Seems interesting that in a time when so much money is being spent on trying to prevent aeroplanes crashing, that it is considered prudent to remove one of the things which stops ships crashing...
"Perhaps the best approach is to use a different font/different color for particular ranges of characters"
Or just display the certificate details in a "popup blocked"-style banner when visiting an HTTPS connection for the first time in a session. Since that would improve the security of a whole lot of other things too.
(and your suggestion as well for IDNs, sounds quite sensible)
Yeah, it's pretty easy to spot. The ethereal window shows packets going to and from www.xn--pypal-4ve.com when you request the web-page - can't understand why anyone would be fooled...
"You won't be able to see it in the sun, this is a bad idea..."
If that were so, then the screens used in airliners, fastjets, and helicopters wouldn't work either, and I seem to remember they spend a lot of their time above the cloud where it's always sunny.
There must be some easy solution, just because aircraft seem to have worked-through the problems.
In case anyone is coming newly to this discussion [not likely], Free Software promotes open standards, such as OGG, PNG, GZ, XML, ASCII, MPEG, PDF, LaTeX, HTML, CSS, CGI, POSIX, SXW, SX* (OpenOffice documents, recently suggested as an ISO standard), and you can easily create interoperable software with any other Free Software projects simply by reading source code.
For example, I just finished creating some software which reads KFLog maps just by reading the source code and deriving the file-format. Similarly for other projects.
In contrast, proprietary file formats can prevent your business from maximising the value of your own information. For example, at work we have many bug reports stored in Word document format. Extracting this information is difficult or impossible, and if we change to a different system, those Word documents will cause problems during an audit. Similarly, we store file-versioning information using the Microsoft SourceSafe system. Extracting this information in to a usable format will be difficult or impossible.
You can gauge the approximate effort required to read proprietary file formats by the effort put into doing so by major vendors. For example, Microsoft spent many years with a team of engineers attempting to read the WordPerfect format. OpenOffice have spent many years and great effort trying to decode the current Word document format. If your company chooses a file format created by Microsoft software and later wants to retrieve that information, the effort you will spend may be measured in years. Needless to say, competitors using open formats will be able to convert their documents in hours, and will be able to extract information automatically, and leverage it in support of new business, and new strategy.
I don't particularly expect existing businesses to note any of the above, but I'll write it down in case you ever need to know why small teams of hackers are outperforming your hundred-man offices. Good luck!
Well every time a company does something unethical, on Slashdot, people immediately post saying that "the company must do whatever it takes to increase share prices", or "the company is legally obliged to enrich its shareholders" or "the company's only purpose is to make money", people often argue quite strongly here that a company should not have any ethical values, and is obliged to do 'whatever it takes' in the persuit of wealth.
It's not uncommon to even see illegal practises defended with this argument - if a company can find a loophole, or an unenforced law, or an acceptable risk from breaking the law, then slashdotters will often argue that it is the company's responsibility to again, 'do whatever it takes' to gain wealth.
So if you're asking why companies 'must be evil' or why they're generally considered evil, it's how we expect them to be. A corporation has the legal rights of a natural person, but none of the ethical responsibilities. A corporation cannot be sent to jail. Think of someone you know. Then imagine them without any ethics and without any legal consequences from breaking the law. Would they not become evil?
"There are two solutions to that -- share my key or use the EFS recoverable key system. Guess which I'd rather do?"
Personally I'd rather put the key on a disk in an envelope, so you know whether someone's tried to use it or not. With either of the two other options, people could be accessing data they're not authorised to see all the time, and nobody would know.
"99.99% of people who run MySQL run it on the same machine as their webserver that queries it."
This random "plucking of statistics from ass" is starting to get irritating. There are "Over 5 million active MySQL installations worldwide" [Link. By your reasoning there would only be 500 or so installations of MySQL on separate machines. Right. So less than 100 customers then? (even small sites like wikipedia have 5 MySQL machines)
99.999% of people who quote statistics with nines in are making them up, and of those, 99% can't count
"Somehow Microsoft got into the same sentence as non-proprietary"
I think it might have been the "we'll give you vast amounts of money and not look too closely at the results if you just sign-up to these few conditions" that swung it.
After all, supporting some US-medical XML schema isn't going to allow any of their Word users to escape. Especially if it's a government IT project (i.e. it'll never be finished, so no need to worry about what it will do)
"Yes, I demand that there be open source native Linux ports of all Windows viruses!"
They're native linux rather than ports, but you can get details of some linux viruses here. It's got about 3-4 pages of results for a search on "linux".
I would compare that to the number of results for "W32" in the virus list, but I've left the results page loading for about 3 minutes now and it's only got to S...
"So by the same idea, Linux users should be supporting and patching MS products. Unpatched MS machines affect Linux users also."
We do. I've just applied the "Firefox" patch to a couple of peoples' machines at work, and lots of family friends are reporting that similar patches to their Windows machines are helping to keep it working properly.
"I personally won't ever be moving my hosting to The Planet after this news."
Presumably anyone who cares about such things is hosting their site at XS4ALL anyway, and wouldn't even consider a US provider, let alone a large one...
(The rest of us of course, can't afford a website there and make-do with whatever crappy company is offering $10/mo with PHP/SQL...)
Slashdot Mirror
Seems interesting that in a time when so much money is being spent on trying to prevent aeroplanes crashing, that it is considered prudent to remove one of the things which stops ships crashing...
"Perhaps the best approach is to use a different font/different color for particular ranges of characters"
Or just display the certificate details in a "popup blocked"-style banner when visiting an HTTPS connection for the first time in a session. Since that would improve the security of a whole lot of other things too.
(and your suggestion as well for IDNs, sounds quite sensible)
Yeah, it's pretty easy to spot. The ethereal window shows packets going to and from www.xn--pypal-4ve.com when you request the web-page - can't understand why anyone would be fooled...
"It'd be better if there was an impossibly out of range value like -274C reported when the sensor failed"
Yeah, that sounds like a surefire way of preventing other systems from becoming confused when the sensor breaks...
Some computer system will probably be thinking "hmmm, tyre pressure should equal temperature multiplied by..."
"The micropayment solutions is simple: They tend not get chached"
You know you're a computer scientist when you ask to cache a cheque...
"You won't be able to see it in the sun, this is a bad idea..."
If that were so, then the screens used in airliners, fastjets, and helicopters wouldn't work either, and I seem to remember they spend a lot of their time above the cloud where it's always sunny.
There must be some easy solution, just because aircraft seem to have worked-through the problems.
In case anyone is coming newly to this discussion [not likely], Free Software promotes open standards, such as OGG, PNG, GZ, XML, ASCII, MPEG, PDF, LaTeX, HTML, CSS, CGI, POSIX, SXW, SX* (OpenOffice documents, recently suggested as an ISO standard), and you can easily create interoperable software with any other Free Software projects simply by reading source code.
For example, I just finished creating some software which reads KFLog maps just by reading the source code and deriving the file-format. Similarly for other projects.
In contrast, proprietary file formats can prevent your business from maximising the value of your own information. For example, at work we have many bug reports stored in Word document format. Extracting this information is difficult or impossible, and if we change to a different system, those Word documents will cause problems during an audit. Similarly, we store file-versioning information using the Microsoft SourceSafe system. Extracting this information in to a usable format will be difficult or impossible.
You can gauge the approximate effort required to read proprietary file formats by the effort put into doing so by major vendors. For example, Microsoft spent many years with a team of engineers attempting to read the WordPerfect format. OpenOffice have spent many years and great effort trying to decode the current Word document format. If your company chooses a file format created by Microsoft software and later wants to retrieve that information, the effort you will spend may be measured in years. Needless to say, competitors using open formats will be able to convert their documents in hours, and will be able to extract information automatically, and leverage it in support of new business, and new strategy.
I don't particularly expect existing businesses to note any of the above, but I'll write it down in case you ever need to know why small teams of hackers are outperforming your hundred-man offices. Good luck!
"The odds of the potential 2029 impact occurring have dropped so close to zero that the event is no longer even considered a long-shot possibility."
Specifically, you're now 5 times more likely to be hit by this asteroid than you are to win the UK lottery.
My coworkers don't seem to recognise this number as "close to zero"...
Visible to the naked eye... but still a 2% chance of it being rather too visible?
"A drunk can't drop the phone or hang up and suddenly have his BAC drop back to normal if a situation starts to arise."
Nor would he crash whilst rummaging around in the footwell for the dropped cellphone afterwards...
White iPod headphone do a great job of saying "I've got an expensive, easy to steal piece of electronics on me."
And walking out of a Microsoft Office at 6pm doesn't?
"Then what is the difference between talking to someone in your car, and talking to someone on a hands free headset."
The person on the phone doesn't stop talking when you approach difficult junctions.
(admittedly neither do some passengers, but they have more of an interest in the car not crashing)
"Isn't this more of a religious question than a technical one?"
Surely more of an ideological question than a religious one?
But some people will still try to claim non-Debian systems as the answer.
"I dislike micro$oft as much as the next slashdotter, BUT"
See, you can even do handwriting analysis on slashdot comments...
"why do all companies have to be evil."
Well every time a company does something unethical, on Slashdot, people immediately post saying that "the company must do whatever it takes to increase share prices", or "the company is legally obliged to enrich its shareholders" or "the company's only purpose is to make money", people often argue quite strongly here that a company should not have any ethical values, and is obliged to do 'whatever it takes' in the persuit of wealth.
It's not uncommon to even see illegal practises defended with this argument - if a company can find a loophole, or an unenforced law, or an acceptable risk from breaking the law, then slashdotters will often argue that it is the company's responsibility to again, 'do whatever it takes' to gain wealth.
So if you're asking why companies 'must be evil' or why they're generally considered evil, it's how we expect them to be. A corporation has the legal rights of a natural person, but none of the ethical responsibilities. A corporation cannot be sent to jail. Think of someone you know. Then imagine them without any ethics and without any legal consequences from breaking the law. Would they not become evil?
"Which is why I used a fake name and address when I signed up for my loyalty cards."
You'd better hope the address you wrote down doesn't get burnt then...!
"Amusing. Do you honestly view it that way? A torrent has one purpose, and one purpose alone: getting the file(s) associated with it."
OK, so follow up this question with "what was illegally copied by the publisher of the torrent"?
If there's no copy, there's no copyright violation. Habeas corpus.
"is this really such a big deal? Who uses Microsoft word encryption, and for what?"
I can't wait to find out, now that we have a way to see... !
"There are two solutions to that -- share my key or use the EFS recoverable key system. Guess which I'd rather do?"
Personally I'd rather put the key on a disk in an envelope, so you know whether someone's tried to use it or not. With either of the two other options, people could be accessing data they're not authorised to see all the time, and nobody would know.
"99.99% of people who run MySQL run it on the same machine as their webserver that queries it."
This random "plucking of statistics from ass" is starting to get irritating. There are "Over 5 million active MySQL installations worldwide" [Link. By your reasoning there would only be 500 or so installations of MySQL on separate machines. Right. So less than 100 customers then? (even small sites like wikipedia have 5 MySQL machines)
99.999% of people who quote statistics with nines in are making them up, and of those, 99% can't count
"Somehow Microsoft got into the same sentence as non-proprietary"
I think it might have been the "we'll give you vast amounts of money and not look too closely at the results if you just sign-up to these few conditions" that swung it.
After all, supporting some US-medical XML schema isn't going to allow any of their Word users to escape. Especially if it's a government IT project (i.e. it'll never be finished, so no need to worry about what it will do)
"Yes, I demand that there be open source native Linux ports of all Windows viruses!"
They're native linux rather than ports, but you can get details of some linux viruses here. It's got about 3-4 pages of results for a search on "linux".
I would compare that to the number of results for "W32" in the virus list, but I've left the results page loading for about 3 minutes now and it's only got to S...
"I did some video work for a very well known media company... one 99% of slashdotters here would likely recognize."
If it's the BBC, you could just say. How's their search for Perl programmers going? (and what was the deal with their tecchies walking out?)
"So by the same idea, Linux users should be supporting and patching MS products. Unpatched MS machines affect Linux users also."
We do. I've just applied the "Firefox" patch to a couple of peoples' machines at work, and lots of family friends are reporting that similar patches to their Windows machines are helping to keep it working properly.
"I personally won't ever be moving my hosting to The Planet after this news."
Presumably anyone who cares about such things is hosting their site at XS4ALL anyway, and wouldn't even consider a US provider, let alone a large one...
(The rest of us of course, can't afford a website there and make-do with whatever crappy company is offering $10/mo with PHP/SQL...)