Slashdot Mirror


User: billstewart

billstewart's activity in the archive.

Stories
0
Comments
7,948
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 7,948

  1. Does it fit on a 80mm mini-CD? (~185MB) on What Live CDs Do You Carry Around? · · Score: 1
    If it doesn't fit on the small-format mini-CD, I don't see any reason to carry around a full-sized 120mm CDROM that isn't crammed to the gills. Maybe you need all the tools, maybe not, but they're not in your way, and the only reason to even use CD instead of DVD is that not all machines have DVD drives yet. The mini-CD and the business-card-sized formats may be a bit more practical to carry around.


    Alternatively, USB sticks are great, but not everything knows how to boot from USB. Small distros are kind of nice, since 128MB USB sticks come as toys in breakfast cereal boxes these days, but if you're going to pay money for them a gigabyte is probably the smallest worth buying.

  2. Re:3Com fixed that problem on ICANN Under Pressure Over Non-Latin Characters · · Score: 1
    Ok, I haven't read those RFCs in a while either :-)


    There aren't any all-numeric top-level domains, but there are a number of second-level domains in .COM like 163.com, most of which are used by Chinese spammers (though presumably the names also have some meaning when handled as Chinese characters?)


    There's also the whole inverse-DNS space, with names like 1.200.9.192.in-addr.arpa.

  3. Have you tried pinging them? Or emailing? on ICANN Under Pressure Over Non-Latin Characters · · Score: 1

    Sure, you can have browser hackery that knows to display xn--ugly-punycode-string-ewtr.cn as the Han characters for the web site. But if you're having trouble reaching the site, does your ping or traceroute program have the builtin IE hack? Or if you want to email them, and you're using an email program that's not part of your browser, can you type in their name and email them? Or can you cut&paste from your browser?

  4. 3Com fixed that problem on ICANN Under Pressure Over Non-Latin Characters · · Score: 1

    The starts-with-a-letter restriction is gone, mostly because of 3Com, but I think there may still be restrictions against starting with a dash.

  5. DNS is *precisely* for NLS text on ICANN Under Pressure Over Non-Latin Characters · · Score: 2, Insightful
    The problem is that it was designed for natural language text in the US back when some computers could deal with the new fancy feature of lower-case letters and others couldn't, and when humans tended to get confused about that sort of thing even though they all spoke English, and some computers could deal with 8-bit bytes and punctuation while others were very limited. I don't know if the IBM 48-character character sets were still around, but 64-character was still widespread, and EBCDIC was certainly still plagueing many of us in the early 1980s. It's a tool for users, not the programmers and admins who support them - but it's a tool for users of _computers_, so it still has technical constraints.


    It's been obvious since the Europeans got DNS for their ftp and email that there was a problem, even before they invented the web, and even aside from myopic silliness like having .GOV be a US TLD and fortunate accidental decisions about having .COM be viewed as global instead of US-only. Techies have been working on the internationalized-character-sets-for-computers problem for a while. ICANN's finally starting to pay some attention to the IDN issues, but they're not fundamentally a technology organization, they're a trademark protection organization and their approach to non-US domain names was an attempt at World Domination designed to get the CCTLDs to follow their trademark-protection rules, not to worry about fundamental technologies like making DNS work outside the US.


    DNS has a couple of restrictions that may have made sense in 1985, long before Unicode was invented. Some of them are easy to fix, especially since most DNS servers in the world use versions of one of three or four server programs, but there's a lot more resolver software out there that deliberately casefolds (though you could fix most of that in two or three generations of Microsoft releases, if you knew what you wanted it to do), and you can fix some of it administratively, by having the people who register UPPERCASE-EXAMPLE.COM also register uppercase-example.com and maybe Uppercase-example.com and do a few similar things for munged Unicode.

  6. Internet != Web, and other IDN technical issues on ICANN Under Pressure Over Non-Latin Characters · · Score: 2, Interesting
    The Internet is not just the web - you might remember that there are other applications such as email, ftp, ssh, telnet, ping, traceroute, and some people use programs other than browsers to access these things.


    The reason ICANN wants to do lots of testing (after having dragged their feet for years before getting started) is that IDNs fundamentally change how DNS works, and it's really important not to break too much when you do that (not that ICANN traditionally worried about that.) It's *not* simple, and you don't want to get it wrong.

    DNS translates a set of strings of nominally-ascii characters into numbers, or translates numbers into a set of strings of characters, or translates some sets of strings into other sets of strings, depending on which query you run, and uses specific data formats to represent those strings and numbers. There are restrictions on what characters can be in the strings, some for reasons that we could easily declare to be obsolete (7-bit, uppercase-to-lowercase translation), some for reasons that are harder to change (printable characters only, please), and some which are really hard (dots are used as delimiters, and nulls terminate character strings in some popular computer languages. So you can't just plug in arbitrary Unicode two-byte characters instead of pairs of ASCII bytes and skip the case-munging, because some of the bytes will have values that can't be handled, though most of the 8-bit-character alphabets can be used transparently if you don't mind people using incorrect character sets on occasion. 8-bit character sets simply aren't enough - you can handle most Western languages in ISO-8859-1, and UTF-8 is closer but apparently not quite a cigar (too bad - it would have been my preference.)

    The main IDN strategies replace this by adding one more translation layer - character-string-set IDN names are translated into ugly-but-recognizable Punycode strings, which get used with standard DNS character-string-set to number translations in the forward direction, and in the reverse direction, anything that arrived as a Punycode xn-uglystuff string usually gets fed to a Punycode-to-Unicode translator by a user interface.

    Some things can be fixed by recompiling (or relinking, or re-DLLing) all of your programs with a DNS resolver library that guesses whether to convert strings or not - forward DNS knows to punycode non-ascii characters and not to re-punycode xn--uglystuff, though reverse DNS doesn't necessarily know whether to convert it to Unicode 16 or UTF-8 or just pass it on directly, and if you've typed in a domain name using something other than 7-bit lowercase+digits ASCII, it knows to punycode it, and obviously any domain registry supporting punycode ought to allow anybody who registers a name that doesn't need punycode to have both the straight and punycode names. But it's still ugly.

  7. It says she has the wrong bank on Safe Computing For the Elderly? · · Score: 1

    My bank has a perfectly straightforward web-based interface, which supports paying bills, dealing with accounts, looking at transactions, etc. And it's a small bank that phishers haven't bothered with, though somebody typosquatted the .com name back when they were first getting online. The interface works fine with Mozilla, so there's no need for IE, and I assume a Mac would work with it as well.

  8. Next step, find the DeLorean on Michigan Teen Creates Fusion Device · · Score: 1

    *Then* he'll have to move the Mr. Fusion from the basement out to the garage...

  9. LA was *safer* without traffic lights on Life Without Traffic Signs · · Score: 1
    A few years ago I was down in LA during a week that a big storm took out the power for a large chunk of the city, including traffic lights. Everything worked just fine, except for some streets being flooded. People basically treated all the intersections as four-way stops, took turns, and actually paid attention to what they were doing.

    Of course, if this were the case all the time instead of a novel and interesting experience, people would revert to not paying attention, but without blinky-lights to help them, and it'd be like driving in Boston with better freeways. But it was fun while it lasted.

  10. Flaming Troll. on Life Without Traffic Signs · · Score: 1
    Perhaps my attitude about feeding trolls is affected by the fact that I'm reading a Terry Pratchett book at the moment?


    Street signs in the US are international pictographs, and most of the city names in California are already in Spanish. There are a few exceptions, like having "Ped Xing" scrolled on the pavement, but most of them are only marginally in English, and of course parking restrictions are designed for revenue enhancement rather than safety.


    Back when Pete Wilson was governor, as opposed to his other office as State Reptile, he decided that it wasn't safe for people to drive while speaking Spanish, and got the legislature to require people to have citizenship papers in order to drive. The post-9/11 immigrant bashing reinforced the politicians who wanted to keep this even though it wasn't working. The main effects of this haven't been to prevent immigrants from driving - it's meant that there's more business for forged identity papers, and it means that Mexican immigrants who can't get good fake papers don't bother getting licenses or insurance, they just drive without them - and the ones who would have had to go to traffic school to learn how to drive so they could get a license don't bother with that either.

  11. Use External USB Drives for Backup on How Often Do You Replace Your Hard Drives? · · Score: 1
    You need a backup strategy, which is a different problem than RAID.

    If you've got your backup drive in the same tower as your primary drive, connected to the same power supply, then any electrical or heat stress that damages your primary drive will also damage your backup drive. Also, it's extremely easy to upgrade your external drive when you want to, and you can easily use it to back up other computers (work or personal laptop, etc.), and if you're doing risky-to-computers things like moving, you can take the backup drive with you separately.

  12. Robokilling refugees, defectors, UN observers on Machine Gun Sentry Robot Unveiled · · Score: 1

    The only obvious advantage this has over landmines is that it's easier to deactivate if hostilities ever end or if the DMZ moves. But otherwise, it's sitting there waiting to kill civilian refugees, surrendering North Korean military, UN observers, and anybody else who might be there for some reason.

  13. Rockets for humans, elevators for cargo on Space Elevators Could Be Lethal · · Score: 2, Insightful
    If we want to do anything serious in space, we'll need to haul lots of cargo up there, but we don't actually need that many workers if they can stay for a while. So if there isn't an easy way to deal with radiation shielding in the Van Allen belts, send the people up on expensive rocket busses, and use the cheap elevators for all the construction material, fuel, and supplies they need.

    And the downward trip is easy - drop capsules with parachutes are a lot simpler and more reliable than fancier rockets like the space shuttle, and you'd want to keep a bunch of them around for emergencies anyway.

  14. Ascii: the username foo at the domain example.com on Best Method For Foiling Email Harvesters? · · Score: 1

    I run a small mailing list for a group of people who have dinner and parties together. Most of the people are sufficiently technical to be able to figure out the details, and I'm just trying to reduce harvesting. Spammers already know there's a majordomo there...

  15. Javascript is evil and often broken on Best Method For Foiling Email Harvesters? · · Score: 2, Insightful

    Perhaps I don't want to send mail to companies who have broken only-tested-on-IE-on-WindowsXP preferences anyway...

  16. captchas.net has audio option on Best Method For Foiling Email Harvesters? · · Score: 1

    captchas.net referred to by a recent poster has audio as well as visual, and many other sites that use them also have audio options.

  17. Play Nethack or other low-CPU game :-) on GPUs To Power Supercomputing's Next Revolution · · Score: 1

    I would suggest reading the net while you're waiting for the computation to finish, but I'm sitting here with Mozilla using 150MB of RAM and burning 98% of CPU because it's gotten itself into some kind of loop.... But Nethack is a nice low-CPU low-RAM game that shouldn't bother your CPU much.

  18. My ISP called me recently :-( on Worst Security Clean-Up You've Performed? · · Score: 1

    I got a call the other week from my ISP saying they'd seen half a million spams from my machine in half a day :-( I went over and checked the desktop machine, which hadn't gotten its Microsoft-update-of-the-month installed on it yet, but it was quiet, and closed my laptop so it went to sleep, but the spam persisted. Went over and looked at the wireless router, and sure enough it was blinking away - I keep it open for guests, and had never had a problem, even though I'm in a building with half a dozen neighbors' wireless sets visible. I turned it off, the problem stopped, and I kept my laptop on Ethernet for a day. I sent mail to the local mailing list, and one of my neighbors replied that his wife's work laptop was running really really slowly - and apparently the malware was clever enough to attack my unlocked wireless instead of using his home network, so it'd be harder to trace. She took it in to work to have their anti-virus people clean it up, and the problem's gone for now.

  19. $50 vs. $300 vs. Helicopter headsets on Active Noise-Canceling Headsets In Server Rooms? · · Score: 1
    I own a couple of pairs of $50-70 noise-cancelling headsets from about 5 years ago, and they're lightweight and fairly helpful on airplanes. Recently I was at a trade show and won the raffle for a set of ~$300 Bose headsets from a vendor (who had cluefully noticed that 90% of the other vendors who raffled off something better than a t-shirt were doing iPods :-) Didn't buy their product, but the headsets worked very well - I put them on and the room became a lot quieter, just from the foam padding, then I turned on the electronics and it became a lot quieter than that. On the other hand, they're a good bit heavier. Definitely a lot more effective than the low-end sets, and you can still hear people talk.


    I've also worn helicopter-pilot headsets - I don't know how they are for audiophile quality, but they did a good job for quieting the helicopeter noise, hearing the pilot talk through the headset, and hearing the dramatic-helicopter-tour-of-the-volcano background muzak. I couldn't head people talking to me who weren't using the microphone system.


    Then there's always earplugs PLUS headsets, though that won't help if you're bothered by the sound of your breathing inside.

  20. VMWare for Legacy systems/apps on How To Manage a Security Breach? · · Score: 1

    No, VMware doesn't support everything, but server applications are unlikely to have fancy hardware requirements (CPU, RAM, Disk, Ethernet, maybe CD-burner, no video or audio.) A new 3 GHz motherboard and CPU with 1GB RAM and a disk will set you back a good $300 these days, and should be plenty to run that K6-400 application. Do whatever firewalling you need to in front of it, and run as much anti-virus as you can fit. There's certainly no need for the antique application to be exposed to the raw Internet or even a semi-cooked intranet.

  21. Scaring Corrupt Politicians about this bill on The End of Net Anonymity In Brazil · · Score: 1
    Ok, so Senator Eduardo Azeredo, who introduced this bill, is now in the middle of a corruption scandal - how can we use this to stop it? One approach, of course, is to successfully get him kicked out or jailed for corruption, but I don't know anything specific about the scandal or the process to know if that's realistic.


    Another approach, though, is to start talking about ways that this kind of bill would endanger politicians who engage in that kind of corruption, and make sure he knows that if the bill goes through it'd be used against him. Of course, you don't want to overdo this! Catching corrupt politicians is a Good Thing, and if everybody wanted to ban anonymity in order to catch them, that would be bad - and scaring too many corrupt politicians about anonymous whistleblowers would encourage *them* to try to ban it as well, so you need a balance.




    From: Lula@anonymizer.com
    To: Editor@BigNewspaper.Saopaolo.BR
    Hi, Everybody! Here are some of Eduardo's ISP logs from the last month.
    He logged in to big-swiss-bank.ch 10 times, using encryption, so we can't see what he did, and other-bank.ch a couple of times.
    He got mail from big-company.com.br before each time he logged in to the banks.
    Llama-pr0n.com? Does his mistress know he's into that?

    You won't be able to trace me through my ISP logs - they just show that I'm Yet Another Sucker playing World of Warcraft for hours, and those "Scrolls of Email" that I've been selling to the Whistleblower Clan might be boring gold-farming or might have some encrypted messages in them; no way to tell. Of course, I might actually be logged into a Tor server *pretending* to be a WoW server.
    Or I might be lying, and I'm actually sending this message as an email to one of my many many friends on Orkut, with the message hidden in a picture of a Perfectly Ordinary Bunny Rabbit.
    Or it might be hidden as an attachment in all that Spam I'm sending about how my late father, a corrupt politician, is trying to get millions of dollars out of the country and needs a business partner to help him get around banking regulations.

    .......... Oh, and Eduardo's handle on WoW is LlamaBoy, so make sure you to frag him if you see him. Love, Lula.

  22. US *does* have legislation/rulemaking like this on The End of Net Anonymity In Brazil · · Score: 1
    Not all of the proposals have passed yet, but even if we throw the evil Republican Party out of Congress, more of this stuff *will* get passed, they'll just be doing it to "Protect Children from Exploitation!" rather than to "Protect the Homeland from Terrorists!", or else to "Protect Our Artists from Copyright Abusers!".


    "Data Retention" rules requiring ISPs to keep user accounting information, credit card numbers, dialup numbers, and dynamic IP address assignments get proposed, either as laws or as regulatory requirements, and because they're only affecting ISPs, they don't get the flames they'd get if they directly applied to users.


    "Whois Data Validity Requirements" rules forbidding private information on domain names - not only does ICANN require this stuff because their Trademark Violation and Music Piracy Overlords need subpoena-delivery addresses, but they're getting more insistent about verification and about cancelling domains with "invalid" data, and there have been Congresscritters who have proposed making it a crime to use false whois data. I've been on both sides of the fence here - privacy protection is far more important, but it's annoying when you're trying to squelch a spammer and they have no useful contact information - but I've also run into spammers who have entirely valid but useless information, with their address being a box at a shell-corporation company, which says that even if I were to sue them and win, they'd just have their $100 shell corporation go bankrupt and start another.


    "Falsifying Email Header" laws and rules - most of this comes from the relatively useless YOU-CAN-SPAM law, and spammers have no problem violating it, but theoretically it applies to you.


    "Know Your Customer" laws and postal regulations. - Want to use a private mailbox so identity thieves and spammers don't bother you at home, or so your psycho-stalker ex-spouse doesn't track you down? Want to pay for your internet service while protecting your privacy? Not only does the US Post Office insist on you providing "True Name" and address identity if you want to rent a mailbox from their competitors, but some states like California have more expansive anti-privacy laws forbidding you to get one privately. And the banks have had increasing amounts of regulation preventing them from offering private service.


    It *can* happen here, folks, and it is happening here, gradually.

  23. Mainly sold for PC Cards, not phones on Beyond 3G — Practical Cellular Internet Access · · Score: 2, Informative
    Here in the US, there are two main kinds of "data" plans - phone-only service (even if it's called "unlimited", it's still limited to your phone), and PC-usable service, either with PC-card (aka PCMCIA) or phone+USB/Bluetooth. Typical price ranges for "unlimited" service are $30 for phone-only and $80-120 for PC.

    Phone-only service is boring, and doesn't need high data rates. Not only do most phones have screens that are too small (though a Treo has a bigger screen than the video iPods), but the audio on phones is mostly designed for telephony - low-bandwidth mono in one ear is not what you want for music. And many of the phone-only services seem to run walled-garden music access, which is also really lame. For listening to music, 128kbps is enough for most people, or at most 192.

    But this is about data access, competing with emerging WiMAX services for fixed locations or Wifi access points for roaming users. I mainly deal with business users, who would *really* like to have some kind of wireless data access for smaller offices, so they can have some kind of backup to their T1 or DSL data lines. (The old solution was ISDN dial backup, but if the reason your access is down is that street construction takes out your main data line, it probably takes out your ISDN as well, and it's not uncommon that if a bad mux in the telco office takes out your main line, it also takes out the backup.) It's also useful for people who can't get good DSL or cable, whether that's a home user or a business office, store credit card authentication, etc.

  24. This system prevents that problem on Verifiable Elections Via Cryptography · · Score: 3, Informative
    David Chaum's done a lot of work on the topic of secure voting, and this is a really cool simplification of some of his earlier work. It's nice and low-tech, and still does the job. If you go read the Punchscan.org FAQ, the second item is about preventing coercion and verifiable-vote-buying.


    Of course, this doesn't prevent traditional vote-tampering methods from working, like

    • TV commercials scaring voters about the other parties, or
    • politicians making bogus promises, or
    • dead people voting (as long as people with their names show up to vote), or
    • election departments not providing enough voting machines or ballots at heavily-one-party-dominated precincts, or
    • election officials invalidating registrations of people in the wrong party, or
    • police harassing motorists in black areas on the way to the polls, etc.
    But at least it's better than Diebold.
  25. Netscape + Java was supposed to do that on Blake Ross Working on Parakey Web OS · · Score: 1
    The reason MS came out with IE was that Netscape+Java was supposed to be a sufficiently portable user+services interface environment that the underlying OS was supposed to be irrelevant, and therefore running Linux underneath could be just as useful as Windows. They didn't care about the market for free browsers, they cared about keeping Windows from getting killed.


    Breaking compatibility took care of that problem for them - why is it different today?