32a3c i386/vixie-cron-3.0.1-36.4.2.i386.rpm 2b6b0b00cdeca0381ab2893ddf2f2bd1 alpha/vixie-cron-3.0.1-36.4.2.alpha.rpm 02d183979b594a7e7a9c1bc8566b2f16 sparc/vixie-cron-3.0.1-36.4.2.sparc.rpm b8ac0c21e108ebd67925c224f7a0b82b SRPMS/vixie-cron-3.0.1-36.4.2.src.rpm
Aren't those the same lenses you can use to incinerate objects at 30 feet away by merely putting the sun between it, and the object in question?!
I know somebody that had a lens like that - he actually heated the pavement up so much that it kinda-sorta liquified. Of course, the lense was about 30" in diameter too...
Anyway... you may want to keep your monitor away from direct sunlight if you use one of these, lest you burn a hole through the tube!!!
Well, that's the flaw - the assumption. But how many people bother to logically analyze what people have to say? Not many, but I do - by reflex. I find myself carrying on a one-way conversation with TV commercials... or correcting the accuracy of other people's statements in my head "Well, surely he must have meant foo instead of bar, it wouldn't be self-consistent otherwise!"
Anyway, I just noticed your nick: "FascDot Killed My Pr"... followed by "on 09-29-99..."... which comes out to "FascDot Killed my Pron". Coincidence? I think not!:^)
I'd qualify that with a if you know what you're doing.. My first linux installation (~2 years ago) took weeks to figure out. Partition this, set that bit, install these packages... don't overwrite the MBR! It was a battle royale just to get my system to dual-boot[1]. Then the moment of truth - I logged in as root... and then just sat there looking at:
localhost~# _
As if... how much more cryptic could you get?! Today... I can reinstall redhat in under a half-hour, and that includes restoring my custom configs under/etc from a tarball, merging all my custom patches and stuff into the stock distribution, and bringing the system back up (on different hardware no less!). Throw in a kernel compile, and in under 45 minutes, I have a system that is 100% operational, fully configured, and set to go. I can't do that under windows - even if I wanted to. There are some things a GUI just slows down... *alot*.
[1] I hear, however, that it might have taken less time if I had actually read the manual. *g*
Gee, I wonder if either of these two columnists will arrive at the conclusion that the speed of installation for a given piece of software is inversely proportional to the knowledge that person has in computers?
More seriously, both of these articles should be classified under "FUD", or atleast severely-misguided, because they don't take into account the intelligence/knowledge of the user. Let me give you an example - "I don't know how to fly an airplane, it's too hard, therefore all airplanes suck. But because I know how to drive a car, all cars are better than all airplanes." Anybody else see the flaw in that statement?
If you want to work on your OS at the command line level, that's wonderful. But if there are no other choices, then the software is inherently poor.
Uhhhh, no. grep is the fastest search program available, and can parse gigabytes as fast as the HDD can supply it. But grep is strictly command-line, so it sucks? What planet are you from? It may be the wrong choice for somebody who isn't aquainted to the command-line, but that doesn't mean it sucks.
You're implying that because you don't own a ferrarri, you're entitled to say they suck. Sorry, but it doesn't work that way in the Real World(tm). If you don't own/know how to use something, that doesn't mean it's bad - it simply means you don't know how to use it . 'tis this, and nothing more. Claiming that the user should not require any training to be proficient is a Microsoftian-fallacy. To use power-tools, you need to know how to use them.
It is rather unfortunate that the operators of the primary server are themselves registering.COM domains...
That's what I'm concerned about. The current system is designed to distribute the load onto the other root servers... but if those root servers are reporting information which is not self-consistent with the other root servers, we've got data integrity issues. It doesn't matter who's in charge - what matters is what data is being returned.
I don't know about the UK laws and bylaws, but the US constitution specifically forbids self-incrimination -> ie. you can't be forced to testify against yourself. Obviously handing over your crypto keys would constitute self-incrimination and thus falls under 5th amendment protection.
Does the UK not have similar protections for it's citizens?
First off, this doesn't mean a damned thing. Let's assume they decide to cooperate. Great! Wonderful! Now who owns the WHOIS database? NSI thinks it does. How do you resolve this? You have competition - that's wonderful.. but without rules it's gonna get vicious in a hurry. Is there an arbitration committee with the power to enforce it's rulings? No.
Second problem - you're maintaining multiple independent databases. Anybody who's used SQL for more than 10 minutes knows that this is a HUGE data integrity issue. Widget Enterprises decides to register widget.com, so they call up NSI and get the order put in. Meantime Funky Foobar registers widget.com with Fabulous Registration Services. Who wins? There's no way to guarantee this situation won't occur under this system - and even if there was - these organizations have no incentives to share their customers "with the enemy" to prevent it!
I find myself arguing against my better judgement on this one, but I can't see how the current system can support multiple root servers - they'll be constantly out of sync with the others! The solution is, of course, to have only one entity in charge of the database, or divide it up in an organized fashion (Internic gets registrations A-D, Frank Foobar gets E-M, etc).
However, one thing I think we can universally agree on here is that Internic should not be this entity! They're a bloated, insensitive, beaurocratic, and downright stubborn organization. Completely the opposite of what we need to make the root servers function reliably. I wish we could just hold an election and eject them from the DNS Whitehouse by popular vote.:\
...it hard to read the smile on my face across the net.
When I smile..people run. Think: Cheshire cat. >:) Anyway... alot of geeks I know got the boot out of the house as soon as they turned 18. The circumstances vary, of course. I do have to wonder though if it's higher per capita than "normal" people.
I've noticed many of your posts, most, are very well spoken.
Thanks! Just remember that even I can't bat a 1000.:^)
"The printer is out of paper, what do I do?" I expect that if somebody is going to take up my time, they should atleast have a question that requires more than minimal thought. See the above question for a good example of something I would really get peeved about if you asked me. And incase you're wondering.. my dad gave me the very same speech - "#1341: you're *so* arrogant". My response was equally brief - I now live with my mom.:\
Welcome to the psychiatric hotline... if you are manic depressive don't bother pressing any button, nobody will answer. If you have multiple personalities.. press 1,2, and 3... if you are paranoid you don't need to press anything, we know who you are and are tracing your call now.
No, I'm not paranoid. But I do want to rattle the cages of a few people and wake them up. If you peruse my other posts on slashdot you'll notice that I have a very persuasive style of writing. I think it's important to fire off a good thought, and let people debate it. I like to see people think - I like to see that spark in people's eyes. I don't think we're waging war with modern society, but I do believe we are being exploited.. and we need to be aware that this honeymoon is going to wear off, if it hasn't already.
Geeks as a whole are VERY arrogant and the vast majority of people don't go for that, at all.
I disagree. Most of us have alittle arrogance.. but very few are "very arrogant". A gaussian distribution from "un-arrogant" to "very arrogant" comes to mind. However, I will be the first in line to say that I dislike people who waste my time with stupid questions. Is that arrogance?
Also, if you happen to believe in the real-world notion of karma, all the negativity you are spewing forth is bound to come back and bite you in the ass.
I don't believe in "Karma" per-say.. although I do believe what goes around comes around. But while we're on the topic, check out my Karma rating on slashdot.. you'll be unpleasantly suprised.:^) I'm in no danger of having anything bite me in the ass.
They're part of an attempt by people who think they understand "us" to explain the whole thing to other people who don't have a clue.
I honestly can't say one way or the other. I've always been facinated at how often people (even intelligent ones) can make such basic errors in their logic. Why do they feel compelled to explain to the world what a geek is? And if they felt so compelled, why distribute half-truths and pseudo-intellectual explanations instead of going to the root of the matter and asking one of us.
I firmly believe in the scientific method - that is, nothing should be passed on as truth without being reviewed by the experts in the field (or your peers, if you are in that field). There is a reason engineers check, and double-check their work.. and then ask other to check, and double-check their work. It's because even the best amongst us are prone to errors. Why these people blithingly bypass that methodology and claim that they have knowledge of the truth is beyond me - it is both false and destructive. Why has this person not bothered to even ask a member of our community - RMS, ESR, Rob Malda, the entire linux community.. why? It's not like we make ourselves hard to find..
I'm really getting tired of major news organizations slapping another label on "the geek phenomenon". Why don't you people just tell the truth - we're now a necessary resource and you're trying to make excuses up so you can exploit us. You're trying to convince all of us that being "geeky" is good. 10 years ago it wasn't. 50 years ago it wasn't... a thousand years ago it wasn't. What changed? We have something you want.
I'm sick of the labelling. I'm sick of saying that geeks are autistic, that we're super-intelligent but socially inept. I'm sick of having the legions of psychologists say that we all have ADD or ADHD. All of it is a coverup - the truth is we think. It's that simple! Because we think, we are different, and because we are different we are ejected from society.
Wake up! Our schools are engaged in an intensive effort to weed out geeks and outcasts. Our politicians are shouting for additional controls and monitoring of us. All eyes are on us. We are under attack! Fear, fire, foes, awake!
I can't believe it. Ever since he started adding banner ads and going commercial, that site has been on the express route to hell. The latest insult is that I can't even view the reviewed computer because his site toys around with the HTTP_REFERER field that any respectable privacy-enhancing firewall and proxy will filter. It seems most sites when they go commercial lose alot. Slashdot seems to have been the exception so far - it hasn't changed a bit (except that Rob now has more time to break things and make the site inaccessible. *g*)...
HEY TOM! Wake up - there's alot of us out here at work that can't bypass our firewalls easily. You want us to all view your pretty advertisements right? Stop meddling with the http referer then - it's not a mandatory part of the HTTP protocol! Fooooooo....
You know, I'm reminded of a quote "Anything done by a man can be undone by a man". Witness software piracy.. witness the crypto community... witness our own [ Free software | open source ] communities reverse-engineering proprietary and highly guarded Microsoft protocols (Samba, DAV, etc).
How arrogant of IBM to assume the subversive element of our society won't abuse this new privacy-invading 'feature'. What's worse.. they're actually encouraging the very thing this ID feature was supposed to stop - fraud!
To use an old, but good, example - if you don't have a secure channel with another person, you probably aren't going to be tempted to communicate sensitive information with it. But.. if you think you have a secure channel with another party.. you may be more willing to divulge sensitive information. The key word here is think. If that channel isn't secure.. you're exposing yourself to more risk than if it didn't exist at all! It defeated the very reason it was created - security. The use of this chip holds a similar analogy - if it is used for verification, then anybody who can defeat it can masqarade as anybody relying on it as a method of authentication. In short.. the barn door is wide open.
So privacy nuts... I suggest you adopt this approach instead - crack this scheme as fast as you can! Defeat it before people start relying on it - and issue a joint statement on why this is such a bad idea.
Well thanks alot... you spoiled the whole thing. I wanted ESR to come out and admit that he too has been recording himself singing in the shower (and post some links to boot!). *sniffle*:^)
What I want to know is why hackers and geeks can share such a spirit of comradre with each other, but then become absolute bigots when discussing their holy-war-of-choice. It just seems contradictory (and yet.. it makes perfect sense).
the RMS v. ESR debatacle seems to be a shining example of this - they are both hackers in their own right, they are both working towards the same general goal.. but yet when it comes to describing "Open Source" v. "Free Software" they both dip into non-linear territory. I can see a visible effort being made to maintain civility on some of the listservs - and Eric has on more than one occasion lamblasted somebody for getting their facts reversed. This fact hasn't gone unnoticed by the news media - I recall an article describing this exact chasm appearing on slashdot in the not-too distant past.
Oooh, this article's parting comment about the movement leaders "not suffering anyone with a sub-200 IQ" is ridiculous and wrong!
It's wrong because it presumes that you need to be intelligent to contribute to this movement. It's wrong because intelligence is NOT the primary attribute required to make a meaningful contribution to this culture, and it's wrong because ESR said it. It is simply a wide misconception that you need to have a 180 IQ to program - Microsoft is proof of this. *rim shot*
If you guys want to talk about the technical community, talk TO the technical community before you publish - don't go making blind assumptions about what you need, or do not need, to be a member of this community. When in doubt - ASK!
Do I seem upset? Yes, that's because I am. That statement does more to undermine the free software movement than virtually any other - we accept contributions from anybody. If it's good, we'll take it. You don't need to be an Einstein to join us.. all you need is dedication, and time.
Slashdot Mirror
sed -e 's/sex/xes/g' -e 's/fuck/fsck/g'
Filtering proxies (to filter content ratings, or replace them with erroneous data).
if(remote_is_a_bot()) show_safe_page() else show_sexy_page();
Relocate your servers to a censorsh*t-free zone.
Digital underground!!! e-mail me at hotsexybabes@somecorp.com and I'll send you jpegs of *insert name of hot sexy babe here*.
IRC. Need I say more?
You can filter, but you can't hide! This system is doomed to fail... as it should. There is no substitute, technical or other, for parental supervision. Until the world figures that out, these botched attempts to "save the children!" will continue indefinately.
--
That was posted to bugtraq almost a month ago - complete with fix. Now... who's at fault - Redhat, or the people who put this contest on with a box stock system with known vulnerabilies? Check it out:
- ---------------------
- ---------------------
e -cron-3.0.1-36.4.2.i386.rpm
i e-cron-3.0.1-36.4.2.alpha.rpm
i e-cron-3.0.1-36.4.2.sparc.rpm
i e-cron-3.0.1-36.4.2.src.rpm
e -cron-3.0.1-36.5.2.i386.rpm
i e-cron-3.0.1-36.5.2.alpha.rpm
i e-cron-3.0.1-36.5.2.sparc.rpm
i e-cron-3.0.1-36.5.2.src.rpm
e -cron-3.0.1-37.i386.rpm
i e-cron-3.0.1-37.alpha.rpm
i e-cron-3.0.1-37.sparc.rpm
i e-cron-3.0.1-37.src.rpm
- --------------------------
/dev/null
-----------------------------------------------
Red Hat, Inc. Security Advisory
Synopsis: Buffer overflow in cron daemon
Advisory ID: RHSA-1999:030-01
Issue date: 1999-08-25
Updated on:
Keywords: vixie-cron crond MAILTO
Cross references:
-----------------------------------------------
1. Topic:
A buffer overflow exists in crond, the cron daemon. This
could allow local users to gain privilege.
2. Bug IDs fixed (http://developer.redhat.com/bugzilla/):
4706
3. Relevant releases/architectures:
Red Hat Linux 4.2, 5.2, 6.0, all architectures
4. Obsoleted by:
5. Conflicts with:
6. RPMs required:
Red Hat Linux 4.2:
Intel:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/4.2/i386/vixi
Alpha:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/4.2/alpha/vix
Sparc:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/4.2/sparc/vix
Source packages:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/4.2/SRPMS/vix
Red Hat Linux 5.2:
Intel:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/5.2/i386/vixi
Alpha:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/5.2/alpha/vix
Sparc:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/5.2/sparc/vix
Source packages:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/5.2/SRPMS/vix
Red Hat Linux 6.0:
Intel:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/6.0/i386/vixi
Alpha:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/6.0/alpha/vix
Sparc:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/6.0/sparc/vix
Source packages:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/6.0/SRPMS/vix
7. Problem description:
By creating a crontab that runs with a specially formatted
'MAILTO' environment variable, it is possible for local users
to overflow a fixed-length buffer in the cron daemon's
cron_popen() function. Since the cron daemon runs as root,
it would be theoretcially possible for local users to use
this buffer overflow to gain root privilege.
To the best of our knowledge, no known exploits exist
at this time.
Also, it was possible to use specially formatted 'MAILTO'
environment variables to send commands to sendmail.
8. Solution:
For each RPM for your particular architecture, run:
rpm -Uvh
where filename is the name of the RPM.
9. Verification:
MD5 sum Package Name
-----------------------------------------------
a90bf7adbc719fdb5a8ed335fda32a3c i386/vixie-cron-3.0.1-36.4.2.i386.rpm
2b6b0b00cdeca0381ab2893ddf2f2bd1 alpha/vixie-cron-3.0.1-36.4.2.alpha.rpm
02d183979b594a7e7a9c1bc8566b2f16 sparc/vixie-cron-3.0.1-36.4.2.sparc.rpm
b8ac0c21e108ebd67925c224f7a0b82b SRPMS/vixie-cron-3.0.1-36.4.2.src.rpm
7df6884f0709b078d19f390db2a7e304 i386/vixie-cron-3.0.1-36.5.2.i386.rpm
b51b4ea612c4f5a59c1bb4e76af95eeb alpha/vixie-cron-3.0.1-36.5.2.alpha.rpm
5ceeb614442bd4d4ce8a9680664d77e4 sparc/vixie-cron-3.0.1-36.5.2.sparc.rpm
9f411cb3c7c1c53423eebc9d5f64619a SRPMS/vixie-cron-3.0.1-36.5.2.src.rpm
39bbedeade7dc6da6f0ab5acfb3af6da i386/vixie-cron-3.0.1-37.i386.rpm
addec82afbd131aef14fadf8cfb8ddcf alpha/vixie-cron-3.0.1-37.alpha.rpm
b56db77c411f72825efbffed43780213 sparc/vixie-cron-3.0.1-37.sparc.rpm
243d9099bdb94bd0d075de4da4dbba12 SRPMS/vixie-cron-3.0.1-37.src.rpm
These packages are PGP signed by Red Hat Inc. for security. Our key
is available at:
http://www.redhat.com/corp/contact.html
You can verify each package with the following command:
rpm --checksig
If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
rpm --checksig --nopgp
10. References:
--
To unsubscribe: mail redhat-watch-list-request@redhat.com with
"unsubscribe" as the Subject.
--
To unsubscribe:
mail -s unsubscribe redhat-announce-list-request@redhat.com
--
*sigh* You know what I meant everybody. Okay, get some cheap karma points off of me, I don't mind. :)
--
I know somebody that had a lens like that - he actually heated the pavement up so much that it kinda-sorta liquified. Of course, the lense was about 30" in diameter too...
Anyway... you may want to keep your monitor away from direct sunlight if you use one of these, lest you burn a hole through the tube!!!
--
Anyway, I just noticed your nick: "FascDot Killed My Pr" ... followed by "on 09-29-99..." ... which comes out to "FascDot Killed my Pron". Coincidence? I think not! :^)
--
localhost~# _
As if... how much more cryptic could you get?! Today... I can reinstall redhat in under a half-hour, and that includes restoring my custom configs under /etc from a tarball, merging all my custom patches and stuff into the stock distribution, and bringing the system back up (on different hardware no less!). Throw in a kernel compile, and in under 45 minutes, I have a system that is 100% operational, fully configured, and set to go. I can't do that under windows - even if I wanted to. There are some things a GUI just slows down... *alot*.
[1] I hear, however, that it might have taken less time if I had actually read the manual. *g*
--
More seriously, both of these articles should be classified under "FUD", or atleast severely-misguided, because they don't take into account the intelligence/knowledge of the user. Let me give you an example - "I don't know how to fly an airplane, it's too hard, therefore all airplanes suck. But because I know how to drive a car, all cars are better than all airplanes." Anybody else see the flaw in that statement?
--
Uhhhh, no. grep is the fastest search program available, and can parse gigabytes as fast as the HDD can supply it. But grep is strictly command-line, so it sucks? What planet are you from? It may be the wrong choice for somebody who isn't aquainted to the command-line, but that doesn't mean it sucks.
You're implying that because you don't own a ferrarri, you're entitled to say they suck. Sorry, but it doesn't work that way in the Real World(tm). If you don't own/know how to use something, that doesn't mean it's bad - it simply means you don't know how to use it . 'tis this, and nothing more. Claiming that the user should not require any training to be proficient is a Microsoftian-fallacy. To use power-tools, you need to know how to use them.
Unix sucks - it's too powerful!
--
That's what I'm concerned about. The current system is designed to distribute the load onto the other root servers... but if those root servers are reporting information which is not self-consistent with the other root servers, we've got data integrity issues. It doesn't matter who's in charge - what matters is what data is being returned.
--
Does the UK not have similar protections for it's citizens?
--
Second problem - you're maintaining multiple independent databases. Anybody who's used SQL for more than 10 minutes knows that this is a HUGE data integrity issue. Widget Enterprises decides to register widget.com, so they call up NSI and get the order put in. Meantime Funky Foobar registers widget.com with Fabulous Registration Services. Who wins? There's no way to guarantee this situation won't occur under this system - and even if there was - these organizations have no incentives to share their customers "with the enemy" to prevent it!
I find myself arguing against my better judgement on this one, but I can't see how the current system can support multiple root servers - they'll be constantly out of sync with the others! The solution is, of course, to have only one entity in charge of the database, or divide it up in an organized fashion (Internic gets registrations A-D, Frank Foobar gets E-M, etc).
However, one thing I think we can universally agree on here is that Internic should not be this entity! They're a bloated, insensitive, beaurocratic, and downright stubborn organization. Completely the opposite of what we need to make the root servers function reliably. I wish we could just hold an election and eject them from the DNS Whitehouse by popular vote. :\
--
When I smile..people run. Think: Cheshire cat. >:) Anyway... alot of geeks I know got the boot out of the house as soon as they turned 18. The circumstances vary, of course. I do have to wonder though if it's higher per capita than "normal" people.
--
Thanks! Just remember that even I can't bat a 1000. :^)
"The printer is out of paper, what do I do?" :\
I expect that if somebody is going to take up my time, they should atleast have a question that requires more than minimal thought. See the above question for a good example of something I would really get peeved about if you asked me. And incase you're wondering.. my dad gave me the very same speech - "#1341: you're *so* arrogant". My response was equally brief - I now live with my mom.
--
I think that as soon as computer literacy becomes more widespread, the irreverance that geeks now enjoy will come to an abrupt halt.
--
No, I'm not paranoid. But I do want to rattle the cages of a few people and wake them up. If you peruse my other posts on slashdot you'll notice that I have a very persuasive style of writing. I think it's important to fire off a good thought, and let people debate it. I like to see people think - I like to see that spark in people's eyes. I don't think we're waging war with modern society, but I do believe we are being exploited.. and we need to be aware that this honeymoon is going to wear off, if it hasn't already.
Ciao,
--
I disagree. Most of us have alittle arrogance.. but very few are "very arrogant". A gaussian distribution from "un-arrogant" to "very arrogant" comes to mind. However, I will be the first in line to say that I dislike people who waste my time with stupid questions. Is that arrogance?
Also, if you happen to believe in the real-world notion of karma, all the negativity you are spewing forth is bound to come back and bite you in the ass.
I don't believe in "Karma" per-say.. although I do believe what goes around comes around. But while we're on the topic, check out my Karma rating on slashdot.. you'll be unpleasantly suprised. :^) I'm in no danger of having anything bite me in the ass.
--
I honestly can't say one way or the other. I've always been facinated at how often people (even intelligent ones) can make such basic errors in their logic. Why do they feel compelled to explain to the world what a geek is? And if they felt so compelled, why distribute half-truths and pseudo-intellectual explanations instead of going to the root of the matter and asking one of us.
I firmly believe in the scientific method - that is, nothing should be passed on as truth without being reviewed by the experts in the field (or your peers, if you are in that field). There is a reason engineers check, and double-check their work.. and then ask other to check, and double-check their work. It's because even the best amongst us are prone to errors. Why these people blithingly bypass that methodology and claim that they have knowledge of the truth is beyond me - it is both false and destructive. Why has this person not bothered to even ask a member of our community - RMS, ESR, Rob Malda, the entire linux community.. why? It's not like we make ourselves hard to find..
--
I'm sick of the labelling. I'm sick of saying that geeks are autistic, that we're super-intelligent but socially inept. I'm sick of having the legions of psychologists say that we all have ADD or ADHD. All of it is a coverup - the truth is we think. It's that simple! Because we think, we are different, and because we are different we are ejected from society.
Wake up! Our schools are engaged in an intensive effort to weed out geeks and outcasts. Our politicians are shouting for additional controls and monitoring of us. All eyes are on us. We are under attack! Fear, fire, foes, awake!
--
HEY TOM! Wake up - there's alot of us out here at work that can't bypass our firewalls easily. You want us to all view your pretty advertisements right? Stop meddling with the http referer then - it's not a mandatory part of the HTTP protocol! Fooooooo....
--
But I thought the universal translator already does that. Oh wait... it won't be invented for another 200 years. Nevermind....
--
Maybe it had something to do with seeing unshaven russians on Mir...
--
How arrogant of IBM to assume the subversive element of our society won't abuse this new privacy-invading 'feature'. What's worse.. they're actually encouraging the very thing this ID feature was supposed to stop - fraud!
To use an old, but good, example - if you don't have a secure channel with another person, you probably aren't going to be tempted to communicate sensitive information with it. But.. if you think you have a secure channel with another party.. you may be more willing to divulge sensitive information. The key word here is think. If that channel isn't secure.. you're exposing yourself to more risk than if it didn't exist at all! It defeated the very reason it was created - security. The use of this chip holds a similar analogy - if it is used for verification, then anybody who can defeat it can masqarade as anybody relying on it as a method of authentication. In short.. the barn door is wide open.
So privacy nuts... I suggest you adopt this approach instead - crack this scheme as fast as you can! Defeat it before people start relying on it - and issue a joint statement on why this is such a bad idea.
--
Well thanks alot... you spoiled the whole thing. I wanted ESR to come out and admit that he too has been recording himself singing in the shower (and post some links to boot!). *sniffle* :^)
--
the RMS v. ESR debatacle seems to be a shining example of this - they are both hackers in their own right, they are both working towards the same general goal.. but yet when it comes to describing "Open Source" v. "Free Software" they both dip into non-linear territory. I can see a visible effort being made to maintain civility on some of the listservs - and Eric has on more than one occasion lamblasted somebody for getting their facts reversed. This fact hasn't gone unnoticed by the news media - I recall an article describing this exact chasm appearing on slashdot in the not-too distant past.
The question is... why?
--
It's wrong because it presumes that you need to be intelligent to contribute to this movement. It's wrong because intelligence is NOT the primary attribute required to make a meaningful contribution to this culture, and it's wrong because ESR said it. It is simply a wide misconception that you need to have a 180 IQ to program - Microsoft is proof of this. *rim shot*
If you guys want to talk about the technical community, talk TO the technical community before you publish - don't go making blind assumptions about what you need, or do not need, to be a member of this community. When in doubt - ASK!
Do I seem upset? Yes, that's because I am. That statement does more to undermine the free software movement than virtually any other - we accept contributions from anybody. If it's good, we'll take it. You don't need to be an Einstein to join us.. all you need is dedication, and time.
--