Sounds cool. Thanks for the explanation. Is the website the only option for those trying to watch from America, then? I can get Channel 9 out of Windsor (I live in Detroit) but as far as I know, that's it.
Not quite...the other problem was that iPod's can't offer live streams.
Start streaming a live stream on your PC, send the output to an FM transmitter, then use cheap FM receivers with headphones or speakers throughout your property to listen. That's the issue.
iPod's also require management. You have to set up playlists, etc. Sure, you can set it to just "shuffle" but that can be pretty annoying when you have 10,000 songs from all genres. A Misfits song followed by some classical doesn't have quite the same feel as checking out a live stream of 70s and 80s punk classics while you mow the lawn or work out.
Article summary: Microsoft is a huge company with massive, crippling market share. We've got all sorts of different things going, but we can't really describe them specifically so that you can understand what we're doing. We intend to lock you in and control every aspect of your life, from the content on your hard drive to the content you see, hear, and use for entertainment to the content you send back and forth with friends and family. Don't worry, though, because we're huge and lots of other huge companies are partnering with us, so whatever we're doing must be good.
So no big problem; it's not that people have stopped using IE, it's just we've got lots of good ideas that can match and move ahead.
Translation: Microsoft no longer innovates. We have massive, crippling market share, so we don't have to innovate. We wait to see what cool things other people come up with, then we steal them and tell everyone we thought of them first. The general public is stupid and doesn't know any better, so they believe us.
In terms of our agility to do things on the browser, people who underestimated us there in the past lived to regret that.
Translation: Microsoft has massive, crippling market share. Competing with us is an exercise in futility, because we will crush you. Ask Netscape if you don't believe us.
All in all, 100% image and 0% substance in that interview. I have to ask: does Bill actually DO anything any more? Or is he just a gloating talking head?
As much as I want SCO to lose and IBM to win, I would caution you to read the story of David and Goliath. "Large" and "skilled" does not equal automatic victory.
I wish I'd had enough disposable income to sell those bastards short when the stock price was in the teens. That would have made a great Christmas gift.
I'd say a test launch of a rocket this size that actually made it off the launch pad for the first time ever qualifies as a success.
If you read the back story of the project, Boeing built the first new launch facilities in the last 35 years in order to launch this series of rockets. Getting off the pad on the first try with this configuration seems like a success to me.
Address, phone number, and SSN? Anyone could have gotten that information. How do you know he was actually her father? How do you know she wasn't just off on her own, not wanting to be found? How do you know she wasn't running from him because he was sexually abusing her?
Holy smokes, man, think things through before you get all sentimental and choked up.
The point he is trying to make is that some college kid could replace the code on his university's mirror. Since the package isn't digitally signed, the user would be unaware that they are receiving an altered product.
I like Firefox too, but there's no reason to become blind to security best practices.
MD5 checksums solve this issue. You go to the primary site, copy the MD5 checksums, run a sum on the file you downloaded, and if they match there's a statistical certainty that the file you have is the same one the primary vendor sent to the mirror.
Granted, your average user isn't going to know how to do this (or want to do it if they do know how due to laziness) but that doesn't mean code signing is the only solution for "trust". As another poster has pointed out, code signing means nothing, really. All it means is that you were able to convince a certificate vendor to give you a certificate...it is certainly no guarantee that the software you are downloading came from a particular person or company.
If you want to discuss pre and during installation, then you need to discuss the browser he was using for the "pre" and "during" steps and that's IE, not Firefox.
I only scanned the article quickly (its late), but it seems to me his points are all from the perspective of what "we" think is correct. The "we" being Microsoft. Is Microsoft correct? Debatable. He also is quick to point out problems with mirror sites (his gripe about the 403, for example), and does so in such a way as to imply it is Mozilla/Firefox's fault, when it obviously isn't.
Mirror sites are not controlled by the primary vendor. When you consider all of the software downloaded every day from mirror sites (iBiblio, all of the Apache mirror sites, etc) without issue, I'd say beefs about mirrors and not recognizing FQDNs are irrelevant. That leaves his points about signing the code.
When you consider other ways you can verify code (he never once mentions doing a MD5 checksum and verifying the result, for example), I consider his further points about verifying the code to be almost non-issues as well. Is signed code automatically trustworthy? IE is signed code...do you trust it? I don't. So what does the signing do for me?
He also gripes about Firefox's preferences and settings not being in the same location as IE's (his remarks about Tools->Options, etc), yet never points out where to actually find the settings.
All in all, his article doesn't impress me one bit from a debate perspective. It only makes "sense" if you are him: an employee of Microsoft who wants to imply, using open-ended questions and personal innuendo, that anything other than Microsoft is dangerous and risky.
I think it is ironic that he gloats about what his team is doing. How long did it take them? Years. How long did it take Microsoft to get SP2 out for XP? Years. Yet his article acts like the state of Microsoft's software today (fully patched, because retail versions don't have the updates) is the state its always been in, which is false.
...and Saturn is a GM brand. And most "foreign" (non-US) automotive companies have substantial investments and/or joint ventures from the American "Big Three".
Let us hope there are many more people just like her here in America. If there are, the future will be very interesting. If there aren't, we'll find ourselves a nation of passive consumers without any initiative.
I'm probably on thin ice saying this here, but oh well.
I run three OSs at home: OS X, Fedora Core 3, and Xp Pro. At work, I admin XP Pro and Red Hat.
My company has about 150 PCs running some form of Windows. In the last year, we've had one infection. One.
At home, I've never had any. Ever.
While I totally support GNU/Linux (including monetary donations and buying distros like SuSE at retail price), I also pay for and use XP Pro for various reasons. I agree that Windows is deficient in many ways, and I agree that Microsoft could do things differently and be better for it in the long run.
However, I find it very difficult to understand how so many people's computers get infected. Windows or not. I do nothing special at home...the only thing I've done is use a broadband router from Netgear (because I have more than one computer), make sure I keep my XP Pro machine updated, install anti-virus and keep it updated (automatic) and use Firefox.
This guy is a sys-admin, and his wife's computer gets infected? How? If it is "his wife's" computer, that implies he has multiple computers at home. This implies some sort of router...even a $20 router uses NAT and has basic firewalling built in.
Either this guy is a poor sys-admin, or his wife did something with the computer to get it infected. So, Windows and Microsoft flaws aside, what we're really talking about here is a user education issue. I, as a user, at home, am educated about security issues on my PC. The people at work are educated. I don't have problems at home, and neither do we have problems at work.
So, while his open letter is all well and good, maybe in his case he should focus on better education at home and spend the $50 required to get a decent NAT router with firewalling, instead of bleating about Windows.
If I clicked the link to get more information, what would lead you to believe that "their infrequency would be obvious"? If it was obvious, I wouldn't have had to click the link.
My point was that the output cannot be trusted or verified. For example, how would a prosecutor display the output of a key logger to the jury? With printouts. Those printouts could have been created in any number of ways...they are not indisputable proof of anything.
Example: a message was sent by some device at some IP address at some point in time. Where's the proof that it was me sitting at my desk typing on my computer? Why not someone sitting out in the street using my WiFi connection? Why not a neighbor doing the same? Even if I was home at the time is not proof.
Proving it MIGHT or COULD have been me != proving it WAS me.
Wonderful stuff if it does everything it is supposed to do. I can't wait to check it out.
I've often wondered about this when it comes to forensics testimony. For example, even if you have my computer with some incriminating evidence on there, how can you prove beyond reasonable doubt that I put it there? I would think that unless you have a video tape of me typing the incriminating evidence on the keyboard, and can prove that the tape was made at the time in question and is unaltered, is the only way to prove anything.
Computers can be programmed to do anything at anytime, including carrying on a "conversation". You can also easily create an incriminating e-mail message that looks like it was sent, but it never was. Ditto log files, etc. For example, Apache log files are text: it would be trivial to create a script that spoofed a log file with your IP address as the incriminating info...but then how does the plaintiff prove that isn't how it was created?
"Video Search"? The tool does no such thing. A true "video search" tool would take a query like "blue farmhouses" or "red barns" and return a list of all the videos that have blue farmhouses or red barns IN the video, and the actual location (hours, minutes, seconds, frame) in the video where those things can be found. A true "video search" tool would also be able to index and search dialogue in the video itself.
All this thing is doing is indexing meta data about the videos that was contributed by a human. Just about worthless, if you ask me, and certainly nothing to get excited about.
Perhaps you could volunteer your time on a large FOSS project doing security audits, patches, testing, coordination, analysis, etc.
For example, the BSD projects have dedicated security officers. Other projects could probably use help. Pick large ones that have some substance (legal corporate/non-profit structure, etc) to them: Mozilla, the Apache Software Foundation, etc.
Slashdot Mirror
Sounds cool. Thanks for the explanation. Is the website the only option for those trying to watch from America, then? I can get Channel 9 out of Windsor (I live in Detroit) but as far as I know, that's it.
I'm not technical enough to understand the electronics part, but I have to ask: did you read the article? Did you read the comments after the article?
Bruce *is* licensed, and in the article, he specifically mentions that he took care to use something that WOULDN'T cause him to lose his license.
Care to clarify how he's violating FCC rules?
Anyone care to summarize WTF "Zed TV" is? And what "zed.cbc.ca" is? The site is down.
/. elitism...put a news blurb on the front page and automatically assume everyone knows exactly what you're talking about.
Typical
Not quite...the other problem was that iPod's can't offer live streams.
Start streaming a live stream on your PC, send the output to an FM transmitter, then use cheap FM receivers with headphones or speakers throughout your property to listen. That's the issue.
iPod's also require management. You have to set up playlists, etc. Sure, you can set it to just "shuffle" but that can be pretty annoying when you have 10,000 songs from all genres. A Misfits song followed by some classical doesn't have quite the same feel as checking out a live stream of 70s and 80s punk classics while you mow the lawn or work out.
Article summary: Microsoft is a huge company with massive, crippling market share. We've got all sorts of different things going, but we can't really describe them specifically so that you can understand what we're doing. We intend to lock you in and control every aspect of your life, from the content on your hard drive to the content you see, hear, and use for entertainment to the content you send back and forth with friends and family. Don't worry, though, because we're huge and lots of other huge companies are partnering with us, so whatever we're doing must be good.
So no big problem; it's not that people have stopped using IE, it's just we've got lots of good ideas that can match and move ahead.
Translation: Microsoft no longer innovates. We have massive, crippling market share, so we don't have to innovate. We wait to see what cool things other people come up with, then we steal them and tell everyone we thought of them first. The general public is stupid and doesn't know any better, so they believe us.
In terms of our agility to do things on the browser, people who underestimated us there in the past lived to regret that.
Translation: Microsoft has massive, crippling market share. Competing with us is an exercise in futility, because we will crush you. Ask Netscape if you don't believe us.
All in all, 100% image and 0% substance in that interview. I have to ask: does Bill actually DO anything any more? Or is he just a gloating talking head?
Is it too much to ask that /. posts have correct spelling?
Seriously, how hard is it to simply spell correctly, or if you can't, to proof your post before submitting it?
As much as I want SCO to lose and IBM to win, I would caution you to read the story of David and Goliath. "Large" and "skilled" does not equal automatic victory.
I wish I'd had enough disposable income to sell those bastards short when the stock price was in the teens. That would have made a great Christmas gift.
I'd say a test launch of a rocket this size that actually made it off the launch pad for the first time ever qualifies as a success.
If you read the back story of the project, Boeing built the first new launch facilities in the last 35 years in order to launch this series of rockets. Getting off the pad on the first try with this configuration seems like a success to me.
Will somebody please find that dude's keyboard and destroy the comma key? Please?
Police officer: "Police! Refrain from using the comma key and step away from the keyboard!"
Remind me to NEVER hire you.
Address, phone number, and SSN? Anyone could have gotten that information. How do you know he was actually her father? How do you know she wasn't just off on her own, not wanting to be found? How do you know she wasn't running from him because he was sexually abusing her?
Holy smokes, man, think things through before you get all sentimental and choked up.
I like Firefox too, but there's no reason to become blind to security best practices.
MD5 checksums solve this issue. You go to the primary site, copy the MD5 checksums, run a sum on the file you downloaded, and if they match there's a statistical certainty that the file you have is the same one the primary vendor sent to the mirror. Granted, your average user isn't going to know how to do this (or want to do it if they do know how due to laziness) but that doesn't mean code signing is the only solution for "trust". As another poster has pointed out, code signing means nothing, really. All it means is that you were able to convince a certificate vendor to give you a certificate...it is certainly no guarantee that the software you are downloading came from a particular person or company.
If you want to discuss pre and during installation, then you need to discuss the browser he was using for the "pre" and "during" steps and that's IE, not Firefox.
I only scanned the article quickly (its late), but it seems to me his points are all from the perspective of what "we" think is correct. The "we" being Microsoft. Is Microsoft correct? Debatable. He also is quick to point out problems with mirror sites (his gripe about the 403, for example), and does so in such a way as to imply it is Mozilla/Firefox's fault, when it obviously isn't.
Mirror sites are not controlled by the primary vendor. When you consider all of the software downloaded every day from mirror sites (iBiblio, all of the Apache mirror sites, etc) without issue, I'd say beefs about mirrors and not recognizing FQDNs are irrelevant. That leaves his points about signing the code.
When you consider other ways you can verify code (he never once mentions doing a MD5 checksum and verifying the result, for example), I consider his further points about verifying the code to be almost non-issues as well. Is signed code automatically trustworthy? IE is signed code...do you trust it? I don't. So what does the signing do for me?
He also gripes about Firefox's preferences and settings not being in the same location as IE's (his remarks about Tools->Options, etc), yet never points out where to actually find the settings.
All in all, his article doesn't impress me one bit from a debate perspective. It only makes "sense" if you are him: an employee of Microsoft who wants to imply, using open-ended questions and personal innuendo, that anything other than Microsoft is dangerous and risky.
I think it is ironic that he gloats about what his team is doing. How long did it take them? Years. How long did it take Microsoft to get SP2 out for XP? Years. Yet his article acts like the state of Microsoft's software today (fully patched, because retail versions don't have the updates) is the state its always been in, which is false.
She probably would have been worse off, unless she was lucky and found a program that encouraged entrepenurial and innovative thinking.
...and Saturn is a GM brand. And most "foreign" (non-US) automotive companies have substantial investments and/or joint ventures from the American "Big Three".
Let us hope there are many more people just like her here in America. If there are, the future will be very interesting. If there aren't, we'll find ourselves a nation of passive consumers without any initiative.
Couldn't agree more. Goes for that guy Roland's "overviews" as well.
I'm probably on thin ice saying this here, but oh well.
I run three OSs at home: OS X, Fedora Core 3, and Xp Pro. At work, I admin XP Pro and Red Hat.
My company has about 150 PCs running some form of Windows. In the last year, we've had one infection. One.
At home, I've never had any. Ever.
While I totally support GNU/Linux (including monetary donations and buying distros like SuSE at retail price), I also pay for and use XP Pro for various reasons. I agree that Windows is deficient in many ways, and I agree that Microsoft could do things differently and be better for it in the long run.
However, I find it very difficult to understand how so many people's computers get infected. Windows or not. I do nothing special at home...the only thing I've done is use a broadband router from Netgear (because I have more than one computer), make sure I keep my XP Pro machine updated, install anti-virus and keep it updated (automatic) and use Firefox.
This guy is a sys-admin, and his wife's computer gets infected? How? If it is "his wife's" computer, that implies he has multiple computers at home. This implies some sort of router...even a $20 router uses NAT and has basic firewalling built in.
Either this guy is a poor sys-admin, or his wife did something with the computer to get it infected. So, Windows and Microsoft flaws aside, what we're really talking about here is a user education issue. I, as a user, at home, am educated about security issues on my PC. The people at work are educated. I don't have problems at home, and neither do we have problems at work.
So, while his open letter is all well and good, maybe in his case he should focus on better education at home and spend the $50 required to get a decent NAT router with firewalling, instead of bleating about Windows.
A bit of "chicken and the egg" don't you think?
If I clicked the link to get more information, what would lead you to believe that "their infrequency would be obvious"? If it was obvious, I wouldn't have had to click the link.
Well, all I know is Penn and Teller say its all bullshit. That's good enough for me.
Fortunately for us, they erupt very rarely. Wikipedia is your friend. [wikipedia.org]
Maybe friendly, but certainly not foolproof or guaranteed accurate. Even if it was, that link says nothing about "how often".
I understand all of that.
My point was that the output cannot be trusted or verified. For example, how would a prosecutor display the output of a key logger to the jury? With printouts. Those printouts could have been created in any number of ways...they are not indisputable proof of anything.
Example: a message was sent by some device at some IP address at some point in time. Where's the proof that it was me sitting at my desk typing on my computer? Why not someone sitting out in the street using my WiFi connection? Why not a neighbor doing the same? Even if I was home at the time is not proof.
Proving it MIGHT or COULD have been me != proving it WAS me.
Wonderful stuff if it does everything it is supposed to do. I can't wait to check it out.
I've often wondered about this when it comes to forensics testimony. For example, even if you have my computer with some incriminating evidence on there, how can you prove beyond reasonable doubt that I put it there? I would think that unless you have a video tape of me typing the incriminating evidence on the keyboard, and can prove that the tape was made at the time in question and is unaltered, is the only way to prove anything.
Computers can be programmed to do anything at anytime, including carrying on a "conversation". You can also easily create an incriminating e-mail message that looks like it was sent, but it never was. Ditto log files, etc. For example, Apache log files are text: it would be trivial to create a script that spoofed a log file with your IP address as the incriminating info...but then how does the plaintiff prove that isn't how it was created?
"Video Search"? The tool does no such thing. A true "video search" tool would take a query like "blue farmhouses" or "red barns" and return a list of all the videos that have blue farmhouses or red barns IN the video, and the actual location (hours, minutes, seconds, frame) in the video where those things can be found. A true "video search" tool would also be able to index and search dialogue in the video itself.
All this thing is doing is indexing meta data about the videos that was contributed by a human. Just about worthless, if you ask me, and certainly nothing to get excited about.
Perhaps you could volunteer your time on a large FOSS project doing security audits, patches, testing, coordination, analysis, etc.
For example, the BSD projects have dedicated security officers. Other projects could probably use help. Pick large ones that have some substance (legal corporate/non-profit structure, etc) to them: Mozilla, the Apache Software Foundation, etc.