Java was designed with a heavy-duty security model, using sandboxes and virtual machines and such to make sure that you could safely download code from other sites and run it, and while it's probably possible for somebody to come up with some implementation bug that lets you outside the box in ways that are exploitable, it's basically been solid since it came out, because it was designed to be safe.
Javascript was designed to be lightweight, friendly, and convenient, and almost anything related to security was later bandaids applied to the gaping wounds. It's possible and easy to write perfectly safe Javascript, but that's unfortunately totally irrelevant because it's possible to write Evil Javascript as well - so anybody who wants to run your "Safe" Javascript has to leave Javascript turned on for the Evil Javascripters as well.
IE does theoretically have a "security zone" mechanism that lets you identify trusted sites, so you can theoretically allow it to run purportedly-safe Javascript from people you trust while not running it from people you don't trust, but that's an annoying hassle. It'd be much safer if they'd built "WimpyScript", designed to be absolutely safe even if all it lets you do is make stuff flash decoratively when you wave a mouse at it; I guess CSS is as close as we get to that. PDF used to be safe, back when all it would do would be display static black or colored marks on virtual paper, but now it's helpfully willing to open web pages and run programs on your PC too.
If I'm using IE, it's because I'm trying to access some site that uses ActiveX or uses Javascript in some IE-broken way, mainly doing tricks that the people who write the HR apps at work think are "useful", or one of the online web-based conferencing systems we or our customers use.
If I *didn't* need to be doing something dangerous and stupid, I'd be using some version of Mozilla instead of IE. Sigh.
Yes, I know IE has its security zone thingies that give me a way to restrict it, but it's still annoying.
Just because something's classified doesn't mean you can't publish it - it just means you can be busted after the fact if you do so, though the government will often try to prevent publication.
With nuclear weapons, the laws and court cases have varied. Some good references on "born classified" are at Federation of Atomic Scientists" and Wikipedia. Then there's the case of "The Progressive", which published information in ~1976, but it apparently wasn't sufficiently detailed to count as Restricted Data or Formerly Restricted Data, so the Feds lost their case against them. On the other hand, back in the mid-70s, a Princeton student designed an atomic bomb for his junior physics project and his paper got classified and confiscated (though he did get an A on it -- Phillips wasn't some brilliant whiz kid, he was a mediocre student who needed a really good project to get his grades back up.)
Names of Secret Agents - Ex-CIA agent Philip Agee published a list of names of probably CIA agents, derived from non-classified sources, which is why Congress passed a law that says *you* can't do the same thing and then-CIA-honcho George H.W. Bush called people who did that traitors. The law is somewhat narrow - it doesn't look like Scooter Libby necessarily violated it.
Cryptographers ran into lots of problems with it in the 1970s, 1980s, and early 1990s - if you submitted crypto technology for a patent, the NSA could declare it to be classified and rip it off, and you wouldn't be able to publish it - but if you published first, you couldn't get a patent, unless you were very careful about timing (since US patent law, unlike most European patent law, gives you a year from publication to apply for a patent) - the US academic crypto journals were mostly strict and conservative about accepting papers that might get classified before publication. Diffie, Hellmann, Rivest, Shamir, and Adleman had to play games to publish, and they did so successfully. And US crypto export laws, which were designed to keep military hardware from being sold to Commies, had trouble coping with books printed on dead trees, that was clearly covered by the First Amendment, so the PGP folks were able to force the issue by exporting printed copies of their code and having friendly European academics scan it in for them. On the other hand, Raph Levien never got his T-shirts back...
In the US, there's very little information that's "born classified", mostly things like nuclear weapons design, names of secret agents (unless they've embarassed the president), etc. - Bush and his gang are trying to change that, but for the most part, people with normal security clearances aren't allowed to divulge specific classified information, but are otherwise not restricted. There are higher levels of security clearances for which you do have to agree to governmental pre-review of anything you publish - it's mostly program and agency things, so a vanilla Top Secret or COMSEC clearance doesn't require that, but probably the CIA does, and some NSA and maybe some military programs do.
So in the US, if you have or had a security clearance but are not covered by this kind of agreement, you can't write about the details of the secret information you knew, but you can write a non-fiction book or a novel about what a bunch of incompetents the CIA were, or about what a bunch of heroes they were (e.g. Tom Clancy type stuff), and while you can't write about the *real* plans to assassinate Castro, you could certainly write about fictional plans with exploding cigars and ex-pat terrorists sneaking in from Florida and either succeeding this time or being betrayed by the evil liberal ACLU or stopped by the heroic Constitution-protecting ACLU. If you had the kind of clearance that requires pre-publication review, you've got to get it cleared by the appropriate spooks before you do that.
So it's nice that it'll run all these games and such, but will the design be open enough to run Linux on it? Sounds like the processor is pretty fast, though neither the Nintendo website nor Wikipedia said how much RAM it has (there's 512MB of flash storage, but there's USB so you can easily add more.)
Check around some more and find out if anybody offers IDSL, and also do check whether your phone company really supports ISDN in a useful fashion. IDSL uses the same electrical transmission as ISDN, but connects it to a full-time DSLAM connection instead of a telephone switch, so you get the same distances as ISDN and the same ~144kbps rate, but with flat-rate connection. It might not be available; it's less popular because the speed's lower, and it's often more expensive than consumer DSL, but it may be there.
Also see if any of the new high-speed cellular data services are offered in your area. Obviously CDPD is no help, at 19kbps with random high latency, but some of the newer ones might be fast enough to be as useful as satellite.
When I was an undergrad, we had to walk a quarter mile uphill in the snow to get to the nearest computer center to use keypunches, or (later, after I'd moved to north campus and the computer center had upgraded) 3/4 mile across mostly-flat snow to get to the one computer center that had some Decwriters and a couple of CRTs on the mainframe and a couple of PLATO terminals. Modems existed back then, but we didn't have an ASR33 in the dorm or fraternity house and there wasn't anything on our IBM-centric campus to talk to with it even if we had:-) We did have phones in the dorm rooms.
If you RTFA and follow a few obvious links, you get to The R6RS Status Report which gives a relatively concise overview of the changes from R5 to R6.
Since Scheme wasn't the one of the versions of LISP that I learned back in the dark ages, I couldn't really follow the subtleties of which changes are really significant, but it looks like it would make sense if you were following Scheme.
I was talking about rechargeables, so Lithium, heavy-duty, and regular alkaline don't count.
Not sure how I spaced on the Lithium-Ion batteries - I was probably thinking about things that can replace AA/AAA, but obviously cellphones and laptops are using the things, and they work a lot better than NiMH in terms of memory effect.
I left out lead-acid on purpose - how big are the ones for your MP3 player speakers? I do have a friend who uses them in his portable stereo system, but it's mainly "portable" with a hand-truck, uses a couple of motorcycle batteries, and puts out enough sound to cover a whole dance floor for a couple of hours.
I didn't know about Lithium Polymer batteries - interesting to hear about them. I've had a number of applications which needed 3V or more, so LiOn or LiPo would work. Unfortunately, NiMH works well enough for most AA/AAA applications that it's pretty much crowded out the rechargeable alkaline market, and I've had trouble finding more AAA for things that need low power for months, though AA are still usually around.
Currently there are three kinds of rechargeable batteries used for electonics and toys:
NiCd - low energy, high power, nasty heavy metals - good for driving small motors that need high current for a short time.
NiMH - about 4-5 times the energy of NiCd, lower power, medium life - they'll discharge in under a month even if you're not using them, so they're not good for some applications.
Rechargeable alkaline - medium energy, lower power, long life, full 1.5 volts.
For toys like remote-control model cars or model airplanes, Nickel Cadmium is the main choice, because it can dump a lot of power for a given battery weight. If this new technology lives up to its promise, it sounds like a good replacement, and we can avoid the heavy metal toxicity problems of cadmium. The article doesn't talk about what voltage it generates (some things really like 1.5v better than 1.2v), or how long the charge lasts if you're not using it.
A few years ago, a couple of Russian-immigrant spammers in New Jersey were found murdered. General opinion was that they were running a pump&dump stock scam, and some of their "customers" got upset about losing money. There've been a few others since then.
It used to be that most spammers were crackers in the sense of "dumb rednecks in their single-wides", as opposed to "politically correct term for a malicious hacker or script kiddie". They might buy a spamware product written by a hacker, but they usually weren't doing any actual cracking because it was too easy to abuse open relays or buy service from cheap dialup providers using optionally-stolen credit cards.
These days it's a lot different - crackers are using malware to turn PCs into zombies, and renting them to spammers or phishers, as well as using them for DDOS. The junk-selling spammers using open relays may be using products written by hackers, but the spamware is being a bit more clever about it. The small-time spammers aren't mostly hackers themselves, just customers; the big operations that Spamhaus's ROKSO Top Spammers list are hiring talent, as are the mafia phishers.
Sure, people dump on SPF for being inadequate, but at least it's a *start* - it makes it easier to junk mail that doesn't come from banks I don't use, Paypal, EBay, and perhaps even my own bank. That won't stop mail from paypall.com and c1t1bank.cn, but it'll cut down on some of the junk.
But there's so much more that banks could do easily to attack phishers. For instance, when somebody sends Example-bank a copy of a phish that's really at phish.example.com, the bank could go to the website and start feeding it phony accounts, and then hunt down anybody who tries to use them. (It's also fun to feed them millions of bogus accounts, just to dilute the usefulness of anything they received, but it's more productive to target them.) Banks may theoretically try to trace phisher websites, but most of them are zombie hijacked PCs or else disposable Chinese websites rented with stolen credit cards, so that's not as useful as following the money. The initial trail with the money is usually going to be merchants, but merchants don't like chargebacks or fraud, and they may be more cooperative than phishing websites at providing useful information.
The website isn't Spamhaus's legal documents filed with the various courts that have asserted jurisdiction over them answering those complaints - it's Spamhaus's answers to their readers about what's been happening lately. There's no indication whether that's what was initially filed with the judge or not, though apparently Spamhaus did initially give some reply and lawyers were involved, but Spamhaus didn't continue to defend the lawsuit (presumably because it believed there wasn't appropriate jurisdiction.)
"You don't know that you have to filter user input," Lerdorf exclaimed. Lerdorf advised PHP developers that nothing that comes across the wire is to be trusted.
It shouldn't be necessary to say that, but unfortunately it is. When I took Computer Science 100 in college 30+ years ago, the first lesson about inputting data was that you have to validate it before using it, because it's guaranteed that your program *will* be given bad data sometimes, and will occasionally be given maliciously bad data, and part of the grading process on programs was to run them on the professor's data set, which was malicious, especially at testing off-by-one errors and other boundary conditions. But enough other people didn't get that as part of their education, either in school or learning it the hard way in practice - sigh.
First of all, there's no real difference between using a computer to do the sentencing and using a rule book written on dead trees. It used to be that books were expensive enough that they were mostly used for important things, and books written by Authorities were Extra Important Sounding, but that's long gone. Now we've got computers, which get to sound Mysterious and Scientific at the same time. With computers, it's easier for the judge to say "See, the computer said it, it must be Authoritative", without showing the derivation of the result, while with books, you can look at the rules and argue about them - so this gives the judge yet another way of avoiding taking responsibility for his actions.
Then there's Gordon Dickson's 1965 story, "Computers Don't Argue"...
It's nice that we can easily find the early comments and their replies, but this has a couple of problems. It's a strong bias towards first posters (or at least first non-trivial-posters), while the old system is biased towards early high-ranked posters (though early funny remarks often get priority over slightly less early useful remarks.) Good replies to early posts seem to rank fairly high up, but good replies to later posts don't, and you end up going past lots of 2s and 3s to get to the 5s, unless early posters were really good. (There *are* ways to abuse that, such as this message:-)
Also, if I look at a discussion once, and then go back to it later, the new stuff is all way at the bottom - it'd be nice to have the option of seeing it at the top.
The Do Not Call list doesn't cover all types of calls - politicians, charities, and surveys that aren't selling you anything can call you, and the original article wanted to know how to deal with them.
Political calls should be easy to deal with - if the caller says they don't have a Don't Call List, talk to their manager (they've got one, no matter what they say) about the fact that they need to have a Don't Call List, and that you're already on their "People who won't give you money" list and are rapidly heading for the "Will vote for your opponent because you don't have a fscking clue" list, and potentially the "Will start calling other people to get them to do the same" list.
Real charities usually get the hint quickly. Bogus charities are usually businesses, and often the calls come from telemarketer companies which have to follow the rules even if the "charity" itself doesn't.
Any current Linux implementation that doesn't have MP3 out of the box is doing it because of license restrictions on the codec - you either have to pay money for the license and end up with a non-free-beer non-free-speech system, or else you need to let users install their own MP3 player and deal with (or ignore) the license themselves. Windows and MacOS don't have that problem.
Also, a nitpick - GNU/Linux isn't ready for the naive user, but X/Mozilla/OpenOffice/Linux might be. Compilers and command-line tools with extra-long option names and EMACS are all fine things, but they're for somebody who's willing to RTFM, not for the couch-potato consumer.
Bush's goals are domestic and international power, and preventing terrorism in the ways you describe are absolutely Not With The Program. Bush, Cheney, his core neocon advisors want a strong government with unlimited domestic powers and a strong military projecting power around the world, regardless of the cost to the US economy. If you don't have enemies, you don't need to have a strong government protecting the public from them, and enemies like big hurricanes and global warming are simply *not* an adequate replacement for Communism. Hussein's been extremely valuable for the enemy-centric foreign policies - we got to spend a lot of money helping him in the fight against Iran, and then Bush's father got to have a big war that he didn't finish, and hand it to Clinton (along with Yugoslavia and Somalia) to make sure Clinton didn't de-emphasize the military, and Bush got to pick it up again for reasons entirely unrelated to terrorism.
There's a theory of government called the "Unitary Executive" that a lot of them like, where the military and civilian power are controlled by a strong leader and supported by Congress, as opposed to the model where the Parliament tells the civil service and military what to do and the courts limit the scope of their actions, and many of Bush's supporters stronly believe in that. American used to have a governmental system like that; we dumped it in 1776 and the following years of the revolution, though the executive branch got some of its power back with the current Constitution adopted in 1787-1789.
The Bush administration may not be very competent, but one thing they've been extremely good at is managing their Message, staying strongly focused on whatever political goals they're trying to accomplish. The two big failures that are hurting them right now are Hurricane Katrina and Abu Ghraib, the first because it was extremely obvious that The Strong Leader was totally incompetent at protecting the Homeland, which is what you *want* a strong leader for, and the second because it was so appallingly over-the-top wrong that even Bush's right-wing supporters couldn't support it (plus the sexual element annoyed his religious supporters.) Cindy Sheehan was a big problem for a long time, because she represented an archetypal Mother whose child had not been protected by Stong Father Leader, and because Bush absolutely would not take Responsibility for it. He's probably successfully outlasted her; she got far more than her 15 minutes of fame.
Rome vs. Carthage was a pretty classic state-vs-state conflict - they were both similar kinds of organizations, both had similar kinds of goals (territorial domination), similar ideologies ("*We* want to be in charge"), and similar tools (armies and navies funded by taxation on territories and by trade.) It was the kind of conflict that really could be resolved by militarily conquering and killing enemies. It had entirely no resemblence to any of the terrorist conflicts, or like the Cold War or World War II - it was much more like World War I, without the complex alliances and the victorious Western powers couldn't even resolve *that* conflict without setting the stage for a larger and fundamentally more evil follow-up war.
Rome vs. the Huns/Vandals/Goths/Visigoths/et al. might be a more enlightening comparison. Rome's army was still pretty good at "killing people and breaking things" (a phrase I heard from Rush Limbaugh, but apparently the Army uses it a lot to describe what they do.) But Roman society was decaying, militarism and Empire had replaced the values of the Republic, hiring troublemakers to be police in other locations was getting to be standard policy, the government was run by a succession of decadent rich people and militarists who had to continually provide welfare and entertainment for an increasingly urban population.
It's certainly not a perfect analogy to today - most of the invader groups didn't particularly have ideologies either, they just liked to take goods and land, and Rome, Gaul, and Germania had better goods, land, and weather than the places they were from. But it's at least as good as your "Rome vs. Carthage" analogy, which was singularly inappropriate here:-)
You don't need to run Windows on it - any popular LiveCD Linux version should do fine, and as other people have commented, you can partition the hard drive and run a read-only version from that to make it faster and more reliable, or even boot from a flash memory stick if the laptop BIOS is new enough (though you'd want to find a flash with a read-only switch, which a number of brands have these days.)
Javascript was designed to be lightweight, friendly, and convenient, and almost anything related to security was later bandaids applied to the gaping wounds. It's possible and easy to write perfectly safe Javascript, but that's unfortunately totally irrelevant because it's possible to write Evil Javascript as well - so anybody who wants to run your "Safe" Javascript has to leave Javascript turned on for the Evil Javascripters as well.
IE does theoretically have a "security zone" mechanism that lets you identify trusted sites, so you can theoretically allow it to run purportedly-safe Javascript from people you trust while not running it from people you don't trust, but that's an annoying hassle. It'd be much safer if they'd built "WimpyScript", designed to be absolutely safe even if all it lets you do is make stuff flash decoratively when you wave a mouse at it; I guess CSS is as close as we get to that. PDF used to be safe, back when all it would do would be display static black or colored marks on virtual paper, but now it's helpfully willing to open web pages and run programs on your PC too.
If I *didn't* need to be doing something dangerous and stupid, I'd be using some version of Mozilla instead of IE. Sigh.
Yes, I know IE has its security zone thingies that give me a way to restrict it, but it's still annoying.
With nuclear weapons, the laws and court cases have varied. Some good references on "born classified" are at Federation of Atomic Scientists" and Wikipedia. Then there's the case of "The Progressive", which published information in ~1976, but it apparently wasn't sufficiently detailed to count as Restricted Data or Formerly Restricted Data, so the Feds lost their case against them. On the other hand, back in the mid-70s, a Princeton student designed an atomic bomb for his junior physics project and his paper got classified and confiscated (though he did get an A on it -- Phillips wasn't some brilliant whiz kid, he was a mediocre student who needed a really good project to get his grades back up.)
Names of Secret Agents - Ex-CIA agent Philip Agee published a list of names of probably CIA agents, derived from non-classified sources, which is why Congress passed a law that says *you* can't do the same thing and then-CIA-honcho George H.W. Bush called people who did that traitors. The law is somewhat narrow - it doesn't look like Scooter Libby necessarily violated it.
Cryptographers ran into lots of problems with it in the 1970s, 1980s, and early 1990s - if you submitted crypto technology for a patent, the NSA could declare it to be classified and rip it off, and you wouldn't be able to publish it - but if you published first, you couldn't get a patent, unless you were very careful about timing (since US patent law, unlike most European patent law, gives you a year from publication to apply for a patent) - the US academic crypto journals were mostly strict and conservative about accepting papers that might get classified before publication. Diffie, Hellmann, Rivest, Shamir, and Adleman had to play games to publish, and they did so successfully. And US crypto export laws, which were designed to keep military hardware from being sold to Commies, had trouble coping with books printed on dead trees, that was clearly covered by the First Amendment, so the PGP folks were able to force the issue by exporting printed copies of their code and having friendly European academics scan it in for them. On the other hand, Raph Levien never got his T-shirts back...
So in the US, if you have or had a security clearance but are not covered by this kind of agreement, you can't write about the details of the secret information you knew, but you can write a non-fiction book or a novel about what a bunch of incompetents the CIA were, or about what a bunch of heroes they were (e.g. Tom Clancy type stuff), and while you can't write about the *real* plans to assassinate Castro, you could certainly write about fictional plans with exploding cigars and ex-pat terrorists sneaking in from Florida and either succeeding this time or being betrayed by the evil liberal ACLU or stopped by the heroic Constitution-protecting ACLU. If you had the kind of clearance that requires pre-publication review, you've got to get it cleared by the appropriate spooks before you do that.
Imagine a game called Beowulf for it....
Also see if any of the new high-speed cellular data services are offered in your area. Obviously CDPD is no help, at 19kbps with random high latency, but some of the newer ones might be fast enough to be as useful as satellite.
When I was an undergrad, we had to walk a quarter mile uphill in the snow to get to the nearest computer center to use keypunches, or (later, after I'd moved to north campus and the computer center had upgraded) 3/4 mile across mostly-flat snow to get to the one computer center that had some Decwriters and a couple of CRTs on the mainframe and a couple of PLATO terminals. Modems existed back then, but we didn't have an ASR33 in the dorm or fraternity house and there wasn't anything on our IBM-centric campus to talk to with it even if we had :-) We did have phones in the dorm rooms.
Since Scheme wasn't the one of the versions of LISP that I learned back in the dark ages, I couldn't really follow the subtleties of which changes are really significant, but it looks like it would make sense if you were following Scheme.
Not sure how I spaced on the Lithium-Ion batteries - I was probably thinking about things that can replace AA/AAA, but obviously cellphones and laptops are using the things, and they work a lot better than NiMH in terms of memory effect.
I left out lead-acid on purpose - how big are the ones for your MP3 player speakers? I do have a friend who uses them in his portable stereo system, but it's mainly "portable" with a hand-truck, uses a couple of motorcycle batteries, and puts out enough sound to cover a whole dance floor for a couple of hours.
I didn't know about Lithium Polymer batteries - interesting to hear about them. I've had a number of applications which needed 3V or more, so LiOn or LiPo would work. Unfortunately, NiMH works well enough for most AA/AAA applications that it's pretty much crowded out the rechargeable alkaline market, and I've had trouble finding more AAA for things that need low power for months, though AA are still usually around.
- NiCd - low energy, high power, nasty heavy metals - good for driving small motors that need high current for a short time.
- NiMH - about 4-5 times the energy of NiCd, lower power, medium life - they'll discharge in under a month even if you're not using them, so they're not good for some applications.
- Rechargeable alkaline - medium energy, lower power, long life, full 1.5 volts.
For toys like remote-control model cars or model airplanes, Nickel Cadmium is the main choice, because it can dump a lot of power for a given battery weight. If this new technology lives up to its promise, it sounds like a good replacement, and we can avoid the heavy metal toxicity problems of cadmium. The article doesn't talk about what voltage it generates (some things really like 1.5v better than 1.2v), or how long the charge lasts if you're not using it.A few years ago, a couple of Russian-immigrant spammers in New Jersey were found murdered. General opinion was that they were running a pump&dump stock scam, and some of their "customers" got upset about losing money. There've been a few others since then.
These days it's a lot different - crackers are using malware to turn PCs into zombies, and renting them to spammers or phishers, as well as using them for DDOS. The junk-selling spammers using open relays may be using products written by hackers, but the spamware is being a bit more clever about it. The small-time spammers aren't mostly hackers themselves, just customers; the big operations that Spamhaus's ROKSO Top Spammers list are hiring talent, as are the mafia phishers.
But there's so much more that banks could do easily to attack phishers. For instance, when somebody sends Example-bank a copy of a phish that's really at phish.example.com, the bank could go to the website and start feeding it phony accounts, and then hunt down anybody who tries to use them. (It's also fun to feed them millions of bogus accounts, just to dilute the usefulness of anything they received, but it's more productive to target them.) Banks may theoretically try to trace phisher websites, but most of them are zombie hijacked PCs or else disposable Chinese websites rented with stolen credit cards, so that's not as useful as following the money. The initial trail with the money is usually going to be merchants, but merchants don't like chargebacks or fraud, and they may be more cooperative than phishing websites at providing useful information.
The website isn't Spamhaus's legal documents filed with the various courts that have asserted jurisdiction over them answering those complaints - it's Spamhaus's answers to their readers about what's been happening lately. There's no indication whether that's what was initially filed with the judge or not, though apparently Spamhaus did initially give some reply and lawyers were involved, but Spamhaus didn't continue to defend the lawsuit (presumably because it believed there wasn't appropriate jurisdiction.)
It shouldn't be necessary to say that, but unfortunately it is. When I took Computer Science 100 in college 30+ years ago, the first lesson about inputting data was that you have to validate it before using it, because it's guaranteed that your program *will* be given bad data sometimes, and will occasionally be given maliciously bad data, and part of the grading process on programs was to run them on the professor's data set, which was malicious, especially at testing off-by-one errors and other boundary conditions. But enough other people didn't get that as part of their education, either in school or learning it the hard way in practice - sigh.
Definitely true, and in fact I abused that to make my point... But it doesn't lead to well-organized discussions.
Then there's Gordon Dickson's 1965 story, "Computers Don't Argue"...
Also, if I look at a discussion once, and then go back to it later, the new stuff is all way at the bottom - it'd be nice to have the option of seeing it at the top.
Terse.
Political calls should be easy to deal with - if the caller says they don't have a Don't Call List, talk to their manager (they've got one, no matter what they say) about the fact that they need to have a Don't Call List, and that you're already on their "People who won't give you money" list and are rapidly heading for the "Will vote for your opponent because you don't have a fscking clue" list, and potentially the "Will start calling other people to get them to do the same" list.
Real charities usually get the hint quickly. Bogus charities are usually businesses, and often the calls come from telemarketer companies which have to follow the rules even if the "charity" itself doesn't.
Also, a nitpick - GNU/Linux isn't ready for the naive user, but X/Mozilla/OpenOffice/Linux might be. Compilers and command-line tools with extra-long option names and EMACS are all fine things, but they're for somebody who's willing to RTFM, not for the couch-potato consumer.
There's a theory of government called the "Unitary Executive" that a lot of them like, where the military and civilian power are controlled by a strong leader and supported by Congress, as opposed to the model where the Parliament tells the civil service and military what to do and the courts limit the scope of their actions, and many of Bush's supporters stronly believe in that. American used to have a governmental system like that; we dumped it in 1776 and the following years of the revolution, though the executive branch got some of its power back with the current Constitution adopted in 1787-1789.
The Bush administration may not be very competent, but one thing they've been extremely good at is managing their Message, staying strongly focused on whatever political goals they're trying to accomplish. The two big failures that are hurting them right now are Hurricane Katrina and Abu Ghraib, the first because it was extremely obvious that The Strong Leader was totally incompetent at protecting the Homeland, which is what you *want* a strong leader for, and the second because it was so appallingly over-the-top wrong that even Bush's right-wing supporters couldn't support it (plus the sexual element annoyed his religious supporters.) Cindy Sheehan was a big problem for a long time, because she represented an archetypal Mother whose child had not been protected by Stong Father Leader, and because Bush absolutely would not take Responsibility for it. He's probably successfully outlasted her; she got far more than her 15 minutes of fame.
Rome vs. the Huns/Vandals/Goths/Visigoths/et al. might be a more enlightening comparison. Rome's army was still pretty good at "killing people and breaking things" (a phrase I heard from Rush Limbaugh, but apparently the Army uses it a lot to describe what they do.) But Roman society was decaying, militarism and Empire had replaced the values of the Republic, hiring troublemakers to be police in other locations was getting to be standard policy, the government was run by a succession of decadent rich people and militarists who had to continually provide welfare and entertainment for an increasingly urban population.
It's certainly not a perfect analogy to today - most of the invader groups didn't particularly have ideologies either, they just liked to take goods and land, and Rome, Gaul, and Germania had better goods, land, and weather than the places they were from. But it's at least as good as your "Rome vs. Carthage" analogy, which was singularly inappropriate here :-)
You don't need to run Windows on it - any popular LiveCD Linux version should do fine, and as other people have commented, you can partition the hard drive and run a read-only version from that to make it faster and more reliable, or even boot from a flash memory stick if the laptop BIOS is new enough (though you'd want to find a flash with a read-only switch, which a number of brands have these days.)