I want an MP3 player... 1. Cheap. 2. No proprietary formats required. 3. No "DRM." 4. Reliable, built to last, long battery life. 5. Connects to my machine without drivers, i.e. acts like an external hard disk.
Aria "own-brand" - £43 for "500MB", £89 for "1GB" seem to work quite nicely. Just copy MP3s onto it like a flash drive, single AAA battery lasts forever, nice easy user-interface on the player itself.
Much better than the crap that comes out of Creative Labs, for example. Anyone want a Creative Nomad Zen 80GB that only works on Windows?
MandrakeUpdate:
[X] Security updates
[X] Select all Selected size: 1018MB
Now I remember the reason why I don't apply security-patches on Linux machines. On my modem, that would take 2.5 days of constant downloading just to get security updates (although since UK modems get cut-off after every 2 hours, it would be more like 30 sessions of 2 hours each to get a Mandrake 10.1 machine secure)
Oh, and forgot the obvious one: be prepared to keep your data secure from police officers (both real ones and fake ones, especially on the phone) - be sure your setup is raid-proof, and find out about the relevant laws before you need to quote them.
(Naturally, that will make your setup one step more secure than completely clueless operators such as Rackspace -- does anyone actually knew who they gave their customers' servers to, other than that they claimed to be FBI? )
"I'd like to run a server out of my home, and collect personal information from users (it's an online business)"
Just make sure that the computer with personal information is separate from the webserver, and any information is transferred using textfiles on a USB disk or floppy.
Then make the data-storage computer dedicated to its task (i.e. no other applications, no net access) and put everything on an encrypted disk partition (they're trivial to create in any OS)
Don't keep any information you don't absolutely need. Keep track of the accuracy of your information (i.e. be able to see if it came from an accurate source or not when you look at the info). Be ready to comply with data-protection law (obviously) although I don't think they have those in the US. And be prepared for the inevitable social-engineering attacks (i.e. draw-up a policy for how someone will prove they're the subject of a data before you need to use it)
As to the (web?)server itself, just use SSL by default, delete all logs within the hour, and have it hosted by someone who knows what they're doing (XS4ALL would be the obvious option)
2600 had a privacy policy which sounded like the sort of thing to aim for:
"We do not save your credit card information after your order is complete. We also do not share ANY of your information with anyone. If you've ordered a subscription, your name and address reside on our subscriber database which is located on a machine that is never connected to the net and which is protected by two levels of encryption that even the NSA would have trouble with. We will also NEVER send you unsolicited mail. In other words, we know a thing or two about privacy and we will do everything possible to protect yours."
"The one aspect of the Social Security system I wanna see changed is the use of the same string for both username and password. So much of the threat of identity theft is because SSNs are so powerful."
You'd probably want to fix the underlying problem of people not caring about security of your personal data, while you implement that change. Otherwise, the secret password would just be "required" for everything, stored and published everywhere, just like the current SSN (which used to be a secret password, theoretically)
The odds of business getting a clue don't look too good unfortunately. Where I'm from, they're all busy implementing stupidly insecure systems ("chip and pin") if that indicates the direction of dClue/dt
"Perhaps part of the reason is that many e-mail clients have better filtering mechanisms in them now than in previous years."
When you get back from holiday to find "Downloading email 5 of 4702, 106 minutes remaining", client-side filters just don't help any more.
Personally, I just delete all HTML email, but it all needs to be downloaded (even just checking headers on the POP server takes almost as long when you have lots of short spam messages)
Perhaps we should have a FILT: command in POP which lets you delete messages which match a regular-expression. Would save a whole load of bandwidth.
"The police sympathized with him and pretty much knew he was innocent, but they still could not make that judgement call themselves and had to wait for the Secret Service to arrive and verify that they were in fact not counterfeit."
So theoretically, as a cashier, you could raise this question about every item of currency that you receive, and expect every customer you see to end up arrested in jail?
After all, neither you nor the police are qualified to judge the accuracy of the money you receive. You said yourself it needs the secret service to "make the call".
So either you have a secret-service agent present at every transaction involving US currency, or you could arrest everyone who tries to use it. Both of those situations sound unlikely enough that I imagine your comment is untrue.
"We also could not help but notice two or three articles that seemed to be written exclusively for Macintosh users... What made these articles somewhat offensive was that the articles were addressing concepts that were not Mac-specific."
Ho-hum. Having just spent the weekend trying to get a printer to work, whose manufacturer (Canon) never even imagined it might be used with a non-Windows computer, I say "good on them" for giving Windows users a turn at being excluded.
"0.04% Faster: Anyone else notice the speed increase?"
Yeah, but that's because I've started using the pure-silver IEC mains lead at about the same time, which gives a clearer transmission of bits to take full advantage of the OFC modem-cable.
1) Install MandrakeLinux or similar. Turn on the supplied firewall. Turn off xinetd.
2) Use any browser or email client you like. Use text-only emails and set your mail program not to display HTML. (You can auto-delete HTML emails as a very effective spamfilter, once you've whitelisted anyone you know who uses hotmail)
3) Run MandrakeUpdate before doing anything "high-risk", such as viewing video from the internet, chatting on IRC, or connecting to an unknown SSH server.
4) Make backups regularly. Once per day on a development machine, one per week if you only browse the web.
5) If you need to do anything "extremely high risk" (running closed-source software such as RealPlayer or Flash, running a server, or writing programs which interface to the net), create a new username and run the high-risk program as that username so that it can't damage your own personal data.
6) Setup sudo so that you don't have to login as root every time you want to mount a USB drive, shutdown the computer, or run a packet sniffer.
7) Portscan yourself. Both from your own machine, and using the tools at (for example) grc.com. You'll normally see some programs which are okay (XDM, X11), some programs which can be gotten rid-of if you're paranoid (RPC, CUPS), but anything else is worth investigating.
8) Backup regularly. You can never have too many backups.
The headline from Slashdot "Spammers Sue Spam Victim For $4 million"
Somebody is getting spam daily from a particular company who have refused to stop even after a request, a certified letter, and even with a pending court case they're still sending spam. Is there any problem with the word "victim" in this case?
Slashdot Mirror
"If you don't want people flying over your property, you'll have to apply to the FAA to declare your property restricted airspace. Good luck."
If you actually want that good luck, try farming (what was it, quail farms that all the UK air restrictions are around?)
"Those [the 1GB of Mandrake updates] are patches for the programs of your current installation. Not for the Linux operating system."
What? Are you suggesting they shouldn't be updated?
In fact, I'm pretty sure they are part of the GNU operating system. Things like SSH, lib-JPEG, lib-PNG, lib-SSL, kde-multimedia, kde-base, etc.
I want an MP3 player...
1. Cheap.
2. No proprietary formats required.
3. No "DRM."
4. Reliable, built to last, long battery life.
5. Connects to my machine without drivers, i.e. acts like an external hard disk.
Aria "own-brand" - £43 for "500MB", £89 for "1GB" seem to work quite nicely. Just copy MP3s onto it like a flash drive, single AAA battery lasts forever, nice easy user-interface on the player itself.
Much better than the crap that comes out of Creative Labs, for example. Anyone want a Creative Nomad Zen 80GB that only works on Windows?
"It seems MS are determined to have XP users disabled from using raw sockets"
Does that mean that network sniffers won't work on an XP machine?
MandrakeUpdate:
[X] Security updates
[X] Select all
Selected size: 1018MB
Now I remember the reason why I don't apply security-patches on Linux machines. On my modem, that would take 2.5 days of constant downloading just to get security updates (although since UK modems get cut-off after every 2 hours, it would be more like 30 sessions of 2 hours each to get a Mandrake 10.1 machine secure)
Life
Oh, and forgot the obvious one: be prepared to keep your data secure from police officers (both real ones and fake ones, especially on the phone) - be sure your setup is raid-proof, and find out about the relevant laws before you need to quote them.
(Naturally, that will make your setup one step more secure than completely clueless operators such as Rackspace -- does anyone actually knew who they gave their customers' servers to, other than that they claimed to be FBI? )
Just make sure that the computer with personal information is separate from the webserver, and any information is transferred using textfiles on a USB disk or floppy.
Then make the data-storage computer dedicated to its task (i.e. no other applications, no net access) and put everything on an encrypted disk partition (they're trivial to create in any OS)
Don't keep any information you don't absolutely need. Keep track of the accuracy of your information (i.e. be able to see if it came from an accurate source or not when you look at the info). Be ready to comply with data-protection law (obviously) although I don't think they have those in the US. And be prepared for the inevitable social-engineering attacks (i.e. draw-up a policy for how someone will prove they're the subject of a data before you need to use it)
As to the (web?)server itself, just use SSL by default, delete all logs within the hour, and have it hosted by someone who knows what they're doing (XS4ALL would be the obvious option)
2600 had a privacy policy which sounded like the sort of thing to aim for:
"The one aspect of the Social Security system I wanna see changed is the use of the same string for both username and password. So much of the threat of identity theft is because SSNs are so powerful."
You'd probably want to fix the underlying problem of people not caring about security of your personal data, while you implement that change. Otherwise, the secret password would just be "required" for everything, stored and published everywhere, just like the current SSN (which used to be a secret password, theoretically)
The odds of business getting a clue don't look too good unfortunately. Where I'm from, they're all busy implementing stupidly insecure systems ("chip and pin") if that indicates the direction of dClue/dt
"but to be fair, maybe they offered them chocolate for all that personal information."
Who's more gullible, the person giving away their password for chocolate, or the researcher giving away chocolate for fake passwords?
"Perhaps part of the reason is that many e-mail clients have better filtering mechanisms in them now than in previous years."
When you get back from holiday to find "Downloading email 5 of 4702, 106 minutes remaining", client-side filters just don't help any more.
Personally, I just delete all HTML email, but it all needs to be downloaded (even just checking headers on the POP server takes almost as long when you have lots of short spam messages)
Perhaps we should have a FILT: command in POP which lets you delete messages which match a regular-expression. Would save a whole load of bandwidth.
"The police sympathized with him and pretty much knew he was innocent, but they still could not make that judgement call themselves and had to wait for the Secret Service to arrive and verify that they were in fact not counterfeit."
So theoretically, as a cashier, you could raise this question about every item of currency that you receive, and expect every customer you see to end up arrested in jail?
After all, neither you nor the police are qualified to judge the accuracy of the money you receive. You said yourself it needs the secret service to "make the call".
So either you have a secret-service agent present at every transaction involving US currency, or you could arrest everyone who tries to use it. Both of those situations sound unlikely enough that I imagine your comment is untrue.
"A study shows that 95% of clients don't know what they want."
And that "on time" means 2 months before the programmers estimated it would be ready.
"We also could not help but notice two or three articles that seemed to be written exclusively for Macintosh users... What made these articles somewhat offensive was that the articles were addressing concepts that were not Mac-specific."
Ho-hum. Having just spent the weekend trying to get a printer to work, whose manufacturer (Canon) never even imagined it might be used with a non-Windows computer, I say "good on them" for giving Windows users a turn at being excluded.
"0.04% Faster: Anyone else notice the speed increase?"
Yeah, but that's because I've started using the pure-silver IEC mains lead at about the same time, which gives a clearer transmission of bits to take full advantage of the OFC modem-cable.
"Everybody that I know that wants to sell stuff online I just point to Yahoo Shopping."
And if anyone is interested in that success, there's book about e-commerce webdesign from the guy who wrote Yahoo! Shopping.
What else can you do?
1) Install MandrakeLinux or similar. Turn on the supplied firewall. Turn off xinetd.
2) Use any browser or email client you like. Use text-only emails and set your mail program not to display HTML. (You can auto-delete HTML emails as a very effective spamfilter, once you've whitelisted anyone you know who uses hotmail)
3) Run MandrakeUpdate before doing anything "high-risk", such as viewing video from the internet, chatting on IRC, or connecting to an unknown SSH server.
4) Make backups regularly. Once per day on a development machine, one per week if you only browse the web.
5) If you need to do anything "extremely high risk" (running closed-source software such as RealPlayer or Flash, running a server, or writing programs which interface to the net), create a new username and run the high-risk program as that username so that it can't damage your own personal data.
6) Setup sudo so that you don't have to login as root every time you want to mount a USB drive, shutdown the computer, or run a packet sniffer.
7) Portscan yourself. Both from your own machine, and using the tools at (for example) grc.com. You'll normally see some programs which are okay (XDM, X11), some programs which can be gotten rid-of if you're paranoid (RPC, CUPS), but anything else is worth investigating.
8) Backup regularly. You can never have too many backups.
"Wow, a .6% lead.. I wonder how accurate these statistics are."
More accurate than your elections. A clear victory indeed!
"There's just too many resources that can be commandeered, and to lock them all down would leave you with..."
With SELinux? Locking down all such resources sounds just like the definition of a "hardened" operating system.
The headline from Slashdot "Spammers Sue Spam Victim For $4 million"
Somebody is getting spam daily from a particular company who have refused to stop even after a request, a certified letter, and even with a pending court case they're still sending spam. Is there any problem with the word "victim" in this case?
Take money from the people (taxes)
"The party" decides what to do with it. Both Democratic and Republican subsets of The Party take turns at this.
The money is given to people who are friends of The Party. (defense contracts, etc.)
As you say, not entirely capitalism.
"Just because they declare end-of-life doesn't mean the cd's are going to burst into flames."
Indeed. VB6 CDs are safe.
WindowsXP CDs however, will stop working if their authorisation server stops responding.
"Hell I've got half a mind to go and make 50 Gmail accounts with the invites purely to use them up"
And what would you do with your remaining 2500 invites then?
layout text their with weird else anything do that like people do
"Frankly, Wikipedia is not ready for the big time."
Indeed. They've got a lot to do before they stop piddling around and become a proper website...
Is 6 million page views per day the best they can manage? It's almost a ghost-town..